Transportation Security News

Maritime operations run on tight schedules and thin margins, and as ships, terminals and supply chains connect systems for visibility and efficiency, attackers gain paths to entry. Cyber risk has become an operational reliability and safety concern, not just an IT issue. “Whether we are looking at this challenge through an operational or organizational safety lens, cyber risk is a critical business risk. An incident will impact everyone,” says Michael DeVolld, Senior Director…

Vessel operators must embed cybersecurity into their operational procedures to meet USCG 33 CFR Part 104, writes Nicolas Furgé, President, Cyber, MarlinkAs cyber threats continue to grow in both scale and complexity, maritime stakeholders, from shipowners and operators to port facilities are facing new regulatory demands to improve cyber resilience.The latest cybersecurity rules from the United States Coast Guard (USCG), amending parts 101, 104, 105 and 106 of 33 CFR Sub-chapter F, represent a major shift in how cybersecurity is addressed by U.S.-flagged vessels and U.S.

“Between expanding attack surfaces and increasingly sophisticated threats, the stakes have never been higher,” said Michael DeVolld, Director of Maritime Cybersecurity at ABS Consulting, speaking at the 2025 Maritime Cybersecurity Summit hosted by the Maritime Transportation System (MTS) Information Sharing and Analysis Center (ISAC).“It is essential for the maritime industry to not only understand its cyber risk but also translate that knowledge to decisive action that protects lives…

The $5.4 trillion global maritime industry faces a perfect storm of cyber vulnerabilities, and a new government regulation aims to be the lighthouse guiding stakeholders to safer digital harbors.On January 17, 2025, the US Coast Guard (USCG) published a final rule titled “Cybersecurity in the Marine Transportation System,” aiming to bolster the cybersecurity posture of the nation’s marine transportation system (MTS). This rule introduces mandatory cybersecurity measures for US-flagged vessels…

The U.S. Coast Guard (USCG) published a final rule on January 17, 2025, addressing Cybersecurity in the Marine Transportation System (the “Final Rule”), which seeks to minimize cybersecurity-related transportation security incidents (“TSIs”) within the maritime transportation system (“MTS”) by establishing requirements to enhance the detection, response, and recovery from cybersecurity risks. Effective July 16, 2025, the Final Rule will apply to U.S.-flagged vessels, Outer Continental Shelf, and onshore facilities subject to the Maritime Transportation Security Act of 2002 (“MTSA”).

Patrick Murphy has been President of Blue & Gold Fleet, L.P., the San Francisco Bay Area’s largest and premier provider of Bay Cruises and ferry service, since 2016. Murphy grew up in the Maritime business. His father, Roger Murphy, founded Blue & Gold Fleet in 1979. Patrick Murphy began his career in 1982, working part-time in the Box Office and as a Deckhand before receiving his United States Coast Guard’s license in 1995 and was promoted to Captain in 1996. In 2005, Murphy advanced to Blue & Gold Fleet Operations Manager, and then to Director of Operations in 2009.

The US Coast Guard has published a final rule in the Federal Register to update cybersecurity requirements for U.S.-flagged vessels, outer continental shelf facilities and facilities subject to Maritime Transportation Security Act of 2002 (MTSA).The rule addresses current and emerging cybersecurity threats in the marine transportation system by adding minimum cybersecurity requirements to help detect risks and respond to and recover from cybersecurity incidents. These requirements include developing and maintaining a cybersecurity plan…

The U.S. Coast Guard proposes to update its maritime security regulations by adding regulations specifically focused on establishing minimum cybersecurity requirements for U.S.-flagged vessels, Outer Continental Shelf facilities, and U.S. facilities subject to the Maritime Transportation Security Act of 2002 regulations. This proposed rule would help to address current and emerging cybersecurity threats in the marine transportation system. In this Maritime Matters: The Marinelink Podcast…

With new rules on Cyber Security coming down from the U.S. Coast Guard, Angeliki Zisimatou, Director Cybersecurity, ABS, is uniquely positioned to discuss maritime cyber security in the round, with insights on what she’s seen and heard from the draft rules, with advise on what it could mean for vessel owners.Cyber security and all that it entails is quickly climbing the priority ladder in maritime, as increasing dependance on connectivity is a double edge sword of promise and peril.While the level of cyber security preparedness varies widely across all industries…

With supply chain attacks on the rise, and nation-state attackers constantly looking for new ways to disrupt national security and economic stability, one of the most vulnerable areas is the security around our maritime operations. The Biden-Harris Administration's recent Executive Order to fortify the cybersecurity of U.S. ports underscores this concern, spotlighting the urgency of addressing vulnerabilities in a sector that drives over $5.4 trillion in economic activity annually.

Mariners and other transport workers seeking to renew their Transportation Worker Identification Credential (TWIC) will now be able to do so online following recent changes enacted by the U.S. Transportation Security Administration (TSA).Starting August 11, 2022, current TWIC holders are able to renew their credentials online, which eliminates the need to go to an enrollment center for most applicants, including U.S. citizens, nationals and lawful permanent residents, and makes…

The U.S. Coast Guard announced the appointment of 13 individuals to serve as members of the National Maritime Security Advisory Committee (NMSAC).NMSAC was established in December 2018 to provide advice to the Secretary of the Department of Homeland Security on matters relating to national maritime security, including on enhancing the sharing of information related to cybersecurity risks that may cause a transportation security incident, between relevant Federal agencies and a) State…

The Jacksonville Port Authority (JAXPORT) announced Monday that retired United States Coast Guard (USCG) Captain Dwight Collins has joined the port as Director of Public Safety and Security.Captain Collins directs all law enforcement, physical security, safety, and emergency management and preparedness services in support of more than 200,000 port employees, tenants and customers. He is also responsible for ensuring enforcement of seaport security initiatives in compliance with all federal…

The disembarkation of more than 1,200 passengers from the cruise ships Zaandam and Rotterdam in Port Everglades, Fla. on Friday, combined with one remaining disembarkation being coordinated, add to the U.S. Coast Guard's processing of more than 120 vessels in the last three weeks to remove 250,000 passengers from cruise ships due to the COVID-19 pandemic.The Coast Guard, under guidance from the Centers for Disease Control and Prevention (CDC) and working with Department of Homeland Security partners Customs and Border Protection (CBP) and the Transportation Security Administration (TSA)…

This revised advisory cancels U.S. Maritime Advisories 2019-004 and 2019-008.1. References: U.S. Maritime Alerts 2019-004A, 2019-003A, 2019-002A, and 2019-001A.2. Issue: Heightened military activity and increased political tensions in this region continue to pose serious threats to commercial vessels. Associated with these threats is a potential for miscalculation or misidentification that could lead to aggressive actions. Vessels operating in the Persian Gulf, Strait of Hormuz, and Gulf of Oman may also encounter GPS interference, bridge-to-bridge communications spoofing, and/or other communications jamming with little to no warning.Since May 2019, the following maritime incidents have occurred in this region:Six attacks against commercial vessels (see U.S.

Saudi Arabia said on Monday that two of its oil tankers were among those attacked off the coast of the United Arab Emirates and said it was an attempt to undermine the security of crude supplies amid tensions between the United States and Iran.The UAE said on Sunday that four commercial vessels were sabotaged near Fujairah emirate, one of the world's largest bunkering hubs lying just outside the Strait of Hormuz, but did not describe the nature of the attack or say who was behind it.The UAE had not given the nationalities or other details about the ownership of the four vessels. Riyadh has identified two of them as Saudi and a Norwegian company has said it owned another.

The Board of Directors of the International Propeller Club of the United States has selected Mr. John M. Cullather as its new Executive Vice President.In the role of Executive Vice President, he will be responsible for the day-to-day operations of the International Propeller Club, will oversee all activities and functions of the International Propeller Club of the United States, and will serve as the primary liaison to the Club’s 70 port chapters worldwide. Along with the Board of Directors…

The Federal Bureau of Investigation is not taking appropriate steps to review and assess potential maritime terrorism risks facing U.S. sea ports, the Justice Department's internal watchdog has found.The audit, released on Thursday by Inspector General Michael Horowitz, found that while top FBI officials believe the country faces a low maritime terrorism threat, that view is actually based on "incomplete and potentially inaccurate information."Moreover, the audit found that the FBI had not conducted its own formal assessment of the matter.In a letter to Horowitz dated Aug.

Resilience planning, Info Sharing Take Spotlight“Oh what a tangled web we weave, when first we practice to deceive.” That old chestnut gets turned on its head when it comes to port cyber security. It’s more like “Oh what a tangled web we’ve woven, so much harder to stop data stolen.”Ports today have the physical aspect of security pretty well nailed shut - gates, locks, fencing, alarms, cameras, drones, etc. As Chris Mason, Rajant Corp.’s director of sales for EMEA, notes, “Every…

Even prior to NotPetya, regulatory bodies, insurers, P&I clubs, port authorities, and other segments of the maritime industry started taking steps to minimize the industry’s exposure to cyberattacks.The maritime industry has had an awakening. We have awoken to the fact that digitalization has woven its threads throughout the industry, and we have greatly benefited from being able to operate in an interconnected cyber environment. Likewise, being able to transmit shipboard machinery diagnostic information to shore-side operations centers…

PVA president Jeff Whitaker in December weighed in on his year as head of the nation’s passenger vessel advocacy group, where we are headed next, and what it will take to get there. The U.S. passenger vessel industry is looking forward to continued growth in the coming months. The past year was witness to solid economic conditions in the U.S., which added fuel to an already strong travel and tourism market, underpinning much of the U.S. passenger vessel industry. Ferry ridership continued to be strong with ferry systems in the Northeast…

Over the past two months the world has been rocked by three major hacking events that have garnered international notice. These included the EQIFAX event in which 140 million individuals were reported to be possibly compromised, the WannaCry attack and the NotPeyta event. In the past two years the emphasis on the cyber security of the Marine Transportation System, a vital economic cog to the world has come under increasing scrutiny. In August, trade journals and major international…

Cyber risk has hit a critical peak within the maritime industry, and the significant impact of the Petya ransomware attack on scores of maritime entities only amplifies it. The attack effectively shut down major ocean carriers, including shipping conglomerate Maersk, and impacted marine terminal operations across the globe. Every maritime company, no matter the size or business function, is a potential target. The industry has seen a recent wave of guidelines and resolutions from maritime regulatory bodies related to maritime security and cyber risk mitigation.