WORKING MEETING on MARITIME CYBERSECURITY
**Invitation Only Event**
Date/Location
March 7, 2018 – CCICADA Center, Rutgers University
Background/Description
Maritime Cyber Security: Research Questions for Phases IV and V:
Q1: What are the accepted/respected cyber standards in use or in-development, that could be applied to facilities and vessels? CIRI – DAVE NICOL
Q1: Additional note – do the identified standards have similar lexicon and follow the NIST Framework?
Q2: Noting that the opening step will be a self-assessment, what are the skills and credentials of credible 3rd parties that the USCG can point to, that would validate cyber plans and assessments for terminals/facilities or vessels? AMU – KEN WILLIAMS
Q3: How can the Coast guard, or a vessel or facility operator, identify and evaluate potential synergies between cyber and physical vulnerabilities to result in a holistic security assessment – including consequence management? CCICADA – FRED ROBERTS/DENNIS EGAN
Q3: Additional note – DHS has been a proponent of ‘threat indicator’ sharing as a way to minimize sharing of proprietary business information that would cause businesses to be unwilling to share cyber incidents with government and industry partners. How do we socialize and facilitate threat indicator sharing between the maritime industry and other industries?
Q4: What are the minimum elements for/of a cyber assessment that will address elements of vulnerability and consequence for MTSA regulated facilities and vessels? CIRI – DAVID NICOL
Q5: How can regulators and industry work together to develop consensus policies that are remain relevant despite rapidly evolving technologies and threats? PNNL – MIKE WHITE
Q6: Currently human-in-the-loop redundancies have prevented loss of life or damage to the marine environment as a result of cyber incidents on vessels. For instance: Dynamically positioned vessels have had computer glitches which caused drive-offs but consequences have been mitigated by professional mariners taking manual control within seconds of the drive-off and preventing collisions or emergency break-aways. Given pressures to improve efficiencies and reduce manning, are there certain redundancies, that if they were to be reduced or removed, would result in greater consequences to cyber incidents? AMU – KEN WILLIAMS
Accommodations, Travel and Parking -Details will be posted soon.
Event Organizers
Fred Roberts, Director of CCICADA Center at Rutgers and Event Research Chair (froberts@dimacs.rutgers.edu)
Al Arsenault, USCG RDC
CDR Timothy Grant, USCG CG-FAC
For further information, email James Wojtowicz, CCICADA Managing Director (wojtowic@ccicada.org)
DRAFT PROGRAM – subject to change
9:30am – 10:00am Registration and refreshments
10:00am – 10:15am Opening Remarks
Fred Roberts, CCICADA
Al Arsenault, USCG RDC
CDR Timothy Grant, USCG CG-FAC
10:15am-10:35am Speaker; RADM Lunday (invited)
10:35am–11:05am Six 5-minute overviews of the ‘white papers’ (total of six)
11:05am–11:25am Break; pick up lunch; bring it to review sessions
11:25am–1:00pm Three simultaneous white paper review sessions – participants to choose a group in advance. Questions 1, 2 or 3.
1:00pm–1:20pm Three 5-minute reports on the morning white paper review sessions plus discussion
1:20pm–3:00pm Three simultaneous white paper review sessions – participants to choose a group in advance. Questions 4, 5 and 6
3:00pm–3:15pm Break
3:15pm–3:35pm Three 5-minute reports on the morning white paper review sessions plus discussion
3:35pm–3:55pm Discussion of Next Steps
3:55pm-4:00pm Closing Remarks – Fred Roberts, CCICADA