In my discussions as part of the AMSC, we workshop scenarios constantly. What counts as an incident when the MARSEC (MARitime SECurity) Level needs to be elevated from 1 to 2 for a cybersecurity threat? MARSEC Level 2 requires additional protective security measures for a period of time across nautical facilities and vessels.
This is the kind of thing that hasn’t happened yet, but for which we train constantly. The challenge is that anything compromising safety systems in a port would trigger a shutdown of the entire port. There’s an element of systemic risk to the complex ecosystem that ports support that includes rail, trucking, shipping, fuel or, yes, that weekly orange juice delivery.
The US Coast Guard has been granted fairly large powers of authority in the event of an incident. But those powers are compromised when CISA staff have been furloughed and threat intelligence sharing has lost its legal protection. We can expect asset owners and sector agencies to continue to collaborate, but they will be doing so with additional (and avoidable) risk.
