Page 1 Page 2 Page 3 Page 4 Page 5 Page 6 Page 7 Page 8 Page 9 Page 10 Page 11 Page 12 Page 13 Page 14 Page 15 Page 16 Page 17 Page 18 Page 19 Page 20 Page 21 Page 22 Page 23 Page 24 Page 25 Page 26 Page 27 Page 28 Page 29 Page 30 Page 31 Page 32OCTOBER 2016 • FOGHORN 17 FOGHORNFOCUS: SECURITY will enhance cybersecurity capabili- ties. We encourage all PVA members to join Homeport and specifically the Cyber Committee. If you are interested in joining Homeport or participating in the NIST CSF passenger vessel/ terminal profile, please contact LCDR Long at Josephine.A.Long@uscg.mil. n laboration with the National Institute of Standards and Technology (NIST). The NIST Cybersecurity Framework (CSF), while voluntary, has become a “de facto” industry standard. Many organizations have opted to use the NIST CSF as a baseline for developing a cyber program. Our collaboration with NIST utilizes customized profiles. A profile is a tool that allows organiza- tions to apply the categories of the CSF to their specific operational needs. This application generates a strategic and tiered approach to implementation of the NIST CSF. The passenger vessel/ terminal operations profile, expected in 2017, will be informed by industry members associated with these op- erations, and will require industry participation throughout the process to ensure this is a useful tool. Vessel operators will be able to utilize the resources provided in the passenger vessel/terminal profile to complete risk assessments and implement pre- ventative measures specific for their operation. Even small passenger vessel operators whose operations are not subject to the requirements of the Maritime Transportation Security Act (MTSA) can benefit from a healthy cyber risk management program tailored for their operations. For example, the USCG recently released NVIC 01-16 Use of Electronic Charts and Publications in Lieu of Paper Charts, Maps and Publications. This NVIC provided an option for U.S. flagged vessels to use electronic charts in place of paper charts to meet carriage requirements. Modern electronic chart systems are often integrated with other naviga- tional systems. These enhancements better facilitate voyage planning and monitoring, but also present potential cyber risks. These systems are common among small and large passenger vessel operations and vary in com- plexity in relation to vessel size and operation. Despite these variations, the threat to these systems is common throughout the community. The Coast Guard continues to work collaboratively with the maritime industry to develop resources that About the Authors LCDR Long is the Critical Infrastructure Branch Chief within the Office of Port & Facility Compliance. She oversees the development and implementation of cybersecurity policy. LT Gould is assigned to the Facility and Cargo Safety Branch within the Office of Port and Facility Compliance. She works with the program manager for oversight of the National Container Inspection Program, Waterfront Facility Safety and The Explosive Outload Supervision program.