The following is the text of a blog from Coast Guard Maritime Commons:
(WASHINGTON) — On July 12, the Coast Guard announced via the Federal Register the availability of the draft Navigation and Vessel Inspection Circular (NVIC) 05-17, titled "Guidelines for Addressing Cyber Risks at Maritime Transportation Security Act (MTSA) Regulated Facilities."
There will be a 60-day public comment period.
Title 33 Code of Federal Regulations Parts 105 & 106 Subpart C requires facilities to conduct security assessments that identify vulnerabilities with their physical security, as well as computer systems and networks. Based on the security assessment results, facility owners and operators are required to develop mitigation strategies and document the strategies in their facility security plans. The draft NVIC provides clarification for how MTSA regulated facility owners and operators can incorporate computer system and network vulnerabilities into existing requirements. Additionally, the draft NVIC provides guidance on implementing a cyber-risk management governance program.
CG-FAC highly encourage comments on the draft NVIC, which can be submitted to the online docket at Docket No. USCG–2016–1084 or reach the Docket Management Facility on or before Sept. 11.
Click here to read the full Federal Register notice.