Policy Insights: Biden’s Executive Order on Maritime Cybersecurity

Today, the White House issued an executive order starting a rulemaking process to add cyber requirements to US ports aimed at increasing defenses through additional authorities to the Coast Guard. The administration also pledged to invest over $20 billion in port infrastructure over five years.

The executive order will require the maritime sector to increase digital defenses and report cyber incidents to the Coast Guard also giving the Coast Guard the authority to respond to cybersecurity incidents, such as controlling the movement of vessels that present a cyber threat.

With concern over Chinese companies owning almost 80% of US ship-to-shore cranes and many controlled remotely, the Coast Guard is issuing a nonpublic maritime security directive that requires cranes manufactured by China to face “a number of security requirements”.

“America’s system of ports and waterways accounts for over $5.4 trillion of our nation’s annual economic activity, and our ports serve as a gateway for over 90% of all overseas trade. Any disruption to the [maritime transportation system], whether manmade or natural, physical or in cyberspace has the potential to cause cascading impacts to our domestic or global supply chains,” Rear Adm. Jay Vann, commander of the U.S. Coast Guard Cyber Command said.

Policy Insights:

Troy Batterberry, CEO, EchoMark:

“It is not only systems that have been infiltrated by foreign states. In my discussions with CISOs across the country, many believe there are employees within their organization that are capable of acting in alignment with foreign states. Unfortunately, 90% of organizations are completely unprepared for the risks imposed by insiders. Dealing with insider risk is the next big area of growth for the cybersecurity industry.”

Emily Phelps, Director, Cyware:

“The executive order is a good step towards securing critical national infrastructure. By mandating enhanced cyber defenses and incident reporting in the maritime sector, we’re addressing a significant vulnerability in our national security framework. The focus on the maritime sector, especially given the strategic importance of ports to our economy and supply chain, is timely and essential. This move, coupled with the substantial investment in port infrastructure, demonstrates a proactive approach to cybersecurity, ensuring the resilience of vital assets against emerging threats.”