Dum ® 11-Dec-2020 15:17

Maritime Bulk Liquids Transfer Cybersecurity Framework Prof


Year: 2018
Language: english
Author: U.S. Coast Guard, the National Institute of Standards and Technology (NIST)
Genre: Guide
Format: PDF
Quality: eBook
Number of pages: 154
Description: This MBLT CFP serves to assist in cybersecurity risk assessments for those entities involved in MBLT
operations as overseen by the USCG. It is intended to act as non‐mandatory guidance to organizations
conducting MBLT operations within facilities and vessels under the regulatory control of the USCG under
the Code of Federal Regulations (CFR) 33 CFR 154‐156. This MBLT CFP serves to collect recommended
cybersecurity safeguards and describes the desired minimum state of cybersecurity for those
organizations in the MBLT context.

Contents

Executive Summary ..................................................................................................................................... iv
Background .............................................................................................................................................. iv
The Profile................................................................................................................................................ iv
Benefits ..................................................................................................................................................... v
1. Introduction ............................................................................................................................................. 1
1.1. Purpose ......................................................................................................................................... 1
1.2. Audience and How to Use this Document ................................................................................... 1
1.3. Document Structure ..................................................................................................................... 2
1.4. Overview of the MBLT CFP ........................................................................................................... 2
2. Background .............................................................................................................................................. 5
2.1. Cybersecurity and the Critical Infrastructure .............................................................................. 5
2.2. Cybersecurity Risk in the MBLT Enterprise .................................................................................. 5
2.2.1. Information Technology (IT) and Operational Technology (OT) ................................................. 6
2.2.2. IT Cybersecurity Risk .................................................................................................................... 6
2.2.3. OT Cybersecurity Risk ................................................................................................................... 6
2.3. Regulatory Context ....................................................................................................................... 7
3. Using the Cybersecurity Framework ....................................................................................................... 9
3.1. Cybersecurity Framework Basic Elements ................................................................................... 9
3.2. Cybersecurity Framework Profiles ............................................................................................. 10
3.3. Developing a Profile ................................................................................................................... 12
3.4. Advantages of Developing a Profile ........................................................................................... 13
4. The MBLT CFP for Industry .................................................................................................................... 14
4.1. Overall Process to Create this Profile ........................................................................................ 14
4.2. Activities to Date ........................................................................................................................ 15
4.3. Profile Foundations .................................................................................................................... 16
4.4. Governance ................................................................................................................................. 17
5. Roadmap for Organizations Using the MBLT CFP ................................................................................ 18
5.1. Cybersecurity Profile Development and Use for MBLT Organizations ..................................... 18
5.2. Process to Incorporate the MBLT Profile in Organizations ....................................................... 18
6. Mission Mapping, Cybersecurity Framework Functions, Categories, and Subcategories .................. 20
6.1. MBLT CFP Structure .................................................................................................................... 20
6.2. Summary of Priority Subcategories Identified .......................................................................... 23
Appendix A – Detailed Subcategory Specifications .................................................................................. 35
A‐1 Mission Objective 1: Maintain Personnel Safety ...................................................................... 38
A‐2 Mission Objective 2: Maintain Environmental Safety .............................................................. 49
A‐3 Mission Objective 3: Maintain Operational Security ................................................................ 57
A‐4 Mission Objective 4: Maintain Preparedness ............................................................................ 76
A‐5 Mission Objective 5: Maintain Quality of Product .................................................................... 91
A‐6 Mission Objective 6: Meet HR Requirements ......................................................................... 100
A‐7 Mission Objective 7: Pass Required Audits/Inspections ......................................................... 111
A‐8 Mission Objective 8: Obtain Timely Vessel Clearance ............................................................ 120
Appendix B – Section by Section Review of 33 CFR 154‐156 .................................................................. 129
B‐1 Bulk Liquid Transfer Facilities, 33 CFR 154 .............................................................................. 129
B‐2 Oil and Hazardous Materials for Vessels, 33 CFR 155 ............................................................. 132
B‐3 Oil and Hazardous Material Transfer Operations, 33 CFR 156 ............................................... 132
Appendix C – Industry Cybersecurity Processes & Profile Mappings ..................................................... 134
C‐1 Energy Sector Cybersecurity Efforts and the DOE C2M2 Program ......................................... 134
Energy Sector Cybersecurity ............................................................................................... 134
DOE Cybersecurity ............................................................................................................... 134
C‐2 Cybersecurity Framework Informative References ................................................................ 136
C‐3 Mapping of Optional Resources .............................................................................................. 136

Screenshots

 
Advertisment
Rating: 4.9 / 5 (Votes: 10)
Reply

Similar releases

LNG Bunkering: Technical and Operational Advisory - ABS [201x, PDF]
Autonomous and remotely operated ships - DNV [2018, PDF]
Managing Maintenance with Requirements of the ISM Code - IACS [2018, PDF]
Merchant Mariner Medical Manual - United States Coast Guard [2019, PDF]
IMO Model Course 1.22 Bridge Resource Management - IMO [2020, PDF]
Facts about Electronic Charts and Carriage Requirements IHO Publication S-66 – Edition 1.1.0 - IHO…
Chief Engineer Officer and Second Engineer Officer (Model Course 7.02) - IMO [2014, PDF]
ELECTRONIC NAVIGATIONAL CHARTS (ENCs) “PRODUCTION, MAINTENANCE AND DISTRIBUTION GUIDANCE” A guide…
Procedures for Port State Control, 2017 (IMO resolution A.1119(30) - ЦНИИМФ [2018, PDF]
Tanker Familiarization Course material for Aboa Mare - Kim Solax [2014, PDF]
  • Reply

The time now is: Today 02:47

All times are GMT + 3 Hours