This paper is an attempt at understanding, bounding, and providing a framework for answering the following questions from the United States Coast Guard: What actions should vessel owners and port entity operators perform to evaluate their cyber safety and security postures (perhaps within the context of MTSA)? How can these steps be validated and who, if anyone, should do so and how often? How can we measure the effectiveness of a compliance regime that requires these types of performance-based protection measures? The paper discusses cyber security standards and compliance regimes in general, risks specific to the maritime transportation system; current efforts by the USCG and other entities; the feasibility of a USCG-led maritime compliance regime; and directions for future research.

This content is only available via PDF.
You can access this article if you purchase or spend a download.