Internationally recognized, this research program assists industry in achieving an acceptable level of cyber awareness, safety, security, and resilience through evidence-based research. This is an industry-centric program (for maritime, by maritime) with the goal of helping to maintain operational safety at sea and in the marine terminals. Our research process includes:

​

• Vulnerability assessments (to include penetration testing as required and applicable)

• Operational impact and risk analysis

• Mitigation recommendations

• Aggregate database of anonymized information for use by industry stakeholder

​

Understanding the Risk

Vessels and marine terminals are becoming more and more IT-dependent, from equipment and software, to the next generation of IT savvy mariners, to the inherent risks of Big Data. Globally, industries are rapidly and recklessly innovating without security as a priority leading to potential high vulnerabilities and risk. Given the global economic power of the maritime industry, cyber security must be a priority.            

                            

How might my organization be vulnerable?  

 

We see the most common vulnerabilities in the following areas: awareness, ineffective policies and procedures, few, if any, security requirements implemented for critical systems, little or no validated reporting, and lack of a risk management culture relating to cyber.

​

Assessments & Mitigation Recommendations

 

As part of this research, the USMRC Maritime Cyber Assurance Team (MCAT) conducts cybersecurity assessments of vessels and marine terminals, both domestically and internationally.  We developed a NIST-based risk assessment methodology that is customized for maritime and recognized by industry. 

​

By request of our research sponsors, USMRC now provides Maritime Cyber Assurance advisory services.  This includes mitigation recommendations and developing new security requirements around automation and connected systems.  

​

Who is on our team?

USMRC’s team is interdisciplinary and cross-functional. Our team of senior mariners, terminal operations professionals, and cyber operations professionals offers each organization unparalleled understanding of the unique threats and challenges faced when operating in the marine environment.

​

USMRC's Papers

​

• The Reality of Shipboard Cyber Vulnerabilities

• Building Maritime Cyber Assurance

• USMRC is also a contributor to the BIMCO Guidelines on Cybersecurity Onboard Ships, and will be publishing a series of papers in maritime journals through 2017.

​

Other Resources

​

• United States Coast Guard (USCG), Cyber Policy Letter

• BIMCO,Guidelines for Cyber Security on Ships

• United States Coast Guard (USCG), Cyber Strategy

• 2016 Vol 1 Surveyor an ABS Magazine, The Cyber Issue - The American Bureau of Shipping discusses cyber and big data in their recent issue of Surveyor Magazine, also featuring the USMRC Maritime Cyber Assurance research program.
   

Testimonials 
 

"As co-chair of the Cybersecurity Caucus in the US Congress, I am actively engaging in day-to-day policy discussions, and I am well aware of the cyber threats our nation is facing.  Protecting our nation from these threats is one of my top priorities, and I am grateful to know that USMRC is helping this cause on the maritime front."
                                                  - Congressman James R. Langevin  
 

​

For help understanding your cyber threat vulnerability and to schedule an assessment, please contact USMRC’s Maritime Cyber Assurance Team at +1 (401) 849-0222 or via email at brian.holden@usmrc.org.