There are two significant differences between Coast Guard and DOD cyber operations: DOD has a limited mission to protect U.S. civilian infrastructure and the Coast Guard has no offensive cyber capabilities or mission currently.
Because cyber is a global issue, the Coast Guard also has been working with international partners to ensure a certain level of consistency.
“We are the Coast Guard service cyber component to USCYBERCOM, but because we are not part of DOD, USCYBERCOM cannot yet technically task us to do anything, although due to our presence on the DODIN and our significant alignment with DOD and USCYBERCOM, we follow their lead,” he said. “The Coast Guard does not provide dedicated Coast Guard-funded forces to the joint cyber fight; however, it provides personnel on a reimbursable basis to USCYBERCOM. The DOD services provide both offensive and defensive capabilities to USCYBERCOM.”
Although the U.S. Coast Guard ranks as the seventh-largest navy in the world, CGCYBER is only about one-fifth the size of its closest U.S. Navy counterpart unit for defensive cyber operations, both as a percentage of service personnel and budgets.
“Compared to other government organizations – non-military – we probably are on par in terms of a percentage of total personnel dedicated to cybersecurity. Our size is comparable to other cybersecurity components in DHS; the difference is we often get compared to DOD vice DHS, which is putting significantly more resources toward cybersecurity than the rest of the government,” McCarter explained.
Wong said the Coast Guard prefers the term “cyber risk management” rather than cybersecurity because cyber is a complex risk area, especially for ports and ships, where cyber tools are used for facility operations and security monitoring, to ensure vessels are run optimally, for loading and unloading cargo, etc. The cyber threats are not limited to criminal or nefarious actors; they also include operator errors or simple computer system failures.
“Focusing only on security would ignore the other risks,” Wong explained. “Things are getting more and more interconnected. And as systems and operations change, industry needs to continuously look at how they address this risk. The Coast Guard is striving to prevent an incident rather than just preparing for response and recovery, although we will do that as well.”
Because cyber is a global issue, the Coast Guard also has been working with international partners to ensure a certain level of consistency.
“That is a significant area we will continue working on for the next few years – to get international consistency for vessels. We also are developing voluntary guidelines for the U.S. maritime industry. We’ve already seen how computers and cyber tech have changed industry. The only future limiting factor is innovation, which can be a major challenge for us – keeping up with the pace of technology and how industry uses it,” Wong said.
“Cyber is a complicated topic, with no easy solutions,” he continued. “Part of this complexity is how diverse industry is, and their use of cyber varies in so many ways. In government, there is some level of standardization, so if there is a problem, one solution may be applied to a majority. That’s not the case with industry.
“Some of the technology in use is several-decades-old systems, but still works; so some may say, ‘If it ain’t broke why fix it?’ The Coast Guard has spent the past 18 months in an educational phase, working with our stakeholders so we are on the same page when it comes to recognizing this risk. We are already starting to see these efforts change that mindset.”
This article was first published in Coast Guard Outlook 2016-2017 Edition.