The Coast Guard Office of Commercial Vessel Compliance (CVC) has updated its Cyber Risk Management Work Instruction (CVC-WI-027).

The latest version is available for review internally on the CVC Mission Management System (MMS) webpage and is also publicly available on CVC’s public MMS webpage. Changes to the MMS product include elaboration on the definition of “poor cyber hygiene,” clarification on procedures and standards to follow during port state control exams, amplifying information on cyber resources for marine safety personnel (such as the updated NIST Cybersecurity Framework), and updated reporting procedures in response to suspected cyber incidents onboard vessels.

For questions, comments, or further clarification regarding CVC-WI-027, please contact the Port State Control Division (CVC-2) at 202-372-3567 or email CVC-2 Cybersecurity Specialist Steve Kwan at [email protected].