14 Proceedings Summer 2025 By focusing on risk-based prevention, the MTSS-C can collaborate with MTS community members to identify and prioritize areas of concern. This coopera- tive approach allows the MTSS-C to conduct risk-based physical domain impact assessments of MTS facilities and their operations. The Coast Guard Northeast District has partnered with Idaho National Labs to create a risk- based interdependency map linking the MTS and the energy sector’s critical infrastructure. A thorough under- standing of the MTS and its interdependencies is essen- tial for accurate risk assessments. Developing MTSS-C cyber risk assessment training is crucial for evaluating the importance of port operations, infrastructure, and nodes of critical interdependencies. This new skillset will enhance awareness and resilience within our MTS facilities. Enabling Interoperability NIST has produced various publications to assist organi- zations in evaluating cybersecurity and risk holistically. The NIST 2.0 Cybersecurity Framework and several Coast Guard Cybersecurity Community Profiles serve as foundational frameworks for supporting comprehensive evaluations of organizational cybersecurity programs and efforts. NIST 2.0 is highly customizable and focuses on key areas of concern. One of its most flexible features is its ability to create crosswalks that integrate with the NIST framework—unlike many other cybersecurity frameworks currently in use—enabling interoperability across various organizations and programs. The Coast Guard Cybersecurity Profiles extend the NIST frame- work’s reach to address unique areas of the MTS, such as maritime bulk liquids transfer, passenger vessels, and offshore facilities. Applying the NIST 2.0 Cybersecurity Framework and Coast Guard Cybersecurity Profiles within the context of technical findings, observations from CG CYBERCOM, and physical security concerns identified by port security specialists creates a more accurate perspective to support cybersecurity assess- ments that adapt to evolving operational and cyber envi- ronments. The MTSS-C role fills a critical gap in linking CG CYBERCOM’s technical capabilities and the Coast Guard’s Port Security Program. The MTSS-C represents an additional capability to support the service’s mission of defending and protecting the MTS from malicious cyberthreats. The MTSS-C can leverage insights and CG CYBERCOM research regarding technical observations and threat intelligence, combined with physical security challenges provided by our port security specialists, cre- ating a holistic, needs-based assessment strategy with our MTS community members. By addressing the chal- lenges faced by individual MTS organizations based on assessments and contextualized technical and physical security challenges, the MTSS-C role can create valu- able opportunities to link technical, nontechnical, and physical domain security concerns, providing a holistic approach to MTS cybersecurity. Working collaboratively to tackle the unique MTS cybersecurity challenges positions the MTSS-C to offer customizable, risk-based, NIST 2.0 Cybersecurity Framework assessments and best practices to facility cybersecurity professionals. This initiative will leverage the analytical expertise of the MTSS-C, offering valuable support to the MTS community. By adopting a holistic, risk-based, framework-driven approach, it will empower MTS cybersecurity professionals to advocate for orga- nizational changes at both governance and technical levels, while providing crucial leadership and resource support for MTS cybersecurity programs. Driving Innovation The Coast Guard’s MTS cybersecurity program has sparked innovative strategies for the MTSS-C’s mis- sion and role. The organization is dedicated to continu- ous innovation and focused on developing its MTSS-C skillsets and capabilities. The MTS cybersecurity pro- gram and the MTSS-C are poised to drive innovations within the prevention mission by integrating technical, nontechnical, and physical security elements of MTS cybersecurity into a cohesive, team-based approach. With the technical support and expertise of operational partners within CG CYBERCOM, we can enhance our collective mission impacts. The development of capabili- ties discussed in this article can serve as the next foun- dational growth platform for the MTS cybersecurity program. Conclusion By innovating in the MTSS-C’s nontechnical, governance, policy, and risk-based advisory roles, we can effectively address the increasing threats facing the MTS subsec- tor from the cyber domain. In doing so, we can fully realize and unleash the potential of the MTSS-C and the MTS cybersecurity program. These advancements will position the Coast Guard at the forefront of MTS cybersecurity, ready to fulfill our mission of hardening, defending, and protecting the MTS. About the author: Kevin Adams is a marine transportation system cybersecurity specialist in the Coast Guard Northeast District. He holds an M.S. in cybersecurity policy and governance from Boston College and is a certified governance, risk and compliance professional. He also serves as a U.S. Army Reserve lieutenant colonel and innovation officer in the 75th Innovation Com- mand, where he supports the Army Futures Command and the service’s modernization strategy.
