On February 21, the Administration announced an Executive Order (“EO”) aimed at strengthening cybersecurity at U.S. Ports. While not directly applicable to critical infrastructure entities in other sectors, the EO highlights the Administrator’s focus on critical infrastructure more broadly and sets forth steps that can be taken by all critical infrastructure operators to harden their cybersecurity posture.

The EO grants new authority to the Coast Guard to prohibit the use of, inspect or remove data or technologies that may pose an unacceptable cybersecurity risk to port facilities or vessels. Additionally, the EO empowers the Coast Guard to adopt regulations to address cybersecurity risks. On the basis of this authority, the Coast Guard has issued draft Regulations which, if adopted, would require operators of port facilities and other maritime entities to implement specific cybersecurity controls, a cybersecurity plan and report suspicious activities, cybersecurity incidents and data breaches to the Coast Guard, CISA and the FBI. You can read the full Insight discussing the EO, proposed Regulations and practical steps covered entities and all critical infrastructure operators can take to enhance their cybersecurity preparedness here.