John Hammond | Wednesday, October 12th, 2016
During September of 2016, I attended an Op's Spotlight given by CAPT Day, the Commander and Captain of the Port at Sector New York. Late in his presentation, he emphasized that he believed that cyber security was the future of the Coast Guard, and it was his goal to help kickstart it.
To meet this end, he said that he sent one of his LT's to tour and experience more cutting-edge financial firms in New York. I figured that he (the LT) would have some interesting things to say and have some interesting opinions on cyber within the Coast Guard.
So, after CAPT Day's presentation, I went up and talked with him personally. I asked for the LT's name, LT Chad Ray, and managed to get a hold of via e-mail.
LT Ray had asked if we could talk over the phone, and I gladly complied -- on October 12th, we talked for about an hour in the afternoon.
The following is a very informal scramble of notes during the phone call conversation. It is unlikely that I will make any attempt to formalize them.
went to kp - uscga is better!!! (thank you kaitlyn)
two years on a cutter
two years during marine inspections
one year so far in ny
he started the `cyber security liason project`???
worked with our port partners (container, oil, passenger vessels) -- ny is a high profile port
AMSC made for an easier way to talk about this
"table-top exercise"...
financial institutions are tip of the spears for CS... but our maritime industry is 25 years behind
"widget problem"... so many different problems and moving part
* Cyber security within the Coast Guard
* Your interest in Cyber security
* How do you see cyber security take its shape in the Coast Guard
* Experience at the financial firms
- Where did you go?
+ JP Morgans Chase
* they have a whole block of Wall St dedicated to their cybe work
* 100 - 200 people dedicated to looking ay e-mails, social media
* Do we need that in the Coast Guard?
* Port terminasls have operatons
- physical gate, physical oil being brought on to the vessel, physical transcations and terminal work. With the financial firms, all their data is intangible and money
+ citybank
+ golden express
- What did you do while you were there?
+ working through FSO's, facility security officers
- What did you learn?
+ working through the container ports, (1) it is a regulatory process, so they were sensitive as to what info they gave
- Were there any things you were able to "take back" to work within the CG?
* Applications of cyber security within the Coast Guard
* Career opportunities, even in Sector New York.
- the question is undefined
- it is definitely there
- but it is still undefined, the progression (seeing how you move from O1 to O2, etc.)
- NORTHCOM, US CYBERCOM
- but we need to have sea schools for it and rates for it
- need to retain these skills
- and you can copme in as an O1 with these skills
cyber security thing happening this coming summer?
going to a boat you would miss this opportunity
get to a big sector, that has an ASMC and let you get involved
san diego? LA?
networking with you, relying on relationships.
working with people, working with the people that do have the technical skills, and working with cyber security in the maritime
your experience is worth its wait in gold
amsc table top exercise was a 3 day exercise, the first of its king, oil and container terminals and passenger vessels present. escalating cyber security scenarios. Next year we want to do a full-scale exercise-- someone on the terminal screen, coming in the middle of August
he is currently writing a whitepaper for the cybersecurity liason project
a 101 for cyber security, foundational blocks
stevens institute and ruckers university involved
the relationship has been awesome, no one holds back information
they want to be a part of the project. They want the publicity to work with the Coast Guard to help prepare for the amsc. Why aren't we working with our own Coast Guard Academy?
"Acquisition of data" is typically the kinds of attacks
What kind of equipment do the container terminals have? Are they vulnerable to any cyber mayhem? Well, we don't have the wisdom and understanding to be even able to detect it
ISACs information sharing and analysis centers that we are trying to bolster
What level is the maritime ISAC?
it is not a ones and zeros problem.
it is a people thing.
LSU? (LT Wyman says that they were developing the exercise).
ADM Stosz Over at DCMS
CG-1
Directorate of Billets at the CGA