The Coast Guard will release a comprehensive cybersecurity strategy, “in about a month,” that will go beyond how the branch protects its information and how it can help protect the maritime critical infrastructure from cyberattacks, according to Coast Guard Deputy CIO Thomas Michelli.
Michelli spoke last week before the Northern Virginia chapter of the Armed Forces Communications and Electronics Association (AFCEA) in Tysons Corner, Va., where he said the strategy will address all aspects of cybersecurity.
“As parts of both the Department of Defense and the Department of Homeland Security, we are in an interesting and critical point for cybersecurity,” Michelli said. “Our goal is to take a forward-looking approach on how we can support key resources, not only in our department, but along the coasts we work to protect.”
Ports in the United States handle more than $1.3 trillion in cargo each year. Without proper cyberprotection systems in place, they are at risk of allowing unwanted cargo from entering the country. A cyber breach could also slow the nation’s commerce if the sending and receiving of goods had to be slowed.
The Government Accountability Office requested that the Coast Guard work with the DHS and the Federal Emergency Management Agency to strengthen the cybercontrols of these ports in a report released last June.
Michelli, who joined the Coast Guard nine months ago, said the cybersecurity strategy has been under development for approximately 18 months.
Security is a key component of the branch’s mission going forward. In another soon-to-be-released document, known as Command, Control, Communications, Computers and Information Technology (C4IT) for 2015–2019, Coast Guard CIO Adm. Marshall Lytle puts information security atop his priorities for the branch’s technology office.
Having cyber security as a priority comes in an ever-decreasing budget environment for the Coast Guard. The branch’s total budget is expected to continue to drop from approximately $10.5 billion in 2013 to closer to $10 billion in the next budget.
“Other parts of government and the military are expected to do more with less. The Coast Guard is expected to do everything with nothing,” Michelli said. “What that does is give us an incredible focus to filter out the things that are not needed and really drill down into what is critical and to find better ways of doing things.”
C4IT has a $500 million annual budget and a staff of 2,500. About 55 percent of that comes from contractors, with the rest made up of uniformed and civilian employees, who provide technical services for more than 42,000 active duty personnel and 49,000 civilian, reserve and auxiliary workers.
According to Michelli, the department is following the rest of government’s lead and turning toward cost-cutting technologies, such as virtualization, to help divert funds.
“Every dollar we can save on back-end technologies is another one we can put towards our mission,” Michelli said.