Coast Guard’s New Cybersecurity Strategy Encompasses GPS

The Coast Guard is poised to release a new cybersecurity strategy that includes a resilient position and navigation capability.

The new strategy, which is reportedly due to be announced any day, was previewed by Vice Adm. Charles Michel, the Coast Guards’ deputy commandant for operations, at a maritime cyber security conference in early March.


The Coast Guard is poised to release a new cybersecurity strategy that includes a resilient position and navigation capability.

The new strategy, which is reportedly due to be announced any day, was previewed by Vice Adm. Charles Michel, the Coast Guards’ deputy commandant for operations, at a maritime cyber security conference in early March.

“Cyber security and the cyber realm is really the single most dynamic area I have responsibility for,” Michel told the group gathered at Rutgers University’s Command, Control, and Interoperability Center for Advanced Data Analysis (CCICADA). “Dynamic,” from Adm. Michel’s perspective, “is the one that surprises me the most, and I get surprised on this every day on the different types of activities that are going on out there. We have everything from hacktivists to terrorists to cyber-vandals to nation states attacking private companies.”

Michel said the cybersecurity strategy comprises three goals. The first is defending cyberspace and, specifically, safeguarding the Coast Guard’s own networks. The second is enabling operations, and the third is protecting infrastructure.

Rear Adm. Marshall Lytle will be leading the new effort, he said.

Defending cyberspace for the Coast Guard means identifying and hardening the organization’s systems and networks and understanding and countering cyber threats, he told those gathered at the Rutgers meeting, which was cosponsored by CCICADA and the American Military University.

Tacitly acknowledging the generally accepted wisdom that a determined adversary can breach any computer system, he also said that the Coast Guard planned to increase its operational resilience. As part of this, the Coast Guard will be weighing the structure of its systems, including the possibility of becoming cloud-based.

Special Focus on GPS
The cybersecurity effort will also look at GPS vulnerabilities and ways to build resilience for position and navigation data.

“We know that GPS is critical to a lot of things way beyond the maritime industry,” Michel said. “GPS is the creation of awareness, positional awareness, for all different ranges of operators. To continue to provide that particular awareness to the operator in a reliable, accurate manner is ultimately what we want to get at.”

He added that eLoran could be used to provide a backup, although other possibilities may also exist.

“If your single point of failure is GPS, i.e., you have no other systems to be able to fix your position, then you darn well better make sure GPS is resilient in some form,” Michel said. “So, the creation of things like eLoran is critical. If you can provide that mariner position data in another format other than GPS, other than eLoran, then maybe we need to take a look at that.”

Although he did not give many details, the second goal of enabling operations suggested a clearly more offensive capability. Michel said this would include incorporating cyberspace operations into mission planning and execution and delivering cyber capabilities to enhance missions. GPS, he noted, was also an element in a program he is working on to improve mariners’ situational awareness.

GPS protection may fall under the third area of activity — protecting the nation’s maritime transportation infrastructure. During the same conference, Lytle noted that a GPS jammer near an East Coast port had shut down several of the cranes needed to move cargo containers. The breach had affected operations for hours.

The new strategy offers a number of opportunities for companies to do research, Michel said. Specifically the Coast Guard is looking for analysis to identify the greatest vulnerabilities in the maritime domain and tools to map and predict dynamic cyber threats. It is also looking for help in identifying the best options for resilience as well as solutions to help support information-sharing with the Coast Guard’s partners.

Image