Navigation and Vessel Inspection Circular (NVIC) 05-17; Guidelines for Addressing Cyber Risks at Maritime Transportation Security Act (MTSA) Regulated Facilities, 32189-32191 [2017-14616]

Download as PDF Federal Register / Vol. 82, No. 132 / Wednesday, July 12, 2017 / Notices Dated: July 7, 2017. Anna K. Abram, Deputy Commissioner for Policy, Planning, Legislation, and Analysis. [FR Doc. 2017–14566 Filed 7–11–17; 8:45 am] BILLING CODE 4164–01–P DEPARTMENT OF HEALTH AND HUMAN SERVICES National Institutes of Health National Cancer Institute; Amended Notice of Meeting Notice is hereby given of a change in the meeting of the National Cancer Institute Special Emphasis Panel, July 20, 2017, 11:00 a.m. to July 20, 2017, 05:00 p.m., National Cancer Institute Shady Grove, Shady Grove, 9609 Medical Center Drive, 7W102, Rockville, MD 20850 which was published in the Federal Register on May 31, 2017, 82 FR 24983. The meeting notice is amended to change the meeting title to ‘‘Core Infrastructure & Epidemiology Cohorts’’. The meeting date has been changed to August 8, 2017 and the contact person has been changed to Shakeel Ahmad, Ph.D.; phone 240–276–6349; ahmads@ mail.nih.gov. The meeting is closed to the public. Name of Committee: National Institute on Aging Special Emphasis Panel; The Dog Aging Project. Date: August 4, 2017. Time: 11:00 a.m. to 3:00 p.m. Agenda: To review and evaluate grant applications. Place: National Institute on Aging, Gateway Building, 2W200, 7201 Wisconsin Ave., Bethesda, MD 20892, (Telephone Conference Call). Contact Person: Isis S. Mikhail, DRPH, MD, MPH, National Institute on Aging, Gateway Building, 7201 Wisconsin Avenue, Suite 2C212, Bethesda, MD 20892, 301–402–7704, MIKHAILI@MAIL.NIH.GOV. (Catalogue of Federal Domestic Assistance Program Nos. 93.866, Aging Research, National Institutes of Health, HHS) Dated: July 6, 2017. Melanie J. Pantoja, Program Analyst, Office of Federal Advisory Committee Policy. asabaliauskas on DSKBBXCHB2PROD with NOTICES National Institutes of Health VerDate Sep<11>2014 17:54 Jul 11, 2017 Jkt 241001 BILLING CODE 4140–01–P DEPARTMENT OF HOMELAND SECURITY Coast Guard [Docket No. USCG–2016–1084] Navigation and Vessel Inspection Circular (NVIC) 05–17; Guidelines for Addressing Cyber Risks at Maritime Transportation Security Act (MTSA) Regulated Facilities ACTION: DEPARTMENT OF HEALTH AND HUMAN SERVICES SUMMARY: National Institutes of Health Center for Scientific Review; Notice of Closed Meeting Name of Committee: Center for Scientific Review Special Emphasis Panel; Myocardial Ischemia and Metabolism Members Conflict. Date: August 1–2, 2017. Time: 12:00 p.m. to 5:00 p.m. Agenda: To review and evaluate grant applications. Place: National Institutes of Health, 6701 Rockledge Drive, Bethesda, MD 20892, (Virtual Meeting). Contact Person: Abdelouahab Aitouche, Ph.D., Scientific Review Officer, Center for Scientific Review, National Institutes of Health, 6701 Rockledge Drive, Room 4222, MSC 7814, Bethesda, MD 20892, 301–435– 2365, aitouchea@csr.nih.gov. (Catalogue of Federal Domestic Assistance Program Nos. 93.306, Comparative Medicine; 93.333, Clinical Research, 93.306, 93.333, 93.337, 93.393–93.396, 93.837–93.844, DEPARTMENT OF HEALTH AND HUMAN SERVICES [FR Doc. 2017–14538 Filed 7–11–17; 8:45 am] AGENCY: Pursuant to section 10(d) of the Federal Advisory Committee Act, as amended (5 U.S.C. App.), notice is hereby given of the following meeting. The meeting will be closed to the public in accordance with the provisions set forth in sections 552b(c)(4) and 552b(c)(6), Title 5 U.S.C., as amended. The grant applications and the discussions could disclose confidential trade secrets or commercial property such as patentable material, and personal information concerning individuals associated with the grant applications, the disclosure of which would constitute a clearly unwarranted invasion of personal privacy. BILLING CODE 4140–01–P Dated: July 6, 2017. Melanie J. Pantoja, Program Analyst, Office of Federal Advisory Committee Policy. BILLING CODE 4140–01–P National Institute on Aging; Notice of Closed Meeting [FR Doc. 2017–14539 Filed 7–11–17; 8:45 am] 93.846–93.878, 93.892, 93.893, National Institutes of Health, HHS) [FR Doc. 2017–14540 Filed 7–11–17; 8:45 am] Pursuant to section 10(d) of the Federal Advisory Committee Act, as amended (5 U.S.C. App.), notice is hereby given of the following meeting. The meeting will be closed to the public in accordance with the provisions set forth in sections 552b(c)(4) and 552b(c)(6), Title 5 U.S.C., as amended. The grant applications and the discussions could disclose confidential trade secrets or commercial property such as patentable material, and personal information concerning individuals associated with the grant applications, the disclosure of which would constitute a clearly unwarranted invasion of personal privacy. Dated: July 6, 2017. Melanie J. Pantoja, Program Analyst, Office of Federal Advisory Committee Policy. 32189 PO 00000 Frm 00030 Fmt 4703 Sfmt 4703 Coast Guard, DHS. Notice of availability and request for comments. The Coast Guard announces the availability of draft Navigation and Inspection Circular (NVIC) 05–17; Guidelines for Addressing Cyber Risks at Maritime Transportation Security Act (MTSA) Regulated Facilities, and requests public comment on the draft. This NVIC proposes to clarify the existing requirements under MTSA to incorporate analysis of computer and cyber risks and guidance for addressing those risks. This NVIC would provide guidance on incorporating cybersecurity risks into an effective Facility Security Assessment (FSA), as well as additional recommendations for policies and procedures that may reduce cyber risk to operators of maritime facilities. Operators may use this document as a benchmark to develop and implement measures and activities for effective selfgovernance of cyber risks. DATES: Comments must be submitted to the online docket via https:// www.regulations.gov, or reach the Docket Management Facility, on or before September 11, 2017. FOR FURTHER INFORMATION CONTACT: If you have questions on this notice, call or email, Jason Warren, Coast Guard; telephone 202–372–1106, email Jason.S.Warren@uscg.mil or LCDR Josephine Long, Coast Guard; telephone 202–372–1109, email Josephine.A.Long@uscg.mil. ADDRESSES: You may submit comments identified by docket number USCG– 2016–1084 using the Federal eRulemaking Portal at https:// www.regulations.gov. See the ‘‘Public Participation and Request for Comments’’ portion of the E:\FR\FM\12JYN1.SGM 12JYN1 32190 Federal Register / Vol. 82, No. 132 / Wednesday, July 12, 2017 / Notices SUPPLEMENTARY INFORMATION section for further instructions on submitting comments. SUPPLEMENTARY INFORMATION: Public Participation and Request for Comments We encourage you to submit comments (or related material) on the draft NVIC. We will consider all submissions and may adjust our final action based on your comments. If you submit a comment, please include the docket number for this notice, indicate the specific section of this document to which each comment applies, and provide a reason for each suggestion or recommendation. We encourage you to submit comments through the Federal eRulemaking Portal at https:// www.regulations.gov. If your material cannot be submitted using https:// www.regulations.gov, contact the person in the FOR FURTHER INFORMATION CONTACT section of this document for alternate instructions. Documents mentioned in this notice, and all public comments, are in our online docket at https://www.regulations.gov and can be viewed by following that Web site’s instructions. Additionally, if you go to the online docket and sign up for email alerts, you will be notified when comments are posted or a final rule is published. We accept anonymous comments. All comments received will be posted without change to https:// www.regulations.gov and will include any personal information you have provided. For more about privacy and the docket, you may review a Privacy Act notice regarding the Federal Docket Management System in the March 24, 2005, issue of the Federal Register (70 FR 15086). asabaliauskas on DSKBBXCHB2PROD with NOTICES Discussion As highlighted in the United States Coast Guard Cyber Strategy, cyber security is one of the most serious economic and national security challenges we face as a nation. Adversaries, including state-sponsored and independent hacker groups, terrorists, Transnational Organized Crime groups, and insider threats can pose significant threats to our nation’s Marine Transportation System (MTS). Yet these same systems allow the MTS to operate with an impressive record of efficiency and reliability. With approximately 360 sea and river ports, which handle more than $1.3 trillion in annual cargo, we are dependent on a safe, secure, and efficient MTS, which in turn is highly dependent on a VerDate Sep<11>2014 17:54 Jul 11, 2017 Jkt 241001 complex, globally-networked system of technology. The maritime industry continues to increase use of cyber technology. Facility operators use computers and cyber dependent technologies for communications, engineering, cargo control, environmental control, access control, passenger and cargo screening, and many other purposes. Facility safety and security systems, such as security monitoring, fire detection, and general alarm installations increasingly rely on computers and networks. While these computer and network systems create benefits, they are inherently vulnerable and could introduce new vulnerabilities. Exploitation, misuse, or simple failure of cyber systems can cause injury or death, harm the marine environment, disrupt vital trade activity, and degrade the ability to respond to other emergencies. There are many resources, technical standards, and recommended practices available to the marine industry that can help their governance of cyber risks. Facility operators should use those resources to promote a culture of effective and proactive cyber risk management. The purpose of this draft NVIC is to begin to lay out a series of policies and procedures to mitigate these risks while ensuring the continued operational capability of the nation’s MTS. The provisions of the Maritime Transportation Security Act (MTSA) (Pub. L. 105–297, November 25, 2002) address the security of the MTS and authorize regulations. Under the authority of MTSA, the Coast Guard has promulgated regulations, located in subchapter H of Title 33 of the Code of Federal Regulations (CFR), which provide general parameters for port and facility security while allowing facility owners and operators the discretion to determine the details of how they will comply. Owners and operators are responsible for assessing vulnerabilities and ensuring the security of their facilities with Coast Guard oversight and guidance. The Coast Guard currently has the regulatory authority to instruct facilities and Outer Continental Shelf (OCS) facilities regulated under MTSA to address computer system and network vulnerabilities within their required Facility Security Assessment (FSA) and to address these vulnerabilities, if necessary, within the Facility Security Plan (FSP). This draft NVIC would provide guidance and recommended practices for MTSA regulated facilities to address cyber-related vulnerabilities. It consists of two major parts. The first part, titled ‘‘Cyber Security and MTSA: 33 CFR PO 00000 Frm 00031 Fmt 4703 Sfmt 4703 parts 105 and 106,’’ and labeled enclosure 1, discusses the existing MTSA regulatory requirements that are applicable to cyber security related threats. These provisions, located in parts 105 and 106 of 33 CFR, currently require that owners and operators of MTSA-regulated facilities and OCS facilities conduct FSAs, and if applicable, include in their FSPs measures addressing any vulnerabilities identified in the FSA. The NVIC would lay out the Coast Guard’s interpretation of these existing requirements as they would apply to cybersecurity threats and recommended additions to the FSP. As these regulations are currently in force, the recommendations of the NVIC, if finalized, would serve as the Coast Guard’s interpretation of those regulations. The NVIC would assist the owner/operator in identifying cyber systems that are related to MTSA regulatory functions, or whose failure or exploitation could cause or contribute to a Transportation Security Incident. This NVIC also contains a more detailed set of cybersecurity parameters, labeled as enclosure 2 and titled ‘‘Cyber Governance and Cyber Risk Management Program Implementation Guidance,’’ which provides best recommended practices. This proposed guidance, derived from a variety of standardized industry practices including the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), lays out the basics for establishing a set of security policies designed to counter cybersecurity threats. These policies involve the establishment of roles and responsibilities for a Cyber Risk Management team, policies, and program, as well as guidance on how to implement such a program over a variety of business models. It also provides recommendations for developing security measures including inventory, access control, acceptable use policies, and network design. The recommendations in enclosure 2 of this proposed NVIC would provide the foundation for an effective strategy to help prevent and mitigate the damage from cybersecurity threats to the MTS. With the publication of this draft NVIC, the Coast Guard is seeking industry and public comments on the necessity, robustness, implementation, and costs of the proposed cybersecurity guidance. Specifically, we are seeking comments on the feasibility of its implementation, how flexible and useful it is in addressing the broad scope of vulnerabilities and risk facing regulated facilities, and its ability to remain valid when technology and industry’s use of technology changes. In E:\FR\FM\12JYN1.SGM 12JYN1 32191 Federal Register / Vol. 82, No. 132 / Wednesday, July 12, 2017 / Notices addition, we seek comments on whether this guidance aligns with activities that may already be taking place by industry. The Coast Guard will carefully consider all comments submitted during the comment period before promulgating any final guidance. This notice is issued under authority of 5 U.S.C. 522(a). R.D. Manning, Captain, U.S. Coast Guard, Chief, Office of Port and Facility Compliance. [FR Doc. 2017–14616 Filed 7–11–17; 8:45 am] BILLING CODE 9110–04–P DEPARTMENT OF HOMELAND SECURITY U.S. Customs and Border Protection Quarterly IRS Interest Rates Used in Calculating Interest on Overdue Accounts and Refunds on Customs Duties U.S. Customs and Border Protection, Department of Homeland Security. ACTION: General notice. AGENCY: This notice advises the public that the quarterly Internal Revenue Service interest rates used to calculate interest on overdue accounts (underpayments) and refunds (overpayments) of customs duties will remain the same from the previous SUMMARY: quarter. For the calendar quarter beginning July 1, 2017, the interest rates for overpayments will be 3 percent for corporations and 4 percent for noncorporations, and the interest rate for underpayments will be 4 percent for both corporations and non-corporations. This notice is published for the convenience of the importing public and U.S. Customs and Border Protection personnel. DATES: Effective Date: July 1, 2017. FOR FURTHER INFORMATION CONTACT: Shandy Plicka, Revenue Division, Collection and Refunds Branch, 6650 Telecom Drive, Suite #100, Indianapolis, Indiana 46278; telephone (317) 298–1717. SUPPLEMENTARY INFORMATION: Background Pursuant to 19 U.S.C. 1505 and Treasury Decision 85–93, published in the Federal Register on May 29, 1985 (50 FR 21832), the interest rate paid on applicable overpayments or underpayments of customs duties must be in accordance with the Internal Revenue Code rate established under 26 U.S.C. 6621 and 6622. Section 6621 provides different interest rates applicable to overpayments: One for corporations and one for noncorporations. The interest rates are based on the Federal short-term rate and determined Ending date asabaliauskas on DSKBBXCHB2PROD with NOTICES Beginning date 070174 070175 020176 020178 020180 020182 010183 070183 010185 070185 010186 070186 010187 100187 010188 040188 100188 040189 100189 040191 010192 040192 100192 070194 100194 040195 070195 040196 070196 040198 ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. ............................................................................................................. VerDate Sep<11>2014 17:54 Jul 11, 2017 Jkt 241001 PO 00000 Frm 00032 Fmt 4703 Sfmt 4703 by the Internal Revenue Service (IRS) on behalf of the Secretary of the Treasury on a quarterly basis. The rates effective for a quarter are determined during the first-month period of the previous quarter. In Revenue Ruling 2017–13, the IRS determined the rates of interest for the calendar quarter beginning July 1, 2017, and ending on September 30, 2017. The interest rate paid to the Treasury for underpayments will be the Federal short-term rate (1%) plus three percentage points (3%) for a total of four percent (4%) for both corporations and non-corporations. For corporate overpayments, the rate is the Federal short-term rate (1%) plus two percentage points (2%) for a total of three percent (3%). For overpayments made by non-corporations, the rate is the Federal short-term rate (1%) plus three percentage points (3%) for a total of four percent (4%). These interest rates are subject to change for the calendar quarter beginning October 1, 2017, and ending December 31, 2017. For the convenience of the importing public and U.S. Customs and Border Protection personnel the following list of IRS interest rates used, covering the period from July of 1974 to date, to calculate interest on overdue accounts and refunds of customs duties, is published in summary format. Underpayments (percent) 063075 013176 013178 013180 013182 123182 063083 123184 063085 123185 063086 123186 093087 123187 033188 093088 033189 093089 033191 123191 033192 093092 063094 093094 033195 063095 033196 063096 033198 123198 E:\FR\FM\12JYN1.SGM Corporate over-payments (Eff. 1–1–99) (percent) Overpayments (percent) 6 9 7 6 12 20 16 11 13 11 10 9 9 10 11 10 11 12 11 10 9 8 7 8 9 10 9 8 9 8 12JYN1 6 9 7 6 12 20 16 11 13 11 10 9 8 9 10 9 10 11 10 9 8 7 6 7 8 9 8 7 8 7

Agencies

[Federal Register Volume 82, Number 132 (Wednesday, July 12, 2017)]
[Notices]
[Pages 32189-32191]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2017-14616]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Coast Guard

[Docket No. USCG-2016-1084]


Navigation and Vessel Inspection Circular (NVIC) 05-17; 
Guidelines for Addressing Cyber Risks at Maritime Transportation 
Security Act (MTSA) Regulated Facilities

AGENCY: Coast Guard, DHS.

ACTION: Notice of availability and request for comments.

-----------------------------------------------------------------------

SUMMARY: The Coast Guard announces the availability of draft Navigation 
and Inspection Circular (NVIC) 05-17; Guidelines for Addressing Cyber 
Risks at Maritime Transportation Security Act (MTSA) Regulated 
Facilities, and requests public comment on the draft. This NVIC 
proposes to clarify the existing requirements under MTSA to incorporate 
analysis of computer and cyber risks and guidance for addressing those 
risks. This NVIC would provide guidance on incorporating cybersecurity 
risks into an effective Facility Security Assessment (FSA), as well as 
additional recommendations for policies and procedures that may reduce 
cyber risk to operators of maritime facilities. Operators may use this 
document as a benchmark to develop and implement measures and 
activities for effective self-governance of cyber risks.

DATES: Comments must be submitted to the online docket via https://www.regulations.gov, or reach the Docket Management Facility, on or 
before September 11, 2017.

FOR FURTHER INFORMATION CONTACT: If you have questions on this notice, 
call or email, Jason Warren, Coast Guard; telephone 202-372-1106, email 
Jason.S.Warren@uscg.mil or LCDR Josephine Long, Coast Guard; telephone 
202-372-1109, email Josephine.A.Long@uscg.mil.

ADDRESSES: You may submit comments identified by docket number USCG-
2016-1084 using the Federal eRulemaking Portal at https://www.regulations.gov. See the ``Public Participation and Request for 
Comments'' portion of the

[[Page 32190]]

SUPPLEMENTARY INFORMATION section for further instructions on 
submitting comments.

SUPPLEMENTARY INFORMATION: 

Public Participation and Request for Comments

    We encourage you to submit comments (or related material) on the 
draft NVIC. We will consider all submissions and may adjust our final 
action based on your comments. If you submit a comment, please include 
the docket number for this notice, indicate the specific section of 
this document to which each comment applies, and provide a reason for 
each suggestion or recommendation.
    We encourage you to submit comments through the Federal eRulemaking 
Portal at https://www.regulations.gov. If your material cannot be 
submitted using https://www.regulations.gov, contact the person in the 
FOR FURTHER INFORMATION CONTACT section of this document for alternate 
instructions. Documents mentioned in this notice, and all public 
comments, are in our online docket at https://www.regulations.gov and 
can be viewed by following that Web site's instructions. Additionally, 
if you go to the online docket and sign up for email alerts, you will 
be notified when comments are posted or a final rule is published.
    We accept anonymous comments. All comments received will be posted 
without change to https://www.regulations.gov and will include any 
personal information you have provided. For more about privacy and the 
docket, you may review a Privacy Act notice regarding the Federal 
Docket Management System in the March 24, 2005, issue of the Federal 
Register (70 FR 15086).

Discussion

    As highlighted in the United States Coast Guard Cyber Strategy, 
cyber security is one of the most serious economic and national 
security challenges we face as a nation. Adversaries, including state-
sponsored and independent hacker groups, terrorists, Transnational 
Organized Crime groups, and insider threats can pose significant 
threats to our nation's Marine Transportation System (MTS). Yet these 
same systems allow the MTS to operate with an impressive record of 
efficiency and reliability. With approximately 360 sea and river ports, 
which handle more than $1.3 trillion in annual cargo, we are dependent 
on a safe, secure, and efficient MTS, which in turn is highly dependent 
on a complex, globally-networked system of technology.
    The maritime industry continues to increase use of cyber 
technology. Facility operators use computers and cyber dependent 
technologies for communications, engineering, cargo control, 
environmental control, access control, passenger and cargo screening, 
and many other purposes. Facility safety and security systems, such as 
security monitoring, fire detection, and general alarm installations 
increasingly rely on computers and networks. While these computer and 
network systems create benefits, they are inherently vulnerable and 
could introduce new vulnerabilities. Exploitation, misuse, or simple 
failure of cyber systems can cause injury or death, harm the marine 
environment, disrupt vital trade activity, and degrade the ability to 
respond to other emergencies.
    There are many resources, technical standards, and recommended 
practices available to the marine industry that can help their 
governance of cyber risks. Facility operators should use those 
resources to promote a culture of effective and proactive cyber risk 
management. The purpose of this draft NVIC is to begin to lay out a 
series of policies and procedures to mitigate these risks while 
ensuring the continued operational capability of the nation's MTS.
    The provisions of the Maritime Transportation Security Act (MTSA) 
(Pub. L. 105-297, November 25, 2002) address the security of the MTS 
and authorize regulations. Under the authority of MTSA, the Coast Guard 
has promulgated regulations, located in subchapter H of Title 33 of the 
Code of Federal Regulations (CFR), which provide general parameters for 
port and facility security while allowing facility owners and operators 
the discretion to determine the details of how they will comply. Owners 
and operators are responsible for assessing vulnerabilities and 
ensuring the security of their facilities with Coast Guard oversight 
and guidance. The Coast Guard currently has the regulatory authority to 
instruct facilities and Outer Continental Shelf (OCS) facilities 
regulated under MTSA to address computer system and network 
vulnerabilities within their required Facility Security Assessment 
(FSA) and to address these vulnerabilities, if necessary, within the 
Facility Security Plan (FSP).
    This draft NVIC would provide guidance and recommended practices 
for MTSA regulated facilities to address cyber-related vulnerabilities. 
It consists of two major parts. The first part, titled ``Cyber Security 
and MTSA: 33 CFR parts 105 and 106,'' and labeled enclosure 1, 
discusses the existing MTSA regulatory requirements that are applicable 
to cyber security related threats. These provisions, located in parts 
105 and 106 of 33 CFR, currently require that owners and operators of 
MTSA-regulated facilities and OCS facilities conduct FSAs, and if 
applicable, include in their FSPs measures addressing any 
vulnerabilities identified in the FSA. The NVIC would lay out the Coast 
Guard's interpretation of these existing requirements as they would 
apply to cybersecurity threats and recommended additions to the FSP. As 
these regulations are currently in force, the recommendations of the 
NVIC, if finalized, would serve as the Coast Guard's interpretation of 
those regulations. The NVIC would assist the owner/operator in 
identifying cyber systems that are related to MTSA regulatory 
functions, or whose failure or exploitation could cause or contribute 
to a Transportation Security Incident.
    This NVIC also contains a more detailed set of cybersecurity 
parameters, labeled as enclosure 2 and titled ``Cyber Governance and 
Cyber Risk Management Program Implementation Guidance,'' which provides 
best recommended practices. This proposed guidance, derived from a 
variety of standardized industry practices including the National 
Institute of Standards and Technology (NIST) Cybersecurity Framework 
(CSF), lays out the basics for establishing a set of security policies 
designed to counter cybersecurity threats. These policies involve the 
establishment of roles and responsibilities for a Cyber Risk Management 
team, policies, and program, as well as guidance on how to implement 
such a program over a variety of business models. It also provides 
recommendations for developing security measures including inventory, 
access control, acceptable use policies, and network design. The 
recommendations in enclosure 2 of this proposed NVIC would provide the 
foundation for an effective strategy to help prevent and mitigate the 
damage from cybersecurity threats to the MTS.
    With the publication of this draft NVIC, the Coast Guard is seeking 
industry and public comments on the necessity, robustness, 
implementation, and costs of the proposed cybersecurity guidance. 
Specifically, we are seeking comments on the feasibility of its 
implementation, how flexible and useful it is in addressing the broad 
scope of vulnerabilities and risk facing regulated facilities, and its 
ability to remain valid when technology and industry's use of 
technology changes. In

[[Page 32191]]

addition, we seek comments on whether this guidance aligns with 
activities that may already be taking place by industry. The Coast 
Guard will carefully consider all comments submitted during the comment 
period before promulgating any final guidance. This notice is issued 
under authority of 5 U.S.C. 522(a).

R.D. Manning,
Captain, U.S. Coast Guard, Chief, Office of Port and Facility 
Compliance.
[FR Doc. 2017-14616 Filed 7-11-17; 8:45 am]
 BILLING CODE 9110-04-P