The U.S. Coast Guard (USCG) plays a vital role in ensuring maritime safety, security, and environmental protection along the navigable waters of the United States. For operators of port facilities, terminals, chemical plants along waterways, and vessel owners, compliance with Coast Guard regulations is not optional—it’s a fundamental responsibility. This post provides a practical overview of key U.S. Coast Guard maritime security mandates and how they apply to real-world operations, particularly those regulated under the Maritime Transportation Security Act (MTSA).
Key Regulatory Authority you need to know:
The legal backbone for maritime security in the U.S. is found in Title 33 of the Code of Federal Regulations (33 CFR). Several key parts define the obligations for facilities and vessels:
- 33 CFR Part 105 – Facility Security
This part applies to MTSA-regulated port facilities. It mandates the development of Facility Security Plans (FSPs), the appointment of a Facility Security Officer (FSO), and the execution of security measures aligned with MARSEC levels. Facilities handling chemicals, petroleum, or maritime cargo are typically covered. - 33 CFR Part 160 – Port Operations
This part outlines the broad authority of the Captain of the Port (COTP), including vessel control, port access, and the ability to create safety or security zones during emergencies or heightened threat conditions. - 33 CFR Part 101.305 – Incident Reporting
This section details the requirement for reporting Transportation Security Incidents (TSIs)—including cyber-related events (TSI-C)—to the National Response Center (NRC) within 12 hours of occurrence. - 33 CFR Part 104 – Vessel Security
While Part 104 sets requirements for Vessel Security Plans (VSPs), it applies only to vessels such as tankers, cargo ships, and barges. It does not apply to land-based facilities unless they own or operate MTSA-regulated vessels.
MTSA Requirements You Need to Understand
Passed in the wake of the 9/11 attacks, the Maritime Transportation Security Act of 2002 created the foundation for modern port security regulations. MTSA requires that:
- All designated facilities and vessels have security plans (FSPs/VSPs).
- Workers in secure areas must hold a valid TWIC (Transportation Worker Identification Credential).
- Facilities participate in coordinated Area Maritime Security Committees (AMSCs).
These provisions are enforced by the U.S. Coast Guard and monitored via inspections, audits, and security exercises.
What Is a Facility Security Plan (FSP)?
Each MTSA-regulated facility must maintain a Coast Guard-approved Facility Security Plan. This plan is a detailed, living document that defines how the facility will:
- Control access to restricted areas
- Monitor and secure the perimeter
- Conduct regular training and drills
- Respond to security threats and cyber incidents
Another important term you will often hear in meetings is Area Maritime Security Committees (AMSCs),
AMSCs:
These commitees are led by the Federal Maritime Security Coordinator (FMSC) usually the local Sector Commander, AMSCs are forums where industry and government stakeholders collaborate to:
- Share threat intelligence
- Conduct risk assessments
- Develop and maintain Area Maritime Security Plans (AMSPs)
For example, the Houston-Galveston AMSC includes chemical plant operators, terminal managers, law enforcement, and emergency services throughout the Houston Ship Channel region.
A designated Facility Security Officer (FSO) is responsible for maintaining and implementing the FSP and communicating with the local COTP. If you are the new CySO, then you will be coordinating tighly with the FSO. Which means, you may be in the same AMSC meetings etc.
Understanding and adhering to maritime security requirements under the U.S. Coast Guard’s authority is critical for protecting infrastructure, people, and commerce. From FSP development to participating in the local AMSC and reporting TSI-C events, facility operators and stakeholders must be proactive, informed, and collaborative.
For information on the new rule making. Refer to the following Posts
Introduction
[All about the Cyber Security Plan (CSP), CySO and MTSA Facility – Part 1]
A little dive into CFR- What is a CFR etc:
[All about the Cyber Security Plan (CSP), CySO and MTSA Facility – Part 2]
Introduction to the New Rulemaking 33 CFR Part 101 — General Maritime Security Provisions
[All about the Cyber Security Plan (CSP), CySO and MTSA Facility – Part 3]
The Cybersecurity Plan from Subpart F of the New Rulemaking 33 CFR Part 101
[All about the Cyber Security Plan (CSP), CySO and MTSA Facility – Part 4]