UPDATING IT INFRASTRUCTURE BY J.R. WILSON
To support its multiple operational duties – law enforcement, aids to navigation, icebreaking, overseas military support to the Department of Defense (DOD) when requested, etc. – the U.S. Coast Guard provides IT support to 823 global sites and more than 87,000 users. However, recent assessments by both the U.S. Coast Guard and the Government Accountability Office (GAO) have determined this infrastructure – both IT and the physical facilities housing it – is critically outdated and in need of restructuring and improved security. As the principal federal agency responsible for maritime safety, security, and environmental stewardship in U.S. ports and waterways, the Coast Guard protects and defends more than 100,000 miles of U.S. coastline and inland waterways. It also safeguards the largest Exclusive Economic Zone (EEZ) in the world, encompassing 4.5 million square miles stretching across nine time zones, from north of the Arctic Circle to south of the equator, from Puerto Rico to Guam. The size and complexity of the Coast Guard’s mandate makes a top-of-the-line IT infrastructure critical. The service’s “Coast Guard Strategic Plan 2018-2022” calls for greater cyber strength and efficient IT infrastructure, which has led to a request for sources in an apparent move to contract private industry support for cybersecurity and network optimization as part of an Infrastructure Managed Services approach. “The security environment is also affected by the rising importance of the cyber domain – where adversarial nation-states, non-state actors, and individuals are attacking our digital infrastructure and eroding the protections historically provided by our geographic borders,” the Strategic Plan states. “USCG recognizes it must partner with industry,” the request confirmed. Maritime cybersecurity is the third of six strategic priorities in the plan. “Cybersecurity is one of the most serious economic and national security challenges we face as a nation,” according to the Coast Guard. “Government systems encounter a mounting array of emerging cyber threats that could severely compromise the Coast Guard’s ability to perform its essential missions. These growing threats also pose significant risks to our nation’s Maritime
64
Coast Guard OUTLOOK
Transportation System and critical infrastructure. With over 90 percent of the nation’s goods moving via increasingly networked maritime conveyance, preserving cybersecurity is essential to overall safety, security and effectiveness.” The Strategic Plan sees the Coast Guard as a vital part of the nation’s national defense effort against transnational criminal organizations (TCOs) and other malicious nonstate actors that erode maritime governance, the rule of law, and regional stability. It also recognizes the Coast Guard’s role in confronting what it calls “the return to great-power competition,” in which rival powers, primarily China and Russia, exploit pockets of weakness to challenge “rules-based international order through inter-state aggression, economic coercion, maritime hybrid warfare, gray zone activities, and overreaching territorial claims.” Central to all of that is the rising importance of the cyber domain and attacks by TCOs, adversarial nation-states, and even individuals on America’s digital infrastructure. “At the stroke of a key, rivals in remote regions of the world can attack, disable, and alter our critical infrastructure and financial networks. These bad actors can unleash volatile malware that could have devastating consequences worldwide. While improved interconnectivity expands our capabilities, we must be wary of the corresponding increase in risk,” the plan warns. “Rapid technological advancements are changing the character of maritime operations. The accelerating pace of innovation manifests itself through increasingly complex vessels, high traffic volumes, and greater demands on the Marine Transportation System (MTS). “Our ability to set and enforce effective standards that advance maritime safety and environmental stewardship must keep pace with rapid technology application in the afloat, ashore, and cyber elements of the MTS,” the plan states. “Aging surface and aviation assets, as well as antiquated shore- and information-technology infrastructure, challenge our operational readiness. While we are working to recapitalize essential assets, we also require the resources to sustain and operate them.” Part of this effort will involve moving parts of USCG IT data to the cloud. Toward that end, the Coast Guard is
