/>iThe US Coast Guard's Final Rule regarding Cybersecurity in the Marine Transportation System (MTS) became effective July 16, 2025, with respect to “the owners and operators of US-flagged vessels, facilities, and OCS facilities required to have a security plan under 33 CFR parts 104, 105, and 106.” 33 C.F.R. §101.605(a). The Coast Guard's now-active regulatory cybersecurity mission has a through line to the origins of maritime commerce: the etymology of the term “cyber” derives from the ancient Greek word kubernētēs, meaning “helmsman” or “pilot” of a vessel.
As reported by Jones Walker colleagues Andy Lee and Ilsa Luther, the initial enforcement phase focuses on ensuring reportability of all cyber incidents (defined at 33 C.F.R. §101.615). However, domestic vessel and offshore facility owners/operators need to focus now on preparing for the final July 16, 2027, deadline for compliance with the remainder of the Final Rule, including identifying and hiring qualified Cybersecurity Officers, implementing Cybersecurity Plans, and the logistics of incorporating cyber drills and audits into existing SMS and/or SEMS regimes.
Additionally, a broad cross-section of interests throughout the MTS should consider the potential knock-on effects of the Final Rule on maritime operations inland and offshore. How will compliance (or non-compliance) with the Final Rule affect insurance premiums and coverage? What role will cybersecurity lapses play in maritime casualty litigation, including with respect to jurisprudential rules and presumptions such as the Pennsylvania Rule and per se liability regimes? How will parties bridge cybersecurity plans/practices across multi-party vessel operations/SIMOPS?
Now is the time for owners/operators to begin thinking about, and consult brokers, counsel, class and other interested experts on, these and other questions regarding the implications of the Final Rule. In the interim, the Coast Guard has posted an FAQ (last updated July 22, 2025) providing non-binding guidance during this ramp-up period to the 2027 compliance horizon. The Coast Guard will ostensibly continue to update the FAQ as additional questions and concerns arise among stakeholders in the MTS.
