Amending Regulations Relating to the Safeguarding of Vessels, Harbors, Ports, and Waterfront Facilities of the United States

This Executive Order updates and broadens the regulatory framework for safeguarding United States vessels, harbors, ports, and waterfront facilities by explicitly incorporating cyber security and cyber incidents into the Coast Guard’s enforcement and safety authorities. It amends Part 6 of Title 33 of the Code of Federal Regulations to define cyber-related concepts (such as “cyber incident” and “damage” to digital infrastructure) and to extend traditional port security powers—such as establishing security zones, inspecting, boarding, restricting access, and taking control of vessels or facilities—to cyber threats as well as physical threats. The order emphasizes coordinated action with the Department of Justice and other agencies and preserves the general principle that owners and masters retain primary responsibility for security. It is intended to strengthen protection against disruptions caused by cyber campaigns affecting maritime infrastructure. In practical terms, the order allows the Captain of the Port (a Coast Guard officer) to respond to cyber incidents with the same authority and tools used for physical security threats. This includes restricting access to ships and waterfront facilities, preventing the boarding of vessels, shifting vessels, and inspecting any person, article, or thing (including digital networks or systems) within a security zone. It also establishes a credentialing mechanism (the Coast Guard Port Security Card) and requires reporting of cyber-related sabotage or incidents to the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and the Captain of the Port. The aim is to deter, detect, and remediate cyber threats that could endanger vessels, harbors, ports, and related infrastructure.