Laserfiche WebLink
PSGP Program Appendix | 2023 Page G-8 <br />Awareness (MDA) is the effective understanding of anything associated with the global maritime domain <br />that could impact the security, safety, economy, or environment of the United States. MDA is a key <br />component of an active, layered maritime defense in depth. It will be achieved by improving our ability to <br />collect, fuse, analyze, display, and disseminate actionable information and intelligence to operational <br />commanders.” Id. at ii. Applicants are encouraged to familiarize themselves with this National Strategy. <br />Improvised Explosive Device (IED) and CBRNE Prevention, Protection, Response, Recovery <br />Capabilities <br />Port areas should continue to enhance their capabilities to prevent, detect, respond to, and recover from <br />terrorist attacks employing IEDs, CBRNE devices, and other non-conventional weapons. Please refer to <br />DHS Small Vessel Security Strategy (Apr. 2008). <br />Physical Security <br />Physical security is security measures that are designed to deny unauthorized access to facilities, equipment, <br />and resources and to protect personnel and property from damage or harm (such as espionage, theft, or <br />terrorist attacks). Physical security involves the use of multiple layers of interdependent systems and <br />techniques. Physical security has been a focus of PSGP since the program’s inception in 2002. Primarily, <br />physical security is intended to harden MTSA-regulated facilities against attacks. Law enforcement may <br />contribute to physical security through patrols; however, patrol vessels generally enhance multiple core <br />capabilities with a focus on CBRNE detection, deterrence, and response. Funding through PSGP for <br />physical security projects should be only directed toward those projects that address identified MTSA <br />required activities and identified in the entity FSP and/or the port area AMSP. Some examples of funded <br />projects include TWIC-related equipment, fencing, lighting, gates, and CCTV. Physical security projects <br />typically require EHP review prior to obligating PSGP funds. <br />Cybersecurity Projects <br />PSGP funds may be used for projects that enhance the cybersecurity of: <br />•Access controls; <br />•Sensors; <br />•Security cameras; <br />•Badge/ID readers; <br />•Industrial Control System (ICS)/Supervisory Control and Data Acquisition (SCADA) systems; <br />•Process monitors and controls (such as firewalls, network segmentation, predictive security cloud, <br />etc.); and <br />•Passenger/vehicle/cargo security screening equipment (cybersecurity assessments are allowable). <br />When requesting funds for cybersecurity, applicants are encouraged to propose projects that would aid in <br />implementation of all or part of the Framework for Improving Critical Infrastructure Cybersecurity (the <br />“Framework”) developed by the National Institute of Standards and Technology (NIST ), or other similar <br />sources. The Framework gathers existing international standards and practices to help organizations <br />understand, communicate, and manage their cyber risks. For organizations that do not know where to start <br />with developing a cybersecurity program, the Framework provides initial guidance. For organizations with <br />more advanced practices, the Framework offers a way to improve their programs, such as better <br />communication with their leadership and suppliers about management of cyber risks. <br />The Cybersecurity and Infrastructure Security Agency’s (CISA) Critical Infrastructure Cyber Community <br />C³ Voluntary Program also provides resources to critical infrastructure owners and operators to assist in <br />adoption of the Framework and managing cyber risks. Additional information on the Critical Infrastructure <br />Cyber Community C³ Voluntary Program can be found at http://www.cisa.gov/ccubedvp. DHS’s Enhanced <br />Cybersecurity Services (ECS) program is an example of a resource that assists in protecting U.S.-based