From August 21-22, the U.S. Department of Homeland Security (DHS) and the Government of Japan conducted a successful tabletop exercise focused on enhancing maritime cybersecurity and incident response capabilities. This reflects the continued commitment by the United States and Japan to continue cybersecurity collaboration including on domestic cyber policies, such as those related to the protection maritime critical infrastructure. The exercise simulated a major cyber incident impacting operations at a Japanese port, testing incident response policies and procedures, and fostered conversations between the United States and Japan on how to enhance mutual preparedness for threats to interconnected critical infrastructure.
The collaboration builds upon DHS Secretary Mayorkas’s priority to enhance close cooperation with partners in the Indo-Pacific region with focused discussions on protocols for incident response, information sharing, and the identification of future bilateral cooperation to mitigate current and emerging cyber threats to critical maritime infrastructure. U.S. and Japanese participants discussed protocols for incident response, information sharing, and future bilateral cooperation to more effectively mitigate cyber threats to critical maritime infrastructure. The exercise also allowed DHS and the Ministry of Land, Infrastructure, Transport and Tourism to engage on relevant maritime cybersecurity policies, including President Biden’s February 2024 Executive Order on Amending Regulations Relating to the Safeguarding of Vessels, Harbors, Ports, and Waterfront Facilities of the United States.
“Exercises like these bolster our nation’s capabilities and establish reliable channels for coordination with key international partners,” said Under Secretary for Policy Robert Silvers. “Cyber attacks pose a shared risk, beyond any single nation’s control, making it imperative for the United States and Japan to collaborate in addressing these challenges to thrive in such interconnected environments.”
“Malicious cyber actors recognize ports worldwide possess the same critical vulnerabilities and are increasingly willing to target them,” said Admiral Linda Fagan, Commandant of the U.S. Coast Guard. “Coordinating together to share risk information, improving operational coordination between incident responders, and building our collective capacity to withstand the targeting of port infrastructure is a necessary step to safeguard the global maritime system.”
“Cyber attacks to ports and harbors could potentially disrupt key international logistics functions which serve as a lifeline of Japan, a country surrounded by the sea, affecting both Japan and the United States,” stated Dr. Masahiro Inada, Director General of the Ports and Harbours Bureau, Ministry of Land, Infrastructure, Transport and Tourism. “I intend to share best practices gained through this exercise and continue to promote the reinforcement of cyber security of ports and harbors, while working together with relevant parties.”
“The opportunity to collaborate within the Department and with the Government of Japan was extremely beneficial to building effective partnerships that strengthen maritime systems cybersecurity and resilience,” said CISA’s Executive Assistant Director for Infrastructure Security Dr. David Mussington. “This joint exercise underscores the importance of international planning to ensure we are equipped to respond to cyber threats and reduce risks to global maritime activities.”
This was the second maritime security tabletop exercise that DHS has held this year, following the success of a joint exercise with Indonesian counterparts in June 2024. DHS and Japanese counterparts plan to build off of this exercise by operationalizing lessons learned and each participant will strengthen its cybersecurity measures.
The two days were organized by the Department’s Office of Policy, the Cybersecurity and Infrastructure Security Agency (CISA), and the U.S. Coast Guard, with inputs and participation from the Embassy of the United States of America in Tokyo, the Office of Intelligence & Analysis (I&A), and the Supply Chain Resilience Center. On the Japanese side, the Ports and Harbours Bureau of the Ministry of Land, Infrastructure, Transport and Tourism hosted the exercise, with participation from National Center of Incident Readiness and Strategy for Cybersecurity (NISC), Prefectural Police, Port Authorities and others, and National Security Secretariat, the Japan Coast Guard, National Police Agency, additional port stakeholders in observational roles.