top of page

MTS-ISAC Closes Its Inaugural Year by Increasing Cyber Intel Production & Expanding Customer Base

WILMINGTON, DELAWARE, US, February 16, 2021 / -- A group of critical infrastructure stakeholders founded the Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC) in February 2020 to enhance cyber information sharing. Since its inception, the MTS-ISAC quickly became the trusted entity for MTS stakeholders to exchange anonymized cyber threat information. In fact, in its first year the ISAC analyzed over 1,000 cybersecurity intelligence shares and provided the community with nearly 200,000 threat indicators, covering everything from ransomware to reconnaissance campaigns that targeted multiple stakeholders. Furthermore, the MTS-ISAC’s customer base more than doubled and is expected to grow exponentially with the rollout of multiple regional and vertical-focused information exchange communities. To highlight the incredible impact community stakeholders have made on maritime information sharing to date, including key milestones, intelligence trends, and results achieved, the MTS-ISAC released an Annual Report.

Maritime cyber threat information exchange, supported by a community-of-communities approach, was conceived of nearly a decade ago and has finally flourished with the creation of the MTS-ISAC. Private sector stakeholders required a trusted, non-governmental organization to serve as the public-private sector intermediary to anonymize and share information across the communities and came together to create this organization. The community-of-communities approach enables stakeholders to work effectively locally, while being tied to the global maritime community. Adversary campaigns, especially those focused on breaching trusted third parties and then pivoting attacks within the trusted ecosystem, reinforces the requirement of regional or interest-specific communities under the MTS-ISAC umbrella. MTS-ISAC plans for the first quarter of 2021 include operationalizing at least six information exchange communities around port areas, vessel operations, and industry groups.

“At local, regional, national, and international levels, we’re connecting maritime stakeholders with actionable, relevant, and timely threat information.” John Felker, an advisor to the MTS-ISAC, continues, “Standing up a community in a silo isn’t a good option for the community, or for the maritime industry. The MTS-ISAC has transformed the model of traditional, siloed information sharing approaches by working with our localized communities that have built trusted relationships over decades and instantly connecting them with trusted MTS critical infrastructure stakeholders across North America, Europe, and the Pacific. The MTS-ISAC’s model of information exchange clearly resonates and this is no surprise, as it was formed and operates under the direction of the stakeholders themselves.”

An incredible amount of community sharing with the MTS-ISAC over the first year has enabled the team to produce seventy TLP:AMBER and TLP:GREEN threat advisories sourced from a wide variety of customer and MTS stakeholders. Besides offering a paid AMBER service, the MTS-ISAC maintains a vetted GREEN distribution list which includes Coast Guard Sectors, State Fusion Centers, and a wide range of private sector MTS stakeholders. To handle the demand for information exchange and increased production, the MTS-ISAC added analytic and cyber threat intelligence production support.

“This year, we have learned so much about how the adversary targets the maritime industry. In addition to receiving daily contributions of malicious and suspicious activity from both customers and the community, the MTS-ISAC has received a number of requests for additional information and/or requests of whether other stakeholders are seeing the same activity (e.g. sightings) against our intelligence shares,” stated Christy Coffey, VP of Operations. “Multiple advisories were written from community shares, demonstrating the level of trust and confidence that the maritime industry has in sharing with their peers, the MTS-ISAC brand and the value we bring to the MTS.”

To continue helping build the maritime cybersecurity community, the MTS-ISAC has committed to several no cost training opportunities for MTS stakeholders in 2021. Registration for the nonprofit’s next webinar on BIMCO’s Guidelines on Cyber Security Onboard Ships is available on the MTS-ISAC website’s events page.

Recent Posts

See All


bottom of page