CISA's Three-Day Clock Hits the Fleet
CISA BOD 26-04 requires three-day patching for critical vulnerabilities. At sea, that timeline is fiction without local vulnerability management.
Marcus Hale·June 19, 2026
7 posts tagged with this topic.
CISA BOD 26-04 requires three-day patching for critical vulnerabilities. At sea, that timeline is fiction without local vulnerability management.
Marcus Hale·June 19, 2026
Anthropic expanded Project Glasswing to 150 organizations. Over 10,000 zero-days confirmed. The math on vessel cybersecurity just shifted.
Marcus Hale·June 3, 2026
Most incident response plans assume reliable connectivity and an IT team down the hall. Vessel operators have neither. A maritime IR playbook.
Marcus Hale·May 31, 2026
The USCG cybersecurity rule hits its July milestone in six weeks. The IT/OT segmentation mandate validates sovereign vessel AI architecture.
Ethan Marsh·May 25, 2026
A worm compromised 633 npm packages in an hour. On-vessel software needs air-gapped dependency pipelines, not live registry pulls.
Ethan Marsh·May 20, 2026
ABB and Cydome are merging cyber risk and voyage optimization into one platform. The real question is where that platform runs.
Marcus Hale·May 15, 2026
Most vessel networks were designed for convenience, not security. A practical zero-trust architecture for superyacht IT and OT segmentation.
Marcus Hale·May 10, 2026