The 2025 cyber rule, turned into a readiness program.
The USCG maritime cybersecurity rule (46 CFR Part 101 Subpart F) puts a new documentation burden on operators: a Cybersecurity Plan, a maintained asset inventory, evidence of crew training, and incident reporting on a clock. Binnacle turns that into a guided program instead of a binder you build from scratch.
It is a regulation-forced reason to adopt — the same way a Safety Management System became table stakes — and the platform already tracks everything else the rule sits alongside.
Regulatory basis
Built to the 2025 USCG cybersecurity rule at 46 CFR Part 101 Subpart F, including the Cybersecurity Plan, asset inventory, training, and incident-reporting elements.
What is included
Cyber plan
Build and maintain the required Cybersecurity Plan with its elements.
Incident register
Reportable cyber incidents logged toward the reporting clock.
Training records
Crew cyber-awareness training tracked and evidenced.
Asset inventory
The IT/OT asset list the rule expects you to maintain.
Questions
What does the 2025 cyber rule require?
In short: a Cybersecurity Plan, a maintained IT/OT asset inventory, evidence of crew cyber training, and reporting of certain cyber incidents. Binnacle provides a module for each.
Do I have to write the plan from scratch?
No. The plan is built from guided elements so you maintain it rather than draft a binder, and it lives alongside the rest of your compliance program.
When does it apply?
The rule phases in for U.S.-regulated vessels and facilities; building the program now is the low-stress path. See the explainer for the current timeline.
The rest of the platform