More port cyber security is needed

US Coast Guard vessel The US Coast Guard’s goal is to ensure that facility security plans and vessel security plans identify critical cyber systems. Image courtesy of the US Coast Guard

Ports need to do more to protect themselves from cyber security threats, a US security expert has said.

Rear Admiral Paul Thomas, assistant commandant for prevention policy at the US Coast Guard, stressed: “This is no longer an emerging threat; it is a very real threat and although we have made significant progress, it is very apparent that we have much work to do.”

Mr Thomas was speaking at the American Association of Port Authorities' (AAPA) Port Security Seminar and Expo last month.

The seminar brought members together to take a closer look at securing America’s ports from the inside out, with a special focus on supply chain security and their related cybersecurity and security related technology.

Mr Thomas said ports need to “start thinking about the cyber equivalent of basic physical security measures; a cyber fence, gate, guard, and surveillance system.”

He explained the Coast Guard’s goal is to ensure that FSPs [facility security plans] and VSPs [vessel security plans] identify critical cyber systems and clearly outline who is in charge, how the systems are operated and maintained, what training is needed and what to do when intrusion or malfunction is detected.

He added: “Ultimately, critical cyber systems at port facilities will be required to meet performance standards and operated and maintained as outlined in the FSP.

“As the recent ransom ware attack on APM terminals proved, there is a lot of cyber risk in business systems that might be beyond direct influence by regulators like the Coast Guard, but that can still disrupt business and trade, and produce the associated physical impacts on the port such as long ques for ships, trucks, trains, and chassis.”

He confirmed the Coast Guard is conducting an extensive “hotwash” of the APM incident.

Speakers on cruise terminal security included Aaron Dickson, manager of port security & terminal operations at Halifax Port Authority, who discussed drones.

Andrew Pasternak, vulnerability and risk analyst at the office of cyber and infrastructure analysis, national protection and programs directorate at the US Department of Homeland Security, also spoke about terminal automation and cybersecurity risks.

Latest Jobs

Project Manager

A.P. Moller - Maersk is an integrated Transport and Logistics company with multiple brands and is a ... Read more

Digital Marketing Executive

We are looking for an experienced and talented Digital Marketing Executive to join our award winning... Read more

1 year placement - Civil Engineering (Ports and Maritime)

Graduates, interns and placements are key to the overall success of CH2M. We invest in initial caree... Read more

Marine Operations Manager

Here at British Steel we’re looking for passionate, hard-working, ambitious and dedicated people who... Read more

Media Sales Executive

We are looking for an experienced Sales Executive to join our award winning B2B media company. Merc... Read more

View all jobs