More port cyber security is needed

US Coast Guard vessel The US Coast Guard’s goal is to ensure that facility security plans and vessel security plans identify critical cyber systems. Image courtesy of the US Coast Guard

Ports need to do more to protect themselves from cyber security threats, a US security expert has said.

Rear Admiral Paul Thomas, assistant commandant for prevention policy at the US Coast Guard, stressed: “This is no longer an emerging threat; it is a very real threat and although we have made significant progress, it is very apparent that we have much work to do.”

Mr Thomas was speaking at the American Association of Port Authorities' (AAPA) Port Security Seminar and Expo last month.

The seminar brought members together to take a closer look at securing America’s ports from the inside out, with a special focus on supply chain security and their related cybersecurity and security related technology.

Mr Thomas said ports need to “start thinking about the cyber equivalent of basic physical security measures; a cyber fence, gate, guard, and surveillance system.”

He explained the Coast Guard’s goal is to ensure that FSPs [facility security plans] and VSPs [vessel security plans] identify critical cyber systems and clearly outline who is in charge, how the systems are operated and maintained, what training is needed and what to do when intrusion or malfunction is detected.

He added: “Ultimately, critical cyber systems at port facilities will be required to meet performance standards and operated and maintained as outlined in the FSP.

“As the recent ransom ware attack on APM terminals proved, there is a lot of cyber risk in business systems that might be beyond direct influence by regulators like the Coast Guard, but that can still disrupt business and trade, and produce the associated physical impacts on the port such as long ques for ships, trucks, trains, and chassis.”

He confirmed the Coast Guard is conducting an extensive “hotwash” of the APM incident.

Speakers on cruise terminal security included Aaron Dickson, manager of port security & terminal operations at Halifax Port Authority, who discussed drones.

Andrew Pasternak, vulnerability and risk analyst at the office of cyber and infrastructure analysis, national protection and programs directorate at the US Department of Homeland Security, also spoke about terminal automation and cybersecurity risks.

Latest Jobs

Marine Operations Superintendent

The Marine Operations Superintendent’s role includes two main areas of responsibility: Read more

QSHE Compliance Lead

Applicants are invited to apply for the QSHE Compliance Lead vacancy within the Containers Departmen... Read more

Marine Officer Pilot

Applicants are invited to apply for the above vacancy within the Marine Department, based at Greenoc... Read more

Events Sales Executive

We have a fantastic opportunity for an experienced and talented Sales Executive to join our fast-gro... Read more

View all jobs