More port cyber security is needed
The US Coast Guard’s goal is to ensure that facility security plans and vessel security plans identify critical cyber systems. Image courtesy of the US Coast Guard
Ports need to do more to protect themselves from cyber security threats, a US security expert has said.
Rear Admiral Paul Thomas, assistant commandant for prevention policy at the US Coast Guard, stressed: “This is no longer an emerging threat; it is a very real threat and although we have made significant progress, it is very apparent that we have much work to do.”
Mr Thomas was speaking at the American Association of Port Authorities' (AAPA) Port Security Seminar and Expo last month.
The seminar brought members together to take a closer look at securing America’s ports from the inside out, with a special focus on supply chain security and their related cybersecurity and security related technology.
Mr Thomas said ports need to “start thinking about the cyber equivalent of basic physical security measures; a cyber fence, gate, guard, and surveillance system.”
He explained the Coast Guard’s goal is to ensure that FSPs [facility security plans] and VSPs [vessel security plans] identify critical cyber systems and clearly outline who is in charge, how the systems are operated and maintained, what training is needed and what to do when intrusion or malfunction is detected.
He added: “Ultimately, critical cyber systems at port facilities will be required to meet performance standards and operated and maintained as outlined in the FSP.
“As the recent ransom ware attack on APM terminals proved, there is a lot of cyber risk in business systems that might be beyond direct influence by regulators like the Coast Guard, but that can still disrupt business and trade, and produce the associated physical impacts on the port such as long ques for ships, trucks, trains, and chassis.”
He confirmed the Coast Guard is conducting an extensive “hotwash” of the APM incident.
Speakers on cruise terminal security included Aaron Dickson, manager of port security & terminal operations at Halifax Port Authority, who discussed drones.
Andrew Pasternak, vulnerability and risk analyst at the office of cyber and infrastructure analysis, national protection and programs directorate at the US Department of Homeland Security, also spoke about terminal automation and cybersecurity risks.
Links to related companies and recent articles ...
- More port cyber security is needed
- Coordination key to port security
- AAPA concern over proposed port funding cuts
- US omnibus funding will benefit ports
- AAPA, MARAD complete investment toolkit
- Trump budget to affect US port funding
- AAPA 'encouraged' by US infrastructure plan
- Trump administration threatens port funding
- Six US ports snare TIGER funding
- Call to action over ageing US ports
- New Appropriation Act supports US ports
- US ports lose out on Obama budget
- US port funding in peril
- Great social etiquette
- Are US ports ready for the future?