The International Association of Ports and Harbours launched its Cybersecurity Guidelines, so as to assist port facilities establish the true financial, commercial and operational impact of a cyber-attack.
pecifically, the report goals to help ports and port facilities make an objective assessment on their readiness to prevent, stop and recover from a cyber-attack.
In other words, the document is designed to create awareness among the C-level management of port authorities of the need to address the issue of cybersecurity and to offer a pragmatic and practical approach to dealing with cyber threat actors.
According to IAPH, ports and port facility stakeholders from around the world are reporting measurable increases in cyber-threat activities, particularly since the outbreak of the COVID-19 pandemic. In fact, between February and May of 2020 alone, the maritime industry overall suffered a fourfold increase in cyber-attacks and those attacks against OT systems specifically increased by 900 percent since 2017. The risk of a cyber-attack has become the top risk for port authorities and the wider port community.
- Regardless of the level of digital adoption at a port or port facility may be, the unavoidable handmaiden to digitalization is cyber risk. No port or port facility is immune to it. Given that the majority of cyber-attacks involve people and fragmented system landscapes, every port and por facility is at risk. Moreover, the inequalities of the digital divide and the burdensome role the maritime industry plays at the center of global trade and information exchange underscores the shared nature of cyber risk within the global port and port facility community.
- Effective management of cyber risk is critical to the proper functioning of a diverse maritime community where stakeholders from the port authority, ship operators, port facilities, maritime agencies, customs, and law enforcement are all interconnected. Port and port facility leaders must recognize that cyber threats are not bound by any border, port perimeter, or even logistical supply-chain where every link is critical. Cyber threats can jeopardize an entire port or port facility’s operations and are proliferating at an ever-increasing pace. With the evolution and introduction of new IT and OT technologies, automated systems, and integrated processes that rely on key cloud-service providers, port leaders must recognize the importance of managing cyber risk and understand that it is a responsibility that begins at the top.
- A growing body of evidence underscores the increasing success cyber-attackers have had targeting the maritime industry. For example, between February and May of 2020 the maritime industry in general suffered a fourfold increase in cyber-attacks and those attacks against OT systems specifically increased by 900% over the last three years. Ports and port facility stakeholders from around the world are reporting measurable increases in cyber-threat activities, and the Maritime Transportation System Information Sharing and Analysis Center’s (MTS-ISAC) 2021 Annual Report highlighted some of the most commonly reported attack techniques.