Download presentation
Presentation is loading. Please wait.
1
Cyber Security in Ports Business as Usual?
November 2017
2
Essential Contribute to 3% GDP Large direct and indirect employer
Indispensable part of logistic chain Country-level essential infrastructure Large number of small companies Large interdependency and connectedness
3
Dependency and connectedness
Paper-less and logistic integration as a competitive advantage Increasing reliance on IT tools and networks Portbase, Antwerp Port Community System Navigate, e-Desk More and more operational/industrial control systems Logical and physical exposure of the network Increasing attack surface
4
(Not)Petya June 2017 Disruptive intent
Encrypt files, no way to decrypt Initial infection via accounting software M.E.Doc Spreading through internal networks Massive collateral damage (APM, TNT, DLA…)
5
Targeted, But Not To Ports
6
Impact Maersk/APM 17 container terminals disrupted for days
Loading and unloading impossible because of uncertainty of the content of the shipments Perishable goods lost? Camera surveillance disrupted Truck chaos as well, delays down the logistic chain Cyber incident turning into a physical incident More than 300mio€ financial impact
7
The Adversaries Highly likely Targeted cybercrime
Facilitating trafficking Strategic espionage Moderately likely Sabotage by insiders, hacktivists, terrorists High impact State sponsored disruption
8
Regulatory Framework ISPS – International Ship and Port Security Code (response to 9/11) Security of ships and port facilities is a risk management activity Register of critical companies & facilities Security Committee and Port Security Officer (issues security certificates) Comprehensive security plan based on risk assessment Monitoring and verification Incident response plan and test exercises NIS Directive - Network Information Security Directive (9 May 2018) Mainports Antwerp & Rotterdam: Operators of Essential Services (OESs) Implement adequate security measures and prevent and minimize impact of incidents Report cyber incidents to national Cyber Security Authorities (NCSC and CCB) Set up ISACs – Information Sharing and Assessment Communities (already in place) Q: No formal role for Port Authorities foreseen, how to organize within respective ports? GDPR - General Data Protection Regulation (May 2018) Security requirements for processing activities involving personal data Data breach notification requirements
9
Current Security Organisation
IT security culture and cyber hygiene lags behind Awareness, inventory of assets, base line security controls, segmentation IT and OT environments, back-ups Few organizations have dedicated IT security staff None have Mature security incident detection (no detection sensors in place) CERTs – Cyber Emergency Response Teams No specific threat intelligence (but if available, not able to benefit from it) Information Sharing Communities exist but could be boosted
11
Gap Sophistication Adversary Mature Immature Time
12
Proposals Leverage infrastructure of ISPS to implement NIS Directive
Port Security Officer to absorb Cyber Security Framework for cyber governance (responsibilities for setting requirements, oversight, reporting, monitoring) Develop common cyber hygiene baseline Certification mechanism (‘cyber secure’ label) Develop cyber security maturity indicators and reporting dashboard Set-up a CERT for each mainport, using pooled resources Intensify ISACs within and between the mainports On-site training (including C-suite) Annual exercise (within and later across ports)
13
Gap Sophistication Time
14
Take Aways Threat landscape becomes ever more challenging
High level of dependency and connectedness Currently low maturity and cyber resilience Not ready for legislation Proposals Increase maturity and resilience Improve community interaction Integrate cyber in existing security framework
15
Why again?
16
Thank You
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.