The European Union’s Agency for Cybersecurity published on Tuesday guidelines for ports to strengthen their cybersecurity.
In light of increasing digital transformation of port ecosystems, the ENISA Port Cybersecurity - Good practices for cybersecurity in the maritime sector report highlights good practices to address new cybersecurity threats. Specifically, the emergence of the ‘SmartPorts’ concept brings new challenges for the deployment of emerging technologies (IoT, blockchain, big data, cloud, automation, AI, etc.), which often leads to greater exposure of port systems. While ports have traditionally been concerned with physical security and safety, they must now integrate cybersecurity in their global strategy.
ENISA’s Executive Director, Juhan Lepassaar, stated: “Given the economic importance of ports in EU trade, the protection of essential port operations against cyberattacks becomes paramount. It is important to equip EU ports with all necessary tools and knowledge to address cybersecurity concerns as they undergo their digital transformation. The report aims to provide port authorities and terminal operators, especially those in most need of relevant guidance, with a comprehensive set of good practices.”
The report lists an extensive set of security measures that port authorities and terminal operators can adopt to develop a security baseline. The main measures identified are described below and intend to serve as good practices for people responsible for cybersecurity implementation in Port Authorities and Terminal Operators:
- Define a clear governance around cybersecurity at port level, involving all stakeholders involved in port operations.
- Enforce the technical cybersecurity basics, like network segregation, updates management, password hardening, segregation of rights, etc.
- Consider security by design in applications, especially as ports use many systems, some of which are opened to third parties for data exchange.
- Enforce detection and response capabilities at port level to react as fast as possible to any cyberattack before it impacts port operation, safety, or security.
According to ENISA, the report intends to:
- Identify the main port infrastructure and services (maritime cargo, passenger and vehicle transport, fishing activities), as well as establish an overview of stakeholders involved in port ecosystems and define a comprehensive asset taxonomy;
- Establish a high-level reference model describing port systems and the data flows between them and other external systems;
- List the main cybersecurity challenges that port stakeholders are facing today and are likely to face in the future and define a complete threat taxonomy that lists the different threats and their possible impacts;
- Describe cyberattack scenarios that the port ecosystem could face, influenced from cyberattacks that have already occurred in the maritime sector; and
- Provide a list of cybersecurity measures that highlight best practices and help improve the cybersecurity maturity of port ecosystems.