How Can E.U. Ports Tackle New Cyber Threats?

ENISA, the European Union Agency for Cybersecurity, has published Good practices for Cybersecurity in the Maritime Sector - Port Security, a report providing guidance for ports to strengthen their cybersecurity.

The agency says ports must address cybersecurity as a top priority in order to ensure their safety, security, compliance and commercial competitiveness, while unlocking the full capabilities of their digital transformation.

The report lists a set of security measures that port authorities and terminal operators can adopt to develop a security baseline including specifying the need to:

• Define a clear governance around cybersecurity at port level, involving all stakeholders involved in port operations.
• Enforce the technical cybersecurity basics, like network segregation, updates management, password hardening, segregation of rights, etc.
• Consider security by design in applications, especially as ports use many systems, some of which are opened to third parties for data exchange.
• Enforce detection and response capabilities at port level to react as fast as possible to any cyberattack before it impacts port operation, safety or security.

The report is available here.