Port of LA Sets Up New Cybersecurity Coordination Center

APMT Pier 400, Port of Los Angeles (file image)

Published Jul 25, 2019 3:41 PM by The Maritime Executive

Los Angeles' harbor department has issued an RFP for a new privately-operated "cyber resilience center" for the Port of Los Angeles. The build / operate / maintain contract calls for a center that would coordinate cyber-defense activity between port stakeholders, reducing the risk of cargo disruption from a cyberattack.

In addition to defensive measures, the center would provide information resources that terminals and other port partners could use to help restore operations following an attack. In part, this will take the form of a secure cyber threat data portal, accessible through stakeholders' dashboards and mobile devices, along with real-time threat notifications. 

“Collaborative cyber-threat information sharing is critical to the safety and security of our Port,” said Chief Thomas Gazsi, the head of the port's police department. “This Cyber Resilience Center will allow us to more quickly identify and mitigate cyber incidents that pose a threat to the maritime supply chain.”

The Port of LA already has an award-winning, first-of-its kind Cyber Security Operations Center (CSOC) focused on the port authority's own internal operations, but it sees the new Cyber Resilience Center (CRC) as a separate coordinating body for all entities at the port - including the existing cyber center. 

"The CRC will be a 'system of systems' that the CSOC and stakeholder cyber security systems connect to, but will not replace it, nor will it be intrusive, disruptive or burdensome to stakeholder systems," the port said in its RFP. "Stakeholders will have the control to decide if, and how, to use information from the CRC."

Port cybersecurity is a serious consideration, especially for high-productivity, high-automation container terminals. In 2018, a cyberattack affected Chinese ocean carrier Cosco's email and phone systems at several sites in the United States, including its Pier J terminal at the Port of Long Beach. In 2017, the "Not-Petya" cyberattack took down APM Terminals' operations at multiple ports around the world, cutting liftings for Maersk Line by about 20 percent for two weeks and costing an estimated $200-300 million in mitigation and lost business.