Accessibility

Panel: Cyber Security Implications for Port Infrastructure and Maritime Systems

EU CyberNet hosted a panel discussion at NATO CCD COE conference CyCon2024 “Over the Horizon” focusing on critical sector service provider’s resilience building.

“The idea for the session stems from today’s increasingly interconnected world, where the maritime sector is vital pillar, handling over 90% of global trade, meaning that any disruptions can severely impact global supply chains,” explained moderator and EU CyberNet Community Lead Silja-Madli Ossip. “Enhancing maritime cybersecurity is essential for safeguarding global trade, economic stability, and international security, requiring coordinated efforts from governments, international organizations, and the private sector to address increasing cyber threats. In this session, we wanted to understand the challenges of implementing robust and comprehensive cybersecurity measures in ports globally,” she added.

The panelists shared their perspectives on these challenges and possible mitigation measures from the points of view of development aid providers, academia, and military planning:

Christophe Van Maele from UNITAR on ports’ cyber capacity:

The maritime sector’s cybersecurity varies widely – it’s like a marathon with runners in the front and runners in the back – with many regions lacking robust guidelines and security standards and until recently, ports’ focus has been on a physical security.

Complex systems with potentially outdated hardware and a mix of new and legacy software in ports are root cause for poor cybersecurity and ports face increasing cyberattacks like ransomware. These vulnerabilities highlight the urgent need for improved cybersecurity measures in the maritime industry.

Lisbeth Laurie from CICTE shared insight from Latin America and the Caribbean region:

Cybersecurity challenges in ports increase because foreign trade increases and the port infrastructure is not able to follow. Additionally, in LAC and other regions, funding for ports is a challenge, causing a domino effect where insufficient money leads to inadequate training and other vulnerabilities, and the OAS is helping to develop national maritime cybersecurity strategies.

Gabriel Raicu from the Maritime University of Constanta offered the European perspective on ports’ cybersecurity and discussed challenges in Africa:

The ports are the most diverse areas, functioning as systems of systems, and pose significant challenges from a cybersecurity standpoint. While Europe may be better prepared to deal with cybersecurity, even here, security by design is not ideal.

Michael Widmann from NATO Maritime Command offered military point-of-view on port security:

Cybersecurity is a universal risk, presenting common challenges for both the civilian and military sectors. Ports play a vital role in military success from the sustainment aspect. If an adversary wanted to significantly impact Allied capabilities, attacking ports would be effective, as the longer vessels are unable to move, the greater the damage.

Marie Haugli-Sandvik from Norwegian University of Sciene and Technology explained ports’ staff perspective to cybersecurity:

The human factor is crucial—staff who facilitate maritime operations must be able to react adequately to incidents. People need to understand cyber risks, which are often related to operational technology rather than just IT. Employees in ports are also concerned about the increased use of digital technologies to monitor productivity, which can affect their use of technology and equipment. While we understand the need for fire drills on ships, the need for cyber training and awareness in ports is not yet fully recognized, although we are improving.

The session was moderated by the EU CyberNet Community Lead Silja-Madli Ossip and the panelists were Dr Marie Haugli-Sandvik (Associate Professor at the Norwegian University of Science and Technology), Lisbeth Laurie (Program Manager of the Maritime and Port Security Program of the Inter-American Committee against Terrorism), Prof. Dr Gabriel Raicu (Rector of Maritime University of Constanta and the Director of Maritime Cybersecurity Center of Excellence), Christophe Van Maele (Maritime Governance Unit within the Peacekeeping Division of UNITAR) and Cmdr. Michael Widmann (Cyber Operations Branch Chief at NATO’s Maritime Command).

This panel discussion was part of CyCon 2024 programme.

Photos: https://flic.kr/s/aHBqjBsPUo



Keep reading similar articles
Building Cybersecurity Resilience: TTX Coaching and Training in Brazil

On a mission to bolster cybersecurity preparedness, EU CyberNet and LAC4, with experts Julia Schuetze and Andrés Velázquez, executed a full-day tabletop exercise (TTX) training for CTIR Gov in Brazil to equip Brazil’s national cybersecurity response teams with the tools to design and facilitate their own sector-specific exercises. Julia Schuetze and Andrés Velázquez reflect on their experience.

EU CyberNet Identfiying Cybersecurity Challenges and Opportunities in East Africa

EU CyberNet presented the key findings and recommendations of an assessment report on cybersecurity during a co-design workshop for Team Europe initiative Safe Digital Boost for Africa (SDBA) with East African Community.

Road to International Cyber Capacity Building: Marking 5 Years of EU CyberNet

As September 2024 marks five years of the EU CyberNet project, it is time to reflect on the journey defined by collaboration and commitment to strengthen global cybersecurity. Over the past five years, EU CyberNet has grown from an initiative into a key pillar of European cyber capacity building community connecting cybersecurity experts, institutions and governments globally.

EU CyberNet Highlights the Importance of Integrating Artificial Intelligence into National Cybersecurity Strategies

EU CyberNet Director Liina Areng and LAC4 Policy Expert César Moliné Rodríguez participated this week at the GFCE LAC Regional Meeting and GFCE Annual Meeting 2024. The GFCE LAC Regional Meeting was focusing this year on the identification of cyber capacity building needs in relation to the adoption of new technologies and AI.

Participants’ Reflection on Their Experience at the EU CyberNet Summer School 2024

The EU CyberNet Summer School 2024, held in Lisbon from 21st to 23rd August 2024, brought together a diverse group of cybersecurity professionals, each with unique motivations and insights. As they reflect on their experiences, they take stock on their drive to enhance their knowledge, the importance of being part of the EU CyberNet Expert Pool and their views on the most pressing issues in cybersecurity today.

EU CyberNet Summer School 2024 in Review: Advancing Cybersecurity

The EU CyberNet Summer School 2024, held in Lisbon, focused on enhancing the cybersecurity capabilities of experts. Over three days, participants engaged in intensive discussions, hands-on exercises, and collaborative activities aimed at strengthening the resilience of critical infrastructures, with a particular emphasis on the maritime sector.