What is a port? A port in a typical geographical location plays an important role in many sectors such as the industrial sector, transport sector etc. It is the main connecting link for trade between countries and enables smooth import and export of goods and commodities. Similarly a port in technology can be the means through which data is transmitted. It could be a physical port or a communications endpoint. A port allows for transmission of data from one network to another or to the internet.
Digitization of port This digitalization has been centered on the interconnectivity of data Information Technology (IT) and Operation Technology (OT) assets and also the introduction of recent technological enablers, like cloud computing, massive information and Internet of Things (IoT).
This digital transformation of the sector has been crystallized within a short period of time and this process, though done with a positive intent, has actually caused significant new vulnerabilities in the sector’s cyber risk profile. This is evident by the proliferation of cyber security incidents in ports in the recent years. Ports are at risk from cyber attacks and thus important to safeguard them from hackers. Hackers continually try to make backdoor entry via ports.
As ports are a critical and strategic resource for each country, it becomes very important to safeguard Ports from Cyber Attacks, and this is only possible by deploying right Cyber Security Solutions with optimization and in a structured manner.
A massive Port in a Southern East Country of Asia, wanted to acquire another port in a Middle Eastern country. Both the company’s legal departments drafted the acquisition arrangement, wherein foremost priority was given to the Cyber security assessment, its preparation and wanted the same to be implemented as per the International Ship and Port Facility Security Code.
It is essential to appoint a knowledgeable MSSA, and the contract was signed with Infopercept. As an MSSA our major challenges were to bridge the gaps associated with cyber security between each of the entities.
The groups were fashioned, assessment plans for cyber security were drawn and deployed with time sure activities. These were framed in thirty day, sixty day and ninety day plans.
Cyber Security is defined as: “The assortment of tools, policies, security ideas, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that will be needed to defend the cyber settings and the organization and the user’s assets.”
Once the definition was framed, it was vital to spot what Cyber security strives to achieve.
It was important to focus on the important areas to be centered and framed.
It is thus obvious that a single common approach to address all the risks would not work. Taking into account the vulnerabilities in the system and other factors, a strategy needed to be prepared and ensured that it should be regularly reviewed.
Nature and reasons for cyber attacks can be aplenty. Ranging from simple data theft to more serious crimes of espionage the reasons can be varied. But each attack has a significant impact on the affected party. Some of the reasons behind a cyber attack are listed below:
Once the motives were known, the teams identified important Threat Actors which play an important role in Cyber Attacks, and they were classified into seven classes:
Any of these threat actors were equally relevant to components for the port systems settled on the far side of its perimeter.
It is important for the entire team to understand the need for cyber security of ports. The cyber attacks have a volatile impact on:
It is therefore most important and foremost that all aspects of the Port, which might get affected by cyber security lapses are mapped. These include
The next step was to look into the Cyber Security Assessment (CSA). Cyber Security Assessment (CSA) was developed on the prevailing security assessments. It began within the port security standards, these assessments enclosed the:
So keeping all of the above in chronological order, a good Cyber Assessment Plan was drafted.
As soon as the CAP was drawn, the final Cyber Security Audit was carried out. A comprehensive review and analysis of the business’s IT infrastructure was done. It helped to identify threats and vulnerabilities, and exposed weaknesses and risky practices.
Regulations like the GDPR (General knowledge Protection Regulation) will impose hefty penalties in the eventuality of a breach that ends up in exploited knowledge. A cyber security audit helps to mitigate the results of a breach and demonstrates that the organization has taken the required steps to shield consumer and company knowledge.
As Cyber Security Specialists, we advised for more effective courses of action to be taken and would result in immense improvement in cyber resilience. Audits even helped in enhancing and securing the knowledge and shielding the business.
The audit was split into 2 distinct phases, a Spot Analysis and a Vulnerability Assessment. The Vulnerability Assessment service assists in preventing network attacks by characterizing vulnerabilities and configuration problems that hackers may use to penetrate the network.
In phase one Cyber Security Audit, remediation action was pointed out, breach response was set up, and awareness given to the staff.. Detailed report together with the summary of Cyber resilience assessment was done.
In phase two Vulnerability Assessment, Vulnerability Scanning and identification were done. Configuration and compliance checks were done. Malware detection was mapped, Web application scanning was done, and last but not the least, Data back-up review and analysis were booked in the audit report.
Identifying and Implementing mitigation measures:
The findings of the cyber security report provided a framework for the identification of mitigation measures that were to be applied to minimize the risk levels , This was categorized into four categories, viz; the Individuals, Physical Security, Methods formulated, and technological aspects of the port/port facility. On selecting mitigation measures, utmost care was taken to strike the balance on a case-by case basis between optimum risk reduction and minimizing the impact on the business of the port/port facility.
Developing Cyber Security Optimization and Strategies:
As per the recommendations from Cyber Security Audit report, main security measures and strategies were designed and implemented and these are briefed as under:
To sum up we can say that with the right methodology and analytics, with professional proficiency, real time monitoring and improvisation on a timely basis, and deployment of strategies it was possible to set-up a secure network.