The International Association of Ports and Harbors (IAPH) has launched its new Cybersecurity Guidelines for Ports and Port Facilities, which aims to help ports and port facilities make an objective assessment on their readiness to prevent, stop and recover from a cyber-attack.
The document is the culmination of four months of work involving 22 representatives from IAPH member ports around the world, as well as Associate Member cyber security specialists and contributors from the World Bank.
The Guidelines address the question of what port organisations need in terms of resources to effectively manage cybersecurity risks and aim to assist users in establishing the true financial, commercial and operational impact of a cyber-attack.
“We have produced this set of port and port facilities cybersecurity guidelines targeting the strategic rather than technical level. They are designed to create awareness among the C-level management of port authorities,” said Patrick Verhoeven, IAPH Managing Director.
“But on the other hand, we also wanted to bring this to the attention of the IMO, so the guidelines have been submitted to both the IMO Facilitation and Maritime Safety Committees for consideration. The latter meets in October where we will present them.”
The new Guidelines build on the Accelerating Digitalisation of Maritime Trade and Logistics: A Call to Action joint industry initiative introduced by IAPH and a range of maritime stakeholders in June last year, and includes a review of existing IMO guidance on Maritime Cyber Risk Management and its ability to address cyber risks in ports, developing additional guidance where needed.
“These guidelines were a logical follow on from the Port Community Cyber Security White Paper developed by IAPH in 2020 as a guide to those ports gearing up to digitalise processes and data exchanges to deal with the new normal caused by the COVID-19 pandemic,” said Pascal Ollivier, Chair of the IAPH Data Collaboration Committee and President of Maritime Street, and one of the leading contributors to the new publication.
“The digitalisation of port communities means ports will need to pay increased attention to cyber security risks. When we put the team together, it quickly became apparent that the authors all felt we needed to offer a pragmatic and practical approach to dealing with cyber threat actors, which culminated in this phenomenal collaboration, which is an industry first for ports.”