‘We must take every precaution against potential cyber incidents’, port director tells The Daily Swig

The United States’ largest port, the Port of Los Angeles, has set up a new Cyber Resilience Center to tackle growing threats to both physical and digital supply chains.

The center will create an automated, port-wide “community cyber defense solution” for the 7,500-acre port and its stakeholders. It will act as a hub for threat information sharing and provide support with post-incident recovery.

The center will bring together around 20 stakeholders, including terminal operators, shipping lines, truck, and rail freight companies.

The port authority describes the project as a “system of systems” allowing the stakeholders to share both threat intelligence and potential defense measures, and to tap into external threat information.

The service will be operated by IBM, and participants will have access to IBM X-Force threat intelligence.

Port in a storm

The Port of LA first set up a cybersecurity center in 2015, based around manual processes. The new automated system will be quicker, more accurate and able to share larger volumes of data.

There will also be a collaboration forum to allow port stakeholders to carry out joint test exercises. The port authority expects the initiative to cost around $7 million.


RELATED US Department of Homeland Security heeds calls for tougher transport cybersecurity rules


The creation of the Cyber Resilience Center comes as both cyber and physical supply chains face increasing threats from nation-state and criminal hacking groups.

The port is setting up the center in the face of more coordinated attacks by adversaries, and the authority believes that better collaboration between stakeholders is essential to improving defenses.

“We must take every precaution against potential cyber incidents, particularly those that could threaten or disrupt the flow of cargo,” Port of Los Angeles executive director Gene Seroka told The Daily Swig.

“This new Cyber Resilience Center provides a new level of awareness for our stakeholders by providing enhanced intelligence, better collective knowledge sharing and heightened protection against cyber threats within our supply chain community.”

IBM support

The port has signed a multi-year agreement with IBM, providing threat intelligence, workflow automation, orchestration (SOAR) and security intelligence and operations center support, with IBM providing real-time, on-site threat analysis.

The project is, according to Kevin Albano, an associate partner with IBM Security X-Force, a “first-of-its-kind initiative within the maritime community”.

“The pandemic highlighted the criticality of the supply chain – and in turn ports – suggesting that organizations that are part of this ecosystem will look to focus significantly on enhancing their resilience to disruptions, including cyber disruptions,” he told The Daily Swig.

“The Port of LA is considered one of the largest ports in the US and world, so it’s well positioned to set an example here for transportation and maritime.”


Read more of the latest critical infrastructure security news


Albano said he expects to see similar initiatives across the logistics sector. “If the pandemic showed us anything, it’s that our dependency on supply chains is vital,” he noted. “This is a leverage point that cybercriminals can exploit.”

Experts predict to see similar initiatives, as governments focus on securing supply chains.

“Transport infrastructure as part of Critical National Infrastructure (CNI) is increasingly facing threats globally,” Chris Cooper, cybersecurity professional and member of ISACA’s Emerging Trends Working Group, told The Daily Swig.

“There are two principal causes of this. The first is that both cybercriminals and state sponsored hackers have realised the potential value and disruption that an attack on CNI can create. Secondly, the increased integration of systems and IoT is resulting in a wider attack surface that can be targeted.

“The role of these centres of excellence should be two-fold. Firstly, and most importantly, is the sharing of threat intelligence, and the second is supporting all members in reaching a minimum level of cybersecurity maturity through advice and guidance.”


YOU MIGHT ALSO LIKE ‘Inaction isn’t an option’ – US lawmakers back mandatory standards for transport and logistics cybersecurity