IAPH launches Cybersecurity Guidelines for Ports and Port Facilities as part of industry call to action to digitalize the maritime transport chain
The International Association of Ports and Harbors (IAPH) is pleased to announce the launch of its Cybersecurity Guidelines for Ports and Port Facilities.
The 84 page document is the culmination of four months of intense work between 22 experts from IAPH member ports from around the world as well as Associate Member cybersecurity specialists and contributors from the World Bank. It will serve as a crucial, neutral document for senior executive decision makers at ports who are responsible for safeguarding against cybersecurity risks as well as ensuring the continued business resilience of their organization.
The document aims to assist ports and port facilities to establish the true financial, commercial & operational impact of a cyber-attack.
It also is intended to help ports and port facilities make an objective assessment on their readiness to prevent, stop and recover from a cyber-attack.
The Guidelines also address the very difficult question of what port organizations need in terms of resources to effectively manage cybersecurity risks.
Patrick Verhoeven, IAPH Managing Director commented: “We have produced this set of port and port facilities cybersecurity guidelines targeting the strategic rather than technical level. They are designed to create awareness among the C-level management of port authorities. But on the other hand, we also wanted to bring this to the attention of the IMO, so the guidelines have been submitted to both the IMO Facilitation and Maritime Safety Committees for consideration. The latter meets in October where we will present them.”
A pragmatic versus theoretical approach
The Guidelines form part of the joint industry call Accelerating Digitalisation of Maritime Trade and Logistics: A Call to Action led by IAPH in June last year, which includes reviewing existing IMO guidance on Maritime Cyber Risk Management on its ability to address cyber risks in ports, developing additional guidance where needed. Pascal Ollivier, Chair of IAPH Data Collaboration Committee and President of Maritime Street and who was the driving force behind the new Guidelines takes up the story : “These guidelines were a logical follow on from the Port Community Cyber Security White Paper developed by IAPH in 2020 as a guide to those ports gearing up to digitalize processes and data exchanges to deal with the new normal caused by the COVID19 pandemic. The digitalization of port communities means ports will need to pay increased attention to cyber security risks. When we put the team together, it quickly became apparent that the authors all felt we needed to offer a pragmatic and practical approach to dealing with cyber threat actors, which culminated in this phenomenal collaboration which is an industry first for ports.”
This first version will now be disseminated in the industry, including through the IAPH members-only magazine Ports & Harbors which contains a special focus on cybersecurity in the current edition. IAPH fully anticipates the Guidelines to become an active, living document with regular updates and editions from the 22-strong editorial team.
An online discussion about the guidelines “Port Cybersecurity: moving from reactive towards proactive cyber resilience” is scheduled for 16 September at 12hrs30 British Standard Time at London International Shipping Week, which will include contributions from three of the main port authorities involved in the making of the document.