This won’t be the first such effort port authorities have spearheaded. POLA’s Cyber Security Operations Center, which went live in 2014, is managing more than 20 million cyberintrusion attempts per month, and is believed to be the first of its kind for a U.S. port, Executive Director Gene Seroka told Congress in October 2017. In his written testimony then, Seroka zoomed in on the very needs officials had recently convened to discuss. Among the takeaways:
• On April 24, POLA convened what it termed a “marine stakeholder working group” that included representatives of shipping lines, marine terminal operators, railroad companies and trucking officials, to discuss standing up a Cyber Resilience Center. More than a dozen organizations participated. In his congressional testimony, Seroka indicated that while the Port manages its own systems, “we know that there is cross-sector risk that comes from all of the players in the Port environment.” The Resilience Center, he said in a statement April 25, and POLA Director of Media Relations Phillip Sanfield confirmed to Techwire, would address this “cross-sector” risk.
“They are two separate entities. The one that currently exists is focused on the Port of Los Angeles’ internal operations. This proposed one is for all stakeholders throughout the complex who are participating. That is the critical difference. And, as I understand it, they will run independently,” Sanfield told Techwire, noting that details are, for now, being kept “very basic” for security reasons.
• The proposed center, the Port said, would be “a collaborative effort to share cyber threat information” among the many companies in the POLA complex, to help them prepare for cyberthreats that might impact the cargo supply chain.
“Over the past few years, we have seen how cyber incidents have impacted some ports across the world, threatening the operations of the entire maritime supply chain. That’s why we’re taking a collaborative approach to strengthen our cybersecurity posture,” Tom Gazsi, POLA deputy executive director and chief of public safety and emergency management, said in a statement.
Sanfield said the Resilience Center is “by no means ... an attempt to aggregate individual systems,” but rather “an attempt to make the individual systems that everyone has more secure.”
• In his statement last week, Seroka indicated the Port is “taking the lead” on the Resilience Center. But it remains unclear how and when plans would be approved, and what form a procurement would take. POLA is unable to comment on procurement, Sanfield said via email.
• Port staff and meeting participants are now “drafting next steps,” Sanfield said via email, and the group will likely meet again during the summer or early fall. The port’s media relations director described the April 24 meeting as “a start,” and called the conceptual Resilience Center “a work in progress.”
