Cybersecurity for Harbors and Ports
Cybersecurity for harbors and ports is critical as the world relies on a safe, secure and efficient international shipping industry. According to IMO (International Maritime Organization, the United Nations specialized agency with responsibility for the safety and security of shipping and the prevention of marine and atmospheric pollution by ships), international shipping transports represent more than around 80% of global trade by volume.
New cybersecurity challenges for harbors and ports
In terms of security, the old security approach consisting in Physical security on one side and Cybersecurity on the other side, is no more adequate to protect high value assets and people, and to fight against illegal activities and emigration. Today’s harbours have face various security threats to ensure the protection of the naval operations, logistics and vessels, to efficiently run blue border surveillance and security activities, and to ensure the safety of the operations on site.
For all these reasons, the convergence into digital has been in the making for quite some time also in the maritime and harbor sector. International shipping companies and logistics organizations constantly look to reduce costs through IT efficiency to meet business performance, customer satisfaction, safety and sustainability. However, the key factor that has impacted the progression of the IT convergence is connectivity and, as more harbor assets are networked to benefit from greater efficiencies and lower costs, threats and breaches in the Physical security systems and control networks are more and more on the rise in harbours and naval structures.
Nelysis’s solution for cybersecurity for harbors and ports
Nelysis has developed a unique system, Vanguard, to precisely meet both Cyber- and Physical security needs in maritime transport and harbours. Nelysis’s NCM solution visualises the harbour or vessel networks and their various elements to identify a wide range of suspicious activities and cyber-threats; Vanguard then notifies the PSIM/command of any change or network intrusions in order to automatically mitigate their effects, and ensure business continuity and protection of crucial operations and critical facilities.
Why is Vanguard unique and particularly suitable for port and harbor security?
This patent-based system specifically developed for early detection, warning and prevention of cyber threats on Physical Security elements and Control Systems networks is particularly suitable for the security of harbors and logistics for the following reasons:
- Accurate alerts for real-time resolution: thanks to its intelligent monitoring algorithms capable to compare normal and suspicious activities, Vanguard is able to warn and prevent against any sabotage or manipulation of any of the networked security devices. It compares the initial baseline profile by the network at a both logical and physical level, and provides real-time alerts for immediate resolution of the disturbing factor.
- Easy-to-use Network Cyber Management solution to ensure the harbour’s operational continuity: Vanguard provides seamless IT and Physical security management reducing human factor mistakes. The security staff receives information and scoring rate about the different edge devices or sub-systems based on values such as the manufacturer name, the running operating system and firmware version, the used protocols and bandwidth, the number of flows, the IP address, the MAC address, the physical port on the network switch, etc
- Complete and real-time centralised management: particularly suitable to protect logistics and harbours’ security devices that are often exposed on the field, widespread all over the structure or even in multi-location sites, Vanguard provides a central dashboard for all the network events with continuous recording of information and real-time alerts, up-to-date information on the traffic of the various network components, cs Logical and schematic presentation of the network along with statistics, etc.
- SYSLOG/SNMP open platform: Vanguard supports Syslog protocol and can receive different types of logs and event information from all the network elements.
- Mapping and classification suitable for large premises with extensive perimeter: Vanguard is able to map and classify all the networked assets, with both logical and physical topologies, of large port or harbor areas and multi-site logistics.
- Fast forensic analysis: since Vanguard keeps all traffic information stored for 60 days or more, the analysts can traceback single flows for any connected IP device for professional and fast forensic analysis. The analysis of historical behaviors and changes, the searches and the analysis data are stored in the system.