The Coast Guard, along with members of the Area Maritime Security Committee (AMSC) for the Port of New York and New Jersey, have collaborated to implement an innovative framework to enhance maritime cyber security and port resilience – one of the most challenging security issues facing the global Marine Transportation System (MTS).
Recent cyber attacks have significantly impacted the maritime industry. Incidents including the NotPetya attack of 2017 which wiped out the global network of A.P. Moeller-Maersk, the 2018 targeted ransomware attack at the Port of San Diego, and the February 2019 disabling of a cargo vessel’s computer network while inbound to the Port of New York and New Jersey each highlighted some of the cyber threats and vulnerabilities facing the maritime sector. These incidents, along with the industry’s rapidly increasing reliance on automation and information and operational technology, have made cybersecurity a top priority for the AMSC.
“Cyberattacks are a 21st century reality and an ever-present operational risk that we must be ready for,” said Jeff Milstein, of Vitol vessel operations, one of the world’s largest energy traders, and former chair of the AMSC. “We have witnessed first-hand the disruption that a cyber-incident can cause in our nation’s ports, and we’re committed to taking action to minimize those risks.”
To address the growing cyber security challenge, the region’s AMSC formed a unique cyber partnership, bringing together leaders across industry sectors to lend their expertise to the problem. Membership includes representatives from Rutgers University, Stevens Institute, and major segments of the maritime industry. The end result of their work is an agreement by all members of the AMSC to share cyber threat information and participate in routine cyber exercises. The plan also establishes a Cyber Advisory Committee, comprised of cyber and industry experts ready to assist in a cyber-incident response, and creates an awards program to recognize port partners who have taken proactive steps to make cybersecurity a top priority.
The financial services sector also has a vested interest in the maritime industry’s ability to deliver goods and services to U.S. ports. Financial sector representatives are active members of the AMSC and integral to the development of this cyber strategy. Any disruption to cargo, oil, and gas, or passenger ferries could impact the markets, especially commodities.
The Chairman of the AMSC, Joe Farley of Maher Terminals, operator of North America’s largest marine container terminal, applauds the work this group has done to adapt to changing threat landscapes.
“Our AMSC is committed to protecting the security of our port from all threats, including cyber threats,” said Farley. “This plan is evidence of the commitment our port partners have made to strengthen our cyber resilience and to keeping the Port of New York and New Jersey safe, secure and open for business.”
Capt. Jason Tama, Coast Guard Captain of the Port and Federal Maritime Security Coordinator, believes that the work done by this committee is innovative and urgently needed.
“The fact that port partners across different industry sectors came together to develop this plan speaks to the serious nature of the cyber threat and is a testament to the shared equities at stake,” said Tama. “I’m proud of the proactive work this team is doing to address one of the most significant safety and security concerns facing our ports. The nature of the cyber threat demands that different segments of industry, government, and academia share information and work together to enhance cyber preparedness and resilience.”
The AMSC for the Port of New York and New Jersey plans to recognize inaugural award recipients and conduct its next port-wide cyber exercise in 2020.