A fully operating port cyber security center, coastal emergency plan and interactive ISPS port security mobile app up as WPSP Safety & Security Award finalists at upcoming online ceremony on 24 June
Safety and security of ship and cargo operations are crucial within any port. With the advance of global terrorism, cross-border criminality and digitization, security problems have obtained new, challenging dimensions. To uphold their regulatory duties and responsibilities and enforce applicable laws and regulations, port are having to come up with innovative and technology-led solutions.
The Port of Los Angeles is a global leader on cyber security. In 2014, it became the first port in the world to implement a state-of-the-art Cyber Security Operations Center (CSOC). In 2015, it became the first port in the world to attain the ISO 27001 certification, the international cyber security standard. Continuing to advance its cyber security program, in 2019, the Port of Los Angeles successfully completed its upgraded G2 CSOC.
The G2 CSOC is built upon its original CSOC with technology enhancements, new analytical tools, and leveraging of its own five years of cyber operations data to focus the G2 CSOC on the highest priority areas. Today, the G2 CSOC protects the Port against more frequent, sophisticated and damaging attacks, including 20-30 million unauthorized intrusion attempts per month.
The next evolution of the Port of Los Angeles’ cyber security program is to extend beyond the Port Authority and into the Port Community with a Cyber Resilience Center (CRC). The aim of this pioneering solution will be to reduce cyber risks of the Port ecosystem by securely sharing information with the Port of Los Angeles ecosystem to collectively defend against cyber attacks.
In 2019 an oil spill reached more than 2,000 km of the Brazilian coast in an unprecedented incident of catastrophic proportions. More than 5,000 tons of oil waste was collected from shores in 11 states, a volume 20 times larger than the sum of all oil incidents reported since 2012. The origin of the spill remains unknown.
The incident shed light on the challenges related to the ability to respond to major oil incidents and the important role that ports can play in emergency response actions. As connecting nodes between land and sea, ports are a key stakeholder for collaboration in response actions, as they concentrate significant emergency resources, act as support base for sea operations and is ideally placed to gather those involved in an emergency response.
Strategically located with terminals providing specialized offshore support to oil companies, the Brazilian Port of Açu set up a taskforce to manage and respond to emergency spills. Table-top and fully operations drills with booms, clean-ups and containment simulations, wildlife monitoring and drone supervision flights were tested and implemented as part of the Emergency Preparedness Project.
The Port Administration, together with Companies and Terminals in operation at Port of Açu as well as the Navy, also conducted lectures and campaigns with local community representatives as well as fishermen to advise them on monitoring and reinforce safety and clean-up procedures. The Port of Açu has proved its capacity to be one step ahead, engaging preventively through integrated actions and setting safety standards that can actively respond to emergency spill situations.
Each port terminal receiving sea-going ships need to comply with statutory requirements (ISPS-code) to ensure port facility security and are obliged to apply for certification every 5 years.
In this certification process the designated authority performs a risk assessment of the port facility. The terminal has to set up and maintain a security plan for the port facility with the procedures that mitigate the risks as indicated by the assessment. This port facility security plan (PFSP) is then audited and to be approved by the authority. Terminals have to comply with its security procedures, something the authority will supervise. Also, the terminal must notify the authority of changes within the port facility or its procedures. The authority then has to (re)audit and approve those changes.
These activities can often be time-consuming and require a proper communication between the port terminal and the authority. In 2017 the Port of Amsterdam launched the MISA (Methodology for Impartial Security Assessments) risk assessment application for port terminals. This application has now been evolved to the MOBI (the Dutch abbreviation for MISA) port security platform and has been in use since 2019 in all the Dutch main seaports (Groningen Seaports, North Sea Port, Port of Den Helder, Port of Moerdijk, Port of Rotterdam and Port of Amsterdam).
The MOBI platform and its smart web-based software application (MOBI-app) facilitates a public-private cooperation between port terminals and designated authorities for port security activities. Port Facility Security Officers, Port Security Auditors and Port Security Supervisors work together in one transparent digital environment, carrying out real-time tasks and sending each other notifications, messages, documents and images through the application. This ensures that information is always up-to-date and makes the status of the processes transparent to its users. The platform itself has top level digital security and is PEN-tested on a regular base in order to keep its integrity.
MOBI handles the certification, notifications, the management of changes and compliance. The development of MOBI continues in 2020 with a more thorough integration of Cyber Security. Also, a real-time security/cyber incident notification module (MOBI-Alert) will be added.
Everyone is welcome to enjoy the virtual WPSP Awards Ceremony , which will be broadcasted on 24 June. To take part, register here.