The economic effects of the COVID-19 pandemic, war in Eastern Europe and other geopolitical events, supply chain disruptions, labor shortages, rising inflation and rapidly escalating energy prices have brought increased focus on the port and terminal industry. The results of the 2022 Ports and Terminals Cybersecurity Survey, by Jones Walker LLP, finds that despite 90% of port and terminal respondents reporting preparedness, 74% of respondents indicated that their systems or data had been the target of an attempted or successful breach within the past year.
“Without question, protecting the marine transportation system from cyber threats is a shared responsibility requiring both government and industry participation." says Andy Meyers, captain in the U.S. Coast Guard and chief of the office of port and facility compliance.
From Jones Walker:
- The results of the 2022 survey reflect the responses of 125 senior executives of blue-water and brown-water ports and maritime terminals across the U.S.
- When asked about the frequency of cybersecurity training, the annual industry standard was met by only 57% of the blue-water respondents, and by only 25% of the brown-water respondents.
- Although 45% of survey respondents named ransomware as the biggest perceived threat, only 20% of respondents whose organizations had been victimized by a cyber-attack cited ransomware as the primary attack vector.
- For actual cyber-attacks, participants primarily blame solo hackers and organized criminal groups as the top threat actors facing the ports and terminals sector, with nation-state affiliated groups as a close third.
- Although 73% of respondents reported having a written Incident Response Plan (IRP), only 21% noted that their IRP had been updated within the past year. Similarly, 50% of respondents said that their facility conducted IRP tabletop exercises irregularly or not at all.