The Port of Southern Louisiana plans to hire a cybersecurity firm and create an in-house staff to prevent digital breaches at one of the country’s largest ports, officials said.
The FBI and Maritime Industry Group have suggested that cyberattacks, especially against businesses and ports, are on the rise. Port auditors recently revealed that a cyberattack in the fall of 2021 would cost him more than $420,000 before insurance reimbursement.
With about 60 staff, the $15 million-a-year port oversees a 54-mile stretch of the lower Mississippi River between Baton Rouge and New Orleans. A general aviation airport, the Reserve has its own river and rail terminals. It also sells and develops riverside properties for future industries.
Port this week agreed a one-year, $107,000 master contract with Evalv IQ to allow the company to develop a cybersecurity remediation plan.
The Port’s executive director, Paul Matthews, said one of his first initiatives since becoming Port’s new head in January was the company’s efforts to test the Port’s systems and policies after the attack. You said you’re already auditing
The port committee also formed a committee to review cybersecurity and information technology.
“As a result, we are now at the point where we offer this master service agreement and put the software in place to get where it is needed. We are no longer behind the times. It’s ahead of its time in many ways,” Matthews said.
According to Theresa Jones, a consultant who owns Evalv IQ, the deal will give the port a security operations center, an on-site IT manager, next-generation behavior-based software, and staff training.
Matthews explained that the deal will serve as a short-term bridge until the port can create in-house staff on a longer-term basis, and Evalv IQ may continue to operate on a consultative basis.
“The truth is, we just started this department,” said Katie Clivert, chair of the port’s cybersecurity subcommittee. , the wheels turn 24 hours a day, and the harbor turns 24 hours a day.”
“We need to be hours, days and years ahead of what’s coming to us,” she added.
In July, the BBC reported that the Port of Los Angeles was fighting 40 million cyberattacks per month.
Also in May, local law firm Jones Walker conducted an online survey of 125 “senior executives in U.S. ports and marine terminals” about cyber and data security threats. . It also revealed a growing threat.
According to the white paper, 74% of respondents said their systems or data were the target of a breach or attempted breach within the past year.
Only 11% had their data stolen, and 14% had it encrypted or inaccessible. Nearly three-quarters of survey respondents did not disclose attacks outside of law enforcement.
Andy Lee, a New Orleans-based attorney who leads Jones Walker’s privacy and data security team, said:
In an interview last month, Lee said attacks were occurring in large, medium and small maritime operations, and while executives surveyed expressed confidence in their protection, the high level of threat meant It could mean that the trust is misplaced, he added.
Other maritime industry research shows that between 2017 and 2020, there was a sharp increase in attacks against “operational technology” systems that harden IT systems and move equipment and data.
Officials at the Port of Southern Louisiana have not provided many details about what the Fall 2021 cyberattack will entail, citing future security concerns.
However, the agency told auditors earlier this year in response to the violation that it would require “third-party verification” for vendors seeking payment, including “verifying information through telephone calls with representatives of the requesting vendor.” He said the process had begun.
Matthews said it’s no surprise that attacks against ports are on the rise. They make up his 25% of the country’s economy, he said. All five of his ports in Louisiana in the lower Mississippi are his fourth largest port facility in the world.
“Sixty percent of the country’s grain exports come from ports in southern Louisiana,” he said.
Port officials are still searching for their own cybersecurity staff, which will be housed in the near-completed $12 million, three-story administration building at the port’s Globalplex terminal on the reserve.
In September, port officials also announced that they had received nearly $1 million in grants from the Federal Emergency Management Agency to improve state agencies’ cybersecurity and other security measures.