Port of Los Angeles plans "cyber resilience center"

The Port of Los Angeles plans to create a "first-of-its-kind" cyber resilience center to guard against risks that could impact the cargo supply chain ecosystem, port officials said Wednesday.

The unit will serve as a focal point for cyber threat information-sharing across companies and stakeholders at the port, according to a request for proposal (RFP) seeking companies or firms interested in designing, installing, operating, and maintaining the center.

The idea for the collaborative center came out of a maritime industry working group meeting hosted by the port earlier this spring, officials said. "Collaborative cyber-threat information sharing is critical to the safety and security of our Port," Chief Thomas Gazsi, who serves as the port's deputy executive director of public safety and emergency management, said in a release. "This Cyber Resilience Center will allow us to more quickly identify and mitigate cyber incidents that pose a threat to the maritime supply chain."

Awareness of cyber threats to supply chain assets has been rising in recent years, after the "Petya" ransomware attack crippled operations at shipping giant Maersk Line in 2017. Likewise, a report issued in May by technology provider Verizon warned that corporate computer attacks are on the rise as hackers increasingly target the C-level executives who have easy access to sensitive information in an increasingly digitalized supply chain.

Creating the center would be the latest extension of the port's defense against computer threats, following its establishment in 2014 of a Cyber Security Operations Center, operated by a dedicated cybersecurity team that acts as a centralized location to proactively monitor network traffic to prevent and detect cyber incidents under Port control.

The Port says it has also maintained its ISO 27001 certification for cyber security, a set of benchmarks set by the Geneva, Switzerland-based International Organization for Standardization (ISO). According to ISO, this family of standards helps organizations manage the security of assets such as financial information, intellectual property, employee details, or information entrusted to them by third parties.

Responses to the RFP must be submitted by Sept. 4 and then approved by the Board of Harbor Commissioners and the Los Angeles City Council.

Moving forward with plans to create a first-of-its-kind Cyber Resilience Center, #PortofLA has issued an RFP seeking companies or firms interested in designing, installing, operating and maintaining the planned Center. Deadline to submit proposal is 9/4. https://t.co/573cIz3mdW pic.twitter.com/iQUgsfD8aB

— Port of Los Angeles (@PortofLA) July 24, 2019