Insight into cybersecurity in the logistics sector in the port of Rotterdam
Alarming results of the cybersecurity research for the logistics port industry. More than 30% of the logistics companies in the port of Rotterdam have little or no cybersecurity on their agenda. One in five logistics companies has been temporarily shut down due to a cyber incident. This usually concerns targeted attempts, aimed at a specific function or role at a company. The security of, for example, PIN codes, which are used for collecting goods, are often weak and are easily shared with other parties. And chain partners rarely inform each other in the event of a cyber incident and potential risks are not shared in the chain.
Research
Who doesn’t remember, the major cyberattack in 2017, one of the biggest victims of which was a subsidiary of the logistics company Maersk? With a total loss of $ 300 million, the need for cybersecurity measures for the entire port business community was underlined. TNO, Digital Trust Center (DTC), Transport and Logistics Netherlands (TLN), SmartPort, Air Cargo Netherlands (ACN), Cargonaut, REQON, Computest, and Top Sector Logistics have developed and carried out a scan in the past year to identify cyber vulnerabilities within logistics. mapping the chain. The project aims to increase the importance and awareness of cybersecurity. Also, it offers concrete tools to improve security against cybercrime. The current status of cybersecurity in the logistics chain has been mapped out through a questionnaire issued by several logistics sector organizations; interviews with different types of logistics companies and ethical hacks at eight anonymous logistics companies (15–1500 employees). The findings were shared in the cyber report and an appendix with best practices.
Opportunities and investments
The economic impact of a cyber incident is the main reason for logistics companies to invest in cybersecurity. Data security, or the proper protection of sensitive information, is a second investment reason. Almost half of the companies (42%) estimate the threat of cybercrime to their company as high (31%) to very high (11%). Employees play an important role in protecting against cybercriminals, as 58% of companies report that malware was found because an employee downloaded a malicious file. The digital transformation of companies also contributes to the importance of cybersecurity.
FERM
Although the FERM Foundation did not participate in the research, it is working on solutions for companies in the Port of Rotterdam. The aim is to increase cooperation, awareness of cyber risks and thus reduce the risk. An example is the execution of cyber resilience scans when a company joins the foundation. Another is to provide training and a platform with which the affiliated companies (participants) can exchange threat information and best practices among themselves. A joint cyber exercise is also held annually.
Combined forces
Later this year, SmartPort, in collaboration with TNO, FERM, REQON & Deltalinqs, will publish a four-part vlog series in which not only the results but also the applications of the ‘best practices’ are shared by the companies involved in the research.
Questions
Want to know more about the research? Contact Anique Kuijpers or call 010-4020338.