Port Cybersecurity: Securing Critical Information Infrastructures and Supply Chains examines a paradigm shift in the way ports assess cyber risks and vulnerabilities, as well as relevant risk management methodologies, by focusing on initiatives and efforts that attempt to deal with the risks and vulnerabilities of port Critical Information Infrastructures (CII) ecosystems. Modern commercial shipping ports are highly dependent on the operation of complex, dynamic ICT systems and ICT-based maritime supply chains, making these central points in the maritime supply chain vulnerable to cybersecurity threats.
- Identifies barriers and gaps in existing port and supply chain security standards, policies, legislation and regulatory frameworks
- Identifies port threat scenarios and analyzes cascading effects in their supply chains
- Analyzes risk assessment methodologies and tools, identifying their open problems when applied to a port's CIIs
Nineta Polemi works for the European Comission and was previously an Associate Professor at the University of Piraeus in Piraeus, Greece, teaching cryptography, ICT system security, port security, and e-business and innovation. She has been a security project manager for organizations such as the National Security Agency, NATO, Greek Ministry of Defense, INFOSEC, TELEMATICS for Administrations, and the European Commission (E.C.) She has acted as an expert and evaluator in the E.C. and the European Network and Information Security Agency (ENISA). She is the director of the UPRC Department of Informatics security graduate program, and has participated in the national and European cyber security exercises in the last four years. Polemi has been published in more than one hundred publications, including the International Journal of Electronic Security and Digital Forensics, and International Journal of Electronic Security and Digital Forensics.
2. Definitions and Terms
4. Ports and their Supply Chains
5. Ports' CII Security
6. Supply Chain propagated threats
7. Ports' Supply Chain Security
8. Conclusions and Future Directions
9. Appendix A. Individual Threats in Ports' Information Systems
10. Appendix B. Threat Scenarios in Maritime Supply Chains
11. Appendix C. Vulnerabilities and Controls in Ports' ICT Systems
12. Appendix D. Stakeholders in Maritime Security
13. Appendix E. Ports' Operators Security Awareness Level