The issue of cybercrime versus computer security is global.
It affects all sectors and its impact and is undoubtedly very extensive. In the port sector, a rather delicate sector, where the automation of infrastructure the digitization of tools presents a wide field of deployment, computer security then presents itself as a necessity. As computer attacks multiply more and more systems are exposed to them more than ever. It is therefore important to develop a comprehensive strategy to increase the reliability of supply chain security services.
This article will also interest you: Travel data collected by the French National Police
According to a report produced by Allianz Global, companies linked to the port sectors are much more concerned about cyber threats. "Global ransom costs have increased from US$325 million in 2015 to US$11.5 billion in 2019 with a forecast of 20 billion in 2021," said Jérôme Lees during an online training session on cyber security logistics and port. Webinar organized on September 15 by Soget. For his part, Gras Savoye Dero's Director of Maritime, Logistics and Transport added: "Human negligence is the main source of exposure to a cyber attack (66%) external threats (18%). The cause of this would be the lack of knowledge in the area of cyber threats, a lack of training and awareness on cybercrime.
One of the most common threats to companies in the port sectors, where other sectors is the famous ransomware. Hackers believe it is easier to make money with such tactics. Taking the example of the attacks suffered in recent years by major companies in the sector such as AP Muller-Maersk and its port subsidiary APMT, the US Coast Guard or Cosco and the port of Barcelona, the port and maritime sector is clearly targeted more and more. And the damage is not negligible in practice. Jean-François Vanderplancke, the Norman representative of Anssi (the National Agency for Security of Information Systems) hackers are motivated by "money, sabotage and espionage". Moreover, the key instruction remains the same. That of never giving in to the demands of cyber criminals. "The company must never pay ransoms. They finance resources for the attackers to re-attack with more efficient means. The company may also appear on the list of good payers without recovering its data."
In France alone, the French cybersecurity watchdog, L'Anssi, said he had already intervened more than 30 times in the port sector over the past five years.
Beyond the security good, the development of computer security in the port sector presents itself as a commercial asset. In many ways, ports are beginning to realize what cyber risk really represents. This is what the director of information systems at Haropa-Port du Havre, Jérôme Besancenot, testifies to. It should also be noted that Le Grand Port maritime du Havre (GPMH) is one of the forerunners of the IT security development of the port sector. Indeed, it quickly certified ISO 27001 for its cybersecurity organization system since June 2010. This is seen on several levels. Both in terms of governance tools and management tools. Not to mention the shop deployment dedicated specifically to IT security: "risk reduction plan, information system security policy, IT charter, recovery and business continuity plan." In addition to regular audits, the major port of Le Havre conducts several tests to assess the level of protection, robustness and resilience of these computer systems and networks. "Cyber security is part of our strategy. It has become an attractive factor and a competitive issue. means Jerome Besancenot. He admitted that the effectiveness of a security strategy must be "collaborative and collective at the port community level".
One of the structures involved in the security development of the great port of Havre is the Soget. The company, which is very involved, has developed in partnership with Orange Business Services and the American giant Microsoft: "secure access adapted to the needs of companies in the form of packs. These secure links guarantee business continuity in the event of an attack," said Hervé Cornède, its managing director.
On the insurance side, offers against cybercrime are becoming more and more refined and simply beyond the scope of prevention and protection. There are now insurance policies that are able to cover "the costs of crisis management, but also legal and administrative, as well as the coverage and repair of damage and impacts due to an attack," explains Guillaume Deschamps of Willis Towers Watson.
Now access an unlimited number of passwords: