The passenger side-view mirror gives me a much clearer view of the right side of the road than my rear-view mirror. Since its convex, it provides a wide angle for seeing more of what is coming up – which in Houston may be anything from a motorcycle to a monster wide-load hauler. The downside is that it distorts the proximity, so the “objects in mirror are closer than they appear.”
COVID-19 aside, navigating any business is a balancing act between looking at the road ahead while being aware of what might be overtaking us. As you know, the Port Bureau board and staff are big supporters of better digital collaboration across all the private and public entities in the port. It holds the key to significant efficiency gains, safer, and more resilient supply chains, and lower emissions. However, if we are only looking forward on adopting digitalization across our port, we might miss what is in our side-view mirror — the issue of cybersecurity.
The recent cyber-attack on SolarWinds may have impacted more than 18,000 organizations. It seems to have started with a weak password somewhere and created a labyrinth of difficulties. An alert from the Cybersecurity & Infrastructure Security Agency (CISA) of DHS put it this way: “This APT (advanced persistent threat) actor has demonstrated patience, operational security, and complex tradecraft in these intrusions. CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations.”
When I read this, I thought about how reliant we are on our digital infrastructure, especially since many companies have gone remote since COVID-19. And whenever we have reliance, we need to support it with resilience to ensure uninterrupted business. A Coast Guard friend of mine, Stephen Flynn, heads up the Global Resilience Institute at Northeastern University. He says, “Resilience is a concept to which virtually every discipline can contribute knowledge—knowledge that will be helpful for managing the challenge of 21st century turbulence.”
I am thinking resilience may be my new code word for side-view mirror. As we look forward, we need to ensure what we are building is resilience to threats, unseen on our sides. I also like that Stephen mentions that every discipline (everyone) can contribute.
While I know little of what goes into proactively protecting IT infrastructure, I cannot ignore it - we need everyone looking at that side-mirror and looking for threats. Incorporating this mindset helps everyone stay alert to even small anomalies that might pop up and strengthens support to security staff.
Collaboration is always a good place to start. The FBI has a program called InfraGard that is a partnership between them and private industry. They even have a maritime sector that meets quite frequently and assists dissemination of information and threats.
The other group that is working to harden our cybersecurity and increase our resilience is the Houston Maritime Security Collaboration Group. This is a joint venture between the Houston Ship Channel Security District, the Port of Houston Authority, and the Houston-Galveston InfraGard Area Maritime Security Committee. It is discussed in detail here.
We might not all understand the technical aspects, but we can learn how to quickly respond to an incident or suspected threat. We can also learn what behaviors make us vulnerable to a cyber-attack. We are looking out the front window and collaborating to make our supply chain better, faster, and cheaper through the transparency of shipping schedules with projects like the PortXchange vessel and terminals scheduling platform. We also need to be checking our side-mirrors for cyber threats that are closer than they appear.
As always, the Port Bureau is here to bring information and support collaboration for progress on this issue – and all challenges for business in our maritime community. We would like to hear more about what objects you see gaining speed in your side-view mirror.