The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has restarted a series of tabletop exercises designed to boost cybersecurity at U.S. seaports.
The COVID-19 pandemic derailed the initiative, known informally as the port security ecosystem tabletop exercise, after the first event in Savannah, Georgia, Klint Walker, CISA supervisory cybersecurity advisor, reported during an interview with SIGNAL Media. Other events and priorities, including Walker’s pursuit of an advanced degree, further delayed the effort.
But Walker is once again driving the proof of concept with a likely return to the Port of Savannah. “Our original exercise was with the Port of Savannah, and that is who we’re reaching out to. Matter of fact, I go next week to talk to the Port of Savannah to see if we can get the schedule for them to redo what we did originally,” he said.
The ports of Charleston, South Carolina, Wilmington, North Carolina, and Tampa, Florida, may be next on the list. “We’re also in discussions with the Port of Charleston. I’m hoping to make a visit to them in the next two months to solidify what we’re going to be doing with them shortly. And we’re—fingers crossed—we’re hoping that the Port of Wilmington and maybe the Port of Tampa are going to want to be our next two. Those are the four that I have on my current calendar, but we’re open to other ports reaching out to us and saying that they’d like to participate.”
While the current list includes only East Coast ports, any port can participate, Walker said. “It doesn’t matter where these ports are in the United States. Any port that would like to see what we’re doing or work with us, we’re more than happy to support that and bring what we have currently in draft format so that they can help us build a better product.”
The restart is needed because of the expanding threat to ports, a critical piece of the American supply chain. “We’re hoping to get this going again because the threat has definitely elevated in this particular arena,” Walker offered. “Supply chain has really come into focus in the recent years, in that we’ve seen how it’s not just the critical infrastructure itself but the suppliers that bring that critical infrastructure. COVID was a great example of how the ports were limited in their capacity to get equipment in and out or move goods from ship to shore, and that really impacted our economy. It impacted the way that we did business nationally.”
U.S. ports already have proven to be tempting targets for cyber attackers. In 2021, for example, the Port of Houston in Texas issued a statement saying it had fought off an attempted hack and “no operational data or systems were impacted,” the Associated Press reported. Then-CISA Director Jen Easterly reported the attack that same week to a Senate committee, saying she believed a nation-state actor, which she did not identify, was behind the attack.
