IBM is working with the port of Los Angeles to secure the maritime supply chain.

It is helping the USA’s busiest container port build a cyber resilience centre for sharing of cyber-threat data.

IBM will design and operate the port cyber resilience centre (CRC) as part of a multiyear agreement aimed at improving the port’s cyber-security readiness as well as enhancing threat sharing and collaboration within its supply chain ecosystem.

The tech giant will use its knowledge of cloud security and automation to deliver technology and expertise that can help port stakeholders detect and protect against malicious cyber incidents.

The port of Los Angeles is in the middle of an infrastructure investment programme aimed at raising the bar for cargo efficiency, and is focused on technologies to enhance digital information flow throughout the supply chain. With cyber threats emerging as reality for all industries, the port is taking proactive steps to enhance its ecosystem’s awareness and readiness to respond to cyber threats that could disrupt the flow of cargo.

The CRC will be a maritime security intelligence and operations centre to automate threat collaboration and extend its reach beyond traditional maritime stakeholders to port stakeholders that are more broadly involved in cargo flow. Stakeholders will have the opportunity to contribute threat data to the CRC as well as benefit from more extensive and accumulated threat intelligence.

“The cyber resilience centre will provide a cutting-edge early warning system to further defend the port and its stakeholders against cyber threats,” said port of Los Angeles executive director Gene Seroka. “This will result in greater collective knowledge, enhanced data sharing throughout our port ecosystem, and will help to maintain the flow of critical cargo.”

The $6.8m, three-year agreement includes IBM security software and services to design, install, operate and maintain the CRC. The board recommendation to select IBM was based on a competitive request for proposal process.

The CRC will leverage IBM Cloud Pak for Security, X-Force Threat Intelligence and IBM Security Soar (security orchestration, automation and response) to facilitate automated response playbooks to security events and collaboration among port stakeholders.

IBM will also collaborate with TruStar to leverage its enterprise intelligence management platform for stakeholders to automate and distribute intelligence among the port of Los Angeles and port stakeholders.

X-Force Threat Intelligence experts bring global and industry threat modelling capabilities to give maritime threat information. Combined with TruStar and Cloud Pak for Security, X-Force can apply threat intelligence to systems and individuals for critical decision-making.

Cloud Pak for Security will provide an open security platform to serve as the foundation for CRC activities, allowing them to integrate security tools for deeper intelligence into threats across hybrid cloud environments and respond faster to security incidents. Designed to run in any cloud or on-premise environment and connect openly regardless of the vendor infrastructure, Cloud Pak for Security can automate threat intelligence ingestions from multiple sources, conduct threat analysis and make the anonymised data available to port stakeholders through a dashboard that informs their threat awareness and proposed defender actions.

Soar can enable teams to codify stakeholders’ incident response processes into dynamic playbooks, accelerating and orchestrating their response to a potential security incident. These automated actions cannot only help stakeholders understand security threats, they can prioritise them.

IBM will provide on-site security intelligence and operations centre resources and support to manage the CRC and conduct real-time threat analysis. IBM’s threat analysts and experts will help onboard each operation and company and manage Cloud Pak for Security across the port ecosystem, configuring it to run based on each stakeholders’ needs.

As one of the busiest seaports in the world and a gateway for international trade in North America, the port has been the number one container port in the USA for the past twenty years, facilitating $276bn in trade in 2019 alone.

Existing maritime threat sharing portals are distinctly operated, relying on each individual party’s bandwidth to input threat data manually into the platforms, thus creating the potential for compromise if threats aren’t shared or communicated in a timely, collective manner. The CRC, however, will serve as an automated system of systems and focal point across all participating supply chain stakeholders for cyber threats to the port ecosystem, while still allowing stakeholder control over their own information and security protocols.

Tenants and cargo handlers will be able to share threat indicators quickly with each other so they can better coordinate defensive responses as needed. The CRC will also serve as an information resource that stakeholders may use to help restore operations following an attack.

“A supply chain is only as strong as its most vulnerable entity,” said Wendi Whitmore, vice president of IBM Security X-Force. “The CRC will help each participating member of the supply chain to better protect themselves, and by extension each other. In the face of a cyber attack, every second counts and with the threat detection, threat sharing and automation capabilities that IBM can bring to this project, we’re uniquely positioned to build the tools that can help provide the speed and efficiency stakeholders demand.”