Advanced security management system for critical infrastructures

The maritime sector is critical in terms of economic activities and commercial impact not only for the European society but more importantly for the Mediterranean EU Member States, especially under the current economic turmoil. Commercial ports are the main gateways and face increased requirements, responsibilities and needs in view of a secure and sustainable maritime digital environment. Therefore, they have to rely on complicated and advanced facilities, ICT infrastructure and trustworthy e-maritime services in order to optimize their operations. This paper aims at alleviating this gap on the basis of a holistic approach that addresses the security of the dual nature of ports´ Critical Information Infrastructures (CIIs). In particular, it introduces a collaborative security management system (CYSM system), which enables ports´ operators to: (a) model physical and cyber assets and interdependencies; (b) analyse and manage internal / external / interdependent physical and cyber threats / vulnerabilities; and (c) evaluate / manage physical and cyber risks against the requirements specified in the ISPS Code and ISO27001.