On the waterfront of San Pedro, California tons of heavy cargo glides easy as swimming mackerel in and out of the country. The Port of Los Angeles is a hub of energy and commerce. After World War II, during which time the port was dedicated solely to shipbuilding, port officials focused attention once again to expansion and development. In 2007 it handled a record-breaking 8.4 million twenty-foot equivalent unit containers of freight, and currently employs the nation’s largest dedicated port police force. Little wonder, then, that port police in the city continue to be forward-thinking when it comes to prepping for future threats.
In 11 years the commerce station has enhanced its use of cameras and sensors to look for and detect changes in their now-steady state of security. Of equal importance is the idea of enhancing the area’s stance on cyber security. About two years ago, work began on the Cyber Security Operations Center (CSOC). The 24-hour operating facility serves as a technical nerve center for prevention, detection, and monitoring of and response to cyber security incidents targeting the port’s computer system and information.
The CSOC has already earned Port of LA the American Association of Port Authorities (AAPA) 2014 Information Technology Award, as well as AAPA’s Overall Communications Award of Distinction and 17 other awards in individual categories for various port public outreach related deliverables and initiatives.Port of LA Chief Ronald J. Boyd spent 35 years as a city employee and the majority of his career at the Port of Los Angeles, after spending a brief time responsible for tactical and administrative operations at LAX. Boyd returned to the Port in 2004. In the years since he’s seen his force manpower and technology balloon.
We talk with LA Port Police Chief Ronald J. Boyd about the new center’s capabilities, and how it is in fact helping to unite the entire city in better information sharing.
LET: How do you hope this center will address potential threats to security?
Boyd: The CSOC…has really been a project of our information and technology division which is led by Chief Information Officer Lance Kaneshiro. He is responsible for the enterprise system for the Port Authority, as well as a large portion of our security system—they’re two standalone systems. And he needed ways to look at any potential threats; it’s a very dynamic environment out there with threats to the cyber world. [We wanted to] make sure that we can identify any new trends and make sure that we had defenses.
There’s always the potential for someone to come in and impede our ability to work; [we wanted to] make sure that there were fixes and a resiliency program available to us, as well as make sure we have the right types of protection levels against various types of worms. The big deal now is the Ransomware that’s popping up and has developed in a number of government systems and otherwise.
LET: What was setup like?
Boyd: They started having discussions and working on the build-out five or six years ago. The cyber security threat, although it was developed, was not as well-recognized as the threat that it is [now], especially the past year or so. For that group to bring forth an idea…to enhance our protection capabilities…at first it was met with a little bit of concern, like “Why do you need that? What good will it do us?” The level of cooperation has to be commended because the team then recognized that making the investment might help us.
Keep in mind, that this was a several million dollar investment to identify the space, to come up with what our needs would be to protect our system, and then to move forward on a program so that we can have an accurate dashboard of what threats are out there, what’s trending, how much people are focusing on anything that’s related to the port community or maritime, and then to develop defenses.
LET: Is there any specific aspect of the project that you are most proud of?
Boyd: I’m really proud of the people working in there who have been forward-leaning, and the fact that they treat it very seriously. They’re proud of their work, and they’re able to share with other cyber security colleagues some best practices.
In July of last year we hosted several of our terminal and shipping customers and other folks in the port community, and asked them to make cyber security a top priority. We offered them access to the public safety community and had representatives from the Federal, state and local government. Business competitors…who barely exchange business cards…were willing to get in a room and listen to ways where they can better develop internal IT systems and [we] gave information on where to go if they had a problem.
LET: What in your mind is some of the most valuable technology employed at the center?
Boyd: I think what’s most important is the dashboard and the fact that we have someone that’s monitoring so we can have a real time awareness of what’s going on.
ts change-detection is probably the most important thing that’s going on there, and we’ve got a dedicated group of folks who are looking for changes in algorithms, changes in activity or patterns, so that the personality of our IT system remains intact.
LET: Does the area’s LE have access to the system? How do you work together?
Boyd: Yes. At a local level, our mayor opened up a center where all of the public safety and city departments share information so that any cyber incidents are addressed. On a weekly basis departments share information on any threats they may have had. It’s not as pretty “aesthetically” from a technological standpoint as our CSOC…but city has its cyber information command center located downtown LA. The reporting is a little more analogue, but it’s the same thing. It becomes a virtual dashboard of activity, of threats, of potential threats, of investigations, and letting the entire city family know what things are out there so that we can prepare ourselves and have better defenses.
