On 4 December, the EU Agency for Cybersecurity (ENISA) released new sector-specific guidelines addressing Industrial IoT (IIoT) security in ports and logistics nodes. The document expands on ENISA’s broader cyber-threat landscape assessment by identifying vulnerabilities related to connected cargo-handling equipment, remote-controlled cranes, automated gates and yard management systems.
The guidelines recommend a risk-based approach to asset inventory, segmentation of operational technology (OT) networks, and minimum cybersecurity requirements for suppliers of connected systems. ENISA also states that ports should ensure compatibility between IIoT security measures and obligations arising from NIS2 and the Cyber Resilience Act.
FEPORT welcomes the initiative and stresses that public support mechanisms remain essential for operators to strengthen cyber resilience. As terminals increasingly rely on digital and automated systems, cybersecurity costs and responsibilities grow significantly, while the associated benefits extend to the entire supply chain and national security architecture.
