The following article was featured in Pacific Ports Magazine October/November issue (view the digital version here).
By Walter Anderson, Founder, PortSecure Cybersecurity | CISO, Nanaimo Port Authority
Last year, a ransomware attack forced Japan’s Port of Nagoya to shut down container operations for two days. A few months later, DP World Australia faced a similar disruption. Different ports, same root cause: a widening gap between IT (Information Technology) and OT (Operational Technology) systems. Every port leader I speak with knows it. Digital modernization has outpaced security integration.
For port leaders, it’s not just about lost data — it’s about ships delayed, trucks idling, and communities waiting for goods that can’t move. What was once a purely technical problem now touches supply chains, livelihoods, and national economies.
Ports have always moved things. Now they move data, and with it, new risk. Modern terminals rely on cranes, sensors, and yard management systems tied into billing, scheduling, and analytics platforms. The efficiency gains are enormous, but the exposure is just as significant. When a single phishing email or compromised vendor credential crosses that unseen bridge between IT and OT, the result can be measured not in data loss but in halted cargo flow and economic disruption.
Seeing the invisible
In my work with Canadian port authorities and critical infrastructure operators, I’ve seen how quickly OT networks evolve and how easy it is to lose sight of what’s connected. Equipment upgrades, vendor maintenance sessions, and technology pilots often introduce new systems that quietly remain online. It’s rarely intentional; it’s a symptom of progress moving faster than governance.
The first step in closing this gap is visibility. We can’t protect what we can’t see. Once teams map their assets and understand where IT overlaps with OT, they gain the clarity to manage risk instead of reacting to it. Visibility transforms cybersecurity from a technical issue into an operational strategy.
“Visibility changes everything.”
People, not just passwords
Cybersecurity isn’t only about networks; it’s about people. In every organization I’ve supported, the turning point has come when IT and operations begin to collaborate instead of working in silos. Security is strongest when it’s shared.
Often, this means rethinking long-standing practices: limiting persistent remote access for vendors, setting clear credential policies, or building joint response plans that combine technical and operational expertise. These are small but meaningful changes that strengthen both safety and trust. When teams understand that cybersecurity supports uptime, not bureaucracy, the conversation shifts from compliance to continuity.
“Security is strongest when it feels shared.”
The speed of recovery
Preparedness determines performance. During the federal Cyber-Physical Exercise Pilot Initiative, which included participation from ports, municipalities, and private-sector partners, it became clear that clarity of roles can turn chaos into coordination. Organizations that practiced their procedures recovered faster, not because they had more advanced tools, but because they had built trust and decision-making discipline through repetition.
At the Nanaimo Port Authority, we’ve adopted a similar mindset. Regular tabletop exercises bring together leadership, operations, and IT to test response plans and communication flow. The outcome isn’t perfection — it’s awareness. Everyone learns where dependencies exist and what needs to improve before a real event occurs. That shared understanding turns theory into resilience.
In a port control room, you can hear the hum of activity — radios, forklifts, cranes — all synced by unseen networks. When those networks falter, you realize just how physical digital risk has become.
“When systems slow unexpectedly, it isn’t dramatic — it’s quiet urgency. Operators glance at screens, phones buzz, and leaders ask, ‘Is it local or system-wide?’ In those minutes, clarity matters more than control. Teams that have rehearsed know who calls whom and what to shut down first. That calm only comes from preparation.”
“Recovery is a rhythm, not a re-action.”
Lessons from the field
The global picture reinforces what we’ve experienced locally.
- Port of Nagoya, Japan (2023): Two-day terminal shutdown caused by ransomware encrypting operational systems.
- DP World Australia (2023): Multi-terminal operations paused, leaving thousands of containers idle.
- Port of Long Beach (2024): Investing in advanced cybersecurity and drone detection systems to protect operations.
These events highlight a common reality: ports are now front-line critical infrastructure. They are essential to national economies and global trade. The IT–OT divide is where vulnerability often hides and where resilience must be built.
In response, Transport Canada and the Canadian Centre for Cyber Security have launched national sensor programs to monitor threats across critical infrastructure, building a foundation for real-time insight and collaboration across sectors.
Most people think marine security means fences, gates, and patrols — but the most important defenses today live in code and connectivity.
Canada continues to make meaningful progress. Through Transport Canada’s Maritime Security Strategic Framework (MSSF) and the Canadian Centre for Cyber Security’s infrastructure initiatives, port authorities receive clearer guidance and more opportunities to share intelligence. The challenge lies in consistent adoption — ensuring each organization invests in collaboration and preparedness before an incident, not after.
Canada’s maritime sector is also entering a new era of cybersecurity governance. With Bill C-8 and the forthcoming Critical Cyber Systems Protection Act (CCSPA), federally regulated industries — including transportation — will soon operate under stronger national cybersecurity expectations. When these programs are aligned with the Maritime Security Strategic Framework (MSSF), Marine Transportation Security Regulations (MTSR), and Transport Canada’s oversight, they can reinforce each other to create a unified, modern approach to maritime resilience.
Both the CCSPA and MSSF share the same intent: strengthening resilience against both cyber and physical disruptions. Transport Canada’s role as sector regulator allows for consistent oversight, ensuring that risk assessments, security plans, and incident reporting within the marine sector can complement rather than duplicate one another.
The key is coordination. When policies and programs evolve together, they build efficiency, clarity, and trust across the transportation ecosystem. If they diverge, organizations risk facing duplicated reporting, overlapping audits, or, worse, gaps between cyber and physical preparedness.
In practice, this means aligning cybersecurity planning with existing marine security processes, encouraging shared intelligence, and maintaining a single, integrated rhythm of risk management. When government, regulators, and industry stay in sync, compliance transforms into confidence, and Canada’s ports become stronger for it.
Building the bridge
So what does bridging IT and OT look like in practice? It begins with awareness and grows through collaboration.
Start with mapping what you have. Even a basic inventory gives you control over the unknown. Next, segment wisely—separating systems so a single compromise can’t cascade through your network. Then, govern access carefully; many risks stem from over-permissioned accounts and unmonitored vendor connections. Add monitoring and detection so unusual behaviour stands out early. Finally, practice the plan. Each exercise exposes gaps you can close before they cause harm.
These aren’t one-time tasks; they’re ongoing habits. When integrated into daily operations, they make cybersecurity almost invisible—not because it disappears, but because it becomes part of how the work gets done.
“Ports don’t have to choose between security and throughput.”
The future port
As automation, AI, and data sharing accelerate, the gap between IT and OT will either widen or close depending on how leaders act today.
Cybersecurity is now inseparable from modernization efforts such as shore power, vessel electrification, and AI-assisted logistics. Each innovation adds value but also introduces new dependencies. Collaboration across Pacific ports isn’t just about security; it’s about ensuring that the technology enabling smarter, more sustainable trade is also trustworthy.
Bridging the divide isn’t about adding layers of control — it’s about creating alignment. When leadership treats cybersecurity as shared accountability, resilience follows. The ports that succeed will be those that see digital and operational systems as one ecosystem: secure, adaptable, and built on trust.
After two decades in this field, I’ve learned that cybersecurity isn’t about fear—it’s about foresight. Ports that plan ahead don’t just survive; they lead.
Every container that moves, every vessel that sails, depends on unseen systems working in harmony. Protecting those systems is more than a technical challenge — it’s a shared responsibility for the global good.
“The bridge between IT and OT is where resilience is won or lost.”
Walter Anderson is the Founder of PortSecure Cybersecurity | CISO, Nanaimo Port Authority, Nanaimo, BC, Canada.
For more information, visit: www.portsecurecyber.com, https://www.linkedin.com/in/andersonwalter/, or Instagram @iamwalteranderson
