Download PDF
XM Cyber > Case Studies > Securing IT Infrastructure of Europe’s Largest Seaports: A Case Study of Hamburg Port Authority
XM Cyber Logo

Securing IT Infrastructure of Europe’s Largest Seaports: A Case Study of Hamburg Port Authority

Technology Category
  • Cybersecurity & Privacy - Network Security
  • Platform as a Service (PaaS) - Application Development Platforms
Applicable Industries
  • Construction & Infrastructure
  • National Security & Defense
Use Cases
  • Cybersecurity
  • Tamper Detection
Services
  • Cybersecurity Services
The Challenge

The Hamburg Port Authority (HPA), responsible for managing all harbor-related infrastructure for the city of Hamburg, faced significant challenges in securing its vast IT infrastructure. This infrastructure included 350 kilometers of fiber cable, 850 routers and switches, 500 servers in two data centers, and thousands of computers and smartphones running over 600 applications across 63 separate locations. The HPA IT managers identified several security challenges, including over 100 local administrators managing applications without support or follow-up, applications without a designated owner responsible for security or lifecycle management, and a flat network structure focused more on performance and flexibility than security. Additionally, HPA workers were not optimally aware of best security practices, leading to concerns about unidentified network exposures.

About The Customer

The Hamburg Port Authority (HPA) is a local governmental agency that manages all harbor-related infrastructure for the city of Hamburg, Germany. This includes streets and bridges, railways, and water infrastructure. The HPA oversees one of Europe's largest and busiest seaports, which is a key trade lane connecting Eastern Europe to the rest of the world. The port provides over 150,000 jobs and processes more than 135 million tons of cargo with an annual 9 million TEU capacity, expected to double by 2025.

The Solution

To address these challenges, HPA partnered with XM Cyber, a global leader in Attack Path Management. They implemented XM Cyber’s Attack Path Management Platform to identify and address security issues on a day-to-day basis. The platform provided HPA with a more comprehensive view of their overall security posture, identifying issues such as unsecured databases, missing patches, and unsecured test machines. The platform's attack-centric risk analysis identified domain credential issues as a significant security challenge. To address this, HPA IT leaders reduced the number of domain admins and streamlined the use of different accounts for separate needs. XM Cyber’s professional services team provided support in analyzing and finding the best possible solutions for issues HPA was unsure about.

Operational Impact
  • The implementation of XM Cyber’s Attack Path Management Platform resulted in a more secure IT infrastructure for HPA. The platform provided HPA leaders with deeper visibility into vulnerabilities and changes across their entire IT infrastructure. The real data contextualization of exploits and continuous, automated protection allowed for the surfacing of security issues that would normally require numerous manual steps to discover. The risk-free attack simulations conducted in production enabled HPA leaders to run tests without the risk of disruption, a critical attribute in port operations where a small error can have significant real-world repercussions. The platform's focus on the one percent of IT and security operations that represent the greatest threat effectively eliminated 99% of HPA's cyber risk.

Quantitative Benefit
  • The platform identified several security issues, leading to immediate remediation efforts.

  • The number of domain admins was significantly reduced to address domain credential issues.

  • The platform's continuous, automated protection surfaced security issues that would normally take dozens of manual steps to discover.

Related Case Studies.

Contact us

Let's talk!

* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.