NXLog main page
  • Products
    LOG COLLECTOR
    NXLog Enterprise Edition
    Full feature multi-platform log collection
    NXLog Community Edition
    Open-source free log collector
    ADD-ONS FOR NXLOG ENTERPRISE EDITION
    NXLog Add-Ons
    Integration with various software
    AGENT MANAGER FOR NXLOG ENTERPRISE EDITION
    NXLog Manager
    Manage and monitor NXLog instances
    NXLog Minder
    Hyper-scalable, API-first agent management
    DATABASE FOR NXLOG ENTERPRISE EDITION
    Raijin Database Engine
    The schemaless SQL database for storing events
    more from nxlog
    Professional Services
    Compare NXLog EE and CE
    NXLog Solution Packs
  • Downloads
    NXLog Enterprise Edition
    Full feature multi-platform log collection
    NXLog Manager
    Manage and monitor NXLog instances
    NXLog Community Edition
    Open-source free log collector
  • Solutions
    Integrations
    With SIEM, Devices, SaaS...
    Specfic OS support
    AIX, Linux, FreeBSD
    SCADA/ICS
    Energy, Oil & Gas, Transport...
    Windows Event log
    Collect locally or remotely, ..
    DNS Logging
    Enterprise-grade DNS log...
    Log Collection Modes
    Agent-based, Agentless or Cloud
    Agent Management
    Agents management and monitoring
    FIM
    File Integrity Monitoring
    macOS Logging
    ULS events, Apple System Logs ...
    By Industry
    Financial Services
    Government & Education
    Entertainment & Gambling
    Telecommunications
    Medical & Healthcare
    Military & Defense
    Law Firms & Legal Counsel
    Industrial & Manufacturing
  • Partners
    Find a Reseller
    Look for our resellers worldwide
    Technology Ecosystem
    See all our partners and integrations
    Partner Program
    Join our community of partners
  • Resources
    Documentation
    Products guides and integrations
    Blog
    Tutorials, updates and releases
    White papers
    Datasheets, infographics and more
    Videos
    Trainings and tutorial on specific topics
    Webinars
    Community events and webinars
    Case Studies
    Customer success stories
    Community Forum →
  • Support
    GETTING STARTED GUIDE
    Set up accounts to raise support requests
    SUPPORT SERVICE DESK
    Access our support ticketing system
  • Why Nxlog
    About Us
    Our journey, team and mission
    Customers
    Testimonials and case studies
    Careers
    We are hiring!
    Contact Us →
LOG COLLECTOR
NXLog Enterprise Edition
Full feature multi-platform log collection
NXLog Community Edition
Open-source free log collector
ADD-ONS FOR NXLOG ENTERPRISE EDITION
NXLog Add-Ons
Integration with various software
AGENT MANAGER FOR NXLOG ENTERPRISE EDITION
NXLog Manager
Manage and monitor NXLog instances
NXLog Minder
Hyper-scalable, API-first agent management
DATABASE FOR NXLOG ENTERPRISE EDITION
Raijin Database Engine
The schemaless SQL database for storing events
more from nxlog
Professional Services
Compare NXLog EE and CE
NXLog Solution Packs
NXLog Enterprise Edition
Full feature multi-platform log collection
NXLog Manager
Manage and monitor NXLog instances
NXLog Community Edition
Open-source free log collector
Integrations
With SIEM, Devices, SaaS...
Specfic OS support
AIX, Linux, FreeBSD
SCADA/ICS
Energy, Oil & Gas, Transport...
Windows Event log
Collect locally or remotely, ..
DNS Logging
Enterprise-grade DNS log...
Log Collection Modes
Agent-based, Agentless or Cloud
Agent Management
Agents management and monitoring
FIM
File Integrity Monitoring
macOS Logging
ULS events, Apple System Logs ...
By Industry
Financial Services
Government & Education
Entertainment & Gambling
Telecommunications
Medical & Healthcare
Military & Defense
Law Firms & Legal Counsel
Industrial & Manufacturing
Find a Reseller
Look for our resellers worldwide
Technology Ecosystem
See all our partners and integrations
Partner Program
Join our community of partners
Documentation
Products guides and integrations
Blog
Tutorials, updates and releases
White papers
Datasheets, infographics and more
Videos
Trainings and tutorial on specific topics
Webinars
Community events and webinars
Case Studies
Customer success stories
Community Forum →
About Us
Our journey, team and mission
Customers
Testimonials and case studies
Careers
We are hiring!
Contact Us →
Request trial
  • Loading...
Request Trial
October 17, 2023 compliance

Log management for maritime cybersecurity compliance regulations

By Roman Krasnov

Share
ALL SIEM STRATEGY SECURITY ANNOUNCEMENT DEPLOYMENT COMPLIANCE COMPARISON RSS

Historically, seaports have played a crucial role in a state’s development, and interruption in their services has a significant impact on economics. So, it’s no surprise commercial ports are regarded as a critical transport infrastructure.

Port with ship

One of the most significant challenges ports face today is ongoing digital transformation. The majority of tasks carried out across a port utilize autonomous and partially automated systems, including those for managing port access, vessel berthing (bridges, locks, gates, etc.), and terminal operations (cranes, storage, etc.). Typically, these systems are overseen by specialized software and hardware: industrial cyber-physical systems, supervisory control and data acquisition systems (SCADA), and surveillance systems. To stay highly competitive, ports are now reliant on tight integration of IT and OT systems and must adapt timely to new types of maritime assets.

However, intensified digitalization has its drawbacks, as a single cybersecurity incident can shut down the entire port, which can cause a ripple effect on national critical infrastructure and disrupt the global supply chain.

Regulations and log management

At the international level, cybersecurity for the maritime ecosystem was directed in 2017 by the International Maritime Organization (IMO). Under Resolution MSC.428(98), operators should ensure their existing safety management systems address cyber-risks and cybersecurity appropriately. IMO also shared its Guidelines on Maritime Cyber Risk Management that reference additional frameworks and standards like NIST CSF; ISO/IEC 27001; The Guidelines on Cyber Security Onboard Ships produced and supported by ICS, IUMI, BIMCO, OCIMF, INTERTANKO, INTERCARGO, InterManager, WSC and SYBAss; IAPH “Cybersecurity Guidelines for Ports and Port Facilities”, and others.

Besides international regulations, local and national directives exist that drill down to a certain level of technical implementation of safeguards and countermeasures.

For the European Union, Section 5.4.9 “Detection and monitoring” of ENISA’s Good Practices for the Maritime Security recommends technical practices with events and log management:

  • TP-26. Monitor availability of the port systems and devices in real-time, where technically feasible

  • TP-27. Set up a logging system to record events related, at least, to user authentication, management of accounts and access rights, modifications to security rules, and the functioning of the port systems

  • TP-28. Set up log correlating and analysis systems to detect events and contribute to cybersecurity incident detection

The document also considers OT systems in all the security measures defined to protect maritime control systems and networks.

For the U.S., there is the Maritime Cybersecurity Assessment & Annex Guide (MCAAG) by the U.S. Coast Guard, which helps Maritime Transportation Security Act (MTSA)-regulated facilities and other Marine Transportation System (MTS) stakeholders to address cybersecurity risks. It’s NIST CSF-based and gives direct guidance on its C.13 Security Measures for Monitoring:

  • Apply DE.CM baseline controls (DE.CM-1, DE.CM-2, DE.CM-3, DE.CM-4, DE.CM-5, DE.CM-7, DE.CM-8) to ensure information systems and assets are monitored to identify cybersecurity events.

  • Implement PR.PT-1 to establish processes and procedures to ensure audit logs are enabled and to review access logs

  • Ensure all facility systems and networking devices have audit logging enabled

The complexity and diversity of port infrastructure pose a challenge for log collection and management. Various IT and OT log sources, required to be embedded into the security events pipeline, call for different techniques to get data, transform, and forward to security analysis platforms like SIEM. Many of those systems, especially legacy ones, may not provide trivial integration options nor be supported by the security platform vendor.

How NXLog Enterprise Edition helps

NXLog Enterprise Edition allows engineers to get security and operational events from diverse systems specific to sea port infrastructure, including different Windows and Linux boxes, network appliances, SCADA, and other specialized equipment. NXLog Enterprise Edition provides diversified integration technologies that help ingest log data via files, databases, and over-the-network access.

NXLog Enterprise Edition is lightweight, supports agent and agentless deployment architectures, and can be used across IT and OT infrastructure.

Recommended by industrial vendors like Siemens, NXLog Enterprise Edition offers log collection over critical systems, including those with real-time operation demands such as power automation facilities and digital power substations.

Sea port infrastructure generates numerous logs that have to be analyzed promptly. NXLog Enterprise Edition offers the best-on-the-market event processing, filtration, and normalization engine that allows you to remove log noise and increase the overall performance of the security platform (SIEM/SOAR) it feeds while saving costs by reducing number of events to be ingested (EPS).

Autonomous log collection pipelines, powered by NXLog, allows you to streamline the integration of new and legacy port systems into a robust security events management process required by maritime regulations.

GET STARTED TODAY:
CONTACT US Our experts are happy to help REQUEST A FREE TRIAL Give NXLog Enterprise Edition a try GET PRICING Request a quote

NXLog Ltd. develops multi-platform log collection tools that support many different log sources, formats, transports, and integrations. The tools help administrators collect, parse, and forward logs so they can more easily respond to security issues, investigate operational problems, and analyze event data. NXLog distributes the free and open source NXLog Community Edition and offers additional features and support with the NXLog Enterprise Edition.

This document is provided for informational purposes only and is subject to change without notice. Trademarks are the properties of their respective owners.

  • maritime regulations
  • compliance
Share

Facebook Twitter LinkedIn Reddit Mail
Related Posts

How a centralized log collection tool can help your SIEM solutions
5 minutes | April 1, 2020
DNS Log Collection on Windows
9 minutes | May 28, 2020
GDPR compliance and log data
10 minutes | September 23, 2022

Stay connected:

Sign up

Keep up to date with our monthly digest of articles.

By clicking singing up, I agree to the use of my personal data in accordance with NXLog Privacy Policy.

Featured posts

Announcing NXLog Manager 5.7
November 3, 2023
Announcing NXLog Enterprise Edition 6.1
October 20, 2023
Raijin announces release of version 1.3
October 6, 2023
Upgrading from NXLog Enterprise Edition 5 to NXLog Enterprise Edition 6
September 11, 2023
Announcing NXLog Enterprise Edition 6.0
September 11, 2023
The cybersecurity challenges of modern aviation systems
September 8, 2023
Raijin announces release of version 1.2
August 11, 2023
The Sarbanes-Oxley (SOX) Act and security observability
August 9, 2023
Log Management and PCI DSS 4.0 compliance
August 2, 2023
Detect threats using NXLog and Sigma
July 27, 2023
HIPAA compliance logging requirements
July 19, 2023
Announcing NXLog Enterprise Edition 5.9
June 20, 2023
Industrial cybersecurity - The facts
June 8, 2023
Raijin announces release of version 1.1
May 30, 2023
CISO starter pack - Security Policy
May 2, 2023
Announcing NXLog Enterprise Edition 5.8
April 24, 2023
CISO starter pack - Log collection fundamentals
April 3, 2023
Raijin announces release of version 1.0
March 9, 2023
Avoid vendor lock-in and declare SIEM independence
February 13, 2023
Announcing NXLog Enterprise Edition 5.7
January 20, 2023
NXLog - 2022 in review
December 22, 2022
Need to replace syslog-ng? Changing to NXLog is easier than you think
November 23, 2022
The EU's response to cyberwarfare
November 22, 2022
Looking beyond Cybersecurity Awareness Month
November 8, 2022
GDPR compliance and log data
September 23, 2022
NXLog in an industrial control security context
August 10, 2022
Raijin vs Elasticsearch
August 9, 2022
NXLog provides native support for Google Chronicle
May 11, 2022
Aggregating macOS logs for SIEM systems
February 17, 2022
How a centralized log collection tool can help your SIEM solutions
April 1, 2020

Categories

  • SIEM
  • STRATEGY
  • SECURITY
  • ANNOUNCEMENT
  • DEPLOYMENT
  • COMPLIANCE
  • COMPARISON
logo

Subscribe to our newsletter to get the latest updates, news, and products releases.

© Copyright 2023 NXLog Ltd.

PRIVACY POLICY TERMS OF USE

  • PRODUCTS
  • NXLOG ENTERPRISE EDITION
  • NXLOG COMMUNITY EDITION
  • NXLOG ADD-ONS
  • NXLOG MANAGER
  • NXLOG MINDER
  • RAIJIN DATABASE
  • MORE NXLOG
  • COMPARE SOLUTIONS
  • INDUSTRIES
  • INTERGRATIONS
  • FIND A RESELLER
  • PARTNER PROGRAM
  • RESOURCES
  • DOCUMENTATION
  • WHITE PAPERS
  • WEBINARS
  • CASE STUDIES
  • TUTORIALS
  • BLOG
  • COMMUNITY FORUM
  • ABOUT US
  • WHY NXLOG
  • CUSTOMERS
  • CAREERS
  • CONTACT US
  • DOWNLOADS
  • NXLOG ENTERPRISE EDITION
  • NXLOG COMMUNITY EDITION
  • NXLOG MINDER
  • NXLOG MANAGER
  • NXLOG ADD-ONS
  • RAIJIN DATABASE