The Port Authority of Valencia (PAV) participated this morning in the conference “Innovation in Security Applied to Transport” organized by the IT Technological Institute (ITI).
José García de la Guía, systems director of the PAV, explained the needs of computer security in a key area such as the port of Valencia, as well as the challenges he faces in the cybersecurity area.
During the meeting, Garcia de la Guía has reviewed the main figures channeled through the three ports managed by the PAV (Valencia, Sagunto and Gandia) and stressed the need to maintain the highest security systems to ensure the protection of related data with the activity of the sites and the port community. In this sense, García de la Guía has explained the importance of cybersecurity for the Port Authority of Valencia as its transactional portal; ValenciaportPCS is one of the channels with the largest number of transactions in our country. Specifically, in 2016, 600 users of ValenciaportPCS exchanged more than 300 million messages, 170,000 declarations of dangerous goods and more than 10,000 docking authorizations through this portal.
Likewise, José García de la Guía explained that the Port Authority of Valencia is working hard to adapt to the new measures introduced in the state regulations to strengthen the protection of public administrations against cyber threats: the modification of the National Security Scheme and the updating of the National Plan for the Protection of Critical Infrastructures. To this end, in January 2016, the PAV awarded an amount of 145,000 euros to prepare an Information Security Plan that includes the definition and implementation of the Security Master Plan. This Plan, which is expected to run for 14 months, includes the
actions necessary to support the regulatory compliance that is applicable to the PAV: the official data protection law, the national security scheme or the national interoperability scheme, among others.
In addition, the PAV has launched a tender for 625,000 €, a project to provide it with the capacity to detect incidents of information security, mechanisms for managing and responding to such incidents, as well as the tools, exchange procedures and necessary services in order to provide an information security system with continuous management. It is planned that this project, which has an execution period of 42 months (6 of implantation and 36 of service) begins to be implemented in the month of September.