XM Cyber Case Studies Securing IT Infrastructure of Europe’s Largest Seaports: A Case Study of Hamburg Port Authority
Edit This Case Study Record
XM Cyber Logo

Securing IT Infrastructure of Europe’s Largest Seaports: A Case Study of Hamburg Port Authority

XM Cyber
Cybersecurity & Privacy - Network Security
Platform as a Service (PaaS) - Application Development Platforms
Construction & Infrastructure
National Security & Defense
Cybersecurity
Tamper Detection
Cybersecurity Services

The Hamburg Port Authority (HPA), responsible for managing all harbor-related infrastructure for the city of Hamburg, faced significant challenges in securing its vast IT infrastructure. This infrastructure included 350 kilometers of fiber cable, 850 routers and switches, 500 servers in two data centers, and thousands of computers and smartphones running over 600 applications across 63 separate locations. The HPA IT managers identified several security challenges, including over 100 local administrators managing applications without support or follow-up, applications without a designated owner responsible for security or lifecycle management, and a flat network structure focused more on performance and flexibility than security. Additionally, HPA workers were not optimally aware of best security practices, leading to concerns about unidentified network exposures.

Read More

The Hamburg Port Authority (HPA) is a local governmental agency that manages all harbor-related infrastructure for the city of Hamburg, Germany. This includes streets and bridges, railways, and water infrastructure. The HPA oversees one of Europe's largest and busiest seaports, which is a key trade lane connecting Eastern Europe to the rest of the world. The port provides over 150,000 jobs and processes more than 135 million tons of cargo with an annual 9 million TEU capacity, expected to double by 2025.

Read More

To address these challenges, HPA partnered with XM Cyber, a global leader in Attack Path Management. They implemented XM Cyber’s Attack Path Management Platform to identify and address security issues on a day-to-day basis. The platform provided HPA with a more comprehensive view of their overall security posture, identifying issues such as unsecured databases, missing patches, and unsecured test machines. The platform's attack-centric risk analysis identified domain credential issues as a significant security challenge. To address this, HPA IT leaders reduced the number of domain admins and streamlined the use of different accounts for separate needs. XM Cyber’s professional services team provided support in analyzing and finding the best possible solutions for issues HPA was unsure about.

Read More

The implementation of XM Cyber’s Attack Path Management Platform resulted in a more secure IT infrastructure for HPA. The platform provided HPA leaders with deeper visibility into vulnerabilities and changes across their entire IT infrastructure. The real data contextualization of exploits and continuous, automated protection allowed for the surfacing of security issues that would normally require numerous manual steps to discover. The risk-free attack simulations conducted in production enabled HPA leaders to run tests without the risk of disruption, a critical attribute in port operations where a small error can have significant real-world repercussions. The platform's focus on the one percent of IT and security operations that represent the greatest threat effectively eliminated 99% of HPA's cyber risk.

The platform identified several security issues, leading to immediate remediation efforts.

The number of domain admins was significantly reduced to address domain credential issues.

The platform's continuous, automated protection surfaced security issues that would normally take dozens of manual steps to discover.

Download PDF Version
test test