The Path to Enhanced Cyber Risk Management – Port Authority of New York and New Jersey (PANYNJ) and Claroty

As one of the largest transportation agencies in the United States, the Port Authority of New York and New Jersey (PANYNJ) manages a vast network of critical infrastructure. This includes several major international airports, multiple bridges and tunnels, a major maritime port complex, an extensive commuter train system, a major bus terminal, and the World Trade Center complex.

The emergent OT threat environment, coupled with unexamined vulnerabilities in the Agency’s OT architecture, created a new sense of urgency to identify, isolate, and manage their OT cyber risks. The challenge became clear and immediate: design, then either buy, or build an OT-specific security platform that would support multiple program initiatives for securing this technology environment.

To address these challenges, the PANYNJ embarked on a comprehensive search for a versatile platform specifically designed and engineered for OT and able to handle complex challenges like the convergence of IT and OT. Their “wish list” was extensive—a platform that not only provides robust threat detection, vulnerability management, and secure remote access but can also be extended to other areas of the NIST CSF collection of 108 cybersecurity controls that the PANYNJ was measured against in previous external risk assessments.

With the assistance of a tailored and adaptable enterprise-grade solution like Claroty, PANYNJ has successfully designed, procured, engineered, deployed, and consequently achieved, maintained, and enhanced its OT risk management position by ensuring safer and more resilient critical infrastructural services. Going forward, PANYNJ recommends that organizations operating in similar scenarios embrace digital transformation securely by opting for robust, comprehensive platforms that provide visibility, control, and protection for their ICS networks.