Orbus Software & YVC unveil CriticalXI for maritime & aviation sectors
Orbus Software and Your Virtual CISO (YVC) have teamed up to launch a new service, CriticalXI. This new offering is specifically targeted at addressing the challenges that maritime and aviation ports face with impending changes to Australia's critical infrastructure and privacy acts.
Orbus and YVC's innovative solution, CriticalXI, allows Chief Information Officers, Chief Information Security Officers, and enterprise architects at airports and seaports to visualise their IT systems -- knowing what they have, where it resides, and the sensitivity of the data it contains. This knowledge helps apply appropriate risk management controls within their organisations and systems, particularly in light of the forthcoming changes to critical infrastructure legislation, including the SOCI ACT and the reinforcement of the Privacy Act.
Matthew Neale, CEO of YVC, has addressed the need for a tailored solution to help seaports and airports navigate specific challenges in this area. He commented, "The government is actively looking to make changes and widen the scope of critical infrastructure legislation - it's very much up in the air right now. Airports and seaports, specifically, are now under pressure to get their systems in order so they are ready for when the amendments come in."
Peter White, MD of APAC at Orbus Software, said, "Airports, seaports and power infrastructure will likely be mandated to adopt a risk management framework similar to the GDPR in the UK and Europe for data privacy controls, as well as to manage cyber risks." This adds another layer of challenge for this sector - managing their IT portfolios effectively. CriticalXI is developing a response to this, providing full visibility across supporting systems with business capability planning, application portfolio management, and technology portfolio management built on the OrbusInfinity platform.
With airports and seaports playing a dual role as critical infrastructure assets and service providers, any operational problems could be tremendously impactful. White reflected, "This is compounded by the fact they are often quite lean resource-wise. CriticalXI addresses this gap in the market with a tailored solution that is hard to find anywhere else."
Alongside the evolving legislative landscape, there are increasing geopolitical pressures necessitating the implementation of cybersecurity programs. Operational technology (OT) previously separated from or managed through the IT department is being incorporated into these programs. Organisations are starting to seek specialist cybersecurity resources that are versed in frameworks such as IEC62443 or NIST SP 800-82 to secure OT systems.
Matthew Neale of YVC added that adoption could be quicker among agile, smaller ports, while larger ports, due to their size, internal systems, and organisational complexity, might be slower to change. However, he believes that CriticalXI may potentially become an industry standard, aiding IT portfolio management and supporting implementation of recognised global and domestic risk management frameworks.