Cargo Security Intelligence: Blueprint for Security

Original article from Cargo Security Intelligence , March 2014.

Port security is a complex, multi-faceted operation. Luke Ritter of Ridge Global explains how a security master plan provides the ground rules for safety and operational efficiency

Safe, secure, and competitive ports represent a cornerstone in the economic viability of all maritime nations. Ensuring business continuity, reinforcing customer confidence and facilitating normal trade functions are priorities for maritime security professionals. International trade and individual market decisions are influenced by security, and the ability to offer a safe and secure commercial environment is a ‘mission critical’ component in any port’s commercial success. Port security professionals are faced with a difficult dilemma: finding the right balance between effective security measures and efficient movement of cargo. A Port Security Master Plan can help establish and maintain this balance between security and efficiency.

Stakeholders throughout the maritime industry must be prepared to respond to significant natural and man-made hazards. The potential benefit in developing and implementing a Port Security Master Plan has never been greater, primarily because the threats to the vital functions that drive port operations have never been greater. Risk to critical maritime assets cannot be eliminated – but a master plan can provide an excellent return on investment as it contributes to the process of avoiding, minimizing or, in the worst cases, simply surviving the impact of a security event. Balancing priorities in security and efficiency is a complicated challenge. A port security solution that enables freight to flow totally unencumbered, but lacks the appropriate protections, is no more attractive than a solution that includes inefficient and restrictive security measures and choke points. Effective implementation of an aggressive Port Security Master Plan can ultimately lead to increased productivity, an enhanced competitive posture, accelerated business development, increased trade revenues as well as growth in income and employment within the local economy.

Master plans provide an initial baseline for establishing high-level security policies, plans and procedures, but they also serve as a comprehensive guideline for overall risk management activity on a daily basis. The characteristics detailed below are routinely used as a basic framework for strategic development. They can serve as a framework to develop a Port Security Master Plan. Guiding an organization from its current ‘As Is’ state, to the desired ‘To Be’ condition, requires port security professionals to consider these factors:

• Purpose, scope and methodology – why is the master plan needed, what is the scope, and how will it be developed? (hierarchy of requirements)

• Problem definition and risk assessment – what are the particular challenges and threats that the master plan will focus on? (challenges and threats)

• Organizational roles, responsibilities, and coordination – who will be implementing the master plan, who is responsible for doing what, and how will they coordinate? (objectives and oversight)

• Integration and implementation – how will the master plan work with existing operations, and how will it be implemented? (action plan)

• Resources, investments and project risk – what resources and investments are needed, what will they cost, and what is required to minimize project risk? (program/project management).

Additionally, port security planners must consider the fundamental elements of effective port security. These elements, which serve as a ‘tool set’ to manage port security risks, are: assessments and plans; access control; cargo scanning; loss prevention; surveillance and monitoring; command, control and communications; staffing, training and exercises. The best strategies build security and resiliency into overall business operations from the beginning, rather than attempting to ‘bolt it on’ once operational parameters have already been established. By working closely with operations professionals, and using an established security Concept of Operations [CONOPS], security professionals can mitigate risks without impeding the flow of freight. Ultimately, security master planners must rely on an accurate and fully vetted CONOPS to drive the implementation of realistic, cost effective, and business focused strategic security objectives.

Establishing the security CONOPS requires that all at-risk and vital targets are identified, vulnerability assessments are conducted, documented, and standardized, threats are assessed, and current risk mitigation capabilities and requirements are understood. Modern security professionals are often required to develop security strategies as well as ‘sell’ those strategies and associated programs to stakeholders. Achieving ‘buy-in’ for security initiatives usually results in greater overall support and consequently translates to improved implementation effectiveness. Balancing port security and efficiency is not a zero sum game. There is no precise balance between the two, and it is not accurate to assume that maritime professionals must trade a pound of efficiency for a pound of security. On the contrary, a successful port operation is one where all stakeholders can confidently operate in an environment where cargo is being moved both efficiently, and securely.

When developing a master plan, security managers should consider strategic objectives that have proved to be effective in the past:

• Prevent and mitigate disruptive events through increased domain awareness. The ability to recognize and then mitigate emerging threats, both natural and man-made, can be enhanced through a variety of initiatives. Waterside surveillance systems, video analytics engines, access control systems, credentialing programs and decision support tools can significantly enhance risk management functions.

• Develop and sustain a culture of security and preparedness. Making certain that a port’s security strategy includes clear, unambiguous guiding principles and objectives will contribute significantly towards cultivating a security culture. In order to focus resources on the most relevant security challenges, managers must guide their enterprises away from the notion that security spending is only an expense to be minimized. To develop a culture of security, master plans should support security initiatives as an investment, not an expense.

• Leverage technology to enhance and optimize security posture. Positioning a port to take advantage of all available technology resources, including emergent breakthrough solutions, provides security managers with open access to critical resources that can have a force multiplier effect.

• Protect lives, critical infrastructure and key resources through training and exercises. Training and exercise programs continue to provide a good return with regard to risk mitigation in the maritime environment. Developing a standard training program, based on port security best practices, is key to optimizing security posture and increasing security awareness.

• Enhance the ability to respond to and recover from a security incident. Risk cannot be eliminated, only managed, and no security program is foolproof. Port security command and control centers, data management and information sharing capabilities, and technology tools that facilitate decision making all contribute towards the response and recovery process.

• Commit to continuous, incremental improvement to meet an adaptive threat. Planning and security initiatives should be managed on a continual basis. Port security professionals should aggressively pursue investments and initiatives that optimize their security posture and provide a return on investment. An effective master plan also requires that existing security capabilities and resources are directly aligned with strategic objectives. Participation and buy-in from relevant stakeholders is essential. By focusing on continual, incremental improvement, any port can develop a solid foundation for responding to maritime threats. Ports will always be critically important economic engines and vital linkages for the worldwide economy. The growing interconnection of transportation infrastructure has created a dynamic, flexible, and innovative force that underpins global commerce. Because ports are critical assets, they also represent an attractive target to those who are committed to destroying global independence and prosperity.

A Heritage Foundation research project recently pointed out that: ‘The challenges for maritime security are complex and growing. Addressing vulnerabilities, ensuring access to the maritime domain, and maintaining economic competitiveness…will be no easy task. The strategic nature of the challenge requires a strategic response.’

Once developed, a Port Security Master Plan serves as a blueprint to manage all the diverse elements that are included in a comprehensive port security solution. Effective master plans publish all of the related, high-level guidance that is required to drive implementation functions at the port, and to establish an ‘economy of actions’. They provide a documented path to optimize security management. For existing operations, a master planning project will evaluate the status quo and provide guidance for re-engineering sub-optimal security processes. For new operations, a master plan establishes the foundational security parameters for all port stakeholders.

Strategic planning offers the potential to release the true latent power that exists, within the maritime community, to invest in security initiatives that strengthen the global supply chain. By establishing a Port Security Master Plan that is focused on continual, incremental improvement, security professionals can mitigate risk and facilitate the free flow of commerce.

Luke Ritter is Executive VP at Ridge Global, an international management consulting firm founded by the Hon. Tom Ridge, the first US Secretary of Homeland Security. Ritter leads the transportation security and risk management practices, which include the Flag Bridge maritime consulting team. Email: maritime@ridgeglobal.com/Web: www.ridgeglobal.com

For more information about Cargo Security Intelligence, visit: http://www.cargosecurityintelligence.com/