Smoother Sailing

Port, vessel operators need to meet challenges of complying with ISPS, other regulations

The maritime industry is clearly one of the most powerful drivers of international commerce and economic vitality in the world. The statistics are astounding, including a worldwide fleet of nearly 11 million marine containers, a transportation cargo unit that can hold up to 500 computer monitors.

The European Union, which is the main trading partner for two-thirds of the world, exports and imports more than EUR 1,000 billion a year. The global ocean-liner shipping industry owns approximately $155 billion in vessels, containers, marine terminals and other direct operating assets in service around the world. Almost 16 million Americans work in port-related jobs, producing $210 billion in federal, state and local taxes annually.

A Global Shift
Security in the maritime industry has seen major changes since Sept. 11, 2001. Two months after 9/11, the International Maritime Organization agreed to develop new measures for enhancing the security and safety of ships and ports. By December 2002, the IMO had defined and ratified its comprehensive approach as the International Code for the Security of Ships and of Port Facilities (ISPS).

The ISPS code’s primary objective is to establish a framework for IMO’s contracting governments to cooperate in taking preventive measures against security and safety threats that could affect the maritime industry. ISPS also outlines a methodology for ports and vessel operators to assess their levels of security risk and describes mandates they must fulfill to comply. As required by ISPS, contracting IMO governments have begun to pass legislation that mirrors the new code’s requirements and compliance deadlines.

In the United States, the Coast Guard, working with government agencies such as the Department of Homeland Security, is responsible for monitoring compliance at ports and on vessels.

The ISPS Requirements
ISPS requires companies and agencies involved in maritime trade implement an unprecedented range of security and safety measures. For many port and vessel operators, the process of installing security systems that comply with the new requirements will continue to be a daunting task. Three of the industry concerns are the following:

The high cost of compliance. Although contracting governments are obligated to help fund the costs of added security in their countries, the financial burden of installing new equipment, training people and managing new security systems ultimately rests with port and vessel operators. For many operators, the question of how they will fund the high costs of compliance is the single biggest concern they have with the legal requirements.

Best efforts may not be not good enough. Never before have port and vessel operators been required to comprehensively assess security needs and implement a plan for reliably reducing security and safety risks. For these operators, the process of outlining and implementing an effective plan that both meets regulatory requirements and stays within the limits of their operational cost structure may be a challenge they are unable to fulfill, despite their best efforts.

Minimal compliance. It is likely that many ports and vessels will try their luck, waiting to see what actions enforcement agencies take with others who are noncompliant before deciding to make a full commitment to security and safety. While some may slip through the cracks for a time, most who fail to comply face stiff fines and lost business opportunities from boycotts by other ships and ports.

Conventional Security
The face of security and safety at ports has changed little during the last century. Almost all conventional security and safety systems available continue to be built around the same four fundamental characteristics that such systems have shared for decades.

Typically, these characteristics result in systems that are unreliable at promoting security and safety and are difficult and costly for the average business and government agency to implement and manage. These four characteristics of conventional security are the following:

Security-specific. Most conventional security and safety systems work in a vacuum, separate from other business processes. These systems in no way enhance business productivity or otherwise assist managers.

Paper-based. Conventional security systems typically rely on paper forms of ID, such as driver’s licenses and Social Security cards, to verify the identity of people seeking access to secure areas of a facility. Paper forms of ID—which colleagues can share and criminals can steal or forge—are inherently unreliable. The process of screening paper-based IDs typically requires recording data by writing it down or making photocopies—a timeconsuming process that risks infringing on privacy rights.

People-driven. In order to screen paper forms of ID and track the movement of individuals throughout a facility, an organization needs security personnel. Security personnel are often difficult to train, costly to hire and undependable.

Point-oriented. Conventional security systems are designed to secure specific points or areas of concern at a facility. Specific points include cargo, entrances to a vessel and equipment. Because conventional approaches focus on specific points, one facility may have several disparate security systems serviced by different vendors.

For instance, a CCTV system installed by one vendor for monitoring cargo may work independently of an access-control system installed by another vendor for granting access to truckers who transport cargo. A facility that relies on point-based solutions is inefficient, poorly accommodates change in security needs and can quickly become unmanageable.

For certain applications, conventional security systems that use decentralized paper- and people-based systems may be an effective, if not optimal, approach for promoting reliable security and business efficiency. The manager of a small corporate office with a couple dozen employees and a handful of daily visitors may determine that hiring a security guard or two to screen building badges suffices for the company’s security needs.

Managing People, Openings and Assets
In the complex world of maritime trade, a system of security that relies on paper and people to track, manage and monitor vulnerable assets is both inefficient and undependable. Instead, ports need to integrate the security and safety requirements for every element and activity that takes place at a facility. These elements and activities may be categorized as people, openings and assets.

For instance, a ship’s openings include the engine control room, electrical control/ equipment room, cargo storage area, bridge and steering gear room. A port’s people include longshoremen, crew, administrators, maintenance workers and truck drivers. Assets for both a port and vessel may include the vessels, equipment, vehicles, containers and cargo.

Ports need to link people, openings and assets through a connected IT infrastructure based on an expandable, open architecture. Data is generated through the power of electronics—access cards with electronic codes or biometric identifiers replacing paper IDs and significantly reducing the number of security personnel required for screening.

By using an open architecture, a port’s system will easily accommodate the addition of new security applications—for example, a remote-monitoring system— as modules to a shared database.

A Better Mousetrap
The result is a highly reliable system that coordinates remote monitoring, access control, time and attendance, CCTV surveillance, and other technologies and processes designed to secure a facility. As a result, a typical port and vessel could enhance security and safety while promoting efficiencies. The following are some key applications to consider:

Track crew at ports of call. Under ISPS, vessels must maintain and manage records showing the last five ports each crew member visited. While a conventional security system using paper-based tracking systems would be hard-pressed to fulfill this challenge, ports can leverage time and attendance with access control technologies to easily generate the required information.

Verify truckers. Likewise, ports need to screen truckers. By using biometric readers with smart-card chips, the two largest ports in Europe—Rotterdam, The Netherlands, and Antwerp, Belgium— have implemented a fast method of identifying drivers, avoiding costly transport delays and ensuring the highest security.

The hand geometry template has only nine digits, leaving plenty of room on the smart-card chip for additional information. At the entrance, drivers identify themselves by using their cards with the hand geometry reader. Scan information of the left hand is compared with the template information on the smart card. The drivers repeat the process upon leaving.

The biometrically enhanced smartcard system ensures that information cannot be manipulated or changed. Drivers do not have to remember specific information such as a PIN, the smart card cannot be transferred to other people and mistakes such as typing in incorrect ID numbers are impossible.

Automated response to different security levels. If an emergency or threat to security arises, the port’s system should be able to quickly adopt different levels of access control, such as might be defined according to different MARSEC levels, for authorized and unauthorized people.

For instance, in an emergency that requires people to exit a vessel quickly, all major exits would open rapidly and automatically. For another threat, the system may close certain exits or allow only people with specific authorization to pass.

Minimize costs for damage claims. Many port managers contend that their facilities are responsible for no more than one-third of the total cost they pay annually to settle claims for damaged containers. But they traditionally have not had a mechanism for proving their innocence. By facilitating the generation of easy-tonavigate reports and video clips that show at what time and location a container was harmed, the security system could minimize costs from unfair claims.

Identification cards. The IMO has called upon contracting governments to issue seafarer ID cards that can be used to verify someone to all personnel in the maritime transportation industry. In similar fashion, the United States is finalizing plans for a prototype phase of the Transportation Worker Identification Credential, an electronic smart card that contains coded information, such as biometric identifiers and bar codes, for 15 million U.S. transportation workers.

The Time to Act is Now
Conventional security and safety approaches are inadequate for the unique demands of a maritime environment. Port and vessel operators need to meet the challenges of complying with ISPS and other regulations. By creating an overall plan with an integrated, open architecture solution, port security systems can act as a foundation for accommodating a growing body of legislation and the industry’s increasing reliance on technology. Such an approach will help operators save costs now and in the future while ensuring that a port’s people, openings and assets are secure.

Featured

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

  • Access Control Technology

    As we move swiftly toward the end of 2024, the security industry is looking at the trends in play, what might be on the horizon, and how they will impact business opportunities and projections. Read Now

Featured Cybersecurity

Webinars

New Products

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3