Smoother Sailing

Port, vessel operators need to meet challenges of complying with ISPS, other regulations

The maritime industry is clearly one of the most powerful drivers of international commerce and economic vitality in the world. The statistics are astounding, including a worldwide fleet of nearly 11 million marine containers, a transportation cargo unit that can hold up to 500 computer monitors.

The European Union, which is the main trading partner for two-thirds of the world, exports and imports more than EUR 1,000 billion a year. The global ocean-liner shipping industry owns approximately $155 billion in vessels, containers, marine terminals and other direct operating assets in service around the world. Almost 16 million Americans work in port-related jobs, producing $210 billion in federal, state and local taxes annually.

A Global Shift
Security in the maritime industry has seen major changes since Sept. 11, 2001. Two months after 9/11, the International Maritime Organization agreed to develop new measures for enhancing the security and safety of ships and ports. By December 2002, the IMO had defined and ratified its comprehensive approach as the International Code for the Security of Ships and of Port Facilities (ISPS).

The ISPS code’s primary objective is to establish a framework for IMO’s contracting governments to cooperate in taking preventive measures against security and safety threats that could affect the maritime industry. ISPS also outlines a methodology for ports and vessel operators to assess their levels of security risk and describes mandates they must fulfill to comply. As required by ISPS, contracting IMO governments have begun to pass legislation that mirrors the new code’s requirements and compliance deadlines.

In the United States, the Coast Guard, working with government agencies such as the Department of Homeland Security, is responsible for monitoring compliance at ports and on vessels.

The ISPS Requirements
ISPS requires companies and agencies involved in maritime trade implement an unprecedented range of security and safety measures. For many port and vessel operators, the process of installing security systems that comply with the new requirements will continue to be a daunting task. Three of the industry concerns are the following:

The high cost of compliance. Although contracting governments are obligated to help fund the costs of added security in their countries, the financial burden of installing new equipment, training people and managing new security systems ultimately rests with port and vessel operators. For many operators, the question of how they will fund the high costs of compliance is the single biggest concern they have with the legal requirements.

Best efforts may not be not good enough. Never before have port and vessel operators been required to comprehensively assess security needs and implement a plan for reliably reducing security and safety risks. For these operators, the process of outlining and implementing an effective plan that both meets regulatory requirements and stays within the limits of their operational cost structure may be a challenge they are unable to fulfill, despite their best efforts.

Minimal compliance. It is likely that many ports and vessels will try their luck, waiting to see what actions enforcement agencies take with others who are noncompliant before deciding to make a full commitment to security and safety. While some may slip through the cracks for a time, most who fail to comply face stiff fines and lost business opportunities from boycotts by other ships and ports.

Conventional Security
The face of security and safety at ports has changed little during the last century. Almost all conventional security and safety systems available continue to be built around the same four fundamental characteristics that such systems have shared for decades.

Typically, these characteristics result in systems that are unreliable at promoting security and safety and are difficult and costly for the average business and government agency to implement and manage. These four characteristics of conventional security are the following:

Security-specific. Most conventional security and safety systems work in a vacuum, separate from other business processes. These systems in no way enhance business productivity or otherwise assist managers.

Paper-based. Conventional security systems typically rely on paper forms of ID, such as driver’s licenses and Social Security cards, to verify the identity of people seeking access to secure areas of a facility. Paper forms of ID—which colleagues can share and criminals can steal or forge—are inherently unreliable. The process of screening paper-based IDs typically requires recording data by writing it down or making photocopies—a timeconsuming process that risks infringing on privacy rights.

People-driven. In order to screen paper forms of ID and track the movement of individuals throughout a facility, an organization needs security personnel. Security personnel are often difficult to train, costly to hire and undependable.

Point-oriented. Conventional security systems are designed to secure specific points or areas of concern at a facility. Specific points include cargo, entrances to a vessel and equipment. Because conventional approaches focus on specific points, one facility may have several disparate security systems serviced by different vendors.

For instance, a CCTV system installed by one vendor for monitoring cargo may work independently of an access-control system installed by another vendor for granting access to truckers who transport cargo. A facility that relies on point-based solutions is inefficient, poorly accommodates change in security needs and can quickly become unmanageable.

For certain applications, conventional security systems that use decentralized paper- and people-based systems may be an effective, if not optimal, approach for promoting reliable security and business efficiency. The manager of a small corporate office with a couple dozen employees and a handful of daily visitors may determine that hiring a security guard or two to screen building badges suffices for the company’s security needs.

Managing People, Openings and Assets
In the complex world of maritime trade, a system of security that relies on paper and people to track, manage and monitor vulnerable assets is both inefficient and undependable. Instead, ports need to integrate the security and safety requirements for every element and activity that takes place at a facility. These elements and activities may be categorized as people, openings and assets.

For instance, a ship’s openings include the engine control room, electrical control/ equipment room, cargo storage area, bridge and steering gear room. A port’s people include longshoremen, crew, administrators, maintenance workers and truck drivers. Assets for both a port and vessel may include the vessels, equipment, vehicles, containers and cargo.

Ports need to link people, openings and assets through a connected IT infrastructure based on an expandable, open architecture. Data is generated through the power of electronics—access cards with electronic codes or biometric identifiers replacing paper IDs and significantly reducing the number of security personnel required for screening.

By using an open architecture, a port’s system will easily accommodate the addition of new security applications—for example, a remote-monitoring system— as modules to a shared database.

A Better Mousetrap
The result is a highly reliable system that coordinates remote monitoring, access control, time and attendance, CCTV surveillance, and other technologies and processes designed to secure a facility. As a result, a typical port and vessel could enhance security and safety while promoting efficiencies. The following are some key applications to consider:

Track crew at ports of call. Under ISPS, vessels must maintain and manage records showing the last five ports each crew member visited. While a conventional security system using paper-based tracking systems would be hard-pressed to fulfill this challenge, ports can leverage time and attendance with access control technologies to easily generate the required information.

Verify truckers. Likewise, ports need to screen truckers. By using biometric readers with smart-card chips, the two largest ports in Europe—Rotterdam, The Netherlands, and Antwerp, Belgium— have implemented a fast method of identifying drivers, avoiding costly transport delays and ensuring the highest security.

The hand geometry template has only nine digits, leaving plenty of room on the smart-card chip for additional information. At the entrance, drivers identify themselves by using their cards with the hand geometry reader. Scan information of the left hand is compared with the template information on the smart card. The drivers repeat the process upon leaving.

The biometrically enhanced smartcard system ensures that information cannot be manipulated or changed. Drivers do not have to remember specific information such as a PIN, the smart card cannot be transferred to other people and mistakes such as typing in incorrect ID numbers are impossible.

Automated response to different security levels. If an emergency or threat to security arises, the port’s system should be able to quickly adopt different levels of access control, such as might be defined according to different MARSEC levels, for authorized and unauthorized people.

For instance, in an emergency that requires people to exit a vessel quickly, all major exits would open rapidly and automatically. For another threat, the system may close certain exits or allow only people with specific authorization to pass.

Minimize costs for damage claims. Many port managers contend that their facilities are responsible for no more than one-third of the total cost they pay annually to settle claims for damaged containers. But they traditionally have not had a mechanism for proving their innocence. By facilitating the generation of easy-tonavigate reports and video clips that show at what time and location a container was harmed, the security system could minimize costs from unfair claims.

Identification cards. The IMO has called upon contracting governments to issue seafarer ID cards that can be used to verify someone to all personnel in the maritime transportation industry. In similar fashion, the United States is finalizing plans for a prototype phase of the Transportation Worker Identification Credential, an electronic smart card that contains coded information, such as biometric identifiers and bar codes, for 15 million U.S. transportation workers.

The Time to Act is Now
Conventional security and safety approaches are inadequate for the unique demands of a maritime environment. Port and vessel operators need to meet the challenges of complying with ISPS and other regulations. By creating an overall plan with an integrated, open architecture solution, port security systems can act as a foundation for accommodating a growing body of legislation and the industry’s increasing reliance on technology. Such an approach will help operators save costs now and in the future while ensuring that a port’s people, openings and assets are secure.


  • Report: GenAI Drives 1,760% Surge in Business Email Compromise Attacks

    A report recently published by Perception Point, a provider of advanced email and workspace security solutions, has identified a 1,760% year-on-year increase in social engineering-based Business Email Compromise (BEC) attacks over the course of 2023. Read Now

  • Survey: Less Than Half of IT Leaders are Confident in their IoT Security Plans

    Viakoo recently released findings from its 2024 IoT Security Crisis: By the Numbers. The survey uncovers insights from IT and security executives, exposes a dramatic surge in enterprise IoT security risks, and highlights a critical missing piece in the IoT security technology stack. The clarion call is clear: IT leaders urgently need to secure their IoT infrastructure one application at a time in an automated and expeditious fashion. Read Now

  • ASIS International and SIA Release “Complexities in the Global Security Market: 2024 Through 2026”

    ASIS International and the Security Industry Association (SIA) – the leading security associations for the security industry – have released ”Complexities in the Global Security Market: 2024 Through 2026”, a new research report that provides insights into the equipment, technologies, and employment of the global security industry, including regional market breakouts. SIA and ASIS partnered with global analytics and advisory firm Omdia to complete the research. Read Now

  • President Biden Issues Executive Order to Bolster U.S Port Cybersecurity

    On Wednesday, President Biden issued an Executive Order to bolster the security of the nation’s ports, alongside a series of additional actions that will strengthen maritime cybersecurity and more Read Now

Featured Cybersecurity


New Products

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge. 3

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles. 3

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises. 3