CORE-Observatory

Cooperation experiences of the Canada Border Services Agency, July 2012 (CORE2011)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: The Canada Border Services Agency (CBSA) has a dual mandate (1) to facilitate cross-border movements of cargo and people and (2) to protect security and safety of the Canadian people. The agency seeks to provide integrated border services, by closely cooperating with other Canadian border control agencies as well as with foreign customs administrations. The reviewed document is available for download here: Customs Cooperation Case Study for Canada.

[s2If is_user_logged_in()]

Full review: Forms of cooperation depend on needs of the partner agencies, but the cooperation typically includes:

  1. Participation in and cooperation with international organizations: CBSA participates and cooperates in various committees and working groups, especially as part of the WCO, WTO and Asia-Pacific Economic Cooperation.
  1. Technical Assistance and Capacity Building (TACB): The CBSA is an active contributor to least-developed countries and global capacity building such as the Columbus Programme from the WCO. CBSA´s TACB focuses on two areas: (i) senior decision makers seeking to modernize their border administration and (ii) technical level design for operational and field personnel.
  1. CBSA Liaison Officers: Canada has over 60 liaison officers in more than 40 countries around the world, who are in charge of cooperation-related tasks including training transport personnel and combating fraud.
  1. CBSA Science and Engineering Directorate (Lab): Multilaterally, the Lab helps to disseminate information and intelligence on new trends in critical areas including narcotics. Bilaterally, CBSA Lab expertise and best practices have contributed to contraband detection, while supporting multiple countries in exploiting new instruments and technologies.
  1. Customs Cooperation with the United States: After the September 11, 2001 event, Canada and US increased security and compliance measures that obviously slowed down cross-border trade and travel. To reduce such negative impacts, both countries signed the Smart Border Declaration in 2001, and engaged in the Security and Prosperity Partnership in 2005. The CBSA and the US Customs and Border Protection (CBP) developed the Framework for Co-operative Border Management, that aimed to enhance facilitation while maintaining security, and managing risk by dealing with threats as close to the point of origin as possible. Other US-Canadian cooperation forms have been developed with the objective of expanding and enhancing the benefits of trusted trader and traveller programs; coordinating investments in infrastructure and technology; simplifying business reporting requirements; enhancing screening of cargo and travellers at the perimeter to improve facilitation within the both countries; improving information sharing between both governments; and eliminating double inspections for air cargo and passenger baggage.

CORE2011

[/s2If]

Review on “MARITIME CRITICAL INFRASTRUCTURE PROTECTION – DHS Needs to Better Address Port Cybersecurity”, Report to the Chairman, Committee on Commerce, Science, and Transportation, U.S. Senate, United States Government Accountability Office, June 2014 (CORE1098)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , /by

CORE1098-Summary: Actions taken by the Department of Homeland Security (DHS) and two of its component agencies, the U.S. Coast Guard and Federal Emergency Management Agency (FEMA), as well as other federal agencies, to address cybersecurity in the maritime port environment have been limited. Report is available at: http://www.gao.gov/assets/670/663828.pdf

[s2If is_user_logged_in()]

Full review: While the Coast Guard initiated a number of activities and coordinating strategies to improve physical security in specific ports, it has not conducted a risk assessment that fully addresses cyber-related threats, vulnerabilities, and consequences. Coast Guard officials stated that they intend to conduct such an assessment in the future, but did not provide details to show how it would address cybersecurity. Until the Coast Guard completes a thorough assessment of cyber risks in the maritime environment, the ability of stakeholders to appropriately plan and allocate resources to protect ports and other maritime facilities will be limited.

Maritime security plans required by law and regulation generally did not identify or address potential cyber-related threats or vulnerabilities. This was because the guidance issued by Coast Guard for developing these plans did not require cyber elements to be addressed. Officials stated that guidance for the next set of updated plans, due for update in 2014, will include cybersecurity requirements. However, in the absence of a comprehensive risk assessment, the revised guidance may not adequately address cyber-related risks to the maritime environment.

The degree to which information-sharing mechanisms (e.g., councils) were active and shared cybersecurity-related information varied. Specifically, the Coast Guard established a government coordinating council to share information among government entities, but it is unclear to what extent this body has shared information related to cybersecurity. In addition, a sector coordinating council for sharing information among nonfederal stakeholders is no longer active, and the Coast Guard has not convinced stakeholders to reestablish it. Until the Coast Guard improves these mechanisms, maritime stakeholders in different locations are at greater risk of not being aware of, and thus not mitigating, cyber-based threats.

Under a program to provide security-related grants to ports, FEMA identified enhancing cybersecurity capabilities as a funding priority for the first time in fiscal year 2013 and has provided guidance for cybersecurity-related proposals. However, the agency has not consulted cybersecurity-related subject matter experts to inform the multi-level review of cyber-related proposals—partly because FEMA has downsized the expert panel that reviews grants. Also, because the Coast Guard has not assessed cyber-related risks in the maritime risk assessment, grant applicants and FEMA have not been able to use this information to inform funding proposals and decisions. As a result, FEMA is limited in its ability to ensure that the program is effectively addressing cyber-related risks in the maritime environment.

Why GAO Did This Study? U.S. maritime ports handle more than $1.3 trillion in cargo annually. The operations of these ports are supported by information and communication systems, which are susceptible to cyber-related threats. Failures in these systems could degrade or interrupt operations at ports, including the flow of commerce. Federal agencies—in particular DHS—and industry stakeholders have specific roles in protecting maritime facilities and ports from physical and cyber threats. GAO’s objective was to identify the extent to which DHS and other stakeholders have taken steps to address cybersecurity in the maritime port environment. GAO examined relevant laws and regulations; analyzed federal cybersecurity-related policies and plans; observed operations at three U.S. ports selected based on being a high-risk port and a leader in calls by vessel type, e.g. container; and interviewed federal and nonfederal officials.

What GAO Recommends? GAO recommends that DHS direct the Coast Guard to (1) assess cyber-related risks, (2) use this assessment to inform maritime security guidance, and (3) determine whether the sector coordinating council should be reestablished. DHS should also direct FEMA to (1) develop procedures to consult DHS cybersecurity experts for assistance in reviewing grant proposals and (2) use the results of the cyber-risk assessment to inform its grant guidance. DHS concurred with GAO’s recommendations.

Full citation:  “MARITIME CRITICAL INFRASTRUCTURE PROTECTION – DHS Needs to Better Address Port Cybersecurity”, Report to the Chairman, Committee on Commerce, Science, and Transportation, U.S. Senate, United States Government Accountability Office, June 2014.

CORE1098

Keywords: Maritime Security, Port Security, Cyber – Security, CBP U.S. – Customs and Border Protection, Coast Guard U.S., DHS-Department of Homeland Security, FEMA-Federal Emergency Management Agency, ISAC-information sharing and analysis center, IT-information technology, MTSA-Maritime Transportation Security Act of 2002, NIPP-National Infrastructure Protection Plan, AFE Port Act-Security and Accountability for Every Port Act of 2006, TSA-Transportation Security Administration

[/s2If]

Review on Consideration and Adoption of Amendments to the International Convention for the Safety of Life at Sea, 1974, International Maritime Organization (CORE1097)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: The International Ship and Port Facility Security (ISPS) Code sets new standards for security for ships at sea as well as port facilities around the world. It aims to make shipping activities more secure against threats of terrorism, piracy and smuggling. Security at sea has been a concern to governments, shipping lines, port authorities and importers and exporters for years. The terrorist attacks of September 11, 2001, however, provided the catalyst for formalizing tough new security measures. In December of 2002, the International Maritime Organization (IMO) a specialized agency of the United Nations (UN) organized a conference to discuss issues related to security at sea. At this conference, representatives from 150 nations (the Contracting Governments) participated in drafting amendments to the Safety of Life at Sea (SOLAS) Convention, and the ISPS Code was adopted. Changes to the SOLAS Convention include amendments to Chapters V and XI, and Chapter XI was divided into Chapters XI-1 and XI-2. The new Chapter XI-2 provides the umbrella ISPS regulations. The Code itself is divided into two parts. Part A presents mandatory requirements, Part B contains guidance regarding the provisions of Chapter XI-2 of the Convention and part A of the Code. Source document is available at: http://www.un.org/en/sc/ctc/docs/bestpractices/32.pdf

[s2If is_user_logged_in()]

Full review: The Code aims, among other things, to establish an international framework for co-operation between Contracting Governments, government agencies, local administrations and the shipping and port industries to detect security threats and take preventive measures against security incidents affecting ships or port facilities used in international trade and to establish relevant roles and responsibilities at the national and international level. ISPS provisions relating to port facilities relate solely to the ship/port interface. Also, ISPS provisions do not extend to the actual response to attacks or to any necessary clear-up activities after such an attack. In addition, for each ship and port authority affected, the ISPS Code requires:

  • The implementation of a Ship Security Plan (SSP),
  • The implementation of a Port Facility Security Plan (PFSP),
  • The appointment of a Ship Security Officer (SSO),
  • The appointment of a Company Security Officer (CSO),
  • The appointment of a Port Facility Security Officer (PFSO),
  • The installation of ship alarms, and
  • The installation of shipboard Automatic Identification Systems (AIS).

Enforcement Date: The ISPS Code went into effect on July 1, 2004.

Full citation:   Consideration and Adoption of Amendments to the International Convention for the Safety of Life at Sea, 1974, International Maritime Organization. SOLAS/CONF.5/32. 12 December 2002

CORE1097

Keywords: Maritime Security, Port Security, Ship Security Plan (SSP), Port Facility Security Plan (PFSP), Ship Security Officer (SSO), Port Facility Security Officer (PFSO), International Maritime Organization (IMO), Safety of Life at Sea (SOLAS).

[/s2If]

Review “Roadmap to a Single European Transport Area – Towards a competitive and resource efficient transport system” [COM (2011) 144 final] (CORE1029).

/0 Comments/in /by

Summary: In this White Paper, the Commission sets out to remove major barriers and bottlenecks in many key areas across the fields of transport infrastructure and investment, innovation and the internal market. The aim is to create a Single European Transport Area with more competition and a fully integrated transport network which links the different modes and allows for a profound shift in transport patterns for passengers and freight. To this purpose, the roadmap puts forward 40 concrete initiatives for the next decade, explained in detail in the Commission Staff Working Document accompanying the White Paper. It has some background relevance for CORE, as it proposes initiatives to build a competitive transport system that will preserve mobility, remove major barriers in key areas and fuel growth and employment. Original files are coded CORE1029, in the CORE e-library.
Read more