Posts

Nothing Found

Sorry, no posts matched your criteria

CORE-Observatory

C-TPAT Best Practices Catalog Addendum, 2009 (CORE1031)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: This addendum document lists cargo security best practices with focus on prevention of weapons of mass effect, terrorists, and/or contraband from infiltrating into the international supply chain. Each best practice is linked to a specific business entity, such as a Manufacturing Company, a Highway Carrier, an Importer or a Foreign Consolidator but these may apply to other business types as well. The document is available at: https://www.cbp.gov/sites/default/files/documents/ctpat_bpa_2009_0.pdf (link tested on 3 March 2016)

[s2If is_user_logged_in()]

Full review: The best practices are outlined as follows:

Risk assessment: Programs are in place to enable the identification of the most vulnerable supply chain areas, to grade suppliers supply chain security criteria. Specific processes have been developed to manage the supplier’s products, software and services and internal monitoring systems to enhance the safety and security procedures.

Business partner requirements: Several security measures have been taken by entities. These include conducting supply chain security audits to ensure compliance of non-C-TPAT business partners; carrying out security audits of a foreign manufacturer; making security self-assessments, conducting onsite inspections to ensure freight security; shipping cargo only through accredited ports and steamship lines; monitoring compliance of manufacturing facilities; screening procurements to identify ineligible status of suppliers, and performing audits of business partners.

Conveyance/Container/Trailer Security: Examples of such security practices are: integrating special security features in the GPS (global positioning system); using laser beams to protect trailers; using colour codes for matching consignments; installing infrared sensors in docks to prevent unauthorized access; using special codes to identify correct shipments; documenting all seal changes for shipments in transit; ensuring delivery by authorized Company drivers; sealing containers; operating through C-TPAT carriers; using only “seaworthy” containers; installing in-transit temperature data sensors to ensure product quality; enclosing container storage area; conducting non-intrusive inspection prior to loading a vessel; establishing specific inspection points; using multiple security devices on each container; using automated container yards; instructing foreign suppliers to provide inspection checklists; using dock locking arms for container storage; installing motion sensors in a trailer; operating through contracted highway carriers and security services; documenting a seal destruction policy, and so forth.

Physical Access Controls: Some practices by Importers include establishing multiple security stations within the building; using metal detectors for employees; installing an electronic swipe card/ lock box systems for access control for sensitive documents; conducting electronic scanning of visitors’ drivers licenses; utilizing a third-party software system to manage key inventory; and providing panic buttons for company employees.

Physical Security: Several innovative solutions have been designed to ensure physical security, such as electronically closing gates and activating tire puncturing devices to prevent vehicle exits; using an electronic security information reporting system, installing invisible electronic fences; installing laser sensors; setting up optical light beams to detect intruders; fitting double locks on doors; Installing infrared sensors on fences; using body alarm functions for emergencies; appointing patrolling guards, using multiple glass meeting rooms; using multiple interior infrared security alarm beams to detect unauthorized access; and installing security guard view towers.

Personnel Security: An Importer requires business partners to provide a monthly master list of employees and immediately notify when their employees are hired or terminated, in order to ensure that only authorized business partner’s employees enter the manufacturing facilities.

Security Training/Threat Awareness/Outreach: Business entities have invested in a wide range of training programs. One such initiative is the four-tier C-TPAT training targeted for management and supervisors, shipping and receiving personnel, internal personnel dealing with contractors and hourly staff. Other businesses use different approaches, like establishing an online training portal;; offering general security training and of site-specific training for security guards; issuing security advisories; making regular security awareness assessments; establishing a situation matrix chart to address possible incidents; establishing a direct communication channel between the president of the company and employees; putting in place a toll free hotline for company personnel; conducting security drills and exercises; establishing a web-based security awareness training; documenting security incidents in a central database; and establishing a global communication system to contact all employees and contractors remotely.

Procedural Security: Instances of this type of security measures include a bio-thermal intrusion alarm system; a global SAP network to generate all written orders for import and export; automatic screening procedures of purchase orders for restricted parties; lock boxes for sensitive documentation; an automated loading module called the Automatic Truck Loading System (ATLS); a container seal number as the shipment tracking (invoice/bill of lading) number, and so forth.

Information Technology (IT) Security: Such security practices include a biometric fingerprint door lock; a remote data backup center; a retina scanning system for access to the computer system; requiring supervisory approval to copy data; use of electronic password protected purchase orders; establishing a daily “e-test” for employees to access computers, and so forth.

CORE1031

[/s2If]

CEN Supply Chain Security — Good Practice Guide for Small and Medium Sized Operators, 2012 (CORE1030)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: This is a guidance document for small and medium sized enterprises, SMEs. on how to apply a supply chain security approach to their operations in order to mitigate the risk of criminal activities. It gives an overview of the main crime types occurring in the supply chain along with some countermeasures, as well as the supply chain security initiatives, and the compliance requirements thereof. The document is available for purchase e.g. at:   http://shop.bsigroup.com/ProductDetail/?pid=000000000030258778  (link tested on 3 March 2016)

[s2If is_user_logged_in()]

Full review: The recommended supply chain strategy rests on a six-step approach. The first step is to define a context for the supply chain, crime prevention and security management activities taking into consideration the security sensitiveness, the geography and transport modes, and the main stakeholders involved in the supply chain operation. The second step is to make a threat and vulnerability analysis with regard to terrorist and other criminal threats in the supply chain. The main criteria included are the gaps existing in enhanced security, the high-risk crime types, and the potential consequences of crime occurrences. The third step covers the regulatory framework, the major aspects being the regulations and programs required for successful business operations, expectations of customers and suppliers, requirements laid down by insurance providers, and relevant government authorities. The fourth step refers to an overall security plan, taking into account the physical security, data security, human resources security (including selection, training, and exit procedures), business partner security (including selection, and auditing), and process control and monitoring of deviations. The fifth step involves implementing into practice concrete security measures, investment in technologies, procurement of services, in-house solutions and so forth. The final step is to monitor and measure the security performance and take appropriate corrective actions.

Five supply chain crime types have been elucidated in this guide. These include:  Property theft (cargo theft, intellectual property breaches); targeted damage (terrorism, sabotage); cross-border duty and tax fraud; illegitimate transporting, exporting and/or importing (smuggling of prohibited and restricted goods, people smuggling); and crime facilitation (document forgery, bogus companies, cybercrime). For each crime type, the main focus should be on the issue (main features and typical sectors/products involved), scope of the problem and actions to mitigate risks.

This guidebook has chosen eight security initiatives for illustration purposes. It explains the context of each initiative, whom it is meant for, and some basic requirements and the implications. These are as follows:

  • Import Control System (ICS) in the EU (a systems tool meant for the lodging and processing of Entry Summary Declarations, and for the exchange of messages across national customs agencies, economic operators and the European Commission).
  • Export Control System (ECS) in the EU (introduces EU procedures to computerize and control indirect exports and to implement the EU safety and security regulations);
  • Maritime Security Legislation, International Ship and Port Facility Security (ISPS) Code in the EU (International regulations to ensure the security of maritime transportation are being issued by the International Maritime Organization, IMO, in the International Ship and Port Facility Security Code);
  • Aviation Security Legislation, Air Cargo Supply Chains in the EU (three categories of aviation security legislation exist in the EU- Framework regulation, supplementing regulations, and implementing regulations-all targeted towards civil aviation security).
  • European Union Authorized Economic Operator, EU AEO (operators involved in international trade of goods certified as complying with WCO or equivalent supply chain security standards);
  • Regulated agent, Known consignor and Account consignor in the EU (Specific “trusted trader” status existing in the European air cargo supply chains);
  • ISO 28000 Series of Standards on Supply Chain Security Management Systems (address potential security issues at all stages of the supply process, e.g. terrorism, fraud and piracy);
  • Transported Asset Protection Association (TAPA) in Europe (fighting cargo crime using real-time intelligence and the latest preventative measures).

CORE1030

[/s2If]

SUPPLY CHAIN SECURITY – Examinations of High- Risk Cargo at Foreign Seaports Have Increased, but Improved Data Collection and Performance Measures Are Needed, GAO, January 2008 (CORE1010)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: This report reviews the progress that the US Customs and Border Protection (CBP) has made with the Container Security Initiative (CSI) – a program for screening US-bound high-risk shipping containers in foreign ports with X-ray and radiation detection solutions – since the latest 2005 GAO review. The report discusses how the CBP’s CSI efforts have (1) contributed to the long-term, strategic planning on the US supply chain security, (2) strengthened CSI activities worldwide and (3) established means to evaluate performance of the CSI activities. The report recommends CBP to develop its data collection practices that are related to the CSI team performance and the host government’s inspections of the US-bound containers. This report provides relevant information for CORE demonstrations that deal with US-bound maritime logistics and commerce. Also the risk cluster might benefit from the descriptions of the US risk-based supply chain security scheme – Automated Targeting System (AST), 24-hour rule and the importer security filing 10+2 – that the report elaborates in detail. The report is available at http://www.gao.gov/new.items/d08187.pdf.

[s2If is_user_logged_in()]

Full review: This GAO report elaborates the status and challenges of the US Container Security Initiative, but it also provides a comprehensive outlook on the US maritime supply chain security. This information is likely to be relevant for the CORE’s demonstrations (WP9 and WP14) that deal with US-bound container traffic. The report is a good reference document for those CORE work packages that seek to describe the state-of-the-art of the global supply chain and that are producing relevant training material on supply chain security. The CORE’s risk and IT clusters benefit from the information the report offers on risk-based security solutions that use advance cargo information to calculate risk scores for US-bound shipments by the aid of automatic risk assessment algorithms.

Cross-references:

  • Preventing Nuclear Smuggling: DOE Has Made Limited Progress in Installing Radiation Detection Equipment at Highest Priority Foreign Seaports. GAO-05-375. Washington, D.C.: March 31, 2005.
  • Homeland Security: Process for Reporting Lessons Learned from Seaport Exercises Needs Further Attention. GAO-05-170. Washington, D.C.: January 14, 2005.
  • Port Security: Better Planning Needed to Develop and Operate Maritime Worker Identification Card Program. GAO-05-106. Washington, D.C.: December 10, 2004.
  • Maritime Security: Substantial Work Remains to Translate New Planning Requirements into Effective Port Security. GAO-04-838. Washington, D.C.: June 30, 2004.
  • Homeland Security: Summary of Challenges Faced in Targeting Oceangoing Cargo Containers for Inspection. GAO-04-557T. Washington, D.C.: March 31, 2004.
  • Container Security: Expansion of Key Customs Programs Will Require Greater Attention to Critical Success Factors. GAO-03-770. Washington, D.C.: July 25, 2003.

Additional keywords: Container Security Initiative (CSI), counter-terrorism, homeland security, maritime supply chain security

CORE1010

[/s2If]

SUPPLY CHAIN SECURITY – CBP Works with International Entities to Promote Global Customs Security Standards and Initiatives, but Challenges Remain, GAO, August 2008 (CORE1009)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: This report discusses how the US Customs and Border Protection (CBP) has (1) contributed to international supply chain security standards and (2) promoted mutual recognition in the customs security area and (3) how the agency expects to implement the 100% scanning requirement of the containerized US-bound maritime cargo. The report provides a detailed outlook on the US customs supply chain security scheme, and it highlights challenges and problems that the US government faces in promoting its supply chain security strategy internationally. The development and the implementation of the World Customs Organization’s (WCO) SAFE Framework of Standards, a suite of best practices on customs security, is a central theme throughout this GAO report. Because of its broad scope, the customs-related supply chain security, this document contains information that is likely to be useful for all CORE work packages, and especially for those that involve customs administrations. The report is available at http://www.gao.gov/assets/280/279730.pdf.

[s2If is_user_logged_in()]

Full review: This document provides a detailed outlook on customs-centric supply chain security from the US government’s perspective. This unique view on the customs security is going to be useful for the CORE’s early work packages that seek to describe the state-of-the-art of the global supply chain security. The information is also useful for the CORE demonstrations, in which customs administrations are involved. In particular, the demonstrations (WP9 and WP14) that are about US-bound trade and logistics benefit from the detailed description of the customs security initiatives that the US government has introduced since the 9/11 tragedy.

Cross-references:

  • Supply Chain Security: Challenges to Scanning 100 Percent of U.S.-Bound Cargo Containers. GAO-08-533T. Washington, D.C.: June 12, 2008.
  • Supply Chain Security: Examinations of High-Risk Cargo at Foreign Seaports Have Increased, but Improved Data Collection and Performance Measures Are Needed. GAO-08-187. Washington, D.C.: January 25, 2008.
  • Maritime Security: The SAFE Port Act: Status and Implementation One Year Later. GAO-08-126T. Washington, D.C.: October 30, 2007.
  • Maritime Security: One Year Later: A Progress Report on the SAFE Port Act. GAO-08-171T. Washington, D.C.: October 16, 2007.
  • Maritime Security: The SAFE Port Act and Efforts to Secure Our Nation’s Seaports. GAO-08-86T. Washington, D.C.: October 4, 2007.
  • Combating Nuclear Smuggling: Additional Actions Needed to Ensure Adequate Testing of Next Generation Radiation Detection Equipment. GAO-07-1247T. Washington, D.C.: September 18, 2007.
  • Maritime Security: Observations on Selected Aspects of the SAFE Port Act. GAO-07-754T. April 26, 2007.
  • Customs Revenue: Customs and Border Protection Needs to Improve Workforce Planning and Accountability. GAO-07-529. Washington, D.C.: April 12, 2007.
  • Cargo Container Inspections: Preliminary Observations on the Status of Efforts to Improve the Automated Targeting System. GAO-06-591T. Washington, D.C.: March 30, 2006.
  • Combating Nuclear Smuggling: Efforts to Deploy Radiation Detection Equipment in the United States and in Other Countries. GAO-05-840T. Washington, D.C.: June 21, 2005.
  • Container Security: A Flexible Staffing Model and Minimum Equipment Requirements Would Improve Overseas Targeting and Inspection Efforts. GAO-05-557. Washington, D.C.: April 26, 2005.

Additional keywords: Mutual recognition, regulatory harmonization, 100% scanning legislation, SAFE framework of standards, World Customs Organizations, Authorized Economic Operators (AEO) programs, Customs-Trade Partnership against Terrorism

CORE1009

[/s2If]

TRANSPORTATION SECURITY – Action Needed to Strengthen TSA’s Security Threat Assessment Process, GAO, 2013 (CORE1015)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: The GAO report is about measuring the performance of the Adjudication Centre that is a department within the Transportation Security Administration (TSA) responsible for administering background checks for people who need access to secure facilities unescorted. The centre issues the access credentials based on a through vetting of the applicant’s criminal history, immigration status, and connections to terrorist groups, among other checks. The report argues that the Adjunction Centre could improve the efficiency of the background checks – the individual security threat assessment – by improving its performance measurement system through better data and indicators. Although this GAO report focuses on a rather narrow topic, management of the background checking process, the report’s insights could benefit the CORE’s risk management cluster and those demonstrations that deal with access control matters. The report is available at: http://gao.gov/assets/660/656051.pdf

[s2If is_user_logged_in()]

Full review: This GAO document is closely related to the work the CORE’s risk cluster. The report describes problems the TSA’s Adjudication Centre faces when it manages the background checking process of the US-based transportation worker identification credentials (TWIC), hazardous materials endorsements (HME) and Aviation Worker (AV) authorization programs. Moreover, since access control is a central security solution in nearly all CORE demonstrators, the demonstrations might benefit from tips and guidance this report offers. At the final stages of the project, this GAO report might prove a useful document when the project consortium produces training materials on how to manage access control systems and how to administer background checks.

Cross-references:

  • Port Risk Management: Additional Federal Guidance Would Aid Ports in Disaster Planning and Recovery. GAO-07-412. Washington, D.C.: March 28, 2007.
  • Critical Infrastructure Protection: An Implementation Strategy Could Advance DHS’s Coordination of Resilience Efforts across Ports and Other Infrastructure. GAO-13-11. Washington, D.C.: October 25, 2012.

CORE1015

Additional keywords: Terrorism, background checks

[/s2If]

MARITIME SECURITY – Progress and Challenges 10 Years after the Maritime Transportation Security Act, GAO, September 2012 (CORE1013)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: This GAO report reviews how the US government has advanced maritime security since the introduction of the Maritime Transportation Security Act (MTSA) in 2002 and what kind of challenges the Department of Homeland Security (DHS) and its component agencies have encountered in translating the Act’s requirements into practice. The report describes in detail the character, progress and future vision of main US maritime security programs, which, according to the report, fall into four domains: (1) security planning, (2) port and vessel security, (3) maritime domain awareness and information exchange and (4) international supply chain security. The report points out that the US maritime security scheme calls for further improvements in the areas of (1) program management and implementation, (2) partnerships and collaboration, (3) resources, funding, and sustainability as well as (4) performance measures.  This report describes the entire field of US maritime security, and this information is very useful for CORE demonstrations that involve shipping into, through or out of the US ports. The report is available at: http://www.gao.gov/assets/650/647999.pdf

[s2If is_user_logged_in()]

Full review: This scope of this GAO document is broad as it covers the entire US maritime security, its many themes from funding to practical initiatives and risk assessment. CORE’s demonstrations that involve US-related maritime shipping can use this document to get a comprehensive and detailed information about the status and future challenges of the US maritime security scheme. Also the CORE’s risk cluster can use this document to analyze how the US government has established a risk-based, layered security system to protect the seaborne trade and logistics from terrorism, smuggling and other criminal activities. Because of the complete description of the US maritime security scheme, the report is excellent reference material for producing training material and educational contents in the CORE training cluster.

Cross-references:

  • Maritime Security: DHS Progress and Challenges in Key Areas of Port Security. GAO-10-940T. Washington, D.C.: July 21, 2010. See pages 10-11.
  • Maritime Security: The SAFE Port Act: Status and Implementation One Year Later. GAO-08-126T. Washington, D.C.: October 30, 2007. See pages 15-19.
  • Information on Port Security in the Caribbean Basin. GAO-07-804R. Washington, D.C.: June 29, 2007.
  • Supply Chain Security: Container Security Programs Have Matured, but Uncertainty Persists over the Future of 100 Percent Scanning. GAO-12-422T. Washington, D.C.: February 7, 2012. See pages 13-14.
  • Supply Chain Security: Feasibility and Cost-Benefit Analysis Would Assist DHS and Congress in Assessing and Implementing the Requirement to Scan 100 Percent of U.S.-Bound Containers. GAO-10-12. Washington, D.C.: October 30, 2009. See pages 41-43.
  • Supply Chain Security: U.S. Customs and Border Protection Has Enhanced Its Partnership with Import Trade Sectors, but Challenges Remain in Verifying Security Practices. GAO-08-240. Washington, D.C.: April 25, 2008.

CORE1013

Additional keywords: Maritime Transportation Security Act, Secure Freight Initiative, Customs-Trade Partnership Against Terrorism (C-TPAT), Container Security Initiative (CSI), risk assessment, container screening, counter-terrorism, maritime security

[/s2If]

Supply Chain Security: DHS Should Test and Evaluate Container Security Technologies Consistent with All Identified Operational Scenarios to Ensure the Technologies Will Function as Intended, GAO, 2010 (CORE1068)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: This report reviews container security technologies that the Science and Technology (S&T) Directorate of the US Department of Homeland Security (DHS) has evaluated and tested between 2004 and 2009. These container security technologies aim to (1) detect and report unauthorized intrusions into the shipping containers and (2) to track the movement of the containers through the supply chain. As of 2009, DHS has funded and tested four different container security technologies. So far, none of the candidate technologies meet all desired functional requirements: main problems are high false alarm rates, low detection probability, and difficult installation and calibration. Besides the unsatisfactory test results, the report points out problems of conducting the phase II practical “trade lane” testing in the context of the maritime transport only. The report recommends to test the technologies “across all operational scenarios,” considering contextual differences across different modes of transport. Once the technologies would pass this extended trade lane testing, the DHS should (1) obtain support from the trade industry and international partners, (2) develop a concept of operations (CONOPS) for using the technology, and (3) certify the container security technologies for use. The source document is available at: http://www.gao.gov/products/GAO-10-887.

[s2If is_user_logged_in()]

Full review: This GAO document describes in detail the four container security technologies that DHS has tested since 2004, and one of these technologies happens to be the very same “composite security container” that the WP22 CORE demonstration studies. The report discusses in details the problems that the previous tests and pilots of container security technologies have encountered. Being aware of the past problems help the CORE demonstrations to avoid past mistakes. In addition to the WP22 demonstration, the other demonstrations that involve tracking & tracing of intermodal containers benefit from the information of this GAO report. For instance, the GM demonstration on maritime shipping of automobile parts from the EU to the US via the port of Bremerhaven (WP9) might use this GAO document to evaluate available technical solutions for tracking the shipping containers. The demonstrations in work packages 14-17 involve tracking and tracing and therefore may use the detailed analysis this GAO report offers on available container security technologies.

 Cross-references:

  • Homeland Security: Key Cargo Security Programs Can Be Improved. GAO-05-466T. Washington, D.C.: May 26, 2005.
  • Cargo Container Inspections: Preliminary Observations on the Status of Efforts to Improve the Automated Targeting System. GAO-06-591T. Washington, D.C.: March 30, 2006.
  • Supply Chain Security: Feasibility and Cost-Benefit Analysis Would Assist DHS and Congress in Assessing and Implementing the Requirement to Scan 100 Percent of U.S.-Bound Containers. GAO-10-12. Washington, D.C.: October 30, 2009.
  • Maritime Security: DHS Progress and Challenges in Key Areas of Port Security. GAO-10-940T. Washington, D.C.: July 21, 2010.

Full citation:

U.S. Government Accountability Office (GAO), 2008. Supply Chain Security: DHS Should Test and Evaluate Container Security Technologies Consistent with All Identified Operational Scenarios to Ensure the Technologies Will Function as Intended.

CORE1068

Additional keywords: Container security, maritime logistics, container security device, tracking & tracing
[/s2If]

SUPPLY CHAIN SECURITY: Feasibility and Cost-Benefit Analysis Would Assist DHS and Congress in Assessing and Implementing the Requirement to Scan 100 Percent of U.S.-Bound Containers, GAO (October 2009, CORE1066)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: The document provides a comprehensive outlook on the past and recent US initiatives on container security. The report focuses on the challenges that prevent global implementation of the 100% scanning of US-bound containers in foreign ports with both non-intrusive inspection (NII) technologies and radiation detection devices, as mandated by the SAFE Port Act and the 9/11 Acts. The 100% scanning is believed to deter and detect terrorist attempts of smuggling weapons of mass destruction (WMD) into the United States inside a cargo container. The reports dates back to late 2009, so the description of the current state of the US container security it provides is not necessarily no longer accurate. The report anticipates that the implementation of the 100% scanning requirement will be delayed due to various problems that were identified during the precursory Secure Freight Initiative (SFI) pilots. These problems are related mainly to port logistics (routing of containers through scanning sites), employee safety (radiation of screening equipment) and technical constraints (equipment failures and poor quality of scanning images). Today, we know that the US authorities have deferred the implementation already twice, first to 2014 and for the second time until 2016. Altogether, this GAO report describes in detail the challenges of the 100% scanning law and elaborates some ongoing alternative risk-based approaches to container security: (1) the strategic trade lane strategy that aims to establish 100% scanning only in high terrorist risk foreign sea ports and (2) the “10 + 2” data requirements that importers and ocean carriers must submit to the US Customs and Border Protection (CBP) prior to a container is loaded aboard a US-bound vessel so that the US authorities can calculate more precise risk for each shipping container. This report includes relevant information for all the CORE’s demonstrations that involve US-bound maritime transportation. The source document is available at: http://www.gao.gov/products/GAO-10-12.

[s2If is_user_logged_in()]

Full review: The GAO document provides interesting insights on the evolution of the US container security regulations over the years. This is useful supportive information for CORE demonstrations that involve maritime shipping of containers into the US. The GM demonstration of the WP9 for example covers exports of automobile parts from the EU into the US by transatlantic ocean transport. If the US Congress does not repeal or defer the 100% scanning requirement, the port of Felixstove that participates in the demonstration, need to start scanning also all GM’s US-bound containers. Likewise, the FALACUS demo (WP14), which is about shipping of ceramic tiles from Italy to the US, must take into consideration the possible effects of the 100% scanning requirement. This demonstration is particularly interesting from the 100% scanning requirement standpoint because some ceramic tiles are naturally radioactive, and thus they tend to trigger false alarms in the radiation controls. Also the P&G demonstrator in the WP17, that focuses on shipping of consumer goods into the US, the possible impact of the 100% scanning regulation.

Besides the demonstrations, the CORE’s risk cluster might benefit from the detailed analysis of the risk-based approaches to the US container security, such as the strategic trade lane strategy and the “10 + 2” data requirement. All demonstrations might benefit from lessons learnt how GAO has advises DHS and CBP to carry out cost-benefit analyses for the US container security programs (especially the Secure Freight Initiative).

Cross-references:

  • Combating Nuclear Smuggling: Efforts to Deploy Radiation Detection Equipment in the United States and in Other Countries. GAO-05-840T. Washington, D.C.: June 21, 2005.
  • Container Security: A Flexible Staffing Model and Minimum Equipment Requirements Would Improve Overseas Targeting and Inspection Efforts. GAO-05-557. Washington, D.C.: April 26, 2005.
  • Bakshi, N., Flynn, S. E., & Gans, N. (2011). Estimating the operational impact of container inspections at international ports. Management Science, 57(1), 1-.‐‑20.

Full citation:

U.S. Government Accountability Office (GAO), 2009. Supply Chain Security Feasibility and Cost-Benefit Analysis Would Assist DHS and Congress in Assessing and Implementing the Requirement to Scan 100 Percent of U.S.-Bound Containers.

CORE1066

Additional keywords: Ocean transportation, counter-terrorism, non-intrusive inspection

[/s2If]

Zambia and Zimbabwe’s single-stop solution to boosting intra-African trade, The Guardian 2012 (CORE2008)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary

The Guardian news article summarizes benefits and challenges of the African first one-stop border post, located at the Chirundu border crossing across the Zambezi river between Zambia and Zimbabwe. At the border post, officials in both countries inspect only inbound traffic, for example Zambian authorities control only incoming traffic from Zimbabwe. Thanks to this one-stop arrangement, trucks and barges are obliged to stop only once and undergo only one set of border formalities. The one-stop system has accelerated border crossing times tremendously, from a two or three day wait down to a thirty-minute rest. Moreover, the faster border formalities have translated into higher traffic at the border post (from earlier 2000 to today’s 14000 trucks per month) and associated larger tax and duty revenues. But most importantly, the faster and simpler border formalities have facilitated trade of many small-scale merchants, who commonly trade small amounts of food, clothes, and other everyday commodities. Today, these small merchants face less delays, cumbersome formalities, and arbitrary duties and facilitation payments that dishonest customs officials may impose on their goods. This progress has brought many of the informal merchants, who used to smuggle their merchandise before, back into the sphere of the formal economy. Even so, the smuggling is still a major problem in Africa: the article suggests that there are smuggling routes so established that 30 tonne trucks use them to evade customs controls, and that this informal smuggling economy accounts for a staggering one-third of the African gross domestic product (GDP). The article implies that the share of the informal economy could be further reduced through consolidation of African trade blocks (there are several), harmonization and simplification of border formalities, and enhanced border agency cooperation. The news report is available at: http://www.theguardian.com/global-development/2012/may/29/zambia-zimbabwe-intra-african-trade

Review by Toni Männistö (CBRA)

[s2If is_user_logged_in()]

Full review

This Guardian article showcases a great example of successful border agency cooperation in Africa. The CORE WP12, the “demonstrator Schipol” focusing on shipping of fresh cut flowers from Kenya to the Netherlands, might choose to study this African one-stop border concept in more detail. Closer analysis may reveal key success factors and obstacles that characterize the border agency cooperation in Africa. Also CORE’s WP19, that produces material for training and education, may use this African one-stop border as an illustrative example of border agency cooperation in developing countries. The CORE’s risk and IT clusters might need to explore this case in more detail to understand technical aspects of this one-stop border post concept.

Reference

The Guardian, Zambia and Zimbabwe’s single-stop solution to boosting intra-African trade, the Guardian, 29. May, 2012. Retrieved from http://www.theguardian.com/global-development/2012/may/29/zambia-zimbabwe-intra-african-trade

CORE2008

[/s2If]

Review on “MARITIME CRITICAL INFRASTRUCTURE PROTECTION – DHS Needs to Better Address Port Cybersecurity”, Report to the Chairman, Committee on Commerce, Science, and Transportation, U.S. Senate, United States Government Accountability Office, June 2014 (CORE1098)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , /by

CORE1098-Summary: Actions taken by the Department of Homeland Security (DHS) and two of its component agencies, the U.S. Coast Guard and Federal Emergency Management Agency (FEMA), as well as other federal agencies, to address cybersecurity in the maritime port environment have been limited. Report is available at: http://www.gao.gov/assets/670/663828.pdf

[s2If is_user_logged_in()]

Full review: While the Coast Guard initiated a number of activities and coordinating strategies to improve physical security in specific ports, it has not conducted a risk assessment that fully addresses cyber-related threats, vulnerabilities, and consequences. Coast Guard officials stated that they intend to conduct such an assessment in the future, but did not provide details to show how it would address cybersecurity. Until the Coast Guard completes a thorough assessment of cyber risks in the maritime environment, the ability of stakeholders to appropriately plan and allocate resources to protect ports and other maritime facilities will be limited.

Maritime security plans required by law and regulation generally did not identify or address potential cyber-related threats or vulnerabilities. This was because the guidance issued by Coast Guard for developing these plans did not require cyber elements to be addressed. Officials stated that guidance for the next set of updated plans, due for update in 2014, will include cybersecurity requirements. However, in the absence of a comprehensive risk assessment, the revised guidance may not adequately address cyber-related risks to the maritime environment.

The degree to which information-sharing mechanisms (e.g., councils) were active and shared cybersecurity-related information varied. Specifically, the Coast Guard established a government coordinating council to share information among government entities, but it is unclear to what extent this body has shared information related to cybersecurity. In addition, a sector coordinating council for sharing information among nonfederal stakeholders is no longer active, and the Coast Guard has not convinced stakeholders to reestablish it. Until the Coast Guard improves these mechanisms, maritime stakeholders in different locations are at greater risk of not being aware of, and thus not mitigating, cyber-based threats.

Under a program to provide security-related grants to ports, FEMA identified enhancing cybersecurity capabilities as a funding priority for the first time in fiscal year 2013 and has provided guidance for cybersecurity-related proposals. However, the agency has not consulted cybersecurity-related subject matter experts to inform the multi-level review of cyber-related proposals—partly because FEMA has downsized the expert panel that reviews grants. Also, because the Coast Guard has not assessed cyber-related risks in the maritime risk assessment, grant applicants and FEMA have not been able to use this information to inform funding proposals and decisions. As a result, FEMA is limited in its ability to ensure that the program is effectively addressing cyber-related risks in the maritime environment.

Why GAO Did This Study? U.S. maritime ports handle more than $1.3 trillion in cargo annually. The operations of these ports are supported by information and communication systems, which are susceptible to cyber-related threats. Failures in these systems could degrade or interrupt operations at ports, including the flow of commerce. Federal agencies—in particular DHS—and industry stakeholders have specific roles in protecting maritime facilities and ports from physical and cyber threats. GAO’s objective was to identify the extent to which DHS and other stakeholders have taken steps to address cybersecurity in the maritime port environment. GAO examined relevant laws and regulations; analyzed federal cybersecurity-related policies and plans; observed operations at three U.S. ports selected based on being a high-risk port and a leader in calls by vessel type, e.g. container; and interviewed federal and nonfederal officials.

What GAO Recommends? GAO recommends that DHS direct the Coast Guard to (1) assess cyber-related risks, (2) use this assessment to inform maritime security guidance, and (3) determine whether the sector coordinating council should be reestablished. DHS should also direct FEMA to (1) develop procedures to consult DHS cybersecurity experts for assistance in reviewing grant proposals and (2) use the results of the cyber-risk assessment to inform its grant guidance. DHS concurred with GAO’s recommendations.

Full citation:  “MARITIME CRITICAL INFRASTRUCTURE PROTECTION – DHS Needs to Better Address Port Cybersecurity”, Report to the Chairman, Committee on Commerce, Science, and Transportation, U.S. Senate, United States Government Accountability Office, June 2014.

CORE1098

Keywords: Maritime Security, Port Security, Cyber – Security, CBP U.S. – Customs and Border Protection, Coast Guard U.S., DHS-Department of Homeland Security, FEMA-Federal Emergency Management Agency, ISAC-information sharing and analysis center, IT-information technology, MTSA-Maritime Transportation Security Act of 2002, NIPP-National Infrastructure Protection Plan, AFE Port Act-Security and Accountability for Every Port Act of 2006, TSA-Transportation Security Administration

[/s2If]

Interviews

Nothing Found

Sorry, no posts matched your criteria