In Brief

C-TPAT: Port Boys Complaint

For years, the cargo supply chain has been encumbered by slow security checks. C-TPAT wants to change that.

By Kathleen Carr

September 01, 2003CSO — For years, the cargo supply chain has been encumbered by slow security checks. C-TPAT wants to change that.

In the team-building portion at your last company offsite, you probably remember an exercise where group A led group B through an obstacle course. Presumably group B exited the course unscathed. The game is similar to the real-life scenario being played out at shipping ports around the world today: In an attempt to lead businesses through transport's security maze, the U.S. Bureau of Customs and Border Protection has created several programs to improve the inherent lack of trust in the cargo system so that things move more swiftly through the supply chain.

The Customs-Trade Partnership Against Terrorism, or C-TPAT, is a joint initiative between the government and the private sector aimed at safely expediting containers through ports. Companies that promise to use good security measures and provide documentation of the containers' contents to Customs officials will be rewarded with an accelerated shipping schedulekind of like a fast lane for cargo. Those that enroll in the program must perform self-assessments of their supply chain security and implement a security program that follows C-TPAT guidelines, which focus on security compliance of facilities, access, procedures, personnel, documentation and training.

"Anyone at a terminal of a trucking company could infiltrate the cargo supply chain, especially overseas where background checks aren't allowed," says Ken Wheatley, vice president of corporate security for Sony Electronics. "The obvious difficulty lies in managing a coordinated effort between various government entities. If you have DEA, FDA and Customs independently coming up with regulations without communicating with each other, the end users will get caught in a vice with inconsistent standards."

Another Customs initiative, called the Container Security Initiative, or CSI, was launched in January 2002, to ensure the security of containers in transit by using technology to prescreen and secure containers. Of the top 20 ports worldwide, 18 have already joined CSI. According to Wheatley, becoming a member of the initiative means you are "a trusted importer." To attain that status, you must provide Customs with details of what you're shipping and documentation that demonstrates that you are shipping it safely.

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Data Center Directions Virtual Conference

Data Center VCAttend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.

» Learn more and register here

WEBCAST
The Surest Path to Effective and Efficient Compliance

VeriSignIn this webcast, we explore why and how — with best practices, practical tips and solutions that work — to ease your compliance challenge.

» View the webcast

Featured Sponsors
Sponsored Links

Think your data is safe? Think again. It's time to Outthink the Threat. Get eBook now

Prepare for (ISC)2® Certification With Villanova - Online

Rolling the dice with your security? Take the Self-Assessment Test now

Diebold: Frost & Sullivan Global Physical Security Systems Integrator of the Year

Revolutionizing Endpoint Security with a Single Agent

Envision Identity-Based Access Control for the Datacenter

IT Service Management: Metrics That Matter

ITCi White Paper: Challenges and Opportunities of PCI

Effective Security with a Continuous Approach to ISO 27001 Compliance

E-LOAN Maintains Reputation as a Privacy Leader with Symantec

Data Loss Prevention: Keeping Sensitive Data Out of the Wrong Hands

Prudential Financial Protects its Brand with Symantec

Envision Identity-Based Access Control for the Datacenter

Digital Identity Protection and Data Security Get Personal

Welcome to the age of Service-Oriented Security (SOS)

Enabling Compliance with Converged Mainframe Security and Storage

The Case for Business Software Assurance ~ Securing Your Applications

Forrester Total Economic Impact (TEI) report: Save Millions in Fraud Losses.

Learn how the new Quad-Core AMD Opteron™ processor improves performance

Configuration Audit and Control for Virtualized Environments

Take our CSO role survey and receive a copy of the results

Ponemon Study: How Much Does a Data Breach "Cost"?

Data Protection: Challenges for the Traveling User

Key strategies for C-level executives and security staff

Configuration Assessment: Choosing the Right Solution

The PCI Data Security Standard

Configuration Audit and Control for Virtualized Environments

7 Requirements of Data Loss Prevention

Information Security: Data Drains and How to Prevent Loss

How Are Open Source Development Communities Embracing Security Best Practices?

IDC Defines an Identity and Access Management Submarket

Using Likewise to Comply with PCI Data Security Standard

IDC Defines an Identity and Access Management Submarket for Managing Privileged User Accounts and Meeting GRC Requirements

Everything Today's CISO Needs to Know About Using SSO to Succeed in the Web 2.0 Era

Solving Online Credit Fraud Using Device Reputation