Opinion
Container Security: Is the Layered Approach Working?
Guest columnist Jim Giermanski says the government's five-layered approach to container security is on the right track, but needs significant improvements
By James Giermanski
Layer-5: Non-Intrusive Inspection (NII)
NII is mobile gamma-ray imaging technology. It is deployed at seaports and at land ports of entry, permitting officers to detect and interdict contraband (such as narcotics, weapons and currency) hidden within conveyances and/or cargo while simultaneously facilitating the flow of legitimate trade and travel. The mobile gamma-ray imaging system employs a gamma ray source that permits officers to quickly see inside tankers, commercial trucks, cargo containers and other conveyances without having to physically open the conveyance and/or container. NII machines can scan vehicles up to 125 feet in length in one pass. One version of the system is mounted on a truck chassis and is operated by a three-man crew. The NII operates by slowly driving past a parked vehicle with a boom extended over the target vehicle.
As a layer, NII is equivalent to "boots on the ground." It detects something it sees. It is not data-centered. While often the densities it reads may not turn out to be guns, drugs, or currency, but only something resembling them, it does have very clear security usage. In fact, NII has been used at the Super Bowl in 2008 and at NASCAR events in addition to its ports security duties.
Conclusion
While I have often criticized DHS and CBP for many of their decisions, policies, and management decisions, the layered system is fundamentally sound. It is sound in spite of the lack of active intelligence gathering and the lack of container security technological applications which are currently available. However, its weaknesses, while few, are significant. In fact, the tremendous reliance on submitted information on which to base security decisions is a weakness and needs to be addressed. While C-TPAT is good, a recent GAO (Government Accountability Office) report in May 2008, pointed out numerous areas of concern. There are also GAO reports on the effectiveness of scanning at border ports of entry.
It seems that the layered security concept needs two more layers. The first is an actual intelligence/counterintelligence layer. That will be a problem. A short, but true story will help to explain. In the late 1990s a young man came to my office when I was teaching at Texas A&M in Laredo. He knew that I was a colonel in the Air Force Office of Special Investigations (AFOSI), at that time a little known fact, and was told to contact me. He told me that he was an Air Force first lieutenant, and he said that he just finished the intelligence program at Fr. Huachuca and was just assigned to the Border Patrol.
container security
Security Directions: A Virtual Conference
Available On Demand Sept. 30 - Dec. 30
Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.
Protecting PII: How to Work with IT to Manage Risk
Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.
- Managing A Growing Threat: An Executive's Guide to Web Application Security
- Upgrading to VMware vSphere with vWire
- Removing Barriers To Better Server Virtualization Efficiency
- Practical Approaches for Securing Web Applications across the Software Delivery Lifecycle
- Staying A Step Ahead of the Hackers: The Importance of Identifying Critical Web Application Vulnerabilities
- The Forrester Wave™: Web Filtering, Q2 2009
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
