Q&A
Port and Cargo Security: How Is the U.S.A. Doing Now?
Stephen E. Flynn of the Council on Foreign Relations is the Ira A. Lipman Senior Fellow for Counterterrorism and National Security Studies. Flynn recently spoke with CSO Senior Editor Joan Goodchild about how the US is doing when it comes to port and cargo security
By Joan Goodchild, Senior Editor
How do we accomplish that?
At the heart of challenge is a global set of systems where some portions are very concentrated; mega-ports for instance. But we also have, when we go back to the factories, a widely-dispersed system. So the challenge, from a single company standpoint, is: I can control what happens on my real estate. But then I get into the system, and it has lot of anarchical qualities, chaotic qualities, as to how it operates. So it quickly gets out of my control.
What we are struggling with, on one hand, people who own and operate need to develop tools. But that needs to be done on as close to a global basis as possible. The public sector is going to be part of kibitzing on how this is going to happen. So it's a massive choreography challenge. It's often less about technology as it is choreography of getting all participants public and private into the plan of how to move forward.
I think what we have is some basic tools that get us in direction we need to go. We've begun processes like CTPAC. We've set framework through ASME code of common sets of requirements of things that need to happen in facilities and on vessels, etc. So we have a skeleton at least around which this can happen.
Where I think the next steps come are really an effort on which we rely ⬠continue in ISO fashion ⬠to have a heavy voice on what we want to do with safeguards in facilities, what we want to do on container level. What's been missing is effort to validate that these efforts are being done. This is where government efforts are getting in way. Customs has not supported third party validation. Screening of cargo is going to have to be done as they have been done in aviation sector with private efforts to do that. Government's job will have to be validate the validators.
Where do you think stand companies now??
There are certainly a lot more in parts of the system companies can control than there were in the past. A lot has been animated by CTPAC protocol which basically says we need private sectors companies to take great ownership. A lot of good companies have stepped up to that plate and made efforts in factories, in physical security on loading docks. There clearly has been a lot of activity in that realm.
Port security
Security Directions: A Virtual Conference
Available On Demand Sept. 30 - Dec. 30
Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.
Protecting PII: How to Work with IT to Manage Risk
Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.
- Staying A Step Ahead of the Hackers: The Importance of Identifying Critical Web Application Vulnerabilities
- A Security Blueprint Delivered From within the Network
- Understanding Data Location is Imperative for Data Loss Prevention
- Upgrading to VMware vSphere with vWire
- Removing Barriers To Better Server Virtualization Efficiency
- Practical Approaches for Securing Web Applications across the Software Delivery Lifecycle
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
