DHS must address nation’s seaport cybersecurity
in the NewsBehind KION Group’s acquisition of Dematic UniCarriers Americas executives partner with Roosevelt University Brexit impact yet to be measured by U.S. logistics managers Rail carload and intermodal volumes fall for the week ending June 18, reports AAR BTS reports U.S.-NAFTA trade falls 3.2 percent in April More News
U.S. maritime ports handle more than $1.3 trillion in cargo annually. The operations of these ports are supported by information and communication systems, which are susceptible to cyber-related threats. Failures in these systems could degrade or interrupt operations at ports, including the flow of commerce. Federal agencies—in particular the Department of Homeland Security (DHS)—and industry stakeholders have specific roles in protecting maritime facilities and ports from physical and cyber threats.
Officials at the U.S. Government Accountability Office (GAO) say more has to be done.
Actions taken by two of DHS’ component agencies, the U.S. Coast Guard and Federal Emergency Management Agency (FEMA), as well as other federal agencies, to address cybersecurity in the maritime port environment have been limited.
While the Coast Guard initiated a number of activities and coordinating strategies to improve physical security in specific ports, it has not conducted a risk assessment that fully addresses cyber-related threats, vulnerabilities, and consequences, says GAO.
Meanwhile, Coast Guard officials stated that they intend to conduct such an assessment in the future, but did not provide details to show how it would address cybersecurity. Until the Coast Guard completes a thorough assessment of cyber risks in the maritime environment, the ability of stakeholders to appropriately plan and allocate resources to protect ports and other maritime facilities will be limited.
Maritime security plans required by law and regulation generally did not identify or address potential cyber-related threats or vulnerabilities. This was because the guidance issued by Coast Guard for developing these plans did not require cyber elements to be addressed. Officials stated that guidance for the next set of updated plans, due for update in 2014, will include cybersecurity requirements. However, in the absence of a comprehensive risk assessment, the revised guidance may not adequately address cyber-related risks to the maritime environment.
GAO now recommends that DHS direct the Coast Guard to (1) assess cyber-related risks, (2) use this assessment to inform maritime security guidance, and (3) determine whether the sector coordinating council should be reestablished. DHS should also direct FEMA to (1) develop procedures to consult DHS cybersecurity experts for assistance in reviewing grant proposals and (2) use the results of the cyber-risk assessment to inform its grant guidance.
Fortunately, DHS concurred with GAO’s recommendations.
About the AuthorPatrick Burnson Patrick Burnson is executive editor for Logistics Management and Supply Chain Management Review magazines and web sites. Patrick is a widely-published writer and editor who has spent most of his career covering international trade, global logistics, and supply chain management. He lives and works in San Francisco, providing readers with a Pacific Rim perspective on industry trends and forecasts. You can reach him directly at [email protected]
Subscribe to Logistics Management Magazine!Subscribe today. It's FREE!
Get timely insider information that you can use to better manage your entire logistics operation.
Start your FREE subscription today!
WMS Update: What do we need to run a WMS? Supply Chain Software Convergence: Synchronization Realized View More From this Issue