Proceedings magazine is a communication tool for the Coast Guard's Marine Safety & Security Council. Each quarterly magazine focuses on a specific theme of interest to the marine industry.
Issue link: https://uscgproceedings.epubxp.com/i/436751
40 Proceedings Winter 2014 – 2015 www.uscg.mil/proceedings Multiple communications technologies make it easy to transmit photos, text messages, and verbal reports about existing conditions. Simulation and modeling software programs can produce a plan for a building evacuation, and can produce portfolios of plans to ft a wide variety of circumstances dictated by a port's customary daily or monthly cycle of operations. On the response side, there are numerous software programs that address frst responder operations. Unfortunately, this massive proliferation of new technolo- gies and their visible benefts have obscured the basic failure of technology to provide more effective tools to satisfy the most sophisticated demands of port resiliency. For instance, although there are a plethora of technologies available to gather information, there are fewer technologies that make it easier for port operators to understand exactly what all of this data means; and there are almost no technologies that enable port operators to tackle the challenges of implement- ing an operationally sound port resiliency plan. In other words, there is no technology capable of replacing port secu- rity professionals assessing data, putting it into proper con- text, spotting patterns, and making decisions to prioritize and protect people, property, and critical infrastructure in times of crisis. How Cybersecurity Relates to Physical Security Like physical security, which continually adapts to changes and new threat vectors, cybersecurity also requires an ongoing commitment to respond to a rapidly changing cyber threat environment. So ports and other critical infrastructure assets conduct annual physical security exercises to ensure good work- ing processes. Similarly, ports must conduct annual cybersecurity exercises that include law enforcement partners to ensure that they have appropriate notif- cations, forensics preservation, and investigation pro- cesses that meet the port's needs. Port authorities and other critical infrastructure manag- ers have ongoing relationships with federal partners to create and maintain physically secure environments. Similarly, any efforts to establish best practices or create a framework for managing cybersecurity must include a clearly defned role for the U.S. Coast Guard, which is the lead port security agency. Tasking the Coast Guard with responsibilities for cybersecurity within ports is logical, but will strain an agency that has already seen its mission and responsibilities expand greatly since 9/11. We would hope that any expansion of the USCG's role would be accompanied by additional resources to ensure that the agency can meet these new demands without compromising any of its other vital duties with respect to ports and the maritime industry. Ports and other critical infrastructure managers have imple- mented physical security standards, hardening a key portion of the nation's border infrastructure against terrorism and crime. As the federal government works to ensure the cyber assets of these entities are similarly hardened, federal policy at all levels should consider how physical security goals and objectives can and should align with cybersecurity goals and objectives to best provide whole-of-asset security and resiliency. How America's Ports Address Cybersecurity The American Association of Port Authorities' informa- tion technology committee formed an information technol- ogy cybersecurity subcommittee in October 2013, consist- ing of personnel from several ports around the Americas who meet weekly to discuss cybersecurity and plan next steps to craft and implement policies that address emerging cybersecurity risks. The subcommittee also provides comment and responds to requests for information in reference to cybersecurity, develops best practices, and maps future priorities for policy and legislation to better secure our nation's ports against cybersecurity threats. Several ports have also participated in the Government Accountability Office's cybersecurity port review, and Port at night: David Coleman / iStock / Thinkstock; binary code: Cherezoff / iStock / Thinkstock