Proceedings magazine is a communication tool for the Coast Guard's Marine Safety & Security Council. Each quarterly magazine focuses on a specific theme of interest to the marine industry.
Issue link: http://uscgproceedings.epubxp.com/i/436751
38 Proceedings Winter 2014 – 2015 www.uscg.mil/proceedings America's ports face a seemingly endless list of urgent threats that range from acts of terrorism to energy supply security, and border protection, to drug and illegal weapons smuggling. While acknowledged as one of the most likely and potentially devastating threats of this new century, cybersecurity is often left off of the list of top threats to the port security community. As a faceless, intangible threat to the security of our nation's ports, cybersecurity presents a much more complex and sinister danger to America's port security. Following a cybersecurity breach, vessels may be hijacked, pipelines ruptured, cameras blinded, and facilities left wide open. Ports are designed to facilitate ingress and egress and eff- cient transit in, out, and through all manners of land, water, and even air interfaces. Moreover, major ports encompass a multitude of piers and other infrastructure, often spread over vast geographical areas, and their operations depend upon networks such as pipelines, roads, rails, and equip- ment that move goods, containers, and personnel to and from platforms, piers, and warehouses. Port Resiliency This makes port security a multi-faceted logistical chal- lenge. In reality, the term "port security" does not correctly describe the real task: creating port resiliency — ensuring that, whatever happens, a port has the systems in place and the capacity to implement them properly, to prevent loss of life and property, and to return to normal operations as quickly as possible. To do this involves: • identifying critical assets and key resources for a port, on shore or at sea; • assessing threats and vulnerabilities and the nature and extent of the damage or injury that may result; • inventorying security assets and assets needed to recover from adverse events and positioning them to the greatest effect to deter, detect, respond to, and recover from activities that might prevent ongoing operations; • inventorying infrastructure assets and hardening them to withstand likely events to ensure continued function- ality through an adverse event or rapid recovery after an event; • planning and training to maintain appropriate levels of readiness, skills, and experience to monitor ongoing operations and respond to and recover from adverse events; • monitoring ongoing conditions to identify when adverse events occur; • deploying resources to respond to and recover from adverse events, while monitoring the overall environ- ment to maintain the big picture; • establishing and maintaining reliable and secure com- munication channels to regional response partners and incident managers at local, state, and federal levels. Technology While this seems like a lengthy list of diverse tasks to juggle on a daily basis — much less during a crisis — port security professionals should take heart. The good news is that technology is available to help meet signifcant por- tions of the port resiliency challenge. Technologies for col- lecting and reporting information about the port's facilities and environment, for instance, have proliferated. Under- water sensors, surface and air radar, closed-circuit televi- sion, pressure-sensitive and other penetration alarms, GPS, equipment sensors, and a seemingly endless array of other devices are available in quantities and with capabilities that are limited more by the budget of the buyer than by the constraints of technology. Building Port Resilience How cyber attacks can affect critical infrastructure. by Ms. aPRil DanOs Director, Information Technology Greater Lafourche Port Commission Cybersecurity of Maritime Critical Infrastructure continued on page 40