Q&A

Port and Cargo Security: How Is the U.S.A. Doing Now?

Stephen E. Flynn of the Council on Foreign Relations is the Ira A. Lipman Senior Fellow for Counterterrorism and National Security Studies. Flynn recently spoke with CSO Senior Editor Joan Goodchild about how the US is doing when it comes to port and cargo security

By Joan Goodchild, Senior Editor

September 14, 2008CSO

In a 2006 interview, you gave the country a D+ grade when it comes to the current state of port and cargo security. And that D+ was up from an F a few years prior. Where do we stand now in 2008?
We are moving probably to a C-minus. There are essentially three challenges in the area of port security and cargo security. The first is that potentially our ports can be used as a conduit to bring destructive things into country, such as a dirty bomb, a radiological device, or, in a worst case scenario, a nuclear bomb. So the first set of challenges is to figure out how do I find the needle in haystack in the tremendous volume of cargo and in a complex environment like our ports if someone wanted to smuggle something in.

The port environment itself contains tremendous critical infrastructure that is essential to our economy and puts at risk, particularly in communities like Seattle, where you have a lot of port infrastructure close to where people live, things like refineries, power generation plants, transportation hubs and bridges. There is a lot that is truly critical. A lot of our population was built around ports and a lot of the infrastructure is essential to our way of life.

The area where the government has the longest way to go is in creating a reaction where we basically shut things down to sort things out. That is, the need to see that the interval of transportation system itself beyond the port environment is a critical infrastructure. This is absolutely indispensible to our environment; potentially targeting that system verse exploiting it.

Weâ¬"ve made considerable progress from where we were before. We have a kind of framework thatâ¬"s been put in place since 9/11 ⬠from the pushing of borders out, to having customs agents overseas, to having efforts to get companies to be far more security minded than they were before with programs like CTPAC. But this last problem, the ability to recover and have a measured response, thatâ¬"s where efforts are close to failing and is something that should give all of us considerable pause.

It's been a few years since operation cargo safety commenced. With regard to that effort ⬠have we learned anything?
The results have not been widely published or shared. So most of us donâ¬"t know what we learned from running those pilots.

That operation goes back to an initiative that was launched after 9/11. A first shipment from Czech Republic was followed through to the United States through Vermont and New Hampshire. The results of that first effort in May 2002 spawned legislative action.

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Data Center Directions Virtual Conference

Data Center VCAttend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.

» Learn more and register here

WEBCAST
The Surest Path to Effective and Efficient Compliance

VeriSignIn this webcast, we explore why and how — with best practices, practical tips and solutions that work — to ease your compliance challenge.

» View the webcast

Featured Sponsors
Sponsored Links

Think your data is safe? Think again. It's time to Outthink the Threat. Get eBook now

Configuration Audit and Control for Virtualized Environments

Enabling Compliance with Converged Mainframe Security and Storage

Diebold: Frost & Sullivan Global Physical Security Systems Integrator of the Year

Ponemon Study: How Much Does a Data Breach "Cost"?

Data Protection: Challenges for the Traveling User

Key strategies for C-level executives and security staff

Configuration Assessment: Choosing the Right Solution

The PCI Data Security Standard

Configuration Audit and Control for Virtualized Environments

7 Requirements of Data Loss Prevention

Information Security: Data Drains and How to Prevent Loss

How Are Open Source Development Communities Embracing Security Best Practices?

IDC Defines an Identity and Access Management Submarket

Using Likewise to Comply with PCI Data Security Standard

IDC Defines an Identity and Access Management Submarket for Managing Privileged User Accounts and Meeting GRC Requirements

The Case for Business Software Assurance ~ Securing Your Applications

Forrester Total Economic Impact (TEI) report: Save Millions in Fraud Losses.

Learn how the new Quad-Core AMD Opteron™ processor improves performance

Rolling the dice with your security? Take the Self-Assessment Test now

Take our CSO role survey and receive a copy of the results

Prepare for (ISC)2® Certification With Villanova - Online

Revolutionizing Endpoint Security with a Single Agent

Envision Identity-Based Access Control for the Datacenter

IT Service Management: Metrics That Matter

ITCi White Paper: Challenges and Opportunities of PCI

Effective Security with a Continuous Approach to ISO 27001 Compliance

E-LOAN Maintains Reputation as a Privacy Leader with Symantec

Data Loss Prevention: Keeping Sensitive Data Out of the Wrong Hands

Prudential Financial Protects its Brand with Symantec

Envision Identity-Based Access Control for the Datacenter

Digital Identity Protection and Data Security Get Personal

Welcome to the age of Service-Oriented Security (SOS)

Everything Today's CISO Needs to Know About Using SSO to Succeed in the Web 2.0 Era

Solving Online Credit Fraud Using Device Reputation