Our nation’s water ports are crucial to both the U.S. and global economies, serving as hubs for moving raw materials, finished goods and cruise-bound vacationers to every corner of the world. Today’s international trade is so interconnected that even short stoppages at any large port resonate worldwide — pointing out the vital need for robust port security plans.
Though critical, port security is a tall order. The U.S. navigable transportation network includes 361 ports on more than 25,000 miles of waterways, including oceans, rivers and lakes. Deep-draft ports alone support more than 30 million employees, according to the American Association of Port Authorities. The value of ports to national, state and local economies warrants their inclusion as a critical infrastructure sector.
Let’s look at some needs and components of a well-planned port security system.
Perhaps the most significant concern for most port security officials is keeping unwanted visitors off the property and knowing who is on-site at all times. The federal 2002 Maritime Transportation Act requires port facility users to develop security plans, including vulnerability assessments and screenings of employees, passengers, vehicles, containers and baggage.
Access control plays a vital role in any program. Under the 2002 act, employees or contractors requiring access to secure port areas must carry a Transportation Worker Identification Credential (TWIC). The federal Transportation Security Administration issues credentials following background checks to determine an applicant’s eligibility.
TWIC cards incorporate biometrics, storing an electronic template of two employee fingerprints, full name, card expiration date and a digital photo. Demand for other biometrics, such as face and iris, is growing due to their accuracy and touchless use. Readers located at port entries and places of employment authenticate the person presenting a credential using the biometric database. Biometrics essentially eliminate non-authorized persons using lost, stolen or borrowed credentials.
Controlled access is critical for port security, but port security leaders must also protect access to vessels, warehouses, water perimeters and adjacent rail and vehicular access points.
Many ports now use unmanned aerial and underwater vehicles equipped with lidar (light detection and ranging) sensors to monitor water perimeters. Topographic lidar uses near-infrared pulsed laser beams to generate precise 3-D information about shore formations, including people and vehicles. Water-penetrating green light enables bathymetric lidar to detect objects within a body of water.
Perimeter fencing can deter would-be trespassers on land and also separate cargo areas from cruise ship operations. Vibration detection systems use fiber optics to create alerts during attempts to cut or climb fencing. K-rated fencing, gates or bollards are crash test certified by the Department of State and should be installed in any area where a terrorist might drive an explosive-filled vehicle through the perimeter.
Visitor management systems accommodate people requiring less frequent port access than employees. Today’s visitor management systems can use self-serve kiosks, smartphones and QR codes to approve people for access quickly.
Port officials or tenants send QR codes to an anticipated visitor’s smartphone via email. As visitors arrive at the port, they present the code to a kiosk-based reader, which also photographs the person’s face. The data goes to the access control system, which prints a temporary photo badge, including an expiration. First-time visitors without a QR code swipe government-issued identification cards to start the authorization process. Similar setups enable cruise ship passengers to scan passports to move from parking facilities into the port and onto a ship.
Entering names and photos of potentially dangerous people such as known terrorists or disgruntled former employees into system databases will enable automatic alerts to stakeholders in the event of attempted entry.
A visitor management system also offers additional benefits to organizations, such as time-stamped audit trails showing who entered the facilities and when, along with lists of current visitors, essential during an emergency evacuation.
Surveillance cameras provide necessary live and recorded images of port events. However, damp conditions and harsh weather environments can damage outdoor surveillance cameras unless they are well protected by marine-grade aluminum or stainless-steel housings. In addition, the earth-shaking activity of massive cranes and vehicles often requires equipping cameras with digital stabilization to reduce image blur.
Visible light cameras that provide sharp images during the day have limited capabilities at night or in fog. Thermal cameras detect body and engine heat in almost any setting and offer increasingly clear details. Be careful using thermal cameras indoors where reflective metallic or glass surfaces tend to wash out images. Used in tandem, visible light and thermal cameras can provide a valuable, around-the-clock layer of visual security.
Though surveillance is an important tool for port security, hundreds of cameras scattered about port properties produce more data than a security team can effectively process. Built-in camera analytics can help, but they still create false alarms as many often lack the sophistication to discern differences between people and wind-blown trash. Cloud-based artificial intelligence software can significantly reduce false alarms in this space. Newer software now alerts security teams when it detects a person loitering or crowds forming. Watchlists enable users to upload photos of objects and people for the software to spot — or ignore.
With an increased reliance on digital technologies, IoT devices and robotic operations across all sectors, ports are no different. With digital technology comes the risk of cyberattacks. At larger ports, hackers have thousands of devices to choose from that serve as potential gateways to the entire security network. In 2020, North American ports reported a 158% increase in ransomware attacks, according to a PBS Newshour report. To date, most cyberattacks have hit business networks, but a successful attack on networks running machinery could potentially disable a port completely.
Like physical security, cybersecurity benefits from a layered approach to mitigate attacks. Security leaders can focus on building a virtual perimeter around the network. Partitioning the network into separate zones can enable organizations to isolate a breached segment without taking down the entire system.
Port tenants and employees must be aware that their jobs are dependent upon the network. Security teams should encourage stakeholders to guard their passwords and report any suspicious activity. Conducting a vulnerability assessment with an outside cyber consultant can help facilities identify network weaknesses and build on strengths.
Another security risk unique to port locations is smuggling. Criminal organizations use international trade vessels to smuggle illegal drugs, weapons, toxic chemicals and other items between countries. U.S. Custom and Border Protection agents inspect all containers entering the U.S., with about 5% of seaborne containers being classified as high risk.
At ports, these containers pass through large, passive X-ray units that scan containers loaded on flat-bed trucks or rail cars as they arrive at or leave a port’s dedicated “area of control.”
Today’s X-ray devices can process up to 120 containerized trucks per hour. Modern X-ray scanners display content images on computer monitors, enabling officials to stop and inspect suspicious containers. In addition to technology, agents will also open and manually check containers for contents not matching the shipping manifest.
With both public and private organizations working on port properties, such facilities can lessen confusion among organizations by creating one central security operations center monitoring all systems on the property. A centralized system will streamline operations and response and enable trained operators to dispatch security personnel, port police officers or private security guards as needed.
In addition to centralizing technology and security operations, port security leaders and stakeholders can help ensure operational continuity with planning. Planning for crises, emergency events or lockdowns in the case of a terrorist attack can help the entire facility mitigate disruptions or damages. Planning should include safe evacuation procedures of port employees and visitors, as well as contingency plans to get security systems and other technologies operational as quickly as possible following any failures.