Q: How can shippers be sure that only the right person at the right time in the supply chain receives only the information required?
A: To successfully and consistently meet the requirements you've set forth, shippers would ideally have a closed-loop system whereby they controlled the process from the time of pickup to the time of delivery. They would also benefit from a robust software tracking system on a VPN that, based on the person's access authorisation, would display only the information that he needed to view.
Q: It's one thing to justify processes that will keep cargo from being stolen. But how can you add value to the process of keeping cargo from being tampered with?
A: I don't see the two — tampering and theft — as separate issues. If people can lay hands on the cargo to tamper with it then they can certainly steal it. So the same objectives of deterrence and detection apply. You have to convince your adversaries that your processes and systems are so ironclad they will go elsewhere. If they can't get to the cargo, then they can't tamper with it or steal it, so limiting physical access to the cargo is essential.
Visually concealing the contents of the pallets and boxes by using black wrapping or an overbox, and coding the paperwork to conceal the actual contents of the pallet or trailer will also help.
Q: Is the shipping security dilemma a problem for technology to solve?
A: Not by itself, and not without a careful analysis of the problem to determine if a technical solution is the appropriate path. Too often technical "solutions" are treated as a set-it-and-forget-it fix. There are interactive applications where technology is a force-multiplier, such as speeding up the inspection process or extending human capabilities using backscatter X-rays or passive millimetre wave imaging. Plus, technical advances are never-ending propositions because our adversaries immediately try to find ways to defeat or go around a new application.
Q: Can you give us a sense of the scale of the problems you're dealing with? That is, compared to pieces of luggage that need to be screened, how many containers are coming through the system?
A: As you're probably aware, there are millions of containers entering the United States through the various borders, and approximately 2 per cent of those are screened by US Customs and Border Protection. So the scale of the problem you're referring to is really the nagging question of, What about the other 98 per cent of the shipments? Well, it's a multifaceted approach to the problem. Customs and Border Protection has to use other tools to supplement the risk assessment process, such as the 24-hour rule on paperwork submission for ocean shipments, to help further screen and identify which shipments need closer inspection. And programs such as CTPAT and the Container Security Initiative help to further refine that assessment.
Q: Following on that, what happens to the shipping industry if security concerns are raised? In other words, if you're dealing with the equivalent of the Department of Homeland Security's orange alert in shipping, do the world's ports get thrown into backed-up chaos?
A: This is where our role as the CSO comes into play. Rather than being reactive to any particular alert level or colour code, we should be advising our operations on proactive, flexible methods to harden our targets — in this case, containers. That way, minor midcourse corrections in security protocols can be implemented in response to a particular threat level. And the impact on our economy and industry is minimised.