SAMI On Top Line Security Concerns

With progress being made against piracy off Somalia, it seems that other maritime security issues are becoming top line issues for shipowners. The Security Association for the Maritime Industry (SAMI), is a global focal point for maritime security matters, and is well placed to highlight the current maritime security concerns, those which are over the horizon and the initiatives which are being rolled out to counter the threats and mitigate the risks.
While there has been a degree of containment of Indian Ocean piracy, the issue is still a key one for the industry – and while there are other problems elsewhere, it remains that owners and operators should still be sure that they are protecting the seafarers, cargoes and vessels in the High Risk Area.
However, while there should be no resting on laurels or too much self-congratulation – it is important to recognize that a triumvirate of responses has done so much to improve maritime security. Improvements in self-protection through Best Management Practices (BMP), the provision of armed guards and the international naval presence have all combined to improve the dreadful situation. While the three solutions remain in place, then it seems likely that the piracy problem can be contained.
So it is that we can turn attention to other problems and other areas of risk. From the piracy perspective there are not only other hotspots to consider, but unique challenges in each.
Off Nigeria, and across the Gulf of Guinea, there is a still a major security problem. Vessels are being hit by pirates and hit hard. However, this problem is further compounded by the lack of response – while most owners do enact measures akin to BMP, there are serious concerns regarding the use of armed guards and the capabilities of local navies to contain and counter the threat.
This means it is almost impossible to apply the factors which have stemmed Somali piracy off West Africa, and because of this there are heightened maritime security concerns. At the moment Nigerian security efforts are seemingly hampered by an unedifying local spat between the Nigerian navy and the police. One claims pre-eminence in control, while the other has been placing guards on vessels.
Whatever the rights and wrongs of the political infighting, it is the seafarers, owners, charterers who are suffering and there needs to be an urgent solution sought and provided.
While the problems are set to continue off West Africa is has been hugely concerning to note the rise in piracy attacks around the Malacca Straits, Singapore, Indonesia and anchorages in the region. As a result of these attacks SAMI recently urged all owners and masters to exercise caution when vessels transit or operate in the area.
According to reports this current SE Asian piracy spike is based on a very specific security problem, as pirates and criminals hijack vessels to steal oil cargoes. We are seeing a rising trend for tankers to be hijacked, and it must be assumed that all oil cargoes in the area are at risk. But despite the specific nature of the current threat the risk does not necessarily start and end with petro cargoes.
While the focus is mainly on product tankers, there are concerns that pirates may pose an associated threat to other vessel types too. SAMI has warned that very often a specific and focused type of piracy can evolve into a more random “smash and grab” form.
Criminal elements with a marine capability clearly may look to alternative targets, seeking to gain whatever they can from any passing shipping. The ongoing threat to oil cargoes and tankers is set to continue, and so urgent measures need to be taken.
Most of the current incidents have taken place within territorial waters, and as such there is hope that local law enforcement and military intervention will ease the current security problems. It is to be hoped that affected countries are able to work together to counter this rising problem. In the meantime, shipping must act to protect itself. 
In the meantime it is vital, that action is taken by the shipping industry. There have been accusations of that criminals are being granted access to sensitive information on cargoes and vessel movements. As such owners and masters need to do all possible to control and restrict the flow of such intelligence.
Parallel to this is a need to ensure that practical measures are taken to protect seafarers, cargoes and vessels. From the management ashore, through to the team onboard there needs to be awareness of the local piracy problems, as well as an ability and willingness to take the necessary actions to safeguard and protect their vessels.
According to the advice issued by SAMI, it is now time revisit the Ship Security Plans to ensure that they are relevant and capable of imposing the defensive measures necessary to protect vessels from this form of piracy. While many vessels which trade internationally may have the necessary skills, equipment and knowledge to enact measures akin to those of the Industry Best Management Practices (BMP), there are many in the region only trading in this geographic sector.  This could be a problem, but one which needs to be addressed.
For these vessels, it may be more difficult to ramp up the security measures and response – but it is vital that they do so. SAMI urges owners and masters to fully assess their vulnerabilities and the way in which security. Where necessary the association also stresses the importance of external professional expertise, and private maritime security companies are able to provide the insight necessary to protect vessels effectively.
Away from the problems of maritime security, one topline issue has emerged relating to the solutions provided to ensure maritime security. Over the past two years much work has gone into developing a new international standard for private maritime security companies (PMSCs). This is the International Organization for Standardization (ISO) standard, “ISO28007”. While it was hoped that the standard would finally facilitate owners to identify only quality PMSCs, there are concerns that the take-up and interest in the standard by shipowners is slow, and there are some who are not seemingly embracing the standard, relying instead on their own vetting processes.
It is of course vitally important that owners do whatever checks they deem necessary, it perhaps a missed opportunity for them to not embrace ISO28007 as a means of initial assessment. SAMI is working hard to ensure that not only are PMSCs who have ISO28007 recognised, but that they can be identified and can win business. In order to this SAMI is shortly to launch its new, re-engineered directory, which will allow shipowners to easily find out which PMSCs have what certification and experience.
It is hoped that by streamlining and improving the online search for PMSCs, then the best companies will win business and they will be rewarded for the investments made in attaining the very highest possible standards.
Of course maritime security is not solely about pirates and stolen cargoes, there are other difficult issues to manage. As part of this assessment of maritime security, challenges, cyber threats are being treated very seriously indeed.
Technology to improve production, cost and reduce delivery schedules –has seemingly opened the door to emerging threats and vulnerabilities as equipment has become accessible to outside entities As crews get smaller and ships get bigger, they increasingly rely on automation and remote monitoring, meaning key components, including navigational systems, can be hacked.
Given the nature of the threat the true extent of shipping’s cyber vulnerabilities remains uncertain, but the industry is waking to the implications of cyber-attacks. It is increasingly recognizing that poorly defended systems pose huge risks, as concerns rise that criminals, pirates and terrorists may target shipping.
This is a serious issue, and one which could be likely to be on the agenda for governments, companies and seafarers alike into the future. At the moment the number of known shipping cyber cases is actually low, as attacks often remain invisible to the company, but these numbers are likely to grow in number and impact
It seems the problems are confounded by the facts that shipboard staff are not computer security experts, and there is a seeming blindness and ignorance as to the scale and threat posed by the problems.
Researchers say they have discovered significant holes in the three key technologies sailors use to navigate: Global Positioning Satellites, marine Automatic Identification System (AIS), and Electronic Chart Display and Information System (ECDIS).
It has been stated that cyber security on board merchant vessels and at major ports is 10 to 20 years behind the curve compared with office-based computer systems, This means they are wide open to an ever-increasing range of threats.
It appears there are failings all along the line, and up and down the chain. There is a seemingly lack of leadership, ownership or accountability with this most troubling of maritime security problems. Addressing these cyber threats will take time and investment, but also a change in attitude.
 

The Author
Steven Jones is Maritime Director at The Security Association for the Maritime Industry (SAMI).

(As published in the September 2014 edition of Maritime Reporter & Engineering News - http://magazines.marinelink.com/Magazines/MaritimeReporter)