Port Authorities Call for IT Enhancements
Terrorist warnings prompt closer look at security on ships
Computerworld - Washington
A new terrorism warning surfaced last week indicating that as many as 25 terrorists of Middle Eastern origin may have slipped into the U.S. unnoticed after stowing away aboard cargo ships that entered four major U.S. seaports.
The threat, while not new, underscores the need for better IT systems to help port authorities and local law enforcement agencies better track suspected terrorists and criminals who attempt to enter through the nation's seaports, say port authority officials.
Beth Rooney is manager of port security at The Port Authority of New York and New Jersey, where specific threats to historical landmarks last week put officials on a heightened state of alert. One of the biggest port security problems, she said, is that ship cargo information isn't received by port authorities until three to five days before a ship arrives.
"We are pushing for [systems to ensure] supply chain integrity and the integrity of the contents of the container, including that there's not a person in there," said Rooney, referring to the need for timely transmission of certified container inspection documents from authorities outside the U.S.
"I would also like to see a database or notification system for ports and law enforcement agencies affiliated with the port to network and alert each other when we discover something out of the ordinary," said Lindy Rinaldi, chief of police for the South Carolina State Ports Authority. "Right now, we do not have any communication [systems] to link other ports and law enforcement agencies together.
"Currently, all notifications are made by phone," Rinaldi noted. "This can cause serious delays in passing along much-needed information that would be useful for our homeland security protection."
Financial Constraints
Anne Moise, manager of port security at the South Carolina State Ports Authority, said her organization has big plans for improving security, but little funding. For example, the port in Charleston has rolled out an identification system for access control. "This system is not fully utilized yet due to funding issues, but the format is in place," Moise said.
Funding may be on its way, however. A U.S. Department of Defense appropriations bill could provide $93.3 million to the U.S. Department of Transportation's new Transportation Security Administration (TSA) to fund port security assessments and enhancements. Likewise, the Port and Maritime Security Act of 2001, which was passed by the Senate Dec. 20, calls for $390 million in grants for port security infrastructure improvements.
Funding can't come soon enough, port authority officials said.
"Transactions between the buyer and seller take place40 to 50 days ahead of time," said Rooney. "If you can provide the purchase order information to the authorities at the time the transaction is made, then we can have intelligence on what to look for. It's integration. The systems and the data are out there."
The Port Authority of New York and New Jersey recently requested funding to build and test a pilot version of such a purchase order transaction-monitoring function in its system. Grants will be awarded by the TSA next month.
"We can build the functionality and have it ready to go in July," Rooney said.
Read more about Security in Computerworld's Security Topic Center.



- Excel 2010 Cheat Sheet
- Register for this Computerworld Insider Cheat Sheet and gain access to hundreds of premium content articles, guides, product reviews and more.
- Overcome Top 7 Admin Challenges of Active Directory
- As Active Directory's role in the enterprise has drastically increased, so has the need to secure the data. Gain insight on creating repeatable,...
- Insiders Can Ruin Your Company. Take Action.
- Did you know that 80 percent of threats to an organization come from the inside? The threat from insiders is often overlooked in...
- Top Solutions and Tools to Prevent Devastating Malware
- Custom malware frequently goes undetected. According to Forrester Research, the best way to reduce risk of breach is to deploy file integrity monitoring...
- X-Ray of the PCI Process-4 Proactive Steps
- This white paper from Forrester Research Inc., helps break PCI into understandable components. Security and risk professionals will gain knowledge and insight into...
- Identity Governance: The Business Imperatives
- This white paper describes the business challenges and opportunities that are driving interest in Identity Governance while discussing considerations your organization should make... All Security White Papers
- Live Webcast
Playing Defense: Staying on Top of Your Disaster Recovery Game - When it comes to disaster recovery, rapidly growing data volumes, distributed computing models, and new technologies all combine to present an ever-changing playing...
- Introduction to VMware vCenter Site Recovery Manager 5
- Traditional disaster recovery solutions are often too expensive, complex and unreliable to meet business requirements. As a result, IT departments are hesitant to...
- The Top Ten Secrets to Avoiding SAN Performance Problems
- Maintaining peak performance while simultaneously addressing the root cause of SAN errors is challenging. Learn the most common SAN problems and explore new...
- Deduplication Without Compromise
- Go inside Quantum's scalable, high-performance, multi-protocol new DXi deduplication appliances, designed to make backup much more effective. Discover how the new future-proof DXi6700...
- Director of Disk Products Discusses DXi6700
- Discover how the new DXi 6700 series of deduplication appliances provide investment protection and a future-proof feature set, all while delivering fast, scalable,...
- Playing Defense: Staying on Top of Your Disaster Recovery Game
- When it comes to disaster recovery, rapidly growing data volumes, distributed computing models, and new technologies all combine to present an ever-changing playing... All Security Webcasts