DHS Has Done Little To Protect Port Facilities

Gregory C. Wilshusen, Director of Information Security Issues for the Government Accountability Office (“GAO”) testified before the Committee on Homeland Security Issues and the Subcommittee on Border and Maritime Security, House of Representatives, on the state of cybersecurity at the nation’s maritime critical infrastructure.  The testimony was based on an audit conducted by the GAO assessing the extent of the steps taken by the Department of Homeland Security’s (“DHS”) to address the cybersecurity in the maritime port environment.

DHS Port Sec

According to Director Wilshusen’s testimony, the GAO has considered federal information security as a “government-wide high risk area” since 1997, and expanded that designation to include the protection of systems supporting the nation’s critical infrastructure in 2003.  Adequate cybersecurity at ports is highly critical because:

  • Ports are an essential part of the nation’s critical infrastructure and over $1.3 trillion of cargo are handled at the nation’s ports each year;
  • Disruptions at one of these ports can result in significant impacts on global shipping, international shipping, and the global economy; and
  • Ports are often located in densely populated metropolitan areas, so a disruption can pose a risk to public safety.

Director Wilshusen testified that DHS and other stakeholders had taken only limited steps to address the cybersecurity of the nation’s maritime environment.  Specifically, the 2014 report highlighted the following inadequacies:

  • The Coast Guard did not include a comprehensive assessment of cyber-related risks, vulnerabilities of cyber-related assets, and potential impacts in the 2012 National Maritime Strategic Risk assessment, and it failed to include it in the 2014 revision even after officials stated that the issue would be addressed;
  • The Coast Guard did not address cyber-related risks in its guidance for developing port security plans;
  • The Coast Guard helped established information-sharing mechanisms, including a sector coordinating council made up of private-sector stakeholders, but the council was disbanded; and
  • The Federal Emergency Management Agency (“FEMA”) identified enhancing cybersecurity capabilities as a priority for its port security program, which is designed to defray costs of implementing security measures, but its grant review process was not informed by Coast Guard expertise on the matter.  As such, the risk of allocating the grants to projects that would not effectively enhance security was higher.

As a result, the GAO made recommendations to enhance the Coast Guard and FEMA’s efforts to address port cybersecurity, including:

  • Include cyber-risks in its updated risk assessment for the maritime environment;
  • Address cyber-risks in its guidance for port security plans;
  • Consider reestablishing the sector coordinating council to give maritime stakeholders a national-level forum for information sharing; and
  • Ensure that funding decisions for its port security grant program are informed by subject matter expertise and a comprehensive risk assessment.

As of the date of October 8, the date of the testimony, DHS had only partially addressed two of the recommendations.

The full report can be found here.

Share:

Tags: , , ,

Authors

Untitled Document
Professor William Snyder

Professor William C. Snyderis a member of the faculty of the Institute for National Security and Counter-terrorism at Syracuse University after fifteen years with the United States Department of Justice.

Christopher w. FolkChristopher W. Folk

is a second year student at SU College of Law. Christopher is a non-traditional student, returning to academia after spending nearly twenty years in the high tech industry. Christopher served in the Marine Corps, graduated from Cornell University with a B.S. In Applied Economics and Business Management, attended Northeastern University’s High-Tech MBA Program and received a M.S. In Computer Information Systems. Christopher previously worked in Software Engineering and in addition to being a full-time student, Christopher is currently serving his second term as Town Justice for the Town of Waterloo. Christopher externed with a Cybersecurity firm in the Washington, D.C. area between his first and second year at SU College of Law. Full biography

Ryan D. White

Ryan D. WhiteRyan is currently a second year law student at Syracuse University College of Law, and is also pursuing a Master of Public Administration degree from Syracuse’s Maxwell School of Citizenship and Public Affairs. Ryan spent time with Homeland Security Investigations while pursuing his undergraduate degree at Wesleyan University, and spent his first summer of law school as clerk for the U.S. Attorney’s Office in the Western District of New York. He is a member of Syracuse Law Review, the Journal on Terrorism and Security Analysis, and participates in the Veteran’s Legal Clinic.Full biography

Anna Maria Castillo

is a third year law student at Syracuse College of Law. She is also pursuing a Master of Arts in International Relations at Syracuse University's Maxwell School of Citizenship and Public Affairs. She has interned at a London-based think-tank that specializes in transnational terrorism and global security and at the legal department of a defense contractor. She currently serves as an executive editor in the Syracuse Law Review. Full biography

Jennifer A. CamilloJennifer A. Camillo

is a third year student at Syracuse College of Law. She has served as a law clerk in the United States Attorney’s Office for the Northern District of New York and the Cayuga County District Attorney’s Office and as an extern in the Oneida County District Attorney’s Office. She is a member of the Syracuse National Trial Team and was recently awarded the Tiffany Cup by the New York Bar Association for her trial advocacy achievements.

Tara J. PistoreseTara J. Pistorese

holds Juris Doctor and Masters of Public Administration degrees from Syracuse University's Maxwell School of Citizenship and Public Affairs and its College of Law. She has served as a law clerk in the United States Attorney's Office for the Western District of New York and the Public Defender Service for the District of Columbia and as an extern in the United States District Court for the Western District of Washington. Full biography

Benjamin Zaiser

is both a scholar and a Federal Agent of the Federal Criminal Police Office of Germany. (Opinions expressed here are his own and not any part of official duty.) Full biography

Categories