Talk to experts in supply chain security and, to a one, they’ll tell you the world’s cargo has never been safer than it’s been in the decade following the September 11th terrorist attacks.

But they also hasten to add that the global supply chain is large, complex, and by its nature has several potential entry points vulnerable to disruption and malfeasance.

That makes vigilance, flexibility, and yes, even creativity, ever more important—and not just to prevent the loss of cargo, the loss of assets, or the loss of life, they say.

“If you are an importer or exporter and one of your shipments becomes associated with terrorism or even a major, major loss, your branding and your public relations could be seriously affected,” says Jim Percival, VP of compliance at Damco Customs Services.

“Think of the public relations nightmare you’d have on your hands if an article on a tragedy in a trade magazine or the front page of the New York Timesplaced blame on your security failures,” Percival says.

Thankfully, there hasn’t been a major terrorist attack or dramatic loss of cargo in a U.S. port or in U.S. waters; but the job of protecting supply chain assets never gets any easier.

Along with threats that range from terrorism and piracy to cargo theft and even stowaways, security professionals are also dealing with the ever-increasing expectations of lawmakers and major shifts in national policies and strategies.

And then, of course, there are the needs and desires of the customers.

“Right now I think what many of our customers are looking for is the focus being placed both on trade facilitation and on security, with trade facilitation taking a more prominent role in what customs does,” says Earl Agron, VP of port and container security at APL.

“I think the feeling is [that] a lot of emphasis has already been placed on security, and, as you know, the economy is not at its strongest right now,” Agron says. “I think there’s a sense that all the stakeholders need to be careful in that whatever we do implement, to make sure it’s sustainable.”

Air cargo

Ted Henderson, SVP for global trade services at CEVA Logistics, describes the current supply chain security climate as one in which new issues have popped up and old issues are being revisited, not the least of which is the federal government’s intent to see 100 percent of airborne cargo scanned before it is allowed to enter U.S. airspace.

“That’s really been the big darned deal for the industry this year—and it highlights how complex a policy issue cargo security can be,” Henderson says.

Typically, between 10 million and 12 million pounds of cargo is uplifted into passenger aircraft from U.S. airports every day. In the wake of the September 11th attacks, the Transportation Safety Administration (TSA) mandated that all cargo passing through U.S. airports be screened by security personnel by August 2010.

But as with any program, there proved a gulf between the conception of the plan and carrying it through—implementing such a large-scale new screening program would have broken the backs of the airlines, whose margins are thin at the best of times and nearly nonexistent in times of economic turbulence.

At the same time, it would have disrupted well-oiled supply chains; logistics companies offer pre-packing and consolidation of multiple customers’ orders, a process that would have been completely un-done if airlines then had to break down all those packages.

“While the program as originally conceived was well-intentioned and extremely effective in theory, in practice it would have resulted in airport cargo sheds being jammed with boxes and tremendous delays,” Henderson says.

“Basically, you would have seen supply chains grinding to a halt,” he adds.

The TSA responded by massaging the Certified Cargo Screening Program to allow 3PLs to certify the pre-screen of cargo.

CEVA, Henderson says, “jumped into the program early.”

“We have nine locations where we screen cargo with X-ray and explosive trace detection devices, and that allows us to continue to pass along benefits to our customers and maintain our internal processes of consolidating freight and delivering it to the airlines,” he says.

While the industry appreciated TSA’s efforts, the agency continued to be under pressure from certain members of the U.S. Congress who argued that the law was not intended to address just cargo of U.S. origin, but also cargo destined for the U.S. from other parts of the world.

In response, TSA committed to delivering a screening program for international air cargo by 2013. Then, in October 2010, two printer cartridges containing plastic explosives were found on separate cargo planes bound from Yemen to the U.S.

They were discovered at en route stop-overs, one at East Midlands Airport in the UK and one in Dubai in the United Arab Emirates. According to investigators in the U.S. and Great Britain, the bombs were the handiwork of al-Qaeda in the Arabian Peninsula and were probably designed to detonate mid-air, with the intention of destroying both planes over Chicago or another U.S. city.

“It was an unfortunate incident and created a great deal of concern,” Henderson says.

Congress responded by telling TSA that 2013 wasn’t soon enough for the implementation of the international screening program. Instead, it said, it wanted the system in place by the end of 2011.

“As a result, trying to prepare for that deadline was the biggest thing CEVA and our counterparts in the industry dealt with all year,” Henderson says. “Candidly, the industry was having a hard time adapting to the accelerated deadline.”

Fortunately for the industry, in early October TSA scrapped the December 31, 2011 deadline for 100 percent screening of cargo on international passenger aircraft bound for the U.S.

Michael Steen, chairman of the International Air Cargo Association, says the decision showed the agency had the “foresight to listen to, and work with, the industry toward this objective.”

“We expect to engage in further consultation with TSA to ensure we continue to maintain the highest possible levels of air cargo and aviation security,” Steen says. “This has always been our priority, and we are pleased that TSA has taken into account [the] industry’s views. We need to maintain this truly collaborative approach to continue improving and evolving security.”

Henderson also thinks the decision to shelve the deadline was well-taken.

“If you just pause and think about it for a second, the idea of mandating the screening, at piece level, of every piece of non-U.S. originating cargo for every carrier around the globe, it’s kind of an overwhelming undertaking, and a staggering investment for air carriers to take on in this economy,” he says.

“Again, think about it, whether you were in Tokyo, Frankfurt, or Buenos Aires—any place freight would be loaded onto a passenger aircraft—you would have had to invest in TSA-approved equipment, put them in place, and then establish new procedures to go along with them,” Henderson says.

Over the past year, CEVA and other freight forwarders and the airlines have been in discussions with TSA and U.S. Customs and Border Patrol (CBP) to try to find an alternative that would meet the statutory requirements without creating huge financial and process burdens on the industry.

“It’s a challenging situation, and there are some real limitations to trying to safeguard cargo outside of the U.S.,” Henderson says.

First of all, he explains, as a U.S. government agency, TSA’s authority over freight forwarders does not extend to those based outside of the country. It can suggest. It can formulate guidelines they must follow once their cargo is in U.S. jurisdiction. But the agency is hard-pressed to approach anything like the power to say “go ahead and do this” that it has here.

Another issue, closely related to the first, is the fact that an increasing number of countries have imposed their own security programs that shippers and supply chain professionals are required to follow.

“For instance, we have X-ray machines at London Heathrow Airport to comply with a security program that’s been in place since the Lockerbie bombing of Pan Am 103 in 1988,” Henderson says. “Germany has its own screening requirements, and the list goes on and continues to grow.

“And remember, as each of these programs comes online, the U.S. and these other countries have to go through a lengthy process of gaining mutual recognition for their respective programs and ensuring that each meets the commensurate level of screening the other requires,” he continues. “To its credit, TSA has made a massive effort to engage with these other countries, but at the end of the day, the goals just aren’t easily attained.”

Henderson and others in the cargo security field estimate that for a very basic cargo security program, it costs about $200,000 per location just to install the necessary X-ray machines and explosives detection devices.

And these devices have to be an approved technology that’s been run through a TSA lab and shown to conform to the agency’s security goals, which leads to another issue: whether the device manufacturers can build the machines fast enough to meet the dramatically increased demand.

“On face value, it’s easy to say, ‘Gosh, the best way to secure everything is to look at each piece of freight;’ the reality to doing that is a much bigger task than you think at the outset,” Henderson says.

As this article goes to press, TSA has yet to establish a deadline date.

But for Henderson, who oversees CEVA’s global custom brokerage and trade consulting services, its supply chain security efforts, and its free trade zone operations, the delay may just give government and private sector partners alike time to come up with a better solution.

“Without getting into a big philosophical discussion, what it all boils down to is this: when it comes to security, we all revert to this concept that we need the medieval gatekeeper,” Henderson says. “We tend to default to this idea that the only way we can keep an area secure is to have that gatekeeper, the guy that sits out in front of the castle and looks at…and validates every cart that comes through and every person that comes through the door.

“But over time what we’ve found is that the gatekeeper concept doesn’t work; as we’ve seen in all the movies, Robin Hood and the Three Musketeers still somehow get into the castle even though the king didn’t want them there,” he continues.

“What does work, on the other hand, is community policing, active engagement, and gathering intelligence through those means,” Henderson says. “Then, if indeed there is a specific place where there is a legitimate concern, that’s where you put the gatekeeper.”

Validating activity

If the scanning of 100 percent of the cargo moving by air is a huge preoccupation for the supply chain security community, it is far from the only issue on their plate.

Among the others in 2011, in particular, was a scaling up of C-TPAT, the Customs-Trade Partnership Against Terrorism, and with it, much more active program validation activity on the part of the U.S. CBP.

“A number of our customers have been coming to us in the past month or two informing us that they were about to go through a validation and they need our assistance,” Henderson says. “We’ve also participated in validations ourselves this year, and the validations are getting harder and tougher.”

Henderson says while the trade and supply chain community certainly does all it can to support the fundamental idea of C-TPAT, “we’re getting to the point where the increased vigilance is starting to cause some anxiety.”

“We all agree that we do not want the global supply chain to be used as a tool of terrorism, but I think there’s a developing concern that the expectations of what the private sector should take on in what has always been a voluntary program are starting to go a little bit beyond what’s reasonable,” he says.

Validation is essentially an audit process through which CBP makes sure that program participants are complying with C-TPAT’s procedures both offshore and domestically. The validation covers everything from IT security, procedural security, and physical security to personnel-related issues and more.

Asked whether he believes the government’s asking the private sector to do more was a byproduct of the ongoing sluggish economy and lawmakers’ attempts to trim the federal budget, Henderson says he doesn’t think so.

“Honestly, I think part of it is just that the government has become more comfortable working with the private sector and has come to understand that it can be engaged in ways it wasn’t in the past,” he says. “I also think that as programs grow and a natural evolution takes place, that expectations grow as well.

“All of this is well and good—you expect measures to become more stringent over time as you realize where weaknesses can be strengthened—but I think it starts to get into an area where companies are taking on more and more responsibility and more and more of the cost,” Henderson says.

Beyond regulation

APL’s Agron also expresses relief that the pressure to implement the 100 percent cargo screening rules has subsided—however temporarily—suggesting that the push to move up the deadline from 2013 to 2011 became a distraction for all involved.

Among the issues that he feels remain largely unresolved as a result is the troubled implementation of the Transportation Worker Identification Credential (TWIC) program.

Authorized by Congress under the Maritime Transportation Security Act, TWIC was supposed to tighten security at the nation’s ports through the issuance of a biometric security credential to anyone requiring unescorted access to secure areas of facilities and vessels.

Years after it was to go into effect, many in the industry say the program leaves a lot to be desired. To date—years after the first ID cards were issued—the federal government has yet to set specifications for the readers that are supposed to scan them.

“It just underscores how, when it comes to security, the spirit of collaboration that exists between the public and private sector is everything,” Agron says.

“With C-TPAT, Customs and Border Patrol engaged their stakeholders up front and listened to the input they received, and as a result, the program has been extremely successful,” he says. “The roll-out of TWIC, on the other hand, things have been much more problematic. We’re still not seeing the program rolled out as originally intended, and I think that’s largely because while there was an effort at collaboration, in the end the TSA did not agree with a lot of the input the industry provided them.”

In fact, when it comes to supply chain security, he much prefers the concept of “engagement” to “collaboration.”

“In other words, don’t come to us, ask questions, check off something on a sheet of paper, and say, ‘OK, we discussed this with the stakeholders,’” he says. “Engage us, listen to us, and have an honest dialogue. I don’t expect the government to always agree with our perspectives, but we all have the same goal, and at the end of the day, as I think the success of C-TPAT illustrates, open and ongoing engagement with the industry really does matter in terms of the ultimate success of an initiative.”

While the international war on terrorism remains a central focus of the supply chain security community, tough economic times have also led to an increase in more traditional challenges, like the threat of theft and pilferage.

“As a result in the last couple of years, APL has reviewed and strengthened its anti-theft program,” Agron says, emphasizing that whatever aspect of security one is looking at, the answers are as multi-faceted as the challenges.

“Everything we do is based on a specific risk,” he explains. “As a result, for each situation we believe we’ll confront there are basically four questions we ask ourselves: 1. What is the risk we’re focusing on? 2. Who is the adversary? Is it a common criminal? Organized crime? A potential terrorist? 3.What are the potential solutions? And 4. Is there a business justification?

“In other words, we are not going to allocate as many assets to a relatively risk-free situation that we are to a situation where there’s a high-value cargo in a riskier environment; those situations, by their nature, require different responses,” Agron says. “I guess what I’m really talking about is scale. Risk has two very definite elements: the probability of occurrence and the consequence, and you try to at least reduce the magnitude of one or the other, and ideally both.”

If the 100 percent cargo screening requirement and demands on the private sector were hot-button issues for some, Agron also seems to be bothered by some of the decisions that have been made in regard to the deployment of technology.

He says he likes land-based screening but disagrees with the deployment of container-centric technologies.

“This is something that a lot of scientific and technological know-how has been applied to, and while it may be effective in small and very limited cases, I don’t think it’s a very practical approach when you talk about scaling the program across the globe,” he says.

“I mean, there are something like 19 million containers out there, each of which has an anticipated lifespan of about 15 years; does it make sense to install a relatively expensive piece of technology on each one when the obsolescence of technology is so short?” Agron asks. “Personally, I think there are still a lot of issues with this technology—everything from its reliability to the time and expense of replacing all these pieces when new and improved versions come along.

“Our efforts should be placed elsewhere,” he says.

Other challenges

“Whenever there’s a change in security procedures or technology by the federal government, it’s often accompanied by a lot of information systems programming work,” says Damco’s Jim Percival.

“When Customs implemented Importer Security Filing (ISF) requirements a few years back, we had a tremendous amount of IT programming to do in order to be able to deliver those ISF messages and have the visibility to those messages that our customers wanted,” he says. “And, as you know, when it comes to both government requirements and technology, everything needed to be done yesterday, so there was a tremendous amount of pressure on the IT side.”

The other constant in the cargo security realm is the ongoing education of clients and colleagues, Percival says.

“That’s particularly true of your middle- and smaller-sized customers,” he explains. “Your larger clients are probably as familiar with the various security requirements that are in place as you are, but smaller customers and those that are just entering the international trade arena may have no idea. They just haven’t been that close to it.

“So there’s always some kind of education that’s taking place, and it often takes place within a very small window of opportunity,” Percival says.

“Beyond requirements, there’s always a constant need to update and educate your clients about those the government deemed denied parties, blacklisted companies, and embargoed countries,” he says. “Those lists are changing all the time, in fact, often on a daily basis.”

Interestingly, it wasn’t what happened in 2011 that most challenged or disappointed Percival this year, it was something that didn’t happen—the anticipated implementation under C-TPAT of a tiered rating system for supply chain security providers akin to the rating system already in place for importers.

“I think this was very unfortunate, at least from Damco’s perspective, because we feel we go above and beyond the security requirements of the federal government and we see such a tiered system as a way of differentiating ourselves from our competition to existing and potential customers,” Percival says.

“As it is now, we’re all simply labeled as being C-TPAT validated,” he adds. “We want to be recognized as a cut above when it comes to our security efforts. Hopefully, that tiered program will come into being in 2012.”

For his part, Henderson says one thing he would like to see in 2012 is approval of new trace explosive detection technology that’s entered the marketplace, including one technology he described as “a handheld collector or sniffer.”

“Basically, it’s a technology that takes in the air around a container and evaluates the particulate matter, and it appears to be just as effective as the process we use now, which is swiping a swab over the box and then putting it through an analysis device.

“This kind of advancement would be a real process improvement and one where we wouldn’t have to re-route our process flows or dedicate several hundred square feet in a facility for a massive new machine,” Henderson says. “It would certainly accomplish the goal of securing the supply chain, without impacting the process or adding extreme new costs.

“Of course, advances and new procedures in cargo security are largely a product of what happens next,” he says.

This, of course, in Percival’s words, is “the $64,000 question.”

“I think the one thing you can say with certainty is this: the bad guys will continue to become more sophisticated, and we will become more and more sophisticated to thwart them,” he says.

“I think as more and more foreign governments take a more active interest in this, you’ll also see a lot more information shared between nations,” Percival says. “This is a global issue, and the need to secure the supply chain and have the confidence that it is secure will never go away.”  wt