Commissioner Dye’s Prepared Remarks to National Maritime Interagency Advisory Group Meeting

Johns Hopkins Applied Physics Laboratory
Cybersecurity Threats to the Maritime Transportation System
National Maritime Interagency Advisory Group Meeting
Commissioner Rebecca Dye Remarks
July 19, 2016

Thank you, Dr. Egli.

Maritime Security Background

I appreciate the invitation to speak here today. Although not an expert in cybersecurity, I have considerable policy experience with maritime security issues. Before I was confirmed as a Federal Maritime Commissioner, I had a 15-year career on Capitol Hill as committee maritime counsel in the House of Representatives.

I was Minority Counsel for over seven years to the Merchant Marine and Fisheries Committee, and later, Majority Counsel and Subcommittee Staff Director to the Transportation and Infrastructure Committee. During that time, I handled maritime and environmental safety, law enforcement, and security issues.

The last piece of legislation I handled for the Transportation and Infrastructure Committee was the Port Security Act of 2002. After the horrifying events of September 11, 2001, in the House of Representatives, the Transportation and Infrastructure Committee was “ground zero.” Our aviation staff immediately began action on a new approach to aviation security, and those of us with oversight over ports and waterways began intensive discussions on what a new port security regime should do for our country.

After satisfying Members of Congress that the U.S. Coast Guard had sufficient authority to secure our ports in the short term, we began discussions with our Senate counterparts on a port security system focused on preventing a terrorist attack on the homeland through our ports.

Those of us who had been involved with the development of the successful environmental protection regime established after the EXXON VALDEZ disaster in the Oil Pollution Act of 1990, immediately began considering a national homeland security planning and system based on the oil pollution prevention model. Within that framework, we developed the original Coast Guard and Customs homeland security system, including security planning, personnel identification, and advance shipping information requirements.

I was originally confirmed to the Federal Maritime Commission by the Senate the day after Congress sent the Maritime Security Act to the President for his signature. Since that time, I have followed subsequent maritime security developments with great interest. Because of my background in maritime security, I am keenly aware that our international maritime transportation system, and the technologies on which it depends, face increasing security challenges.

Industry Economic Challenges

There are several current maritime transportation economic challenges that affect the ability of container shipping companies, ports, and other infrastructure providers to devote substantial resources to addressing cybersecurity threats.

The economic challenges facing the container shipping industry, both at sea and ashore, include:

• The slower growth of demand for vessel space that is occurring in conjunction with purchases of ultra-large vessels – as container shipping companies seek ever greater economies of scale.
• At the same time, vessel operators are expanding operational cooperation through multi-carrier alliances aimed at reducing each company’s cost and financial risk while maintaining world-wide service networks.
• Supply and demand imbalances have yielded dramatically lower freight rates and significant revenue shortfalls for vessel operators.
• That, in turn, results in even greater cost cutting pressures — including greater reliance on IT technologies and further automation of vessel and terminal operations.
• It also gives rise to increased merger and acquisition activity.
• Taken together, that suggests that the network of logistics and supply chain management information systems that facilitate the flow of America’s maritime commerce is likely to grow increasingly complex.
• The industry’s dependence on IT-driven automation and electronic data sharing will increase, and the actors, including alliance members and automated marine terminals, will become even more closely integrated through their business systems.
• The fact that the container lines that serve the United States, and their IT networks on which they depend, are almost exclusively foreign-based is likely to be an important consideration for cybersecurity assessments and planning.
• In addition, there are important foreign maritime facilities that are critical to our major East/West trades–such as the recently expanded Panama Canal–that lie beyond our national borders.
• And finally, looking at our national supply chain, there is a clear commercial desire for more — and more accurate – targeted information sharing to support improved operational integration among all supply chain actors.

Need to Harmonize Homeland Security and Commercial Supply Chain Systems

I am currently involved in an initiative under an Order of the Federal Maritime Commission involving port congestion and global supply chain efficiency. We have organized representatives of 34 companies into three Supply Chain Innovation Teams to develop process improvements to increase supply chain reliability and resilience.

Our Supply Chain Teams have quickly identified enhanced information visibility as the best way to increase global supply chain resilience. Global supply chain information visibility supports efficient operational integration, and enhances international ocean transportation systemic reliability.

In addition, harmonizing security supply chain requirements, including cybersecurity requirements, with existing and developing commercial supply chain information system requirements may result in even greater overall systemic benefits, as the goals of commercial and security supply chains are more closely aligned.

Harmonizing effective cybersecurity measures with efficient commercial supply chain operational and management systems across a number of transportation industries, domestic and foreign, will require a high degree of supply chain coordination and integration.

A possible approach to harmonization may employ a forum for all stakeholders – including local governments and private industry representatives – to meet, share information and coordinate supply chain efforts, much like the current area maritime security planning committees. We have found that the “Innovation Team” approach to commercial supply chain planning is highly useful, and could be adapted as a model for supply chain planning purposes around the country.

Thank you for inviting me today. I hope to stay in touch with you as you develop new approaches to cybersecurity challenges in our dynamic and complex maritime system.