Integrating vulnerability and threat analysis: a new benchmark for port security



Ted Langhoff, Director, Cargo and Port Security Practice, and Nishant Pillai, Director, Cargo and Port Security Practice, Unisys, Virginia, USA


The rise in globalization has dramatically increased the flow of people, materials and capital across international borders – generating new economic opportunities while making national borders around the world increasingly vulnerable to a wide range of security threats. To achieve the elevated level of security preparedness required in the post-9/11 world, ports require new models and approaches that enable them to gain greater insight into risk and make informed decisions about security and resource utilisation without impeding the flow of trade.

Traditionally, ports have leveraged either questionnaire-based vulnerability assessments or scenario-based threat methodologies to measure their security postures. A threat scenario approach considers the full spectrum of threats, identifies their sources, and examines supporting information to evaluate the likelihood and consequence of each threat. Conversely, vulnerability assessment utilises standard questionnaires to identify existing points of weakness and calculate the vulnerability level. Neither approach, however, when used in isolation presents a comprehensive picture of potential risk. As a result, neither can provide a comprehensive view of risk nor facilitate the optimisation of security resources.

Ports require an integrated risk-based security model that combines elements of vulnerability assessments and threat scenarios in a dynamic fashion – focusing on human, cargo and asset movement and vulnerability – and includes a paradigm for decision making that helps port operators to optimise both security and resource utilisation.

The Integrated Risk Model: what’s in a name?
To close the loop in enhancing security, ports should apply both methodologies (threat scenario and vulnerability assessment) to fully understand their security postures and prioritise their security investments. The Integrated Risk Model combines these two approaches into a single methodology and is applied at both the individual terminal facility and port-wide levels. This model also considers operational factors such as cargo, people and information process flows when determining risk and action plans, taking into account potential adversaries as well as a port’s security forces when analyzing threats and vulnerabilities and making decisions about how to apply security resources.

To understand how the integrated model applies its operational focus, consider, for example, a port deemed susceptible to drug trafficking based on its geography. A specific terminal within the port, however, may only receive a few vessels containing bulk cargo each year or may only receive shipments originating in low risk countries. Based on these factors, customs officials and port officials may determine the terminal to be of relatively low risk and focus its resources in other areas. Conversely, terminals that receive shipments in containers from high-risk countries or automobiles in car carrier vessels (as opposed to bulk materials such as grain or coal) may be at a greater risk and merit additional cargo screening resources because they are more conducive to smuggling contraband. By understanding a port’s composition and its operational environment, customs and security officials can apply the right security measures to the highest risk operations.

Cookie Policy. This website uses cookies to ensure you get the best experience on our website.