Securing, Enhancing America’s Ports & Supply Chain
The American Association of Port Authorities and its membership recently looked ahead at the challenges and opportunities facing the Port Security Grant Program.
In its annual “State of Freight” series, AAPA has highlighted the transportation infrastructure needs of U.S. ports, state transportation agencies and multimodal projects. In this final report in the State of Freight series, AAPA turns to the vital role that security infrastructure plays in moving goods.
In 2002, Congress created the Port Security Grant Program (PSGP) as part of the direct response to the tragic terrorist attacks of 9/11. According to the Federal Emergency Management Agency (FEMA), the PSGP has funded 8,096 projects and invested more than $2.78 billion in America’s ports in the past 16 years. More than a decade and a half since the PSGP began, it remains a top priority for the American Association of Port Authorities (AAPA).
Significantly, AAPA members reported they will need another $2.62 billion to maintain and at times upgrade their security apparatus over the next 10 years. AAPA members also identified $1.27 billion in future security investments to address cybersecurity, active shooter, drone mitigation, resiliency or other evolving security threats. In total, a sustained investment of $3.89 billion ($4 billion) will be needed between 2019 and 2028. About 95% percent of AAPA’s U.S. corporate members responded directly to this survey.
New Threats, Evolving Security Approaches
Since 9/11, the U.S. population has increased by 15 percent with a pronounced shift to metropolitan areas where residents live in densely populated urban areas, including near port authority facilities that support both freight and passenger activity. Between 2001 and 2017, container volumes increased by 71 percent, total foreign trade in short tons increased by 37 percent, and passenger traffic at U.S. cruise ports increased by 98 percent. The majority of AAPA member ports say that their security costs increase proportionally to the growth in their ports’ freight or cruise volumes. And, yet, currently, the federal government invests just $100 million annually in the PSGP to protect one quarter of the nation’s Gross Domestic Product that moves through America’s ports.
- Fund the PSGP at a minimum of $400 million annually.
- Keep the administration of the Port Security Grant Program in FEMA.
- Designate within the Notice of Funding Opportunity that a minimum of 50 percent of the PSGP allocation be awarded to projects submitted by public port authorities and law enforcement and emergency response agencies directly responsible for the day-to-day safety and security of the port complex.
- Focus funding on the latest and emerging threats to our ports, to include cybersecurity, active shooter and drones.
- Conduct in coordination with each COTP an updated port wide risk assessment.
- Mandate that the local Grant Field Review Teams (GFRT) have equal representation of all stakeholder groups including local port authorities and representatives of the container, petrochemical, ferry, cruise or other impacted sectors as appropriate.
- Protocols should be established so that a member of the GFRT cannot vote or comment on their own grant application.
The Importance of the Port Security Grant Program
According to AAPA, ports are essential economic engines whose cargo activity support over 23 million American jobs and accounts for over a quarter of the U.S. economy. In 2014, U.S. seaports generated nearly $4.6 trillion in total economic activity. A port authority’s operating model varies from port to port. Some ports own and operate cargo terminals, while others lease their equipment and pier space to private operators.
Others engage in a combination or hybrid of both activities. Additionally, the types of cargo that move through ports vary widely. Containers, automobiles, energy commodities, break bulk and passengers are a few examples. All port business models have varying security needs; however, the one constant at every port is the commitment to security to ensure the safe movement of all types of cargo and people.
From a security perspective, ports are a place of commerce, business centers within the global supply chain. Ports have multiple access points that make security challenging – be it ship, truck, rail, visitor/employee entrances and increasingly the business networks that are vulnerable to cyberattacks – these access points must be secured. Because of the central role ports play within the supply chain, any disruption or security vulnerability is magnified and has the potential to put in motion a cascading economic disruption that impacts the supply chain and the national economy.
AAPA Survey: Sustainable Funding for PSGP Needed
AAPA members identified $4 billion in port security funding needs for U.S. port authorities alone over the next 10 years, which comes to $400 million annually. But the $4 billion in port authority needs is just a small slice of the total potential funding need. AAPA represents 79 U.S ports, and while these port areas are the major freight and passenger access points for the country, there are 281 other ports of varying sizes throughout the country that are also eligible to utilize the PSGP. Within those 361 ports, there are over 3,500 MTSA regulated facilities that continue to have security challenges, such as cybersecurity and other evolving threats, and need funding assistance to properly mitigate the risks.
Furthermore, according to FEMA, over the past 10 years only approximately 25 percent of annual PSGP funding went directly to port authorities. Public sector first responders such as police, fire and emergency management services account for 60 percent of the annual program funding. This means that more is being spent on response capabilities than on awareness, prevention and protection measures. This survey makes the case that after more than a decade, the focus and resources need to revert to public port authorities.
The $4 billion identified by AAPA members is an important starting point for the PSGP, but it does not represent the total need for the program.
How the PSGP Works
For several years, PSGP funding has been utilized to address security needs outlined in a port’s Strategic Risk Management Plan (SRMP). Initially, these plans were blueprints for ports to follow, but they have not been updated in more than a decade. Meanwhile, the threats have evolved. Furthermore, port security project funding goes through a rigorous local review and national risk evaluation process. Ultimately, each local Captain of the Port (COTP) and their staff provide the final recommendation for their maritime region’s project priorities before they are submitted to FEMA. FEMA relies on COTPs to verify PSGP maritime security needs and to rank their region’s projects. Primarily, FEMA follows the guidance of the COTP, but as resources have dwindled, FEMA has been unable to fund all COTP-recommended projects.
The framework for a collaborative process is in place. The peer review process has been a keystone in FEMA’s administering of the PSGP, which coordinates ports, their partners and the localized input of the 43 Area Maritime Security Committees that feed into the 41 COTP zones. However, the State of Freight IV Port Security Grant Program Report and follow-up conversations with port security grant applicants found that while the level of collaboration, information sharing, and project management is significant and continues throughout the year, ports are not receiving sufficient port security funding.
Suggested PSGP Improvements
AAPA members have advocated that port security grants should be awarded through a port-centric lens. The program veered away from a port-centric approach in the 2007 supplemental bill, which expanded the pool of eligible port applicants to all entities covered by an Area Maritime Security Plan (AMSP).
According to a Government Accountability Office (GAO) report, FEMA implemented key changes to the grant program in the fiscal year 2007 and 2007 supplemental grant rounds to promote enhanced regional collaboration. For instance, in fiscal year 2007, FEMA introduced a tiered structure to the grant program whereby each port area was placed into a funding group based on risk.
In the supplemental 2007 grant round, FEMA also transitioned the second highest risk funding group to this collaborative process. The remaining funding groups retained the competitive structure and competed for funding within their funding group. FEMA made two additional changes in the 2007 supplemental funding round to promote regional collaboration. First, FEMA required all Risk Group I and II port areas to select a fiduciary agent to coordinate the grant process in the port area. Second, FEMA required all Risk Group I and II port areas to develop a Port-Wide Risk Mitigation Plan.
Since 2007, FEMA has focused funding on anything in a port-wide risk mitigation plan. AAPA believes there is a need to focus funding on the original intent of the PSGP which was focused on the maritime security plans. Prioritizing funding for port authority facilities will achieve this goal. AAPA recommends that a minimum of 50 percent of the annual PSGP funding be designated within the Notice of Funding Opportunity to be awarded to projects submitted by public port authorities. This process would direct the focus and resources back on public port authorities and be an impetus for increased partnership opportunities between port authorities and maritime stakeholders.
Key Areas of Concern
Cybersecurity: 85 percent of AAPA U.S. member ports say they anticipate direct cyber or physical threats to their ports to increase over the next 10 years. Conversely, 10 years ago, cybersecurity, active shooter, drones, increasing energy exports or other soft targets were not highly anticipated threats facing ports and the supply chain. For example, the 2017 APM Maersk cyberattack illustrated how an incident can start outside the U.S. and have a cascading impact on our ports and terminal operations across the globe. At the Port of Los Angeles, the Cybersecurity Operations Center, which was funded by $2.4 million in PSGP grants, prevents 15-20 million cyber threats on the port’s business network each month. However, several survey respondents reported that applications for similar cybersecurity programs in other ports have been denied PSGP funding. 78 percent of ports anticipate using future port security grant funding on cybersecurity, and 90 percent report that future PSGP funding would be used for upgrading technology, such as cameras and other surveillance tools.
Soft Targets: So-called ‘soft targets’ such as the vulnerability of an active shooter “keep port security staff up at night,” said multiple port security directors. In recent years, we have seen active shooters in airports and other infrastructure transfer hubs. Eighty-six percent of ports would use future PSGP funding to enhance physical security, and 65 percent would invest PSGP funding for training to better prepare port and local first responders to respond effectively to soft target threats such as an active shooter, emergence of high capability drone interception technology and an increased need for waterside security to protect energy transfer stations.
Mobile Security: As the supply chain becomes more integrated, this level of connectivity is likely to expand the direct supply chain outside the gate and increase the need to have mobile security resources. The State of Freight III report noted that 36 percent of ports have direct connections with an inland port. Massport has used PSGP funding with an eye toward securing a growing and expanding supply chain. With the purchase of a portable X-ray system, the port can scan trucks and cars, address bomb threats inside the gate, at terminals and transfer hubs outside the port.
Drones: While the ground security of ports and the supply chain have been the focus of much of the security of the PSGP, drones are now raising a level of concern. For example, after having implemented a drone permitting requirement in 2017, the Port of Long Beach is experiencing a pronounced increase in the use of drones for commercial activities. As a result, the port is exploring technologies to effectively monitor drone activity over its complex and to identify unmanned aerial vehicles that may pose a safety and security risk.
Energy Security: Securing energy commodities continues to be an increasing concern for ports as surging natural gas exports and higher crude oil shipments will help the United States achieve the status of energy exporter for the first time since 1953. Port Tampa Bay received PSGP funding
to purchase a rapid deployable small boat intrusion barrier system to protect a critical petroleum transfer facility. Additionally, small boat attacks against vessels carrying hazardous materials are of major concern to the U.S. Coast Guard and ports. Vessels at berth are especially vulnerable. The Tampa complex serves five different fuel storage facilities critical to the distribution of refined petroleum products in the central Florida region. Upon notification of an impending threat, or the receipt of relevant intelligence regarding a threat against this or similar facilities, the barrier system can be deployed almost immediately, thus securing the vessel in the facility. This innovative system can take less than an hour.
Interoperability: Traditionally, a project that has maintained continuity among port security partners has been interoperable communication equipment. “Without this equipment we are out there alone,” said one port security director. Ports such as Port Fourchon rely on the PSGP so that they can upgrade their interoperable communication capabilities to communicate with their local, regional and state law enforcement partners along the Gulf Coast.
Maritime domain Awareness: Port-wide maritime domain awareness consists of security operating systems that connect and integrate video feeds, radar, weather and law enforcement data into a single platform. These operating platforms provide the baseline for port security and communications systems in and around maritime facilitates. With new technology coming online, increasing cyber threats and more integrated communication systems, upgrades in many ports must be made. Funding for upgrading these systems must be a priority.
A Growing Supply Chain Increases Port Security Concerns
Increasingly, when freight infrastructure investment is planned, supply chain security is also involved. In 2016, the Fixing America’s Surface Transportation (FAST) Act created a funded freight program, which includes ports as eligible recipients. Ports are now firmly recognized as part of the surface transportation, logistics and distribution network. Equally important, the FAST Act required states to complete state freight plans to continue to receive their freight formula funding. The results have been impressive. To date, 90 percent of the states have submitted multimodal state freight plans to the U.S. Department of Transportation. Assuming multiple roles, the nation relies on the PSGP to protect ports, communities and growing value of the supply chain. As America’s freight network is built out and the supply chain becomes more integrated and operational, ports are often the first – and sometimes the last – line of defense.
Keeping ports secure and the supply chain moving also requires a renewed commitment from the federal government regarding the funding levels and strategic direction of the PSGP. AAPA member port authorities identified $3.89 billion in needs in the next ten years to maintain and upgrade their facilities and ensure that they are well-equipped to address new security challenges. Providing adequate funding and refocusing the PSGP to become more port-centric, the federal government can demonstrate its commitment to the security aspect of the nation’s supply chain.