Beyond Piracy – the CSO’s dilemma?

As we enter 2015 the good news is that Somali based piracy appears to be contained by the good work of the shipping industry, the world’s navies and the security industry. However, the shipping industry continues to face challenges – in particular in the Gulf of Guinea and in parts of South East Asia but also in other areas such as migration attempts across the Mediterranean.

How does this affect the duties of the CSO? Firstly, we should remember that the ISPS Code was designed to manage the risks of terrorism and maritime security rather than that of piracy. Unless the vessel is flagged to a signatory of the New York declaration, anti-piracy procedures are not mandatory for the Ship’s Security Plan. Furthermore, since the SSP is a controlled document, making revisions can be a time consuming and costly process and since ISPS self-protection measures identified may not be appropriate as anti-piracy precautions the potential for confusion about what measures to implement is high. This could lead to complications in the event of a security incident.

In today’s information age, with open source media instantly available via mobile devices or at the desk, the ability to identify and analyse security threats before a voyage is considered may appear to be becoming easy. But is that information always the right information to use? Is it current? Can it be trusted? To coin a phrase, “rubbish in equals rubbish out”. The ability to access this information can also lead to the danger of the “instant expert” and even automated systems can lead to the wrong analysis. After all, not all ships are the same, so why would the impact of a particular incident be the same?

But what about during normal operations? Any voyage has risks – be it weather related, sanctions (or other geo-political aspects) or that of terrorism or piracy. That is why Dryad Maritime believes in segmenting operations – those considered normal, those at risk and those in crisis.   Our ethos could be compared to the ISPS maritime security levels.

Whilst developing a company level plan to determine what voyages constitute normal operations versus an at risk operation may be relatively straight forward, the ability for chartering teams, operations team and the CSO to identify and analyse security threats may not be as easy. Without an obvious trigger point, companies may be reliant on experience alone to initiate risk assessment processes rather than definable checks and controls. But is it realistic for everyone in the company to understand the impact that a last minute change of voyage orders will have on security arrangements or what security information is relevant before fixing a voyage?

There is also the issue of monitoring events – the vessel may be operating in significantly different time-zones to the operations team ashore; teams who may not have the resources to monitor the masses of open-media information available to them on a 24/7 basis.

But the information age does give us some advantages. By using IT systems combined with dedicated, 24/7 operations teams with both security and maritime experience, a set of protocols can be developed which can trigger internal processes, risk assessments or initiate security provisions without the reliance on experience to determine any requirements.

Whilst it is difficult to build an automated system to give the end-user the right overall analysis– it is possible to build architecture, which can be linked to the owner’s own systems, which can trigger the thought processes required by the companies established policies. Such systems can also include other services such as weather monitoring and optimisation as an integrated voyage management system.

In this automated age – Dryad still maintains that the skilled mariner in the loop can offer competitive advantage in both normal operations and during operations at risk.   With such systems, operations in crisis may be averted.


Mark Thomas, Business Development Manager, Asia Pacific