Maritime Supply Chain Security

Foreword by Ian Millen, Chief Operating Officer – Dryad Maritime

I would like to highlight the below article, a good piece of analysis looking at the vulnerability of global sea supply chains and the measures that can be adopted to ensure that these are as robust as possible through compliance with the International Ship and Port Security (ISPS) code.

Around 80% of the volume of international trade in goods is carried by sea, so global trade is naturally dependent upon shipping and seafarers. As equally important as global commercial activity is the vital humanitarian role that shipping plays when crisis befalls a nation. Just the US Ambassador to the United Nations highlighted the need to increase UN-led humanitarian efforts in Yemen, a war-torn country that is heavily dependent on imported food.

To say the world is reliant on shipping is no exaggeration, and this article does a great job in highlighting why the maritime supply chain sector is so vitally important and what steps can be taken to protect it, as well as highlighting the steps to take in preparing for dealing with crises when they occur; particularly through the use of well organised, structured exercises and lessons capture activity.

The author makes a particularly strong point on the need to engage all relevant stakeholders in exercise activity and not just to leave this to the security officer and a close circle of associates. Those of you who have dealt with crisis situations will know that real incidents generate stakeholders with a multitude of opinions and perspectives, so valuable exercise activity must do this too.   

In sum, the article is an excellent piece of analysis that is written from an expert in the field, who has a very clear understanding of how to effectively protect against numerous forms of terrorist activity. The article’s value goes far beyond the maritime domain, but for anyone with responsibility for the protection of maritime supply chains, especially Port Facility Security Officers (PFSO), it’s a must read.

My thanks to Simon Grantham of for authoring this excellent analysis and to Emily Hough, the editor of , for her kind permission for publication on our website.

The original article can be accessed from 


Maritime Supply Chain Security by Simon Grantham, Praeparare

A few news stories have caught my eye recently that made me wonder what could be done to improve the resilience of our just-enough, just-in-time global supply chains. The first related to the civil strife that has plagued the people of Yemen for so many years. Living with such circumstances must have been bad enough, but there was more to come: Yemeni people are also heavily dependent on imported food, most of which – like much of the world’s trade – is delivered by sea. After the rebels made some very significant advances, the Yemeni government, supported by Saudi Arabian forces, created a blockade to prevent rebels being resupplied with munitions.

To some it might seem unlikely that the delivery of much-needed foodstuffs would be affected: after all, how could food be confused with munitions? But such events are not so uncommon and, as if to serve as a case in point, just a few weeks earlier, officials at the Colombian port of Cartagena had discovered 100 tonnes of arms and explosives on a cargo ship documented to be carrying grain.

When the blockade around Yemen’s ports was first implemented, several ships laden with food supplies were left stranded for many days awaiting inspection and escort into port. A few weeks later the situation is still very challenging for the shipping industry and food remains in short supply for the people of Yemen.

One of the other stories that gripped my attention concerned America’s response to the crisis in Libya and consequential lack of controls at its seaports. In addition to the loss of migrants’ lives in people traffickers’ vessels, exploiting those security vulnerabilities raised concerns about risk to the US and its citizens. Those concerns probably had more to do with impact than likelihood. As maritime security Wise Pen Team noted, the main characteristic of maritime transport is: “Its ability to carry very large amounts of cargo in a single voyage to large centres of population.” Reaching back into national memory, the Wise Pen Team’s description will resonate with the American experience of the Texas City disaster when the SS Grandcamp and the SS High Flyer, both loaded with ammonium nitrate, exploded, killing over 500 people, wounding 2,000 more and levelling around a thousand homes and businesses. Consequently, vessels visiting America that have called at Libyan ports within their last five ports have to comply with a stringent set of security standards.

US maritime supply chain concerns have been voiced before, such as when Harvard political scientist Graham T Allison suggested that a nuclear attack was much more likely to land on American soil via a container ship than on the tip of a missile. Certainly, in the early 2000s, it seemed as if the maritime sector was going to be a prominent feature of the jihadist target set.

Indeed, after al-Qaeda’s attack on the oil tanker Limburg, bin Laden released a statement about ‘cutting the crusader’s umbilical cord’. A raft of maritime terrorist plots stretching across the globe were identified and documentation outlining al-Qaeda’s maritime strategy had also been discovered.

To say the global response was impressive is something of an understatement. In November 2001, the International Maritime Organisation (IMO) adopted a resolution entitled Review of Measures and Procedures to Prevent Acts of Terrorism Which Threaten the Security of Passengers and Crews and the Safety of Ships. In an incredibly rapid, co-operative global response, the International Ship and Port Facility Security (ISPS) Code was adopted by 137 contracting governments in December the following year. A remarkable achievement – more of which later.

But the reason the Libyan ports story stood out was because it came hard on the heels of an essay written by a so called Islamic State (IS) ideologue, suggesting that now IS had a presence in Libya, pandemonium could be brought by sea to southern Europe and the shipping lanes closed: “Because of the targeting of Crusader ships and tankers.” Maybe this is just rhetoric but, in the context of up-skilled jihadists acutely aware of the importance of supply lines, the statement seems worthy of further consideration.

So what might be an appropriate means of ensuring our supply chains are sufficiently robust? To go back to the ISPS Code, this required relevant ports to develop security plans and exercise them on an annual basis. Becoming ISPS compliant for international ports was a no brainer – nobody wanted to be left out of the opportunity to trade internationally by sea. So security plans were developed and signed off.

Granted, in some ports security plans were more credible than others, but they were at least a start. As time went by, however, the spectre of maritime terrorism did not manifest itself as had been feared. The likelihood of maritime terrorism became seen as low and, in an economic downturn, there were savings to be made regarding these plans. Von Moltke the Elder asserted that: “No plan survives contact with the enemy.” Given the changing nature of the threat, now would seem a good time to exercise those plans and make sure they are fit for purpose.

Exercises do not need to try and emulate those like the Rim of the Pacific Exercise (RIMPAC), the world’s largest international maritime warfare exercise series that involves several nations, thousands of players, dozens of vessels and hundreds of other live assets. A huge amount of learning can be taken from a simple table-top; the IMO recently ran such an exercise with a group in Mauritania to great acclaim. The point is that, properly structured, all manner of exercise types will deliver appropriate learning.

There are a few key considerations to constructing a good exercise and the text below will be expanded on in a series of blogs over the next few weeks.

First of all, an exercise should be driven by its objectives. It may sound obvious, but committing time and effort to be really clear about what you want the exercise to deliver is absolutely key. There is a school of thought that says it is better at this level to think about the consequences you may be faced with rather than the specifics of the type of attack. The logic is that wider business benefits will flow from taking such an approach, for example media handling and managing competing multi-agency needs are aspects that are relevant across a range of scenarios much more likely to be encountered than a terrorist attack.

You should set multi-agency objectives. Seaports are occupied by so many organisations, all with their own needs and priorities, so make sure partners are included in the objective setting – think broadly about who it is sensible to include. Generally speaking, if someone would have a locus in resolving an incident in the real world, then his or her views need to be heard during the exercise.

When dealing with a real-life incident that mirrored a recently run exercise one operations director asked why a particular decision was taking so long when, during the exercise, the course of action had been determined in a matter of minutes. “Ah,” came the reply, “But now the lawyers are saying…” Such people need not necessarily be full players – there are a myriad of ways of ensuring their contribution keeps responses real – but their input does need to be included.

Furthermore, all exercises have to be kept relevant, realistic and appropriate to current conditions. The last thing you want is someone saying: “In the real world I would have done things differently,” because, if true, that would undermine any associated learning. It is therefore vital to get the buy-in of all players, and to achieve this, the theme needs to be relevant and realistic.

Make sure the exercise reflects current terrorist modus operandi and is appropriate to the port involved. The ISPS Code lists a number of scenarios and Exercitium, the European handbook of maritime security exercise and drills, does also – together with some really sound broader advice. Terrorists crave success so they will often resort to tried and tested methods of attack.

But, with so many active jihadist conflicts – Afghanistan, the Caucasus, Iraq, Libya, Nigeria, Somalia, Syria, Yemen and so on – it is also critical to keep abreast of developing trends.

Do not neglect pre-exercise preparation. Exercises are challenging events for key individuals. Leaders do not want to look foolish in front of their subordinates and team players want to be able to demonstrate a masterful knowledge of their own discipline. So it is worth making sure people have the opportunity to prepare themselves accordingly. For a table-top this could involve ensuring everyone knows the latest policies and procedures (and brings such documents to the event); for the live play it might be that they have been involved in recent multi-disciplinary table-top exercises.

The preparation should not generally extend to players knowing the scenario – that will often undermine the validity of any learning, although there might be a benefit in some key individuals being allowed insight into the broader storyline – they can then be approached to help put things back on track if the unexpected happens. People who are prepared are much more likely to enjoy the experience and that will make for a far more valuable exercise.

Capturing lessons

Working out how you will identify and capture the lessons is key. Observers or umpires who are competent, current and, most of all credible, can be of particular value where the learning objectives are strategic in nature. Where objectives are more operationally focused, self-reporting by the players themselves – for example through structured debriefing – can be a cost-effective approach, depending on the pace of the exercise and organisational culture.

The use of third party subject matter experts has a real value here: it is easier for an outsider to tell the truth to people in power. An outsider has no loyalty to internal politics, will not be constrained by internal thinking and will very likely bring new ideas.

The process of articulating the learning clearly requires very precise language, but even more fundamental is the requirement to validate the issue in question. There is no point in developing a solution to an artificiality that only arose because of the circumstances of the exercise. This normally requires recursive dialogue between relevant exercise participants, planners and those involved in managing the learning.

Finally, do not neglect implementation, the hardy perennial of exercising! Once the lessons have been signed off as valid and the wording agreed, they need to be logged, risk assessed, assigned an owner and reviewed by senior management until they have been absorbed into practice. Testing them then needs to be included as a future exercise objective.

Exercising in seaports is not just about gaining an ISPS compliance check – properly constructed exercises can provide a range of business benefit: Validating plans; developing personnel; embedding policies and procedures; and building relationships. They can expose gaps in existing plans and allow you to plug them before they cause harm. And they give the opportunity to people to gain a sound understanding of their role in times of crisis.

As Sun Tzu said: “Without constant practice, the officers will be nervous and undecided when mustering for battle: without constant practice the general will be wavering and irresolute when the crisis is at hand.”

This article was first published in