jump to navigation

From Fragmentation to Consolidation- The Inevitable Shake-out of Maritime Security January 22, 2012

Posted by Chris Mark in Industry News, Piracy & Maritime Security.
Tags: , , , ,
1 comment so far

Over the past year the maritime security industry (anti-piracy) has changed significantly. While pirate attacks continued to increase through 2011, successful (in the view of the pirates) hijackings began to taper-off then decline toward the end of 2011.  By December 2011 attacks were down 65% and actual hijackings were down 85% from November, 2010 (read the post here).  The decline in successful hijackings can be attributed to a number of factors including adoption of BMP4, use of armed guards, convoys and so on.  Regardless of the reasons, from a market perspective the impact is the same.

Within the same time period the entrants into the anti-piracy arena increased an estimated 4 fold.  From the early days of RedFour, PVI, Trident and Nexus came a new rash of entrants as every former Marine, Commando, SEAL and other tactically minded person was attracted to the seemingly easy revenue present in the industry.  A look at the ICOC membership as of December 1st, 2011 shows 266 signatories.  Using the ICOC as a barometer one can see the explosive growth.   On November 9th, 2010 the ICOC had 13 signatories.  13 more signed on February 1st, 2011.  24 more signed in April, 2011, and so on. Of the 266 signatories over 150 appear to provide Maritime Security services.  Considering that there are numerous companies that have not yet signed, it is fair to assume that the number of Maritime Security Companies now stands at about 200.

While this is not a class on Porter’s Competitive Forces, there is some value to be garnered from Porter’s studies. Porter made it clear that choosing a firm’s relative competitive position within a selected industry is a decision of secondary importance.  The 5 forces provide a framework which allows for the identification of the anticipated profitability within an industry or segment and help companies stake a position within the industry.  A very quick, high-level analysis of the market shows that we are headed for the inevitable shakeout and consolidation of the  market.  Currently, the large number of competitors jockeying for position means that the maritime security industry appears fragmented but this is only temporary and does not tell the full story.  I say ‘appears’ because concentration ratios and other factors tell a different story.  For those who study competitive theory a fragmented market is good as it generally indicates a profitable industry.

Porter’s framework consists of five fundamental competitive forces.  Commentary has been added to each to show the movement toward consolidation.

1. Entry of competitors– assessing the ability of new entrants to start operations and the structural barriers they must overcome; (Comment) The less the barriers to entry, the greater number of competitors will enter the market driving prices down as competition increases.  It should be noted that the barrier to entry to ‘creating’ a maritime security company is low however the barrier to entry in successfully operating a company is high.  There is quite a bit of noise caused by entrants that have no capability to actually deliver on maritime services they are selling.   

2. Threat of substitutesassessing the ability of new products with superior characteristics to replace existing product(s) or service(s); (Comment) While armed guards seem to be the panacea of security, BMP4 and other tactics are proving effective, as well leading some to question the need for armed guards. 

3. Bargaining power of buyers– assessing the relative strength and number of buyers;* (Comment) the disparity in the size of the buyers (shipping companies) and the suppliers (armed security companies) coupled with the large number of entrants creates a situation in which buyers have strong bargaining power.  Prices continue to drop.

4. Bargaining power of suppliers– assessing the relative strength and number of sellers;* (Comment) with the exception of the few large player, suppliers generally have little, if any bargaining power. 

5. Rivalry among the existing players– assessing the relative competitive strength of rival firms.* (Comment) There is increasing rivaly among the players as new entrants enter the market.  Several large players are beginning to predominate the industry showing a trend toward consolidation.

* Concentration ratio (CR): the percent of market share held by the four largest firms within an industry is frequently used as a leading measure. A high CR means that few firms hold a large market share, are less competitive, and create a less competitive, more monopolistic landscape. Less competition leads to higher profit margins. A low concentration ratio indicates that an industry is characterized by many rivals, none of which has a significant market share. These fragmented markets are said to be competitive.   (Comment) Going back to my previous statement.  There are a huge number of new entrants but the vast majority of these companies are simply ‘hoping and praying’ that they can land a client.  Some companies have managed to sign clients only to realize that they cannot operationally support the clients.  

It should be noted that the decrease in hijackings is anticipated to result in a reduction in the demand for armed security. (at least temporary reduction until an event such as an increase in hijackings causes an new demand). Additionally, the increasing number of entrants is going to continue to drive profit margins down until there is a shakeout in the market.  It is a fair assumption at this point to say that within the next 12 months, an estimated 50% of the maritime security companies within the industry will be nothing more than a vanity company (no business just a name) or will be out of business while the major players with the operating capital, economies of scale, and operational expertise will survive the shakeout and continue to grow as the industry continues to consolidate.  The end result with be a more mature, disciplined industry with fewer entrants and more consistent profit margins. Unfortunately for the vast majority of industry entrants, their foray into the market will likely be short lived as they are either forced out, or acquired by the larger competitors as the market continues to consolidate.

PCI DSS and Piracy January 12, 2012

Posted by Heather Mark in PCI DSS, Piracy & Maritime Security.
Tags: , , , , , , ,
add a comment

I’ve been reading quite a bit on piracy lately. Not the adventurous, swashbuckling tales of pirates flying down the Spanish Main, but piracy in its present form. From a purely detached perspective, its an interesting exercise in cause and effect. Natural disasters, for example, have an impact on the surge in piratical acts. The Christmas Tsunami left many Somali fishing villages devastated and took the last legal means of sustenance from many families that depended fishing for their survival. As a result, they turned to piracy. Of course, that is not to say that Somali pirates are the Jean val Jean’s of their day, the thief with the heart of gold doing only what is necessary to survive.  These pirates are violent and aggressive and should not be coddled.  The interesting comparison to the PCI DSS, in my mind, derives from the impact of the crime on the industry and the global reaction to the phenomenon.

Impact of the Crime

Piracy is a crime that has an impact on all consumers. Higher insurance rates, security contingents, longer routes and therefore higher fuel costs, and similar circumstances that result from piracy mean higher prices for consumers.  Any costs that cannot (or will not) be absorbed by the manufacturer or the shipping company are passed on to the consumer. Similarly, data thieves have very definitely left their mark on the consumer. Those of us involved in the electronic payment industry recognize better than most the increased cost structure that has resulted from trying to achieve and maintain compliance with the PCI DSS and the countless data security, data breach notification and consumer privacy laws at play in the United States. Ongoing compliance and security monitoring, evaluating the threat landscape and the cost of validating compliance can quickly add up for companies.  Organizations that are already seeing their margins get squeezed are required to spend additional resources on security and compliance to ensure the safety of consumers’ data. Those costs can sometimes be passed along to the consumer.

Global Reaction

Data security and piracy were both issues that “flew under the radar” until high-profile instances brought them to the public awareness. In the world of transoceanic shipping, the issues that brought awareness were a couple of kidnappings for ransom and the hijacking of the Maersk Alabama. It’s important to note, however, that even before these incidents, the shipping industry and governments worldwide were working on standards and regulations that would mitigate the problem. The reaction from the industry should sound very familiar to veterans of the PCI DSS compliance world – “The standards are too prescriptive.”  “The standards were written by people that don’t
really understand the issues.”  “How are you going to ensure that everyone is complying with these standards?’ “The cost of complying with the standards are too burdensome for small companies.” These concerns should resonate with payment security professionals. The same questions and concerns are often raised about the PCI DSS.

For the payment industry, the events that really brought public awareness were a couple of high-profile data breaches at well-known retailers. The question really is, though, “What is the alternative?”  If neither industry had done anything to address these growing issues, the constituents in the industry would have raised the alarm about the apparent lack of concern from the powers that be.  The catch-22 of the creation and enforcement of the standards is that even though these standards achieve their objective of raising industry awareness and attempting to mitigate the risk of adverse events, the companies that suffer piracy attacks or data breaches are still often cast as the villian (as opposed to the victim) in the scenario.

What’s the Answer?

That is the crux of the matter – are the issues of data security and high seas piracy “solvable?” There are a variety of issues that drive the increase in both crimes.  Economic stability, the ability of governments to project their authority into these areas, jurisdictional cooperation and other factors drive the growth of both types of crimes.

While I cannot confidently address permanent solutions to either problem, I can suggest a shift in perspective. In the realm of data security and payment security, practitioners often attempt to solve the problem by layering more and more technology in front of the sensitive data.  Tokenization is one example of how a shift in perspective can provide alternative solutions. Extracting value from the data makes significantly less attractive to thieves. So instead of asking, “How can we keep thieves from accessing the data?” one might ask “What can be done in the transaction processing chain to render the data unusable to thieves?” We are currently retro-fitting security onto a system that has been in place for fifty years. If we were to remove any preconcieved notions of what a payment infrastructure should look like, what would we design?

UK House of Commons Report: “Piracy off the coast of Somalia” January 7, 2012

Posted by Chris Mark in Laws and Leglslation, Piracy & Maritime Security.
Tags: , , , , , , , ,
add a comment

The UK’s House of Commons Foreign Affairs Committee (FAC) published a report this week titled “Piracy off the coast of Somalia”.  You can read the report here. The 72-page report set out the findings of the FAC enquiry into the efforts of the Foreign and Commonwealth Office (FCO) and the UK Government to combat the increasing levels of piracy off Somalia.

Tackling the use PASGs, the report concluded that “the evidence in support of the use of armed guards is compelling” (emphasis added) but that the “Government must provide clearer direction on what is permissible and what is not”.

The report also said that the risk to pirates of encountering serious consequences is still too low to outweigh the lucrative rewards, and simply returning suspected pirates to their boats or their land provides little long-term deterrence.

SomaliaReport.com January 7, 2012

Posted by Chris Mark in Laws and Leglslation, Piracy & Maritime Security.
Tags: , , , , ,
add a comment

I came across a good reference that is worth sharing.  SomaliaReport.comhas great info on hijacked ships, ransoms, released vessels, and currently held vessels.  It also provides a weekly piracy report.  If you have a chance, take a look and see if there is any valuable info.

US Navy Rescues 13 Iranians from Somali Pirates January 6, 2012

Posted by Chris Mark in Industry News, Piracy & Maritime Security.
Tags: , , , , , , ,
add a comment

In a move that illustrates the brotherhood of the sea and the disdain for piracy wherever it may be, the US rescued 13 Iranian sailors who had been kidnapped by Somali Pirates.  According to MSNBC, a helicopter from the USS John C. Stennis, responding to a distress call from a merchant ship under attack, chased the pirates to their “mother ship”.  The mothership was an Iranian flagged dhow that had been hijacked earlier.  A counterpiracy team from the USS Kidd then boarded the mothership where they found 15 armed pirates and the 13 Iranian crewmen. The pirates were taken into custody and the Iranians were released in their dhow.  Interestingly, the USS John C. Stennis is the same carrier that Iran had threatened to never allow back into the Persian Gulf.   It is a good day that the Iranian sailors are headed back to their families.