jump to navigation

Piracy and the Armed Detterent- Lloyds List… & dogs… September 1, 2011

Posted by Chris Mark in Laws and Leglslation, Piracy & Maritime Security.
Tags: , , , , ,
add a comment

There is a very well written piece on the use of armed guards.  Without rehashing the entire article, the author disputes those who claim that armed guards are resulting in an increasing level of violence from pirates.  It is a great piece and worth the read.  In contradiction to the naysayers and in support of the piece mentioned above, I would go so far as to say that it is the increasing violence of pirates that is necessitating the use of armed guards on ships.  Security companies would love nothing more than to flash a big toothy grin and the international sign of friendship at pirates to make them scamper away.  The unfortunate reality is that the pirates are escalating their attacks and ships are being forced to use armed guards.

Yesterday I was in the pet store buying some food for my new Rottweiler puppy Bo. Bo had never been on a leash and I was attempting to train him.  A woman working at the store struck up a conversation and I was explaining that I had to put one of my dogs down recently when after 11 years she had become so unpredictable that we could not trust her around children, people or pets.  The dog had already attacked and severely injured three dogs by the time the decision was made to put her down.  While I was deeply saddened it was the only responsible option.  It was simply her nature to be aggressive.  What struck me was the woman’s response to the story and to the idea of leashes.  She actually tried to convince me that leashes were the cause of dog bites and attacks and that if we would do away with leashes the incidence of dog bites would go down. She was an advocate for allowing all dogs to run free!  I told her I felt it was irresponsible to allow a 130lb dog to run free among children and others.  At the end of the day, no matter how well trained, a dog, is a dog, is a dog.

This is the same attitude that permeates the blogosphere where people claim that it is the shipping companies, which by arming their ships, are causing the violence.  This is complete nonsense.  The pirates are violent and it is their actions that result in the need for shipping companies to arm themselves.  Not the other way around…

Chris Mark in The Maritime Executive August 30, 2011

Posted by Chris Mark in InfoSec & Privacy, Piracy & Maritime Security, Risk & Risk Management.
Tags: , , , ,
add a comment

Yours Truly (Chris Mark) was interviewed in the current issue (July – August, 2011) of The Maritime Executive on the topic of Cyber Piracy.  You can read a summary of the issue here. If you are not a current reader, Maritime Executive is a great periodical with volumes of information on the Maritime industry. You can subscribe to the print edition here.

“Jack O’Connell has explored the Internet underworld with his piece, “Cyber Piracy: Clear and Present Danger?” It’s a dangerous cyber world in which we unknowingly tread, so users beware. Both of these article’s are timely and essential reminders of an Internet moving faster than a speeding bullet.”

Pakistan training pirates? August 30, 2011

Posted by Chris Mark in weapons and tactics.
Tags: , , , ,
add a comment

According to an article published on Zeenews India claims to have “material evidence” that Somali pirates are receiving training in Pakastan.  According to the article, the training is intended to support a proxy war against India.  Whether this assertion stands up to scrutiny remains to be seen.  If however, Somali pirates are receiving formal training by foreign governments it would suggest a much deeper problem for shipping companies.  As the story develops we will provide more information.

Somali pirates release vessel after 10 months in captivity August 30, 2011

Posted by Chris Mark in Uncategorized.
Tags: , , , , , ,
add a comment

A Greece based shipping company has spoken of its distress during a piracy experience following the release of its hijacked tanker after 10 months in captivity.While Paradise Navigation, operators and managers of the 72,825 dwt product tanker MV Polar said it was “delighted” with the freeing, they were frustrated that owners and operators have been unaided against piracy.

While faced with many decisions on how to deal with piracy, ultimately shipping companies need to remain proactive in protecting their interests.  The community can’t afford to wait for intervention by international governments.  The message is loud and clear, this is an industry problem and needs to be dealt with by the industry.

Security 101: The Human Element – “Trust but Verify” August 24, 2011

Posted by Chris Mark in InfoSec & Privacy, Risk & Risk Management.
Tags: , , , , ,
1 comment so far

As maritime security becomes more lucrative and companies to steps to stop attacks, it is the natural evolution of crime that the pirates will begin looking for new vulnerabilities to support their efforts.  Often the most vulnerable element of any security strategy is the human element.  People often provide the proverbial ‘weak link’ in the strategy.  Often it is not an intentional act by a person that creates and issue.  It could be a simple mistake or the person could be deceived into taking action.  While these are common aspects of security today I want to talk about people that take direct action with intentions that are contrary to the organization.  It not something that any company likes to consider but it is an unfortunate fact of life.  People are rational actors and as such a percentage of any population will be inclined to perform actions that are outside the bounds of what are considered by most to be ethical or moral behavior.   This is where the idea of “trust but verify” comes in.  We all like each other and we all want to believe that we are all honest people.  It is irresponsible however, to simply take people at their word.  It is responsible and appropriate given my access to information.  It is obvious that with increased responsibility comes increased authority.  Often this leads companies to believe that these senior “trusted” individuals do not require the same level of monitoring to which more junior level employees may be subject. This is a serious mistake.  Increased responsibility and authority comes with increased access to information.  It is often these very employees that can do the greatest damage.  I will give an example from my own experience.

Recently through some legal proceedings it was discovered that a former Chief Technology Officer of a company I previously owned had taken steps to download every single employee and contractor’s email to his personal system.  When confronted at the proceeding, he admitted he had indeed downloaded very email.  He then took a number of steps to hide his actions.  His actions were only discovered 2 years later through legal proceedings.  He has not divulged why he took such action.  It should be noted that in many states in the US this is not only a crime but is a felony.  This was not a junior level employee who could plead ignorance.  This was a person with a graduate degree in information security who, by his own admission, “defines security and risk”.  To say I was apoplectic when I discovered his actions would be an understatement.  He not only violated the trust of the company and me personally, but potentially committed a serious crime.  The point of this example is to demonstrate the need to “trust but verify” what ALL employees are doing.

Operational security, or OpSec, is increasingly important in a hyper-competitive world.  Add to that the new threat of information theft by pirates and those supporting piratical acts and the need to protect your information and assets becomes critical.  It is not only the junior level staff that should be monitored and ‘verified’, it is all employees.  Anyone with a security clearance is used to the fact that every few years the Gov’t decides to crawl through your life and put you through a polygraph to ensure that you are still ‘trusted’.  This is a good example of ‘trust but verify’.   When developing a strategy to address information security, and operational security, it is important that all areas of the business are considered and addressed.  Often it is a single trusted person that cause irreparable  harm to the organization.