Maritime Security: A Comprehensive Guide for Shipowners, Seafarers and Administrations - Second Edition

The second edition of Maritime Security: A Comprehensive Guide for Shipowners, Seafarers and Administrations addresses the shifting threats faced by the shipping industry today, from political instability and piracy to terrorism and cyber attacks. It equips readers with the knowledge and tools to navigate the complex landscape of maritime security with confidence.

This guide provides a comprehensive overview on complying with SOLAS and International Ship and Port Facility Security (ISPS) Code statutory requirements, offering guidance on managing and mitigating security threats. References to trusted and new security resources are collected in one place, including the latest Best Management Practices for Maritime Security (BMP), Maritime Industry Security Threat Overview (MISTO) and more.

Maritime Security also provides practical information on operating in areas of war and war-like risk, managing maritime cyber risks, and handling stowaways and rescues at sea. With a model ship security plan, a sample two-year security drill schedule, templates for communication with seafarers? designated contacts, and resources for threat and risk assessments, this book is an invaluable tool for masters, company security officers, ship security officers, port facility security officers and administrations. It also serves as a useful entry point to the subject for anyone with an interest in maintaining the security of global trade.

1 Introduction
1.1 What is Maritime Security?
Maritime security is a matter of increasing concern to the global shipping industry. While the security of ship, crew and cargo has always been of key importance, attention and understanding of the issue has grown in recent years following the development of a dedicated statutory framework under SOLAS. In addition, while the industry has always faced external security threats, the evolution of existing threats and the emergence of new ones poses even greater challenges. With the growth in threat and awareness has come an expansion of the security provisions applied by companies.
A security culture is well established in the industry, supported by extensive best practice guidance.
There are a wide range of security threats facing the shipping industry, including piracy, armed robbery, the threats of terrorism, war and warlike activity. Similarly, illegal activities such as smuggling of drugs, people, wildlife or weapons, as well as the effects of cyber attacks, can compromise security and endanger a ship and its crew. The increasing connectedness of information and operational technologies in shipping presents another avenue through which security can also be prejudiced.

1.2 SOLAS and the ISPS Code
Maritime security is enforced through Chapter XI-2 of the SOLAS Convention and the International Ship and Port Facility Security (ISPS) Code, which entered into force on 1 January 2004. The Convention and Code enforce statutory requirements for ships and port facilities with respect to their own security and the interface between them. Obligations are placed on the shipowner, the port and their respective personnel, and are overseen by the flag state and shoreside designated authority, who also have a responsibility to ensure the security of the assets under their jurisdiction.
The key requirement of the regulation and Code is for the development of a ship specific security plan for every ship of 500 GT and over. Similarly, port facilities are required to develop and implement a Port Facility Security Plan (PFSP). In each case these plans are approved by national authorities and are subject to periodic audit and review. The Code also sets out carriage requirements for equipment to track and identify ships, including automatic identification system (AIS) and long range identification tracking (LRIT).
See Chapter 3: Overview of regulatory requirements for more detail on the Convention and Code.

1.3 Other Security Threats and Best Practice Guidance
While the ISPS Code was specifically developed in response to the terrorist attacks of 11 September, 2001, it was not explicitly intended to solely cover the threat of terrorism. However, the overall construction and requirements of the regulations are principally directed towards that threat. As such, the rigidity of the requirements, particularly with respect to the authorisation of security
plans, means that it does not easily extend to cover evolving or changeable threats and risks that can require a dynamic response. These include the many threats and risks that a ship may face on a single voyage through different points of maritime insecurity. In response, the shipping industry has developed extensive best practice guidance to meet these challenges on a real-time basis and supporting reporting and response architectures have, similarly, developed outside the ISPS framework, supported by states and international organisations.

The most significant development in this respect has been the evolution of the threat and risk assessment process for maritime security. These practices extend far beyond the scope of statutory requirements and are essential for minimising security risks and safeguarding ships in areas of maritime insecurity. They serve to demonstrate how industry self-regulation can provide the best and most dynamic means to ensure the security of the world fleet, building on the foundation of the ISPS Code.
1.3.1 Best Management Practices for Maritime Security
The Round Table of Shipowner Associations, OCIMF, CLIA and IMCA began revising the fifth edition of Best Management Practices to Deter Piracy and Enhance Maritime Security in the Red Sea, Gulf of Aden, Indian Ocean and Arabian Sea (BMP5) in 2024.
The latest Best Management Practices for Maritime Security (BMP) should be used by shipping companies, company security officers (CSOs), ship security officers (SSOs) and masters to conduct threat and risk assessments, however, it does not override ISPS requirements. Companies and seafarers can reduce the likelihood of a maritime security incident and ensure better protection against evolving threats by using the best management practices.
The latest BMP combines the region-specific BMP publications into one comprehensive guide that can be used internationally. It is structured to facilitate a thorough threat and risk assessment for voyages in any region where maritime security threats exist. Not all mitigation measures that BMP details will be applicable to every ship type, threat or region.
BMP has separate sections on:
- Maritime security threats;
- Threat and risk assessment;
- Planning;
- Mitigations;
- Incident response;
- Post incident; and
- Global reporting, information centres and charts.
The latest BMP provides a harmonised approach to global maritime security and addresses the fact that maritime security threats are constantly evolving. This allows shipowners to:
- Understand the threat and understand where to obtain up-to-date threat information;
- Conduct threat and risk assessments before implementing vessel mitigation measures, including crew training;
- Register and report incidents and suspicious activities to recognised reporting centres; and
- Co-operate with other ships, law enforcement, welfare agencies and military forces, as appropriate.
Applying the recommendations contained in BMP will:
- Assist in planning voyages and offshore activities;
- Improve understanding of maritime threats and their impacts;
- Reduce the likelihood of being involved in a maritime security incident;
- Help in determining mitigations to keep the crew and ship safe;
- Provide reference information sources; and
- Specify contacts and reporting procedures for emergencies and welfare assistance.

1.3.2 Maritime Industry Security Threat Overview
Maritime Industry Security Threat Overview (MISTO) provides an independent assessment of the threat to merchant ships, drawing on information from multiple open sources,
which provides accurate and unbiased regional baselines. MISTO can be obtained from
www.maritimeglobalsecurity.org.
MISTO highlights threats in specific regions, such as:
- Maritime crime, including armed robbery, theft and kidnap for ransom;
- Piracy;
- Electronic threats such as GPS spoofing, GPS denial and interference with communications;
- State-on-state conflicts and insurgencies; and
- Maritime terrorism.

Contents
Abbreviations xi
Definitions xiii
Editorial Note xiii

Chapter 1
Introduction 1
1.1 What is Maritime Security? 3
1.2 SOLAS and the ISPS Code 3
1.3 Other Security Threats and Best Practice Guidance 3
1.3.1 Best Management Practices for Maritime Security 4
1.3.2 Maritime Industry Security Threat Overview 5
Chapter 2
Maritime Security Threats 7
2.1 Introduction 9
2.2 Piracy and Armed Robbery 9
2.2.1 Gulf of Guinea 10
2.2.2 Western Indian Ocean 11
2.2.3 South East Asia 12
2.3 Terrorism 13
2.4 War and War-like Risks 14
2.4.1 Southern Red Sea and Gulf of Aden 16
2.5 Joint War Committee Listed Areas 17
2.6 Cyber Risk Management 17
2.6.1 Maritime Cyber Attacks 17
2.7 Smuggling 18
2.8 Mixed Mass Migration 19
2.9 Stowaways 20
Chapter 3
Overview of Regulatory Requirements 23
3.1 SOLAS Chapter XI-2 and the ISPS Code 25
3.1.1 Construction and Carriage Requirements 25
3.2 Company Requirements 29
3.2.1 Company Security Officer 29
3.2.2 Ship Security Assessment 31
3.2.3 Training and Pre-employment Check of Seafarers 35
3.2.4 On Scene Security Assessment 35
3.2.5 Ship Visiting a Country that is not Party to the SOLAS Convention 36

3.3 Shipboard Requirements and Responsibilities 36
3.3.1 Master?s Discretion for Ship Safety and Security 36
3.3.2 Ship Security Officer 37
3.3.3 Duties and Responsibilities of the Officer of the Watch and Security
Patrol/Gangway Watch 40
3.3.4 Drills and Exercises on Ship Security 41
3.3.5 Ship Security Relationships 43
3.3.6 Internationally Established Security Levels 44
3.3.7 The Ship Security Plan 44
3.3.8 The International Ship Security Certificate 45
3.3.9 Continuous Synopsis Record 49
3.3.10 Record of Previous Port Calls 49
3.3.11 Other Information 49
3.4 Ship Vetting Inspections 50
3.5 Contracting State Requirements and Responsibilities 50
3.5.1 Contracting Governments 50
3.5.2 Recognised Security Organisations 51
3.6 Port State Responsibilities During Ship/Port Interface 52
3.6.1 Port State Control 52
3.6.2 Information that may be Required by Port States 52
3.6.3 Security Levels at the Port Facility 53
3.6.4 Declaration of Security 54
3.6.5 Control Measures that a Port State can Impose on Ships 56
3.6.6 Port States that believe a Ship is in Non-compliance with the Requirements
of Part A of the ISPS Code 57
3.6.7 Evidence that Indicates that a Ship does not Comply with the Requirements
of the ISPS Code 58
Chapter 4
The Ship Security Plan 61
4 The Ship Security Plan 63
4.1 The Ship Security Plan 63
4.1.1 Format and Validity of the SSP 63
4.1.2 Particulars and Company Details 63
4.1.3 Master?s Authority 64
4.2 Ship Security Plan content 64
4.2.1 The Three Internationally Adopted Security Levels 65
4.2.2 Minimum Requirements of the Ship Security Plan 65
4.2.3 Procedures and Security Measures to be Addressed in the Ship Security
Plan Relating to all Security Levels 66
4.3 Access to the Ship (and Security Levels) 67
4.3.1 Access Points to the Ship 67
4.3.2 Personal Identification/Means of Identification Controls 68
4.3.3 Key Control 69
4.3.4 Access to the Ship Under the Three Security Levels 70
4.3.5 Shore Leave Access 72
4.3.6 Citadel Access 73

4.4 Restricted Areas on the Ship 74
4.4.1 Management of Restricted Areas at each of the Three Security Levels 76
4.5 Handling of Cargo 77
4.5.1 Handling of Cargo Measures at the Three Security Levels 78
4.6 Delivery of Ship?s Stores 80
4.6.1 Delivery of Ship?s Stores at the Three Security Levels 81
4.7 Handling Baggage 82
4.7.1 Handling Unaccompanied Baggage at each of the Three Security Levels 82
4.7.2 Handling Accompanied Baggage at the Three Security Levels 83
4.8 Monitoring the Security of the Ship 84
4.8.1 Monitoring the Security of the ship at the Three Security Levels 85
4.9 Differing Security Levels 86
4.10 Activities not Covered by the Code 87
4.11 Declaration of Security 88
4.12 Audit and Review 89
4.13 Amendments to the Ship Security Plan 90
4.14 Inspections 91
4.15 Security Drills 92
4.16 Record Keeping 97
Chapter 5
Managing and Mitigating Security Threats 99
5 Managing and Mitigating Security Threats 101
5.1 Introduction 101
5.2 Voluntary Reporting and Registration 102
5.3 Company Threat and Risk Assessment 102
5.3.1 Threat Assessment 102
5.3.2 Risk Assessment 103
5.3.3 Risk Assessment Considerations 103
5.4 Company Planning 103
5.5 Master?s Planning 104
5.6 Ship Protection Measures and Vessel Hardening 104
5.6.1 General 104
5.6.2 Vessel Hardening Plan 106
5.6.3 Watchkeeping and Enhanced Vigilance 110
5.6.4 Bridge Protection 111
5.6.5 Access Control 111
5.6.6 Alarms 113
5.6.7 Lighting 113
5.6.8 Closed Circuit Television 113
5.6.9 Safe Muster Points and Citadels 114
5.6.10 Ship to Ship Transfer and Static Operations and in Port Security 115
5.6.11 Drills and Exercises 115
5.6.12 Routeing and Manoeuvring 115
5.6.13 Unarmed Security Contractors 116

5.6.14 Privately Contracted Armed Security Personnel 116
5.6.15 Vessel Protection Detachments 117
5.6.16 Additional Protection Measures 117
5.7 Additional Considerations for Passenger Ship Security 118
5.7.1 Communications and Closed Circuit Television 118
5.7.2 Passengers 118
5.7.3 Stores, Supplies and Provisions 119
5.7.4 Passengers Going Ashore 119
5.7.5 Risk of Terrorism 120
5.7.6 Crowd Management 120
5.7.7 Interaction with Port Facilities 121
5.7.8 Security Contractors 121
5.7.9 On Board Security Team 122
5.8 Contingency Planning for Developing Security Incidents 122
5.9 Post Incident Reporting and Investigation 123
5.10 Humanitarian Considerations 123
5.10.1 Contacting a Seafarer?s Designated Contact 124
5.10.2 Offering and Providing Support 125
5.10.3 Organisations which can Offer Support 125
Annexes 127
Annex A Pre-Arrival Security Clearances 129
Annex B Arrival in Port and Security/shore Access for Seafarers 130
Annex C Checklist of Documentary/Information Requirements for Ships Related to
Security Information 132
Annex D Checklist of ISPS Related Information that may be Required by Port State 133
Annex E Useful Resources on Maritime Security 136
Annex F The Ship Security Assessment 137
Annex G Model Ship Security Plan ? Restricted Part 141
Annex H Model Ship Security Plan ? Confidential Part 202
Annex I Vessel Hardening Plan 236
Annex J Checklist of Shipowner Considerations when a Ship is Entering an Area of
War Risk 249
Annex K Seafarer?s Nomination of a Designated Contact Form 250
Annex L First Call/Visit to a Designated Contact Template 251
Annex M Letter/email to be Sent After Initial Contact Template 252
Annex N Second and Subsequent Call/Visit Template 253
Annex O Designated Contact Call Log 254

ICS

The International Chamber of Shipping (ICS) is the principal international trade association for the shipping industry, representing shipowners and operators in all sectors and trades. ICS membership comprises national shipowners' associations in Asia, Europe and the Americas whose member shipping companies operate over 80% of the world's merchant tonnage.

Established in 1921, ICS is concerned with all technical, legal, employment affairs and policy issues that may affect international shipping.

ICS represents shipowners with the various intergovernmental regulatory bodies that impact on shipping, including the International Maritime Organization.

ICS also develops best practices and guidance, including a wide range of publications and free resources that are used by ship operators globally.

https://www.ics-shipping.org/about-ics/

Witherbys

Witherbys titles are developed using scripts developed by technical experts that are peer reviewed within work groups. Typically, they seek to improve understanding of the regulations, recommendations and guidelines issued by Industry.

Witherbys staff have significant expertise in the fields of navigation and hazardous cargoes as well as in the presentation of complex subjects in a graphic and easy to understand manner.