Taking Security To The Next Level
Govciooutlook

Taking Security To The Next Level

By Ed Madura, Security Director, Port of Everett

Ed Madura, Security Director, Port of Everett

Technologies like analytics or big data is a piece of technology, but to make it work, organizations need to have the right bandwidth, computation, and also upgrade servers. In an interview with Govt CIO Outlook, Ed Madura, Security Director, Port of Everett, explains that one can’t just be attracted to a new piece of technology, deploy it, and expect it to work with the entire system without having the right specifications to make it work.

What are some of the challenges faced by public sector organizations in terms of using cutting-edge technologies and ensuring security for themselves and their citizens?

We live in an increasingly unsafe society. Several massive breaches have left companies around the globe picking up the pieces and looking for new ways to ramp up their security. In Everett Washington, most of the security breaches occurred due to damage in the wiring systems by drug addicts looking for any scrap metal or copper wires to pay for their drugs. As a consequence, there were costs involved with repairing damaged wiring systems, follow-up reports, or repairing the fences.

Besides, the biggest threat in maintaining security is the complacency in both staff and the management, where the management is not taking into consideration the cost of return of the team and technology. As a public entity, we can grant funding to put fences and cameras in place, but if it is not maintained well, there will be additional costs incurred for the replacement. It’s necessary for us to keep a check on the money being invested in ongoing security measures.

Sometimes, it’s not about making new changes but maintaining what’s working and informing people that there’s no need to change, as the security system still works. It’s all too easy to succumb to the myriad of wonderful technologies out there in the market. Technologies like analytics or big data is a great piece of technology, but to make it work, organizations need to have the right bandwidth, computation, and also upgrade servers. One can’t just be attracted to a new piece of technology, deploy it, and expect it to work with the entire system without having the right specifications to make it work.

What are the initiatives that you take as a security director in ensuring security?

We look at security from multiple angles. From a staff perspective, we have ongoing security training for our people. And, from the management perspective, it’s about getting the right information about the security breaches back to them so that they can be ready to initiate remedial measures every time there is a breach.

There was an instance when we had Everett Police arrest someone for security breach within minutes of them entering the facility. The Coast Guard was concerned about this breach in a regulated facility, but they were delighted to know that he was apprehended in such a short time, there was no damage to the facility and no threat to personnel. This is to emphasize the point that if we have strong partnerships and trained staff in place, paying attention, there could be significant costs savings to the Port down the line.

From a global perspective, I try to be in touch with larger organizations like AAPA and the like that help us support security. As it is a small port, it’s necessary to collaborate and work with all stakeholders together to ensure security. It is also important to message loud and clear that we need to be prepared to effectively deal with the threats from people that would bring harm to the U.S. and protesters wishing to shut down operations for one reason or another.

What has been the most challenging initiative that you have taken from the security point of view?

I started working for the Port of Everett in 2008 when the TWIC regulations first came into effect. It was challenging to put regulations into effect and still maintain effective operations, all while working with customers, longshore unions, staff, the transportation security administration, US Customs, the US Coast Guard, and others. Some of the regulations didn’t match. One of the issues was what to do with a foreign crew member. They had been coming to the U.S. ever since the county had been founded and the U.S. had been party to an international law for over on hundred years that allowed them access ashore. Now we had a requirement that prohibited them from coming onto the facility even though it was their presence that drew us into these new regulations. At our facility, we came up with a crew path where crew were video escorted to and from the ship. This worked well for five years then a new official was assigned with the Coast Guard that insisted that our procedures did not meet the intent of the law. We were forced to stop the practice. The port had to make an appeal up through the chain of command to Washington DC, which took six months before we could resume normal operations. Ten years later the issue of crew access was brought up again nationwide and this time our process is used as a model. Things and people change, you just have to push to do what is right.

Could you elaborate on your approach to choosing the right technologies and solution providers from the lot, and is there any basic criterion that they need to fulfil to be your partner?

To improve security, cut down costs, and expand the delivery of services, outsourcing IT solutions has become a necessity. However, with a plethora of IT solution providers everywhere, it becomes necessary for us to do research on these solution providers, understand what works for us, whether it can be supported, and also see if we can afford it. Also, when it comes to technology, we try to be aware of the new technologies that are being released and understand how we can apply it in our facility as opposed to its success in some other facility. While partnering with these solution providers, we work with our contract officer to ensure that all IT providers and contractors working on our port meet certain criteria like TWIC for security. From a security perspective, we maintain what we already have, as opposed to getting new and greater technologies, keeping the expenses down while keeping the facility secure.

How do you see the evolution in this industry from security and threats point of view in a few years from now?

The only thing constant is change, whether it’s drastic or gradual. As we move forward, I hope that the changes are for the better and that we can ensure the safety of our transportation system and move people, goods, and services safely and securely. The public expects all the varied pieces of the public transportation machinery to work all the time so that they can buy what they want, seamlessly. To achieve this goal, the public sector as a whole should be willing to put forth the effort to ensure that our transportation system is secure in the coming future.

How did your passion for security begin, and how has your career been over the years? Also, do you have any advice for peers or young professionals looking to embark on a similar journey along the lines of your service and area of expertise?

My passion for helping people in trouble lead me to the U.S. Coast Guard in my younger days where I wanted and had the opportunity, to do search and rescue work. Along my career path, I started as a mechanic on an icebreaker and ended as a senior maritime investigating officer with lots of options in between. Near the end of my Coast Guard career I was transferred to Seattle, to stand up the first Maritime Safety and Security Team (MSST) in the nation. This gave me some great insight and experience into port security. The position in Everett opened where there are some great people here to work with and I jumped at the chance to be part of this team. Over the years, I have understood that if we enjoy doing what we do, we tend to do it better and in the long run, it will pay its dividends. Therefore, my advice to all those young professionals looking to enter the security industry or any other industry, is to work for the right reasons, enjoy what you do, stick to it, look for and take advantage of opportunities as they come along, and you will succeed.

Weekly Brief

Top 10 Security Solution Companies - 2020

Read Also

Digital Accessibility in e-Government Projects

Digital Accessibility in e-Government Projects

Jim Loter, Director of Frontline Digital Services, City of Seattle
Some Key Points for an Effective Cyber Risks Management

Some Key Points for an Effective Cyber Risks Management

Manuele Cavallari, Head of IT Risk Management, Banca Monte Dei Paschi Di Siena [BIT: BMPS]
The surprisingly wide reach of GDPR

The surprisingly wide reach of GDPR

Sarah Laws, Data Protection Officer, London Borough of Camden
Security in the Golden Era of AI and IoT

Security in the Golden Era of AI and IoT

Carlos Sousa, CISO & IT Risk Manager, Affidea
Trust: The key to Achieving Security Goals

Trust: The key to Achieving Security Goals

Erik Blomberg, Senior Vice President, CISO, Handelsbanken [STO: SHB-A]
An Integrated Approach to Security

An Integrated Approach to Security

Campbell McCafferty, Chief Security Officer, DWP Digital