Executive Briefings

Cargo Security, Good Business Practices May Go Hand in Hand

What's good for the nation's security in the post-9/11 era might turn out to be equally beneficial to global supply chains.

Business executives who complain about the cost and burden of new security measures in the post-9/11 era ought to think again. They may have been given a golden opportunity to revamp their supply chains, bringing about much-needed reforms which previously hadn't gone beyond the talking stage.

No one would dare argue that the horrific attacks of Sept. 11, 2001 carry any kind of a "silver lining." Still, it's notable how many of the new regulations call for changes that just make good business sense. Who wouldn't want a more responsive supply chain, with key shipment data flowing to trading partners at the earliest possible moment?

For all their talk about seamless supply chains, most companies have made little progress toward that end. That's especially the case with security. Experts point to huge gaps in the system nearly every step of the way. When it comes to protecting the nation's commerce against terrorist threats, little has changed since Sept. 11. Of the estimated 7.8 million ocean shipping containers that enter U.S. seaports annually, fewer than 2 percent are physically inspected by U.S. Customs. Even the most advanced technological tools wouldn't improve much on that ratio. If the government were to boost its inspection program to a significant degree, commerce would come to a dead stop.

But Customs isn't sitting still. Along with other agencies, including the new all-embracing Department of Homeland Security, it has proposed a flurry of initiatives to secure the supply chain from attack. And all of those measures have one thing in common: They place the burden for compliance squarely on the shoulders of business.

 

 

 

 

 

"The issues addressed have existed for decades. The 9/11 attacks simply served as a catalyst for reform."
- Adrian Gonzalez of ARC Advisory Group

 


 

 

 

Ironically, recent improvements in supply-chain efficiency have actually made business more vulnerable to disruptions. By replacing standing inventories with just-in-time delivery strategies, companies are essentially betting against disaster. The alternatives, ranging from airfreight to shutting down factories, can be horribly expensive. Witness the impact of last year's West Coast ports lockout on U.S. retailers and manufacturers, many of whom didn't get their goods for weeks and had to scramble for other sources. An attack on any part of the nation's transportation infrastructure would have far worse consequences.

The trick, then, lies in figuring out how to keep supply chains lean and nimble while tightening up on security. And, difficult as it may seem, that's not an impossible task. Omar Keith Helferich, vice president of supply chain with Integrated Strategies Inc. and a member of the supply-chain faculty at Central Michigan University, believes companies will be "galvanized" into making long-awaited process improvements.

Helferich likens the situation to the early days of the quality movement, where many companies balked at making what they viewed as major new investments. Today, with the popularity of programs such as the rigorous Six Sigma movement, executives are realizing that the long-term benefits of quality far outweigh the cost.

The security challenge is, of course, far greater than any internally driven quality program. The regulations keep piling up. There's U.S. Customs' new Container Security Initiative (CSI), requiring that importers provide detailed, accurate manifest information 24 hours prior to loading a shipment at the overseas origin port. Previously, authorities had required such information only 96 hours before the vessel's arrival at a U.S. port.

Set to take effect on Feb. 1, CSI initially was to be launched at the 20 largest origin and transshipment ports for goods moving by sea into the U.S. Required information includes shipper, consignee, country of origin, carrier, vessel and voyage, the Harmonized Tariff Schedule classification for each item to be shipped, container and seal numbers and identification of hazardous materials. In addition to keeping closer tabs on the origin of U.S. imports, Customs' goal is to identify high-risk containers for inspection.

Voluntary Measures
The Customs-Trade Partnership Against Terrorism (C-TPAT) is a joint government-business initiative, which expedites the cross- border flow of cargo generated by shippers who participate in the voluntary program. They agree to implement tight security measures at their facilities, following "best practices" jointly developed by Customs and the trade community. Charter members were some of the nation's largest importers, including Ford Motor Co., General Motors Corp., Motorola Inc. and Target Corp. They were quickly followed by a slew of service providers, including ocean carriers, freight forwarders, customs brokers and non-vessel operating common carriers (NVOs). The initiative is similar to previous efforts by Customs to stem the flow of illegal drugs into the U.S.

Also promising to have a big impact on supply chains is creation of the Department of Homeland Security (DHS), a cabinet-level entity which will centralize the functions of some 100 agencies and 170,000 federal employees. The DHS should streamline and standardize relations with the trade community, but it will also require companies to tighten up their own processes.

Ports and the shipping community have banded together under Operation Safe Commerce (OSC), an initiative to improve security at major ports through a series of operational tests and threat assessments. Additional proposals and pending legislation call for expanded Customs and U.S. Coast Guard inspections, and the application of new technologies to screen trading partners and monitor the progress of shipments. Similar efforts are underway on a global scale, spearheaded by international organizations.

According to Helferich, some of the most successful efforts in the private sector will occur in the area of mitigation--acting to minimize the impact of disaster, whether natural or man-made. To do that, companies must define where their supply chains are most vulnerable to disruption, then develop plans to address those points. Previously, such efforts were often stymied by a lack of resources or commitment from top management. Now, says Helferich, business no longer has the luxury of waiting.

Individual company efforts are valuable, but collaboration is essential, Helferich says. Efforts such as C-TPAT depend on it, although the private sector can go further. He cites a program within the utilities industry to make critical parts available to competitors via the internet in times of emergency. Similar efforts, including inventory sharing, will likely spread to other industries.

Meanwhile, private companies are toughening up their own security measures, even without a push from government. After Sept. 11, notes Helferich, major U.S. cereal producers began requiring a verifiable seal on all grain railcars. Suppliers were forced to comply.

The best companies won't wait for unilateral demands from their customers. Helferich believes they will seize the chance to improve their processes, even in the face of tremendous uncertainty. What's more, he's convinced they'll realize an eventual return on their investment, in the form of greater supply-chain efficiencies, better preparation against disruptions, and improved customer-service levels.

No Single Solution
Government regulations aside, there are no "catch-all" solutions for companies looking to improve security, says Stephen Tisdalle, a director in the travel and transportation practice of IBM Business Consulting Services in New York City. Solutions will vary according to company, industry and mode. Still, he agrees that success depends on collaboration across the supply-chain, both with government and industry. That's the only way to answer critical questions, such as the identity of the original shipper, the full contents of the container, and who will have contact with the cargo throughout its journey.

Where to start? Tisdalle recommends an in-depth vulnerability assessment, accompanied by better information. One potential tool is a National Shipper Registration Program, bringing together all of the fragmented data currently held by various parties about who is actually shipping and receiving the goods. "It needs to be easily accessible, via the web," says Tisdalle. "It could be the starting point for what gets screened on a risk basis, and for shipper profiling."

At the moment, high-risk or restricted parties are maintained on multiple lists, at the U.S. departments of Commerce, Treasury and State, as well as by foreign governments. Tisdalle believes a centralized U.S. database of "known shippers" could be up and running within six to nine months. "It's amazing how fast things can move when you're given a deadline," he says.

With so many security regulations still pending or unclarified, shippers are justifiably confused about how to approach the issue. Bill Hamlin, president of North America with APL Ltd. in Oakland, Calif., says documentation "is the biggest single thing you need to look at." Customs' new 24-hour manifest rule, along with stricter container profiling, requires traders to have much better information than before.

"Heretofore, the system has been based on trust," Hamlin says. Today, shippers can no longer rely on somebody's word about what's inside an opaque metal shipping container. They must produce accurate weight and price counts, not to mention proper cargo descriptions. The days of declaring a box full of "freight- all-kinds" (FAK) or "general department store merchandise" (GDSM) are fast coming to an end.

The next step is properly sealing the ocean container. Shippers must be able to show that the seal hasn't been broken during the voyage. They must document the entire process of shipping, from loading to every step along the way at which the container was handled. Both electronic and physical seals can help in monitoring, although the ability to combine intrusion alerts with satellite tracking does not yet exist. This so-called smart container will arrive "sooner than we think," says Hamlin.

As with all new technologies, it won't happen without a huge investment in research and development. APL alone has spent nearly $2m to date on beefing up security at its physical facilities, Hamlin says. The total cost of new security measures across the supply chain will run well into the billions.

The result, he says, will be greater discipline in shipping and documentation, as well as streamlined internal processes. "Whether the upside surpasses the cost, we won't know until we get into it," he says.

Early Detection Vital
Few supply-chain vendors have a better handle on Customs issues than George Weise. Now vice president of global trade compliance with Vastera, he was Commissioner of U.S. Customs from 1993 to 1997. He strongly supports Customs' current efforts to push back cargo inspections and risk assessment to the point of origin. "The worst possible time to detect a threat is at the port of entry," he says.

What has changed since Sept. 11, says Weise, is the very definition of risk. Previously, authorities monitored compliance with rules on quotas, product classifications, and illegal items. Now, they're more concerned with making sure the goods are secure.

 

 

 

 

The Department of Homeland Security will require companies to tighten up their processes.

 


 

 

 

 

Many of the software tools that were already on the market prior to Sept. 11 are turning out to be useful in promoting better security. Vendors like Vastera, which supports international trade logistics, can help customers to acquire better information about originating shippers much earlier in the process. That will allow them to anticipate Customs' ultimate assessment of risk, and decision on what to inspect. Vastera's central database combines tracking and tracing capability with information about all trade rules and regulations of the countries involved in a given move. Originally intended for better process control, the tool has meshed well with new security requirements, Weise says.

Outsourcing is yet another important tool for business efficiency that has made the security issue more problematic. In recent years, companies have turned over large portions of their logistics and manufacturing to outside entities. While that approach has undeniable advantages, it also complicates the task of identifying all of the parties involved in the making and shipping of product. It tends to result in isolated pools of information, which must be re-keyed when it passes from one system to another, says Lorne Jones, director of global products with SAP Global Marketing in New York City.

SAP is pushing the advantages of centralization, through a single master data environment. All production information can be contained in one enterprise software system, says Jones. Through the use of a portal, other parties in the global supply chain can view that data and operate under a shared business model.

SAP also offers Global Trade Service capability, for reference checks against denied-parties lists. Other tools relevant to the new security requirements include supply-chain replenishment modeling, to create alternative sources of product, and event-management capability, to alert the parties of any shipment delays. None of those products was a direct response to Sept. 11, Jones says, although each can help shippers to comply with the new rules while improving supply-chain efficiency.

A Truckload Tool
Qualcomm Inc.'s OmniTRACS system, using satellite technology for two-way messaging and shipment reporting, has been on the market in some form since 1988. It is especially popular among U.S. truckload carriers, says Marc Sands, vice president and division counsel in the San Diego, Calif.-based company's Wireless Business Solutions unit. But interest in OmniTRACS has recently shifted from fleet management to security. Last summer, Qualcomm demonstrated the product to congressional leaders and Department of Transportation officials.

Qualcomm plans to add a vehicle disablement feature to its U.S. product in the near future. Such a system is already operating in Brazil, where it is installed in more than 30,000 vehicles, Sands says. The vendor is working with a task force of the American Trucking Associations to define technical standards for remote or on-board truck disablement. Qualcomm's tracking technology has also been used by the Defense Department, for the movement of munitions and other sensitive loads.

Sands believes it will all pay off in the end. "Our strategy in homeland security is to promote the fact that the best solutions are those that provide productivity and security benefits."

In the rush to identify suspicious importers, U.S. companies might forget that exporting can be just as open to security breaches. Darren Maynard, chief operating officer of Rockville, Md.-based NextLinx, says exporters must do a better job of identifying the ultimate customer. That's especially true in the case of advanced high-tech products that might end up in the wrong hands. Prior to Sept. 11, Maynard says, denied-parties lists might be updated every few months. Now such updates can occur more than once a day. Tougher controls have also been placed on the flow of money.

NextLinx offers several products that can help users to generate international trade documents and apply regulatory controls to any shipment. But there are still some gaps in the regulations, Maynard says. As of the beginning of this year, the CSI didn't specify how companies should describe the goods to be loaded at a foreign port. The logical solution, he says, would be to rely on the six-digit Harmonized Tariff Schedule (HTS) code. But Customs isn't set up to process and interpret information in that manner. And many countries may be unfamiliar with the HTS, used primarily to identify imports, when it's applied to exports.

A Case of Timing
Alameda, Calif.-based GT Nexus, which offers a communications and documentation portal for ocean carriers, was in the right place when Customs handed down the 24-hour manifest rule. Company president John Urban says documents previously might have been submitted to Customs up to two weeks after a vessel's departure from the origin port, with shippers and carriers communicating largely through fax and courier. Such a delay is no longer tolerable. Portal technology can automate that process and help shippers to meet the new requirements.

Some shippers are still complaining that the new regulations are too onerous, even as they scramble to comply. "In reality," says Urban, "six months from now, we'll see enormous efficiencies in the ability to plan, with better data on what's coming in."

New types of hardware will also be required. Sunnyvale, Calif.-based Savi Technology makes radio frequency identification (RFID) tags, which have already been used to track U.S. Defense Department cargo worldwide. Savi is also participating in the Smart and Secure Tradelanes Initiative, applying RFID throughout the supply chain.

Lance Trebesch, vice president of business development and security, says such systems must be totally heterogeneous--able to operate across multiparty, global networks--in order to function in the commercial sector. The return on private investment, he says, will come in the form of greater overall efficiency, reduced cargo theft and lower top-line costs, through the avoidance of unnecessary Customs duties.

San Francisco-based Qiva addresses homeland security through the screening of parties to a transaction, says Beth Peterson, vice president of product strategy. Its software allows for the creation of an on-line checklist to be completed by a trader's business partners. An event-management tool lets users monitor the movement of goods, alerting them when a shipment is passing through an insecure location, or remaining in one place for an unusual period of time.

Companies that might have balked at acquiring the technology for efficiency purposes are now inquiring about its application to security, Peterson says. In addition, they're confused by the government's lack of specificity in issuing rules such as the CSI. Peterson cites the inability of current vessel manifests to accommodate a detailed, standardized product description that can be used by Customs to assess risk. They also worry about public disclosure of confidential manifest data.

Assuming such oversights are worked out in the months to come, however, the upside to embracing new security measures seems likely to exceed the downside. Besides the obvious advantage of increasing the nation's security, greater vigilance will mean better business practices. "Many of the issues being addressed by these trade security initiatives have existed for decades," says Adrian Gonzalez, senior analyst with ARC Advisory Group, in a recent report. "The terrorist attacks simply served as a catalyst for reform."

Business executives who complain about the cost and burden of new security measures in the post-9/11 era ought to think again. They may have been given a golden opportunity to revamp their supply chains, bringing about much-needed reforms which previously hadn't gone beyond the talking stage.

No one would dare argue that the horrific attacks of Sept. 11, 2001 carry any kind of a "silver lining." Still, it's notable how many of the new regulations call for changes that just make good business sense. Who wouldn't want a more responsive supply chain, with key shipment data flowing to trading partners at the earliest possible moment?

For all their talk about seamless supply chains, most companies have made little progress toward that end. That's especially the case with security. Experts point to huge gaps in the system nearly every step of the way. When it comes to protecting the nation's commerce against terrorist threats, little has changed since Sept. 11. Of the estimated 7.8 million ocean shipping containers that enter U.S. seaports annually, fewer than 2 percent are physically inspected by U.S. Customs. Even the most advanced technological tools wouldn't improve much on that ratio. If the government were to boost its inspection program to a significant degree, commerce would come to a dead stop.

But Customs isn't sitting still. Along with other agencies, including the new all-embracing Department of Homeland Security, it has proposed a flurry of initiatives to secure the supply chain from attack. And all of those measures have one thing in common: They place the burden for compliance squarely on the shoulders of business.

 

 

 

 

 

"The issues addressed have existed for decades. The 9/11 attacks simply served as a catalyst for reform."
- Adrian Gonzalez of ARC Advisory Group

 


 

 

 

Ironically, recent improvements in supply-chain efficiency have actually made business more vulnerable to disruptions. By replacing standing inventories with just-in-time delivery strategies, companies are essentially betting against disaster. The alternatives, ranging from airfreight to shutting down factories, can be horribly expensive. Witness the impact of last year's West Coast ports lockout on U.S. retailers and manufacturers, many of whom didn't get their goods for weeks and had to scramble for other sources. An attack on any part of the nation's transportation infrastructure would have far worse consequences.

The trick, then, lies in figuring out how to keep supply chains lean and nimble while tightening up on security. And, difficult as it may seem, that's not an impossible task. Omar Keith Helferich, vice president of supply chain with Integrated Strategies Inc. and a member of the supply-chain faculty at Central Michigan University, believes companies will be "galvanized" into making long-awaited process improvements.

Helferich likens the situation to the early days of the quality movement, where many companies balked at making what they viewed as major new investments. Today, with the popularity of programs such as the rigorous Six Sigma movement, executives are realizing that the long-term benefits of quality far outweigh the cost.

The security challenge is, of course, far greater than any internally driven quality program. The regulations keep piling up. There's U.S. Customs' new Container Security Initiative (CSI), requiring that importers provide detailed, accurate manifest information 24 hours prior to loading a shipment at the overseas origin port. Previously, authorities had required such information only 96 hours before the vessel's arrival at a U.S. port.

Set to take effect on Feb. 1, CSI initially was to be launched at the 20 largest origin and transshipment ports for goods moving by sea into the U.S. Required information includes shipper, consignee, country of origin, carrier, vessel and voyage, the Harmonized Tariff Schedule classification for each item to be shipped, container and seal numbers and identification of hazardous materials. In addition to keeping closer tabs on the origin of U.S. imports, Customs' goal is to identify high-risk containers for inspection.

Voluntary Measures
The Customs-Trade Partnership Against Terrorism (C-TPAT) is a joint government-business initiative, which expedites the cross- border flow of cargo generated by shippers who participate in the voluntary program. They agree to implement tight security measures at their facilities, following "best practices" jointly developed by Customs and the trade community. Charter members were some of the nation's largest importers, including Ford Motor Co., General Motors Corp., Motorola Inc. and Target Corp. They were quickly followed by a slew of service providers, including ocean carriers, freight forwarders, customs brokers and non-vessel operating common carriers (NVOs). The initiative is similar to previous efforts by Customs to stem the flow of illegal drugs into the U.S.

Also promising to have a big impact on supply chains is creation of the Department of Homeland Security (DHS), a cabinet-level entity which will centralize the functions of some 100 agencies and 170,000 federal employees. The DHS should streamline and standardize relations with the trade community, but it will also require companies to tighten up their own processes.

Ports and the shipping community have banded together under Operation Safe Commerce (OSC), an initiative to improve security at major ports through a series of operational tests and threat assessments. Additional proposals and pending legislation call for expanded Customs and U.S. Coast Guard inspections, and the application of new technologies to screen trading partners and monitor the progress of shipments. Similar efforts are underway on a global scale, spearheaded by international organizations.

According to Helferich, some of the most successful efforts in the private sector will occur in the area of mitigation--acting to minimize the impact of disaster, whether natural or man-made. To do that, companies must define where their supply chains are most vulnerable to disruption, then develop plans to address those points. Previously, such efforts were often stymied by a lack of resources or commitment from top management. Now, says Helferich, business no longer has the luxury of waiting.

Individual company efforts are valuable, but collaboration is essential, Helferich says. Efforts such as C-TPAT depend on it, although the private sector can go further. He cites a program within the utilities industry to make critical parts available to competitors via the internet in times of emergency. Similar efforts, including inventory sharing, will likely spread to other industries.

Meanwhile, private companies are toughening up their own security measures, even without a push from government. After Sept. 11, notes Helferich, major U.S. cereal producers began requiring a verifiable seal on all grain railcars. Suppliers were forced to comply.

The best companies won't wait for unilateral demands from their customers. Helferich believes they will seize the chance to improve their processes, even in the face of tremendous uncertainty. What's more, he's convinced they'll realize an eventual return on their investment, in the form of greater supply-chain efficiencies, better preparation against disruptions, and improved customer-service levels.

No Single Solution
Government regulations aside, there are no "catch-all" solutions for companies looking to improve security, says Stephen Tisdalle, a director in the travel and transportation practice of IBM Business Consulting Services in New York City. Solutions will vary according to company, industry and mode. Still, he agrees that success depends on collaboration across the supply-chain, both with government and industry. That's the only way to answer critical questions, such as the identity of the original shipper, the full contents of the container, and who will have contact with the cargo throughout its journey.

Where to start? Tisdalle recommends an in-depth vulnerability assessment, accompanied by better information. One potential tool is a National Shipper Registration Program, bringing together all of the fragmented data currently held by various parties about who is actually shipping and receiving the goods. "It needs to be easily accessible, via the web," says Tisdalle. "It could be the starting point for what gets screened on a risk basis, and for shipper profiling."

At the moment, high-risk or restricted parties are maintained on multiple lists, at the U.S. departments of Commerce, Treasury and State, as well as by foreign governments. Tisdalle believes a centralized U.S. database of "known shippers" could be up and running within six to nine months. "It's amazing how fast things can move when you're given a deadline," he says.

With so many security regulations still pending or unclarified, shippers are justifiably confused about how to approach the issue. Bill Hamlin, president of North America with APL Ltd. in Oakland, Calif., says documentation "is the biggest single thing you need to look at." Customs' new 24-hour manifest rule, along with stricter container profiling, requires traders to have much better information than before.

"Heretofore, the system has been based on trust," Hamlin says. Today, shippers can no longer rely on somebody's word about what's inside an opaque metal shipping container. They must produce accurate weight and price counts, not to mention proper cargo descriptions. The days of declaring a box full of "freight- all-kinds" (FAK) or "general department store merchandise" (GDSM) are fast coming to an end.

The next step is properly sealing the ocean container. Shippers must be able to show that the seal hasn't been broken during the voyage. They must document the entire process of shipping, from loading to every step along the way at which the container was handled. Both electronic and physical seals can help in monitoring, although the ability to combine intrusion alerts with satellite tracking does not yet exist. This so-called smart container will arrive "sooner than we think," says Hamlin.

As with all new technologies, it won't happen without a huge investment in research and development. APL alone has spent nearly $2m to date on beefing up security at its physical facilities, Hamlin says. The total cost of new security measures across the supply chain will run well into the billions.

The result, he says, will be greater discipline in shipping and documentation, as well as streamlined internal processes. "Whether the upside surpasses the cost, we won't know until we get into it," he says.

Early Detection Vital
Few supply-chain vendors have a better handle on Customs issues than George Weise. Now vice president of global trade compliance with Vastera, he was Commissioner of U.S. Customs from 1993 to 1997. He strongly supports Customs' current efforts to push back cargo inspections and risk assessment to the point of origin. "The worst possible time to detect a threat is at the port of entry," he says.

What has changed since Sept. 11, says Weise, is the very definition of risk. Previously, authorities monitored compliance with rules on quotas, product classifications, and illegal items. Now, they're more concerned with making sure the goods are secure.

 

 

 

 

The Department of Homeland Security will require companies to tighten up their processes.

 


 

 

 

 

Many of the software tools that were already on the market prior to Sept. 11 are turning out to be useful in promoting better security. Vendors like Vastera, which supports international trade logistics, can help customers to acquire better information about originating shippers much earlier in the process. That will allow them to anticipate Customs' ultimate assessment of risk, and decision on what to inspect. Vastera's central database combines tracking and tracing capability with information about all trade rules and regulations of the countries involved in a given move. Originally intended for better process control, the tool has meshed well with new security requirements, Weise says.

Outsourcing is yet another important tool for business efficiency that has made the security issue more problematic. In recent years, companies have turned over large portions of their logistics and manufacturing to outside entities. While that approach has undeniable advantages, it also complicates the task of identifying all of the parties involved in the making and shipping of product. It tends to result in isolated pools of information, which must be re-keyed when it passes from one system to another, says Lorne Jones, director of global products with SAP Global Marketing in New York City.

SAP is pushing the advantages of centralization, through a single master data environment. All production information can be contained in one enterprise software system, says Jones. Through the use of a portal, other parties in the global supply chain can view that data and operate under a shared business model.

SAP also offers Global Trade Service capability, for reference checks against denied-parties lists. Other tools relevant to the new security requirements include supply-chain replenishment modeling, to create alternative sources of product, and event-management capability, to alert the parties of any shipment delays. None of those products was a direct response to Sept. 11, Jones says, although each can help shippers to comply with the new rules while improving supply-chain efficiency.

A Truckload Tool
Qualcomm Inc.'s OmniTRACS system, using satellite technology for two-way messaging and shipment reporting, has been on the market in some form since 1988. It is especially popular among U.S. truckload carriers, says Marc Sands, vice president and division counsel in the San Diego, Calif.-based company's Wireless Business Solutions unit. But interest in OmniTRACS has recently shifted from fleet management to security. Last summer, Qualcomm demonstrated the product to congressional leaders and Department of Transportation officials.

Qualcomm plans to add a vehicle disablement feature to its U.S. product in the near future. Such a system is already operating in Brazil, where it is installed in more than 30,000 vehicles, Sands says. The vendor is working with a task force of the American Trucking Associations to define technical standards for remote or on-board truck disablement. Qualcomm's tracking technology has also been used by the Defense Department, for the movement of munitions and other sensitive loads.

Sands believes it will all pay off in the end. "Our strategy in homeland security is to promote the fact that the best solutions are those that provide productivity and security benefits."

In the rush to identify suspicious importers, U.S. companies might forget that exporting can be just as open to security breaches. Darren Maynard, chief operating officer of Rockville, Md.-based NextLinx, says exporters must do a better job of identifying the ultimate customer. That's especially true in the case of advanced high-tech products that might end up in the wrong hands. Prior to Sept. 11, Maynard says, denied-parties lists might be updated every few months. Now such updates can occur more than once a day. Tougher controls have also been placed on the flow of money.

NextLinx offers several products that can help users to generate international trade documents and apply regulatory controls to any shipment. But there are still some gaps in the regulations, Maynard says. As of the beginning of this year, the CSI didn't specify how companies should describe the goods to be loaded at a foreign port. The logical solution, he says, would be to rely on the six-digit Harmonized Tariff Schedule (HTS) code. But Customs isn't set up to process and interpret information in that manner. And many countries may be unfamiliar with the HTS, used primarily to identify imports, when it's applied to exports.

A Case of Timing
Alameda, Calif.-based GT Nexus, which offers a communications and documentation portal for ocean carriers, was in the right place when Customs handed down the 24-hour manifest rule. Company president John Urban says documents previously might have been submitted to Customs up to two weeks after a vessel's departure from the origin port, with shippers and carriers communicating largely through fax and courier. Such a delay is no longer tolerable. Portal technology can automate that process and help shippers to meet the new requirements.

Some shippers are still complaining that the new regulations are too onerous, even as they scramble to comply. "In reality," says Urban, "six months from now, we'll see enormous efficiencies in the ability to plan, with better data on what's coming in."

New types of hardware will also be required. Sunnyvale, Calif.-based Savi Technology makes radio frequency identification (RFID) tags, which have already been used to track U.S. Defense Department cargo worldwide. Savi is also participating in the Smart and Secure Tradelanes Initiative, applying RFID throughout the supply chain.

Lance Trebesch, vice president of business development and security, says such systems must be totally heterogeneous--able to operate across multiparty, global networks--in order to function in the commercial sector. The return on private investment, he says, will come in the form of greater overall efficiency, reduced cargo theft and lower top-line costs, through the avoidance of unnecessary Customs duties.

San Francisco-based Qiva addresses homeland security through the screening of parties to a transaction, says Beth Peterson, vice president of product strategy. Its software allows for the creation of an on-line checklist to be completed by a trader's business partners. An event-management tool lets users monitor the movement of goods, alerting them when a shipment is passing through an insecure location, or remaining in one place for an unusual period of time.

Companies that might have balked at acquiring the technology for efficiency purposes are now inquiring about its application to security, Peterson says. In addition, they're confused by the government's lack of specificity in issuing rules such as the CSI. Peterson cites the inability of current vessel manifests to accommodate a detailed, standardized product description that can be used by Customs to assess risk. They also worry about public disclosure of confidential manifest data.

Assuming such oversights are worked out in the months to come, however, the upside to embracing new security measures seems likely to exceed the downside. Besides the obvious advantage of increasing the nation's security, greater vigilance will mean better business practices. "Many of the issues being addressed by these trade security initiatives have existed for decades," says Adrian Gonzalez, senior analyst with ARC Advisory Group, in a recent report. "The terrorist attacks simply served as a catalyst for reform."