I'm delighted to be invited to speak, again, at The Heritage Foundation-an organization that provides an important voice on vital national policy issues.

I am especially pleased to be able to speak at this conference concerning the issue of a maritime security strategy for the 21st Century.

This is a timely topic in many ways.

What we're really addressing-or should be addressing-is a maritime security strategy that focuses on the threat of global terrorism. One that recognizes the risks, the vulnerabilities, and the consequences of a terrorist attack on or using our maritime systems, the very means that move so much of the world's trade; a strategy that aims to prevent and deter such an attack from happening in the first place.

As Secretary Ridge said in June when he visited our nation's largest, busiest container port, the Port of LA: "Terrorism is a global problem...and [in the context of maritime security] requires a global solution."

And it does.

It cries out for a comprehensive global strategy

Creation of U.S. Customs and Border Protection: The Merger

But, before I discuss what we've done-and much has been done-let me note that when I last spoke here, in September of last year, I talked about one of the Administration's biggest commitments to better prevent further terrorist attacks in the U.S.-the establishment of the Department of Homeland Security. And within this new Department, the creation of U.S. Customs and Border Protection-or CBP-a unified border agency for our government.

Customs and Border Protection combines the personnel and functions of four different agencies-most of Customs, all Immigration inspectors, Agriculture border inspectors, and the entire Border Patrol-into one agency to manage, control and secure our nation's borders.

CBP is the largest honest-to-goodness merger of people and functions taking place within the Department of Homeland Security, and I can report that it is going well. As of this month, we're in one uniform at all ports of entry-not three different uniforms.

We're converting all legacy Immigration and Customs inspectors to a new position-CBP officer, a multi-functional officer at all our nation's ports of entry.

We're cross training all our uniformed inspectors at the ports of entry, and have aligned the Border Patrol as part of CBP and its border mission.

We've expanded our international partnerships against terrorism.

We've pushed our borders outward, instituting security measures long before the cargo shipments or persons arrive on our nation's doorstep.

We know who and what's coming, and we decide-before arrival-who and what requires greater scrutiny.

Some people who are high risk may require more questioning by CBP before entry, and CBP uses broad Customs authority to search anything and anyone, as well as broad Immigration and Customs authority to refuse entry to anyone or anything that poses a threat.

Creating "One Face at the Border," as Secretary Ridge has said, creating one agency at and for our borders and all our entry points is one of the most important ideas of President Bush's proposal to create a Department of Homeland Security.

It has been an idea that has been substantially achieved-and is working.

And America's borders are more secure because of it. Far more secure than they were before 9-11, before there was a Department of Homeland Security. More secure than they were when our border agencies and personnel were literally fragmented into four separate government agencies in three different departments of government, as they were before March 1, 2003.

The priority mission of CBP is homeland security. For a border agency-for the border agency-that means our priority mission is preventing terrorists and terrorists weapons from entering our country.

The President is committed to do everything we can to prevent another terrorist attack in the U.S. And one of the best ways to prevent another attack is to prevent the terrorist operators from getting into the U.S. in the first instance.

We also want to prevent terrorist weapons from entering or being smuggled into the U.S., especially those weapons and components that are not easily attainable within the U.S. Of course, that includes, most definitely, weapons of mass destruction.

Maritime Security Defined

So, how does all this relate to maritime security?

I've thought about this issue a lot since 9-11, since I was sworn in as the Commissioner of U.S. Customs back in September 2001.

In fact, when I last spoke at Heritage, I discussed the Container Security Initiative (CSI), the Customs-Trade Partnership Against Terrorism (C-TPAT), the 24-Hour Rule, CBP's National Targeting Center, and our Automated Targeting System.

All these initiatives started at U.S. Customs after 9-11 and are carried forward by U.S. Customs and Border Protection within the Department of Homeland Security. And they were strongly supported by Secretary Ridge, going back to when he was the Homeland Security Advisor to the President.

All of these initiatives are directly related to the security of maritime cargo shipments, the security of our nation's seaports, the protection of the movement of global trade, and the systems critical to that movement.

All of them are related, ultimately, to the protection of our economy and our country and its citizens against terrorist attacks and disruption.

Before I go further, we should define our terms, and we should define our threats, because unless we do...let me just say that there is a lot of fuzzy thinking about what "maritime security" is.

To some, the term maritime security is synonymous with maritime safety. Safety takes into account, for example, the operational readiness of the vessel and crew, as well as infrastructure and environmental factors that may effect the safe operation of the vessel. That's important, but that's not what I'm going to talk about.

To others, maritime security means preventing the maritime systems from being exploited by criminals. This usually refers to:

(1) Security against pilferage of valuable cargo, the theft of legitimate cargo shipments somewhere during the movement of that cargo through the supply chain, while sitting on the docks, on board ships, or in container terminal yards.

(2) In law enforcement circles, maritime security usually means security against the concealment of illegal drugs or other contraband smuggled inside a container or vessel. Both U.S. Customs and the Coast Guard have worked this issue. And so has my former agency, DEA. From a law enforcement perspective, this kind of maritime smuggling frequently involves "internal conspiracies," i.e. drug traffickers conspiring with dock workers.

But, while those types of crimes could be curbed by greater "maritime security," and were the subject of much discussion before 9-11, my comments on "maritime security" and our need for a maritime security strategy are not driven by these concerns.

Nor should this historic criminal smuggling concern drive our thinking about what we need to do.

The Threat as It Relates to the Maritime Environment

Our maritime security strategy or strategies should be driven entirely by 9-11.

They should be driven by the continuing threat of further terrorist attacks by Al Qaeda and Al Qaeda-associated terrorist organizations.

The greatest threat to U.S. security via the maritime environment today is the potential for terrorists to use the international maritime systems, its modes of transport, to smuggle terrorist weapons-or even terrorist operatives-into a targeted country, such as the United States.

Now that I defined how I'm using the term "maritime security", let me talk about the terrorist risk.

Despite the politics of funding domestic port security, I mean better securing the perimeter of our U.S. sea ports, lighting and cameras-CATV-of the terminal yards, restricting access to those that work or have legitimate business at our seaports.

All these things are generally desirable because of the criminal threat, but LA Longshoreman notwithstanding, they have, relatively speaking, very little to do with the threat posed by global terrorists, by Al Qaeda and its cohorts.

We can secure our seaports in this sense, and yet they will remain vulnerable to what is arriving and passing through those ports everyday.

Every day, about 15,000 containers arrive-and are off loaded-at our nation's seaports. That's nearly 9 million a year.

They come in two sizes. The 20-footers and the 40-footers.

I am going to talk about the threat to our maritime security and to our economy-to the global economy, if even a single one of those containers goes off.

As I've said, there is a lot of muddled thinking, or no thinking, about the terrorist threat as it relates to maritime security.

I do not say that the threat from international maritime cargo is the only threat we should-and are-addressing, but it is central to a maritime security strategy to identify, detect, and prevent this threat at the earliest point in the international supply chain, before arrival at our country's seaports.

CSI, C-TPAT, the 24-Hour Rule, CBP's Automated Targeting System for maritime cargo, CBP's National Targeting Center that has designed sophisticated targeting rules based on strategic intelligence and anomaly analysis are layered, defense-in-depth, extended border strategies that do that.

And, because of President Bush and Secretary Ridge, these strategies are in place. Right now. None of them existed before 9-11.

That is not to say there are not other terrorist threats, such as a vessel loaded with hazardous materials, like LNG, or even a USS Cole-style attack in a U.S. port. But, DHS, principally the Coast Guard, is on top of these threats.

This threat of a terrorist attack using a cargo container is not academic.

Just two months ago, two Hamas suicide bombers entered the port of Ashdod in Israel concealed in a cargo container. They killed a couple dozen innocent people.

Shortly after 9-11, in October 2001, Italian authorities found a suspected Al Qaeda operative locked inside a shipping container bound for Canada. The container originated in Port Said, Egypt. This was no ordinary shipping container. Inside the container were a bed and bathroom, as well as airport maps, airport security passes and a phony airplane mechanic's certificate.

When you think about it, the container is the potential Trojan Horse of the 21st Century that we need to guard against.

But a container can be used to transport more than just terrorists.

National security experts, such as Steve Flynn, have repeatedly pointed out the vulnerability of oceangoing cargo containers to terrorist exploitation. These warnings arise precisely because it is easy to conceal a weapon inside a container. It's easy to make a container into a weapon.

A 20-or 40-foot long boxy missile, not launched by a ballistic missile, but a missile wafted into one of our nation's seaports, all of which, for historical reasons, are located in the middle of our nation's largest urban areas.

The Port of New York is actually mainly in New Jersey, in Newark, within a stone's throw of Lower Manhattan.

The Port of Los Angeles sits in a basin with a population of 16 million.

One of the terminals of the Port of Seattle is right across from downtown Seattle, across a six-lane highway.

A 40-foot container with an ammonium nitrate bomb would create ten times the blast of the Oklahoma City bombing.

But the "sum of all fears" is a "nuke-in-a-box."

One does not wish to be an alarmist, but this much is known:

(1) Bin Laden has been trying to get his hands on a nuclear device or fissile materials for over six years.

(2) He reportedly has met with a Pakistani nuclear scientist some years ago, and

(3) We now know A. Q. Khan had a price.

The reality is: even if Al Qaeda doesn't have one now, we must build a maritime security system to prevent such an attack. The consequences are such that, even if the risk is small, we cannot afford to do anything but our utmost to develop the kind of maritime security strategy to prevent such an attack.

But it's not just a nuclear device that we need to worry about and prevent.

Any terrorist attack using a container, even a conventional improvised explosive device, an RDD-a so-called "dirty bomb"-could stop global trade in its tracks, unless we have a maritime security system or systems that can detect, deter and prevent such an attack.

Actions Taken by the Administration to Respond to the Threat

That's why we proposed and implemented CSI...and C-TPAT...and required advance manifest information under the 24-Hour Rule...and developed an Automated Targeting System especially for maritime cargo, that assesses the risk for terrorism of every oceangoing container headed to a United States seaport, before it arrives on our shores.

Before the container is loaded on board a container ship heading to the U.S., we evaluate and risk score every sea container, all 9 million of them that arrive annually. That's about 15,000 a day. Our automated targeting system is dynamic, but its hundreds of targeting rules are based upon, derived from, strategic intelligence about our enemy, and upon anomaly analysis.

It's a sophisticated targeting system. And 100%-every one of the containers identified as high risk for the terrorist threat-are subjected to a security inspection, which, at a minimum, includes a scanning of the container with a large scale, whole container, x-ray type machine and running the container for radiation emissions.

With CSI, we are able to screen many of the high-risk containers at foreign CSI ports before they are loaded on board a vessel for the U.S.

Let me say a word about where we are with CSI.

I proposed CSI in January 2002 at another policy institute here in Washington-to target and screen containers at foreign seaports before they are loaded on vessels for the U.S.

It was revolutionary, primarily because it contemplated that foreign Customs authorities, working with the U.S., would do outbound screenings, not just inbound, for high-risk containers in order to improve the overall security of the movement of containers from that country's seaports.

The first three countries signed CSI agreements with the U.S. in June 2002. Three weeks ago, Greece signed a CSI agreement. It was the 18th country to do so. This week, we deployed a CSI team to Greece. CSI will become operational in the Port of Piraeus on July 26, and become the 20th overseas port at which CSI is operational.

The other ports where CSI is already operational are:

In Europe:

Rotterdam, Netherlands
La Havre, France
Bremerhaven, Germany
Hamburg, Germany
Antwerp, Belguim
Felixstowe, United Kingdom
Gothenburg, Sweden
Genoa, Italy
La Spezia, Italy

In Asia:

Singapore
Yokohama, Japan
Hong Kong, China
Busan, Korea
Port Klang, Malaysia
Tokyo, Japan

In Canada:

Vancouver
Montreal
Halifax

In Africa:

Port of Durban, South Africa

Our initial goal was to have CSI up and operational at 20 of the largest container ports of the world, in terms of volume of containers shipped to the U.S. And we will meet this remarkable goal this month. But we are not stopping here.

We are working to implement CSI in 10 to 15 more ports before the end of this year. And we won't stop there.

CBP has significant authority to leverage increased maritime security. If we don't have compliance with the 24-Hour Rule or a container can't be screened at a CSI port, I have authority to issue-and have issued-hundreds of NO LOAD orders.

This is based on the Commissioner's or Custom's authority to deny a permit to unlade cargo at the U.S. port. Here's how it works. CBP notifies the carrier that a container of concern or for which we have not been provided advance manifest data required by the 24-Hour Rule will not be given a permit to unlade. The carrier takes the hint and doesn't load it. CBP also has authority to deny permission of a vessel to enter port.

Through C-TPAT, we have increased security of maritime cargo even further back into the supply chain, by getting our private sector C-TPAT partners, major U.S. importers, for example, to require increased security at the point of origin, the point of stuffing a container, literally at the foreign manufacturer's loading docks.

This includes measures to check to make sure the container is empty. Implementation of best practices assures the security of the manufacturer's loading dock. C-TPAT partners are also requiring more secure, smarter seals on the containers.

There are over 6,400 C-TPAT partners, up from seven in November 2001, when we launched it. They include major U.S. importers and cover over 50 percent of imported goods via maritime cargo container by value.

As a great late former President said: "trust, but verify." And CBP has a cadre of supply chain security specialists that travel the world and validate that security commitments are met, especially by our C-TPAT partners' foreign vendors.

So, CBP is using its expertise and authority (to hold and inspect, to deny unlade permits) and its knowledge of and historic relationship with the private sector participants in the international supply chain as part of an overall strategy for maritime security against the threat posed by global terrorism.

But we have governmental partners, also. And our most important partner in maritime security is the United States Coast Guard.

The Coast Guard is the lead agency for most of the Maritime Transportation Security Act (MTSA) provisions, and was the leader in getting the International Ship and Port Facilities Security Code adopted by the International Maritime Organization (IMO). Coast Guard is ensuring that the security of foreign and domestic ports meets minimal standards. CBP, because we have thousands of CBP officers at our nation's seaports, works with Coast Guard on security of U.S. ports, but the Captain of the Port has the lead.

We share the crew data and analyze it through our ATS for passengers and crew members. And now that immigration inspectors and Border Patrol are part of CBP, we work to prevent and apprehend absconders and stowaways aboard vessels.

But while Customs cooperation with Coast Guard has always been good, it's even better with the Department of Homeland Security. The reason is-we're part of the same department of government for the first time since 1967, so roles and responsibilities can be clarified as needed, and coordination, especially in anti-terrorism security matters, assured-without going through the cumbersome interagency process.

Our roles are complementary. For example, what the Coast Guard has done with the IMO Code complements what CBP is doing through the World Customs Organization to internationalize the standards for the security and facilitation of global trade by internationalizing C-TPAT and CSI.

CBP, TSA, and the Department of Transportation have played a key role in overseeing of Operation Safe Commerce, the funding for test bed pilot projects to see what technology can contribute best to the security of the international supply chain, but inexpensively enough to be accepted by the private sector owners of that chain.

And the private sector itself has an interest in finding technological solutions to improve maritime security. And they are.

What More Needs to be Done

That said, let me make an observation: All these measures are still not enough.

Partnerships within the Federal Government, such as CBP, TSA, the Coast Guard-partnerships with the private sector, such as C-TPAT-partnerships with other nations for the Container Security Initiative-the 24-Hour Rule-sophisticated targeting-all of these actions are important and are the bedrock of our global maritime security.

But as the Secretary of Homeland Security Tom Ridge has said: "We have to get it right all of the time-the terrorists only have to get it right once."

So, where do we need to go from here?

We need to have total visibility throughout the supply chain.

Let's take a graphic look at the supply chain.

Here's a roadmap of the global supply chain-starting with the foreign manufacturer, all the way to a warehouse in the United States-where it will go into stores in your local shopping mall.

What information exists today? A lot.

Above the graphic, you can see supply chain data and information that is already available and shared among all the players in the international trade community. Information, such as the advanced shipment notice and booking information indicates the parties associated with each shipment-information, such as the true ports of origin and the stops along the way. This information is available weeks to months before we get it at U.S. Customs and Border Protection.

Today, our earliest targeting information is available and actionable on, only in CSI ports. So, looking at our supply chain, the first time CBP has access to trade data is 24 hours before a U.S.-bound container is loaded on board a vessel at a foreign seaport.

We need information that pushes back even further into the supply chain than the

24-Hour Rule.

Now, let's take a look at the world. On this map, you can see the movements of containers prior to the CSI location, where we begin targeting today. These containers can-and do-make stops all along the way to that CSI ports-stops in countries that are known for terrorist activities.

On this chart, for example, the ship bound for Long Beach, in the United States, from Singapore, did not originate in Singapore. Rather, it began its journey on a different vessel in Karachi, moved to Bangladesh, then traveled to India, then Indonesia, and only then to the CSI port of Singapore. The container was then offloaded at the port of Singapore and reloaded on a different vessel headed for the port of Long Beach.

You can only imagine what might have happened to that container and its contents during this journey.

What are we doing to address this? U.S. Customs and Border Protection has now launched a new initiative-the Advanced Trade Data Initiative-building on all of our other maritime security measures, to get the information that will provide even greater visibility throughout the supply chain.

Partnering with the carriers, importers, shippers and terminal operators, we are gathering this supply chain data, feeding it into our targeting systems, combining it with the 24-Hour Rule data, our entry data, our automated targeting rules that are based upon strategic intelligence and other law enforcement information. All of these data will create a crisp and clear targeting picture, allowing us to zero in on suspect movements and perform any necessary security inspections at the earliest point possible in the supply chain.

And, like any effective risk management measure, this improved targeting will, of course, also enable us to do an even better job of facilitating trade.

Let's look again at the map showing container movements. At the bottom of the map, you can see the type of data we will be getting through this new partnership. As an example of its use, we can see the container number, the seal number, the bill of lading number and all of the ports along the way. (There will be many more data elements, of course-this is just illustrative.)

Yet, we know they exist.

The new CBP Advanced Trade Data Initiative will provide this data. The initiative has three ultimate goals:

1) identifying the true port of origin and all stops along the way;

2) learning of all parties associated with the shipment, some of whom we do not see today;

3) determining the veracity of commodity descriptions, so that we can be assured that what's in the container is what they say it is; and most importantly,

4) improving our risk targeting and anomaly analysis so that security inspections of high-risk containers can take place as early as possible in the movement of cargo through the supply chain.

The Advanced Trade Data Initiative holds out great promise for global maritime security.

Instead of getting information at the last port destined for the United States, where the 24-Hour manifest information comes in, we will get it at the point of origin, the factory.

We are now prototyping the Advanced Trade Data Initiative. The next time I address you, I hope to demonstrate its success. I am convinced that this initiative, when added to our other measures to strengthen the global supply chain, will make America-indeed, the world-safer and more secure.