Ship security challenges in high-risk areas: manageable or insurmountable?

Piracy can lead to risks so high that they, according to the International Maritime Organization, are tolerable only if risk reduction is not practicable or is disproportionate to the benefits achieved. Therefore, there is a need for reducing ship security risks in relation to antagonistic threats such as piracy. The aim of this study is to identify challenges for ship operators when developing their ship security management. Furthermore, this study also investigates two central aspects in the analysis: understanding the threat and understanding how a security threat affects the crew and operation of the ship. It is clear from the analysis that the importance of subjective aspects beyond a ship operators’ direct control is high. This seems to be the fact for all aspects of the risk management process. The situation is also dynamic as the security risk, as well as the risk perception, can change dramatically even though there are no actual operational changes. As a result, the ship security management process is highly iterative and depends on situations on board as well as conditions out of the ship operator’s control. In order to make ship security manageable, the risk management has to put particular focus on methodological understanding, relevant system understanding and well-defined risk acceptance criteria as well as on including all levels of the organization in the risk reduction implementation and on a continuous monitoring.


Introduction
According to the International Association of Classification Societies (IACS), regulations and requirements should only be seen as a starting point for ensuring safe and secure ship operations. The ship operator must, therefore, follow the applicable regulations and requirements, but is also responsible for identifying and safeguarding against the risks associated with its particular ship, operations and trade beyond the regulations. The methods applied must be systematic, if assessment and response are to be complete and effective, and the process documented to provide evidence of the decision-making (IACS 2012).
Research has shown that for shipping worldwide, piracy, during the years 2000-2009, led to risks so high that they only are tolerable according to the acceptance criteria laid out by the International Maritime Organization (IMO 2000) if risk reduction is not practicable or is disproportionate to the benefits achieved (Psarros et al. 2011). For ships that often transit piracy-infested waters, this risk is even higher. Hence, there is a need for reducing ship security risks in areas with a high frequency of piracy. However, ship security is not only about piracy, it is also important to reduce the probability of actions such as terrorism, theft, stowaways and smuggling.
Ship security measures are often the first and only measures preventing criminal acts at sea, and at the same time, ship operators have been shown to have problems in defending the quality of their ship security analysis when it is challenged . Ship security is regulated in the International Ship and Port Facility Security (ISPS) code (IMO 2002b). This code was developed in the aftermath of the terrorist attacks in USA on September 11 in 2001. The development started 2 months after the attacks, and the final code was presented 13 months later (Wengelin 2012). This fast process implies that the development was characterized by it being better to have something imperfect rather than nothing at all (Mitropoulos 2004).
Ship security management is today prescribed to be risk based (IMO 2002b;UKMTO 2011) and has two objectives: to effectively reduce the security risk to acceptable levels and to create a security culture in the organization that supports effective ship operation on an everyday basis. Handling the organizational culture is extra challenging because of the subjective nature of risk perception and because different levels of experience and training mean that hazards and risks associated with an activity can vary greatly with the people who carry it out (IACS 2012). Another challenge is that risk analysis often suffers from a too narrow perspective when it comes to identifying threat, hazards and consequences, especially with regard to risk perception and cultural bias (Frosdick 1997).
Proceeding from the risk-based approach, the aim of this study is to identify challenges for ship operators when preparing for security threats. This study investigates the methodology for the analysis and also focuses on two central aspects in the analysis: understanding the threat and understanding how a security threat can affect the crew and operation of the ship. These two areas are especially chosen because they are assumed not to be a natural part of a ship operator's organizational knowledge and at the same time crucial for successful risk mitigation.
In order to fulfil this aim, the study sets out to explore and describe three central areas: methods for security risk analysis in section 2; as an example of the maritime security environment-the non-homogenous security conditions on the African continent in relation to ship security in section 3 and the crews' role in the security efforts and operation performance of the ship in section 4. For each of these three central areas, challenges are identified. Section 5 analyses the identified challenges in respect to the management process. In section 6, the result is discussed and possible actions to improve the ship operators' possibility to handle security are proposed. Section 7 summarizes the conclusions.

Ship security methodology
Approaches for ship security outlined in the ISPS code and Best Management Practices for Protection against Somalia Based Piracy (BMP4) for ship security are risk based (BIMCO 2013;IMO 2002b;Norwegian Shipowners' Association 2008;UKMTO 2011). Risk management is defined here as the systematic application of management policies, procedures and practices to the task of analysing, evaluating and controlling risk. Risk management is often described using the following activities: 1. Risk analysis-including scope or system definition, hazard identification and risk estimation. 2. Risk evaluation-including risk tolerability decisions and analysis of options. 3. Risk reduction and control-including decision-making, implementation and monitoring (DCDC 2010;IACS 2012;IEC 1995;Kuo 2007;Yang et al. 2013). Figure 1 illustrates the process of security risk management, its components and subcomponents. Risk is generally defined as a function of the probability of the occurrence of an unexpected/unwanted event and the consequence it leads to (IACS 2012).
The results of a risk analysis must always be weighed against risk tolerability levels as well as other operational parameters, such as financial considerations, requested reliability and possible operational gain. Generally, higher risks are tolerable if the possible operational gain is high (IACS 2012;NATO 2007;Yang et al. 2013).
The ISPS code is the first regulation with the possibility of affecting ship security efforts on an international scale. However, according to Yang et al. (2013), the lack of objective guidance for shipowners on how to effectively analyse security risks constitutes a research gap, requiring the development of systematic risk analysis methods.
In a risk analysis, the system definition and the threat identification and analysis are co-dependent and cannot be done separately. Thus, a risk analysis is considered more challenging for security than for safety (Bichou 2008). The understanding of safety (hazard-based) risks may come from objective incident statistics, while security (threatbased) risks often must be described and presented using expert judgements (Yang et al. Fig. 1 Security risk management and its components . A similar approach is also presented by Yang et al. (2013) 2013). Therefore, when analysing security risks, there is a need for a thorough threat analysis in order to explain causes and predict future risks (Bichou 2008).
The risk evaluation has to be performed against a set of risk acceptance or evaluation criteria in order to enable the organization to establish priorities and to decide where resources may be allocated to achieve greatest effect (IACS 2012). The criteria could be high-level implicit criteria that would imply a subjective evaluation. There is however a drive in IMO for explicit evaluation criteria such as quantifying maximum tolerable risk for individuals on board and on shore (Skjong 2002). Such explicit criteria would however need a full quantitative risk analysis.
Risk reduction and control includes decision-making, implementation and monitoring, and in order to attain a real, practical contribution towards improved security, risk management must be continual and flexible. Threat, organization, technology, working practices, regulatory environment and other factors are constantly changing, and subsequently, arising hazards will not be included. Therefore, control measures must be reviewed regularly and in the light of experience; for example, an increase in the number of incidents may indicate that previously implemented controls are no longer effective. Additional risk assessments will also be needed for infrequent activities or those being undertaken for the first time (IACS 2012).
Codes and guidelines prescribe a risk-based approach for ship security. However, there are limited descriptions on how the analysis should be performed (BIMCO 2013) and on how adequate quality can be achieved (Bichou 2008). General research on risk analysis has identified a number of conditions that need to be fulfilled for a risk analysis to support sound decision-making: clear decision alternatives, relevant utility estimates for all alternatives, reasonable probability estimates and reasons to choose the alternative that best meets the utility estimates (Hansson 1993). Research on security risk analysis shows that for security assessment and reduction and control, special focus has to be put on risk perception (Bichou 2008;Frosdick 1997;Kunreuther 2002).
The challenges in respect to the security risk management process itself are therefore that: -The process is applied to an area (security) for which risk management is not as tested and there are relatively few tools developed aiding the ship operator in the analysis, -In comparison to safety risk management, the statistics on relevant phenomena is limited, -There are no specific risk acceptance criteria for maritime security risks, and -There is no discussion on how to define and achieve sufficient quality in the analysis.

Understanding the maritime security environment
In this section, the waters around the African continent are used to describe how security threats can be viewed as a result of prevailing security political conditions on land and international political agendas. The section concerns what broadly could be described as the Exclusive Economic Zones of West and Central Africa and Eastern Africa. This limitation has been chosen since the North African problems differ from the rest of the continent, and there are no challenges in Southern African waters which are not representative of those treated in the text. The waters around the African continent are facing a multitude of challenges. While many of these challenges have been known to the maritime community for a long time, some have escalated during the last decade bringing in new actors and alerting international stakeholders. Many problems which have been a reality for the African coastal communities for a long time are now resurfacing on an international level. Consequently, there is a gap between local demands and international priorities.
With regard to extent and costs, the Somali piracy has dominated the maritime security challenge in Eastern Africa. Somali piracy has been recorded ever since the ICC-IMB started to monitor acts of piracy in 1992. In the late 2000s, the Somali piracy escalated, increasing every year to an all-time high in 2010 with 220 recorded attacks out of which 49 were successful hijacks. Calculating all costs associated with the Somali piracy (i.e. increased speed, military costs, ransoms, raised insurance costs, armed guards, etc.), the report Oceans Beyond Piracy estimated the cost of piracy to be between 6.6 and 6.9 billion USD during 2011, where the shipping industry is carrying 80 % of these costs (Bowden and Basnet 2012). Because of the general decrease in Somali waters during 2012-2013, other piracy areas have resurfaced as potential areas for a stronger maritime focus and possibly also naval engagement. See Figs. 2 and 3 for the situation off Africa during 2013 and the changes in piracy activity for the years 1992 to 2013, respectively.
However, viewed as an illegal activity taking place in the Eastern African region, piracy is but one among many that will affect the effectiveness of the ship operator's security measures. Smuggling, illegal fishing and waste dumping, all occur to some extent in the waters off the coast of Eastern Africa and will have a direct or indirect impact on ship security (UN OCHA Somalia 2006). Alleged illegal fishing by tuna fishermen in the Seychelles and Mauritius has been an issue and is sometimes discussed as the first cause for the boarding of ships along the Somali coast. This notion has however been challenged by scholars who have seen a more deliberate criminal organization behind the piracy (Hansen 2009; Sörenson and Widén 2013).
Many of the problems found in Eastern African waters can also be located along the West and Central African coasts where piracy has been and remains an issue. While the Somali pirates have financial incentives for their activity, this is not necessarily the case in West Africa. The political organization Movement for the Emancipation of the Niger Delta (MEND) in Nigeria has on several occasions attacked and held oil rigs and tankers in the Niger Delta. The motivation for MEND is clearly to put political pressure on the Nigerian government to include the local minorities in the Niger Delta (Obi 2008). MEND is however only responsible for a part of the piracy. In 2012, 27 out of more than 60 piracy incidents were associated with MEND (IMB 2013). Therefore, the piracy off West Africa poses more diverse challenges to ship operators with both expressive actions, where the focus is to voice grievance and frustration, as well as instrumental actions, where the focus is to obtain a particular outcome such as ransom.
Just as in Eastern Africa, illegal fishing and fishing rights are high on the agenda in West and Central Africa. Furthermore, West Africa has during the last decade emerged as a transit route for most of the cocaine destined for Europe. Although the trade does not directly impact on the maritime community, the acts of smuggling and the corruption it generates is destabilizing to the West African region (UNODC 2012). Summing up the challenges in respects to threats, it is found that: -There are many different activities that can affect the ship security, such as piracy, smuggling, trafficking, illegal fishing and antagonistic threats, -Some activities pose a direct threat to the shipping community, and others are part of the general maritime picture that creates a threatening environment, and -While one area can unambiguously suffer one of the listed problems, in an adjacent area, there can be other types of challenges.
Although some regional states such as the Seychelles and Mauritius are directly impacted by the piracy through loss of cruise ship tourists and threatened fishing communities, most of the Eastern African states such as Djibouti, Kenya, Tanzania and Madagascar are only marginally affected by piracy. However, all of these states have an active interest in coming to terms with illegal fishing and smuggling. Hence, while the shipping community requests direct action against the Somali piracy, the region seeks broader maritime security solutions. Consequently, maritime security initiatives in the region have proven to be very complicated since the incentives to sponsoring security solutions differ between the international actors and the regional states.
The international naval operations Atalanta (EU), Ocean Shield (NATO) and the Combined Maritime Forces off Somalia are mainly focused on counter-piracy. Besides the naval operations, there is a plethora of initiatives which tries to tackle other aspects of the piracy, some of which involves the Djibouti Code of Conduct, the Contact Group on Piracy off the coast of Somalia, UN Office on Drugs and Crime and EUCAP. Evidently, most of these initiatives have sidestepped the regional demands and instead focused on the international shipping community with exception of EU Operation Atalanta and EUCAP Nestor (Sörenson 2011).
West and Central Africa have had a different approach for coming to terms with their maritime security problems. The West African Code of Conduct involves 22 states and concerns the repression of piracy, armed robbery against ships and illicit maritime activity in West and Central Africa and includes a wide range of maritime security activities (IMO 2013). The code of conduct is modelled on the Djibouti Code of Conduct and builds on the work by the Maritime Organization for West and Central Africa (MOWCA) (African Maritime Safety and Security Agency 2008). Therefore, West and Central Africa have an organization focused on maritime security. This also means that international actors who wish to address a particular issue have an interlocutor in the region and that Western Africa takes a broad comprehensive approach and tries to optimize resources (Elowson 2009).
Hence, there is a variety of activities aimed at those very problems which the individual ship operator also is interested in avoiding. Therefore, there are challenges posed by security initiatives such as the following: -The presence of security forces, such as a convoy, an ongoing police raid in the harbour or a naval exercise, or of a disgruntled local community have to be recognized and may all impact on the planning of a route, -Failing to adhere to the counter-piracy operations recommendations and, while transiting, to communicate with such an operation may expose one even more to a piracy attack.

Understanding the crews' role in security efforts
The crew is one of the most important contributory aspects to the causation of safety incidents (IMO 2002a). Furthermore, interviews with ship operators show that the biggest driver for implementing security measures is the crew's perception of security . It is therefore important to understand the situation on board and how the perception of security risks affects the crew in terms of health, well-being and performance. Despite significant improvements in ship design and operations, the maritime industry still suffers from high levels of occupational morbidity and mortality compared to similar shore-based occupations (Ellis et al. 2011;Oldenburg et al. 2010;Roberts and Marlow 2005). In addition, the shipboard work and living environment has a high incidence of psychological stressors that affects health, well-being and performance (Österman 2012;Comperatore et al. 2005). Working conditions are characterized by long working hours, shift work, high demand and low control, conditions well known to cause occupational stress and ill-health (Karasek and Theorell 1990). Seafarers are also the most isolated demographic group in the world, both in terms of social isolation from family and home, as well as isolation from emergency medical and primal health care.
As illustrated in Fig. 4, the activities on board are performed within a context with a broad range of human, technical, organizational and environmental factors that can influence, but not necessarily determine, an operator's performance in a system.
There are extensive gaps in the literature regarding the effects of security threats such as piracy on the health and performance of the crew. However, from Fig. 4, it is clear that the effect of the threats, as well as security measures, must be viewed in an already complex environment.
Typical reactions to stressors can be divided into (1) cognitive, (2) emotional and (3) social effects. Cognitive effects are concerned with mental processes such as perception, cognition and motor response. Cognitive effects of stress include, but are not limited to impaired working memory and concentration, confusion and disorientation, hypervigilance and hyper-arousal. Emotional effects include depression, shock and numbness, fear and anxiety, helplessness and hopelessness, dissociation, anger and loss of pleasure in doing that which was previously pleasurable. Social effects include withdrawal, irritability and avoidance of social contact. The abovementioned stress effects will in turn lead to poor decision-making and what is often called the speed-accuracy trade-off where a stressed operator may trade accuracy of performance/execution of tasks to increased speed (Wickens and Hollands 2000). Further, rumination and worry self-perpetuates as anxious thoughts activate other anxious thoughts, increasingly using up cognitive and emotional resources (Bower 1991;Richards and Gross 2000). Therefore, in a situation with a perceived security threat, there are fewer resources left to concentrate towards the execution of the task at hand and the likelihood of errors increase. Subsequently, it is important that the ship operator acknowledges that well-learned skills and well-rehearsed tasks require less attentional control, thus performance of these tasks are less affected by stress (Beilock et al. 2002;Fisk and Schneider 1984;Smith and Chamberlin 1992). Moreover, well-designed systems that offer peripheral cues to operators will enhance performance of a given task. Hence, it is important to involve the users and to ensure education and training of all safety and security critical systems on a regular basis and especially when implementing new safety and security measures (UKMTO 2011;Landsburg et al. 2008;Koningsveld et al. 2005;Launis 2001). In relation to security threats that often changes over time, it is especially important to, in order to make sure that security changes are implemented correctly, involve management and users and educate all, but also for example to use sound processes, have qualified personnel and base the solutions on sound human factors research (Landsburg et al. 2008).
In recent years, there has been a move in the safety research field from a pathogenic model which emphasizes problems, towards resilience which offers a more positive and optimistic approach that emphasizes coping. Therefore, it is also necessary to develop seafarers' ability to cope. Coping is an important part of the stress process and usually involves both task-and emotion-focused coping strategies. It is therefore alarming that in a study on the psychological impact of piracy on seafarers, the results show that almost all of the interviewed seafarers felt that they have not received adequate mental preparation for traversing known zones of piracy (Garfinkle et al. 2012).
In summary, in order to analyse and implement ship security management effectively in terms of operator health and performance, ship operators face the following challenges: -In order to capture the security performance of the organization, the risk analysis must include the state on board in regard to education and training, coping strategies, usability of technical and administrative systems and systems for providing for both seafarer and family, -It is crucial for success of implementation of safety and security routines that the implementation includes all levels of the organization including user involvement and education and awareness of all, and -The security management must be committed and sound in respect to human factors on board.

Analysis of the conditions for ship security analysis
As shown in section 2, the security analysis has to be ship specific which calls for a well-developed knowledge about the ship. This knowledge is here assumed to be inherent to the ship operators organization and left out of the analysis. This study instead focuses on the following three areas with the intent to describe their role in the risk management process: -Methods for security risk analysis, -The maritime security environment, and -The crews' role in the security efforts.
These three areas, and especially the challenges identified in previous sections, are analysed with respect to their effect on the ship operators' risk management process as defined by section 2 and Fig. 1.

Risk assessment
The type of intent, expressive or instrumental, varies greatly between different regions and also between different organizations in a region. Also, organizations with the same type of intent can have different capabilities and thus modus operandi. Therefore, there is a great variety of threats that, in the general case, needs to be analysed. In safety, historic frequency can give insight to which areas that can be neglected as a result of relative low risk. No such reliable insight exists for security in order to choose threats to focus on in the analysis. At the same time, it is not possible to analyse all security threats and therefore assumptions need to limit the analysis, but without decreasing the validity of the result.
Research shows that preventive and preparatory work on board affects the likelihood of an attack and that a ship that is perceived as being well prepared will be less likely to be attacked . In order to, in the risk assessment, include effects of security risks on the crew, risk estimation has to consider education and training, coping strategies, usability of technical and administrative systems and systems for providing for both seafarer and family, i.e. an understanding on how the crew can be made to feel safe and secure and become less affected by security stressors. Further, risk estimation must include an understanding on how aspects such as political and demographic conditions on land lead to risks as well as how these conditions can pose as psychological stressors on the crew. Since these areas of understanding are not in the ship operators typical competences, there is a need to use external experts. However, there is no guide on how to choose and use external experts.
The probability for an incident to occur is dependent on external factors such as weather and local geography, but also political changes, security incentives and recent incidents. Some of these aspects can be included in the system and scenario definition, but others will have to be considered at the risk estimation or even on board during a voyage. Currently, there is a lack of standardized and thoroughly documented examples or methods (best practices) on how security risk estimation can be done and continuously updated on ship operator level.
The ship operators' risk tolerability decisions are dependent on the consequences studied as well as the evaluation criteria used. However, there are no standard sets of security risk consequences or evaluation criteria to use, but criteria for safety could, to some extent, be used as guidelines.
In most cases, the analysis of options requires that the ship operator revisit the risk analysis to test risk control measures and examine how they affect the risk. There is a reason to believe that this process is extra challenging for security cases as the studied system can be altered as new controls are introduced.

Risk reduction and control
The implemented controls should be in a wide range of aspects such as training, route planning, new routines on board or in the shore organization and technical equipment. A notion of insecurity is enough to increase the risk; therefore, it is important for the ship operators to both reduce the actual risk but also to make sure that the crew is included in the process and perceives the reduction as effective.
Continuous shipboard training is important to reduce the effect of psychological stressors on the crew and to develop coping strategies for potential unsecure situations that may arise. Since stress negatively affect the crew's decision-making on board, it is important that the implementation is robust, i.e. insensitive to reduction in crew effectiveness. This can be achieved by implementing measures that are understood by the crew accompanied by clear and usable routines and continuous training. As with all changes in organization or introduction of new technology, it is crucial to develop this implementation in cooperation with the crew.
The threat, organization, technology, working practices, the regulatory environment and other factors are constantly changing. Therefore, choice of control measures must be reviewed regularly. Additional risk assessments will be needed for infrequent activities or those being undertaken for the first time.
For ship security, the monitoring must cover changes in the crew's security perception. This is necessary since the cognitive, emotional and social situations on board can change over time without a change in the threat. Furthermore, the situation on land and the maritime security environment must be continuously monitored. Therefore, the ship operator must have the ability to monitor the overall situation on land and at sea in order to be able to react if the situation changes from the security scenarios studied. It is likely that such a monitoring process will have to be supported by external experts.

Implications on security management
An effective and successful security risk management process poses many challenges to the ship operator, this as a result of the lack of guidance in combination with a complex and diverse situation beyond the control of the ship operator. The analysis is prescribed to be risk based, but the process of the analysis itself is ungoverned.
According to the analysis above, ship operators have reasonably clear decision alternatives and reasons to choose the alternative that best meets the utility (risk) estimates. However, there is no guidance on how to achieve relevant risk estimates for all possible alternatives and probability estimates. The reason for this can be found in the lack of explicit discussions on how, and that, the ship operator should: -Estimate how different threats (and other external aspects) interact with the crew's risk perception (and resulting effectiveness) in order to assess the utility of different control options, and -Estimate and validate probability estimates, especially given the tight coupling between the threats intent, the crew's preparedness and chosen controls.
There is also no guidance on how to structurally work with the effects of the crew's risk perception on the effectiveness of chosen risk reduction measures. There is also limited knowledge on how the crew's risk perception can be monitored. Hence, subjective aspects which lay beyond the ship operators' control impact the security threat analysis. This seems to be the fact for all aspects of the security risk management process.
Changes in safety risks are often a result of changes by the ship operator or in the onboard environment. However, for security risks, the situation can change dramatically even though there are no changes in the ship operation. Therefore, and to underline the complexity of the security risk management, Fig. 5 presents a cyclic version of the risk management developed from Fig. 1. As illustrated in Fig. 5, the ship security management process can be seen as highly iterative and depending on situations on board and beyond the ship operator's control. The illustration also shows the interdependencies between the processes, the situation on board and the political, economic and social situations in the areas transited and visited. The analysis of the risk management process shows that the work has to include these iterative aspects and interdependencies in order to support rational decision-making.
Figure 5 presents no effect on the external factors by the ship operators risk management, only on the ship security management from external factors. However, if the analysis and implementation is systematic and consistent by a majority of ship Fig. 5 Proposed conceptual model of ship security management. The process is not as straightforward as described by Fig. 1, and the process is affected by subjective situations in and out of the ship operator's organization and control. Note also that the situation on board is affected by the risk reduction and control performed by the ship operator and vice versa operators in a specific region, the security management can, in the long run, also affect the security situation. This can be seen off Somalia where the implementation of the BMP4 is one of the contributing factors for changes in the pirates' modus operandi and for reducing piracy (IMB 2013).
Ship security management is, however, not insurmountable, but in order to make it manageable and effective there has to be a focus on the critical aspects identified here and stated below.
In the risk assessment, the ship operator must put particular focus on the following: -Methodological understanding beyond what is described in the guidelines, especially in relation to how to achieve an output that is valid and effective, -Collecting relevant system understanding from a relevant combination of experts with knowledge about the particular external conditions (such as threats and their respective incentives as well as security initiatives) and internal conditions (such as education, training and usability of technical and administrative systems), but also about how the external and internal conditions interact, and -Using well-defined and communicated risk acceptance criteria that also include stressors to the crew and are based on a sound understanding on human factors.
In the risk reduction and control, the ship operator must put particular focus on the following: -Inclusion of all levels of the organization in the risk reduction implementation based on a sound human factors understanding, -Continuous and broad awareness when monitoring different activities that can directly and indirectly affect the ship security, and -The necessity to adapt countermeasures accordingly during voyage.

Discussion
By describing the available tools and methods for security risk analysis, consequences on crew and the situation of the African continent, this study examines the conditions for ship operators' ship security analysis. The aim is to examine how ship operators can, and should, prepare for security threats to give input to and support informed decisionmaking.
Today, there are fewer security incidents than safety incidents, but as safety efforts continue to become more effective and widespread, the relative effects of security incidents are likely to increase.
As a result of the extensive piracy off Somalia, the ship security development has been driven by concerned ship operators rather than regulatory bodies. That the development is coming from genuine needs has many positive aspects as supposed to a prescriptive development driven by legislation with a weak connection to needs of the shipping industry. However, the development today lacks a systematic collection of identified and learnt lessons. Therefore, the knowledge on ship security varies between different regions and ship operators, and development of existing guidelines is slow.
The understanding of safety (hazard-based) risks may come from objective historical accident statistics, while security (threat-based) risks must be described and presented using expert judgements based on knowledge and experience as well as objective data if available. Another factor making the process more complicated is that the link between consequences, evaluation criteria, risk control measures and crew preparedness is strong. An antagonistic threat will interact with the ships perceived level of security, i.e. the threat is dependent on the effectiveness of the ship operators' security analysis.
The analysis has shown that there is a need for guidance to ship operators on security risk analysis, both in forms of text guidelines and experts. There is also a need for noncommercial experts in relevant subject matter areas. Naturally, it is not possible to prevent or deter all possible threats. Nevertheless, resources need to be allocated for areas such as early warning, response and recovery efforts. If the ship operator chose to introduce and enforce ship security with a resilient perspective, it is an implied acknowledgement that all threats and risks cannot be deterred or prevented. Establishing a risk-free ship operation is not an option. Subsequently, the foundation of a resilient organization is having prepared individuals, organizations and communities which not only is a risk management issue but also a leadership challenge (Lindberg and Sundelius 2012).
One approach that could be useful for reducing the demands on the ship operator is to address generic capabilities, or robust, control options, i.e. risk control options that are insensitive to changes (Lindberg and Sundelius 2012). One such generic capability, with the capacity to meet and resolve many threats and hazards, is to create an effective safety organization where the crew is adequately trained and prepared. However, today, most seafarers feel that they have not received adequate mental preparation for traversing known zones of piracy.
Generally, it can be concluded that a well-functioning ship will be less affected by a high-risk environment. This because well-learned skills and well-rehearsed tasks require less attentional control, thus performance of these tasks are less affected by stress. Moreover, well-designed systems will enhance performance of a given task.
Given the above, it is necessary to develop preparedness programs that involve several industry stakeholders at company, legislative and political levels, but also specific education and training for the crew on ship security. These should include preparations before voyage, during voyage to strengthen social support of families and colleagues on board, mitigating procedures in case of attacks, in case of captivity and after release. An increased knowledge among personnel involved in supporting seafarers' awareness of possible stress reactions is needed.
Preparedness must include routines that cater for medical, emotional and material needs. Knowledge of having these routines in place gives a sense of increased personal safety and reduces stress.
When engaging in ship security research, it is common to meet a reluctance to discuss the analysis performed with the explanation that discussing ship security will give the threat an advantage. However, it must be realized that there is a difference between discussing the methods and tools and disclosing specific security measures for specific ships. Currently, ship security needs more sharing of information, methods and tools. Therefore, there is a need for implementing structured near miss reporting systems (Bichou 2008) and making use of the IMB lessons with piracy reporting. A crowd-sourcing tool, which is using an IT-based platform to collect knowledge of a whole community or sector, is an interesting approach for facilitating sharing information and finding new ways to enhance ship security. Such an approach for developing and testing strategies could probably come up with new security measures and strategies for shipping (see Hutchins (2013) for an example of how a crowd-sourcing tool was used to develop strategic options for military counter-piracy).

Conclusions
The article shows that the ship security management process is highly iterative and depends largely on situations on board as well as on situations out of the ship operator's control. A central capability, for ship operators exposed to possible security threats, is the ability to meet and resolve many different challenges.
In the risk assessment process, the ship operator must estimate how different threats interact with the crew's risk perception and estimate and validate probability estimates, especially given the tight coupling between the threats intent, the crew's preparedness and chosen controls. The ship security management is however not insurmountable, but in order to make it manageable and effective, the risk assessment has to focus on methodological understanding, relevant system understanding and well-defined risk acceptance criteria. The risk reduction and control has to focus on all levels of the organization in the risk reduction implementation, on a continuous and broad awareness when monitoring of the different activities and on adapting countermeasures accordingly during voyage.
In summary, much more can be done to support the ship operators in terms of suitable guidelines and tools, especially with regard to how to analyse the threats, the crew's risk perception and chosen controls. This development would ideally involve several industry stakeholders on company, legislative and political levels which also include the development of specific and continuous education and training for the crew on ship security.