Sanctions

CTPAT – Minimum Security Criteria for Cybersecurity

ByGTCrepost

CTPAT Members must have comprehensive written cybersecurity policies and procedures to protect information technology (IT) systems. The written IT policy, at minimum, must cover all of the individual Cybersecurity criteria.To defend Information Technology (IT) systems against common cybersecurity threats, a company must install sufficient software/hardware protection from malware (viruses, spyware, worms, Trojans, etc.) and internal/external intrusion (firewalls) in Members' computer systems. Members must ensure that their security software is current and receives regular security updates. Members must have policies and procedures to prevent attacks via social engineering. If a data breach occurs or another unseen event results in the loss of data and/or equipment, procedures must include the recovery (or replacement) of IT systems and/or data.CTPAT Members using network systems must regularly test the security of their IT infrastructure. If vulnerabilities are found, corrective actions must be implemented as soon as feasible.A system must be in place to identify unauthorized access of IT systems/data or abuse of policies and procedures including improper access of internal systems or external websites and tampering or altering of business data by employees or contractors. All violators must be subject to appropriate disciplinary actions.Cybersecurity policies and procedures must be reviewed annually, or more frequently, as risk or circumstances dictate. Following the review, policies and procedures must be updated if necessary. User access must be restricted based on job description or assigned duties. Authorized access must be reviewed on a regular basis to ensure access to sensitive systems is based on job requirements. Computer and network access must be removed upon employee separation. Individuals with access to Information Technology (IT) systems must use individually assigned accounts. Access to IT systems must be protected from infiltration via the use of strong passwords, passphrases, or other forms of authentication and user access to IT systems must be safeguarded. Passwords and/or passphrases must be changed as soon as possible if there is evidence of compromise or reasonable suspicion of a compromise exists.Members that allow their users to remotely connect to a network must employ secure technologies, such as virtual private networks (VPNs), to allow employees to access the company’s intranet securely when located outside of the office. Members must also have procedures designed to prevent remote access from unauthorized users. If Members allow employees to use personal devices to conduct company work, all such devices must adhere to the company’s cybersecurity policies and procedures to include regular security updates and a method to securely access the company’s network.Cybersecurity policies and procedures should include measures to prevent the use of counterfeit or improperly licensed technological products. Data should be backed up once a week or as appropriate. All sensitive and confidential data should be stored in an encrypted format. Media used to store backups should preferably be stored at a facility offsite.All media, hardware, or other IT equipment that contains sensitive information regarding the import/export process must be accounted for through regular inventories. When disposed of, they must be properly sanitized and/or destroyed in accordance with the National Institute of Standards and Technology (NIST) Guidelines for Media Sanitization or other appropriate industry guidelines.

Similar Posts

31,560 Shipments Were Seized by CBP in 2016 for ONE Reason

31,560 Shipments Were Seized by CBP in 2016 for ONE Reason

ByJennifer Diaz

Last year, on a typical day the U.S. Customs and Border Protections (CBP) seized about $3.8 million worth of products because of Intellectual Property Rights (IPR) Violations. CBP reported that the total number of IPR seizures has increased nine (9) percent since last year, from 28,865 in 2015 to 31,560 in 2016. With the manufacturer’s suggested retail price (MSRP) exceeding $1.3…

Navigating the Complexities of Friendshoring in Canada’s Trade Strategy

ByGTCrepost

As geopolitical issues continue to disrupt global supply chains, the Canadian government, like many others, is seeking to enhance friendshoring ties and trade with safe and friendly nations. However, a recent report from the Conference Board emphasizes the need for governments to establish firm goals and understand the downsides as well as the opportunities of…

Enhance Your Knowledge in Logistics and Supply Chain Management

Enhance Your Knowledge in Logistics and Supply Chain Management

ByGTCrepost

If you’ve ever considered expanding your expertise in the dynamic field of logistics and supply chain management, now is the perfect time to take the plunge. We are excited to introduce our new course format that closely follows the highly acclaimed Logistics Textbook, ensuring you acquire relevant and up-to-date knowledge. Here’s a preview of what…

Indonesia

Understanding Bank Indonesia ‘s Monetary Policy

ByAnnik Sobing

Indonesia ‘s central bank, Bank Indonesia (BI), has recently announced its decision to maintain the key interest rates through the third quarter of this year. This move aims to mitigate the challenges posed by a weak rupiah and create a favorable environment for economic stability. A Reuters poll suggests that a potential rate cut in…

Lost Bill Of Lading Requirements & Procedures

Lost Bill Of Lading Requirements & Procedures

ByGTCrepost

This article is informational and describes requirements if ever found in an unpleasant situation, such as misplacement or loss of the most important document in the shipping industry. As the title suggests, the procedures and requirements surrounding a lost Bill of Lading are both very complex and detailed. Contracts of Carriage are commonly issued in…

Addressing Supply Chain Issues: New Bill Aims to Deter Labor Slowdowns at West Coast Ports

Addressing Supply Chain Issues: New Bill Aims to Deter Labor Slowdowns at West Coast Ports

ByGTCrepost

The recent International Longshore & Warehouse Union (ILWU) labor slowdowns at West Coast ports have caused significant disruptions to the supply chain, leading to vessel and truck backups and impacting key transportation operations. In response to these issues, Idaho Republican Senator Jim Risch has introduced legislation in the Senate to address the widespread supply chain…

Leave a Reply