Event summary – next steps for critical maritime infrastructure protection in the North Sea

Securing infrastructure and the green transition in the North Sea: Symposium on Critical Maritime Infrastructure Protection, 23 May – 24 May 202, Edinburgh Climate Change Institute (ECCI), University of Edinburgh

The North Sea is a vital strategic space for European energy markets and in the green transition. As a regional sea it has become a densely industrialized space of infrastructures. It is vulnerable to a broad array of threats, ranging from accidents and user conflicts to crime, terrorism, and threats from state adversaries.

Since the Nord Stream attacks in the Baltic Sea of 2022, there is an elevated level of awareness for these threats. An expansive Critical Maritime Infrastructure Protection (CMIP) agenda is emerging to address them. Governments, international organizations such as the EU and NATO, and industry have taken important steps to upscale CMIP in the region, including through enhanced surveillance, exercises, and the introduction of new mapping, reporting and information sharing systems.

Reviewing current solutions, identifying the gaps

This two-day symposium brought together 45 experts from the energy industry, service industry, government, military, academia, and international organizations active in the North Sea to review these measures underway and discuss the gaps and hindrances in improving CMIP.

Drawing on the insights of a first symposium held in Copenhagen in November 2023 – which focused on threat and criticality assessments, and coordination challenges – the discussions addressed the challenges arising as the CMIP agenda progresses. These included the legal and regulatory frameworks governing the protection of offshore assets, and the technical and operational challenges of monitoring and responding to threats in the maritime domain.

A key theme that emerged was the complex and often fragmented nature of the current governance arrangements, with multiple actors and jurisdictions involved and no single authority responsible for the security of offshore infrastructure.

Legal hurdles

Participants noted that the United Nations Convention on the Law of the Sea (UNCLOS) – while providing a basic framework for the rights and responsibilities of states in the maritime domain – leaves gaps and ambiguities when it comes to the protection of offshore infrastructure.

States have divergent interpretations and practices regarding the scope of their jurisdiction and the measures they can take to safeguard their interests, leading to potential conflicts and inconsistencies. There were concerns raised about the abuse of UNCLOS for lawfare and the lack of coverage for espionage activities within the convention.

Competition between users of the sea

Another major challenge identified was the increasing competition for space and resources in the North Sea, as the expansion of offshore wind farms, cables, pipelines, and other activities puts pressure on traditional users such as fisheries and shipping.

Participants discussed the need for better maritime spatial planning and coordination among different sectors to minimize conflicts and ensure the sustainable development of offshore resources. Compensation mechanisms for industries affected by offshore infrastructure development, such as fisheries, were also discussed.

Aquaculture farm on Shetlands

The problem of attribution

The event also highlighted the growing threat of malicious acts against offshore infrastructure, ranging from terrorism and sabotage to cyber-attacks and hybrid warfare. Participants emphasized the difficulty of attributing responsibility for such acts in the maritime domain, where the identity and intentions of actors may be unclear, and the evidence may be limited or ambiguous.

The implications of attributing malicious acts to state actors were also discussed, as this could lead to escalation and further tensions. They stressed the need for better intelligence sharing and cooperation among states and industries to detect and deter potential threats.

Who pays for what?

The role of the private sector in securing offshore infrastructure was another key topic of discussion. Participants noted that most critical assets, such as subsea cables and oil and gas platforms, are owned and operated by private companies, who have the primary responsibility for their protection. However, they also acknowledged the limits of private sector capabilities and the need for government support and intervention in certain situations.

The question of who should pay for asset damage and increased security costs was debated, specifically whether costs should fall on companies or whether governments should bear more of the burden. Tight profit margins in the offshore renewables sector were highlighted as a challenge for absorbing and approving additional security costs, especially when the official government threat level is low, and the nature of the threat is unclear.

This can create tensions between the need for security and the economic viability of offshore projects. Whether the green transition should focus on low energy prices or high security and safety standards that take threats from state adversaries into account will remain a pivotal dilemma in the debate.

Cable landing station in Shetlands.

Insurance and litigation

There were also discussions on the difficulties of pursuing private legal cases against accidental damage to offshore infrastructure, as the process can be lengthy, costly, and complicated by jurisdictional issues and the limitations of UNCLOS.

Insurance was identified as a crucial tool for managing the risks to offshore infrastructure, but participants also highlighted the challenges of insuring against novel and emerging threats such as cyber-attacks and hybrid warfare.

They discussed the potential for innovative insurance models, such as club-style arrangements where multiple operators pool their resources and share the risks, as well as public-private partnerships where governments provide backstop coverage for catastrophic events. The differences and ambiguities in designating assets as critical national infrastructure were also noted, as this can impact insurance coverage and government support.

Planning ahead

Participants also emphasized the importance of building security considerations into the design and operation of offshore infrastructure from the outset, rather than treating it as an afterthought, which is more expensive. They called for the development of industry standards and best practices for the security of offshore assets, as well as the incorporation of security requirements into regulatory frameworks and permitting processes.

However, there were tensions identified in adding government and military surveillance technologies to offshore assets, as this could raise concerns about data protection and the militarization of civilian infrastructure.

The symposium also explored the potential for using existing environmental protection frameworks, such as the OSPAR Convention for the Protection of the Marine Environment of the North-East Atlantic, to enhance the security of offshore infrastructure. Participants noted that many of the measures aimed at preventing and mitigating environmental harm, such as monitoring, reporting, and emergency response, could also serve security purposes.

Wind farm, Image by Ben Kerckx from Pixabay

One, or many information sharing systems?

Participants discussed the competing information reporting mechanisms currently developed. The Belgian government is developing a dedicated system for the North Sea, called NorthSeal which is expected to be operational in October 2024. The UK is advancing a reporting system for companies operating in British waters which is led by the Joint Maritime Security Center.

NATO is close to opening a new centre dedicated to subsea infrastructure protection which is part of the Maritime Command. It plans to have a system for mapping and reporting soon. Likewise, the European Union is developing its Common Information Sharing Environment (CISE) for this purpose and has recently installed a new expert group which looks at underwater installations.

This fragmentation can lead to duplication of efforts, gaps in coverage, and difficulties in coordinating responses to incidents. The need for streamlining and harmonizing reporting mechanisms was emphasized. This does not necessarily have to entail the centralization of mechanisms but should be comprised of attempts to better network the networks.

The societal dimension

Finally, participants discussed the broader social and economic implications of offshore infrastructure development, including the impact on coastal communities and the need for a just transition to a low-carbon economy.

They highlighted the importance of engaging with local stakeholders and ensuring that the benefits of offshore development are shared equitably. This is not the least to mitigate risks linked to protest by civil society groups or risks that state adversaries exploit local grievances.

What if a next act of sabotage happens?

The symposium concluded with a discussion of a future scenario and the impact it would have for the CMIP agenda. The scenario was series of incidents involving a cut of a subsea data cable and a gas pipeline accident occurring simultaneously with links to fishing vessels and ‘dark’ vessels. The discussion highlighted the challenges of coordinating a multi-stakeholder response to a complex maritime security incident, as well as the potential for confusion, delays, and gaps in information sharing.

Participants identified several areas for improvement, such as the need for clear protocols and communication channels, the importance of joint training and exercises, and the value of pre-established relationships and trust among different actors.

Whether or not another major incident would present a tipping point leading to a larger re-evaluation of the CMIP agenda was contested. Some participants suggested that stakeholders are on the right track and that this would be proven by any future incident. Others indicated that current measures are insufficient and that another incident would trigger additional resources for CMIP.

The importance of multi-stakeholder dialogues

Overall, the symposium provided a valuable forum for dialogue and exchange among experts from different fields and sectors and generated a range of insights and recommendations for strengthening the security of offshore infrastructure in the North Sea.

Participants agreed on the need for continued collaboration and coordination among all stakeholders to address the complex and evolving challenges facing this vital region. Academia can be an important facilitator of this discussion and collaboration, given the absence of business interests.

Organizers

The event was organized, facilitated and supported by the University of Copenhagen–University of Edinburgh Strategic Partnership, and SafeSeas – the research network for maritime security and ocean governance. The event supports the growing agenda of the Critical Maritime Infrastructure Protection Research Alliance (CMIRA). A summary of our prior events and activities can be found here. The event summary was written by Andrew Neal and Christian Bueger.