The Indian government is preparing to significantly overhaul the country’s port security framework with the creation of a new statutory authority aimed at countering both physical threats and emerging cyber risks across its vast maritime infrastructure.
The proposed Bureau of Port Security (BoPS) will regulate and supervise security arrangements for ships and port facilities nationwide, reflecting growing concern within the government over vulnerabilities linked to trade expansion, digitised logistics and geopolitical tensions in the Indian Ocean region.
The decision was finalised at a high-level meeting chaired by Amit Shah on December 18, officials said. The meeting was attended by Sarbananda Sonowal and Ram Mohan Naidu, underscoring the government’s push for an integrated national security approach spanning sea and air transport.
A Statutory Push for Nationwide Port Security
Modelled on the Bureau of Civil Aviation Security, the BoPS will be established as a statutory body under the proposed Merchant Shipping Act, 2025 and will function under the Ministry of Ports, Shipping and Waterways.
According to an official statement, the new bureau will be headed by a senior Indian Police Service officer as director general and will exercise regulatory and supervisory control over security measures at ports and on vessels operating in Indian waters.
During a one-year transition period, the Directorate General of Shipping will double up as the interim leadership of the new body, ensuring continuity while the institutional framework is put in place.
Intelligence-Led and Risk-Based Safeguards
At the meeting, Shah emphasised the need for a strong, intelligence-driven port security architecture capable of responding to varied threat profiles across India’s coastline.
He directed that security safeguards should be implemented in a graded, risk-based manner, taking into account factors such as cargo volumes, port geography, strategic importance and local vulnerabilities. Officials said this approach would allow authorities to prioritise high-risk ports without disrupting commercial operations at smaller facilities.
The discussions also explored how best practices developed in maritime security could be adapted to strengthen aviation security systems, reflecting the government’s broader focus on cross-sectoral resilience.
Cybersecurity Takes Centre Stage
A central pillar of the proposed bureau’s mandate will be cybersecurity, an area that has gained urgency as ports increasingly rely on automated cargo handling, digital customs platforms and networked logistics systems.
“The BoPS will ensure timely analysis, collection and exchange of security-related information, with a special focus on cybersecurity,” the statement said, adding that a dedicated division would be created to protect port information technology infrastructure from cyber intrusions and sabotage.
Security officials have privately flagged concerns that ransomware attacks or data breaches at major ports could disrupt supply chains, compromise sensitive trade data or even pose national security risks.
Role of CISF and Private Security Agencies
The government has designated the Central Industrial Security Force as the recognised security organisation responsible for conducting port security assessments and preparing security plans. The Central Armed Police Forceswill oversee the training of private security agencies deployed at ports.
Only licensed private security agencies will be permitted to operate in the sector, with new certification and regulatory mechanisms planned to prevent untrained or unauthorised operators from handling sensitive port security duties.
Officials say the measures are intended to professionalise security operations at ports that handle a majority of India’s imports and exports by value.
As India expands its maritime footprint and positions itself as a global logistics hub, the proposed Bureau of Port Security signals a shift toward tighter oversight—one that treats ports not just as commercial gateways, but as critical national infrastructure increasingly exposed to digital-age threats.
