The security week that was: 01/08/10

It's been a mess of a couple weeks for air security. First there was the attempted bombing on a Northwest flight on Christmas Day that pointed out all sorts of intelligence errors, information sharing errors and weaknesses in our watch lists and in global adoption of technology that could have spotted items hidden on a passenger's body.

Then there was the incident at Newark where a man was able to run through the passenger exit and access the secure side of the airport. That incident was also a cascading failure. First off, you had a TSA officer abandon his post. Then you had the problem that the cameras watching that exit lane were not working. Then you had the fact that the TSA operatives there didn't know how to access other CCTV systems from an airline.

What's the shake-out to these incidents? Well, the TSA first issued this response about how exactly it ignores the "concentric rings" approach to security at a checkpoint by allowing the camera system to be down at the same time an officer abandons his post. Ok, yes, that was a joke link: this is what the TSA finally issued as an actual response to the Newark breach.

The interesting thing on the surveillance system at Newark is that it is maintained by the Port Authority, so TSA isn't actually responsible for ensuring that it is running. That appears to be a point where greater communication and partnering is needed. They've also since changed the staffing procedures at that exit lane; presumably this would mean that it will always be staffed and that if post abandonment occurs, there will be someone to fill in. They placed the officer on administrative leave (why he's not fired I'm unclear, considering the total cost of him abandoning his post and the delays for thousands of travelers). The rest of the TSA's statement is general filler "working together", "reviewing the incident", etc., that offers very little information. [On a side note, there are certainly companies that have demonstrated video analytics capabilities that could be used as back-ups for spotting wrong-way motion at airport security exits; some companies' technologies are already used for such applications. We may see some adoption there.]

Now onto the bigger issue, which didn't involve some guy running in to kiss his girlfriend goodbye. The Christmas Day bombing attempt raised so many red flags that the incident looks like Flag Day all over again.

Here's what DHS Secretary Napolitano made as recommendations for improving aviation security in the wake of the Christmas Day bombing attempt:

  • Re-evaluate and modify the criteria and process used to create terrorist watch lists—including adjusting the process by which names are added to the "No-Fly" and "Selectee" lists.
  • Establish a partnership on aviation security between DHS and the Department of Energy and its National Laboratories in order to develop new and more effective technologies to deter and disrupt known threats and proactively anticipate and protect against new ways by which terrorists could seek to board an aircraft.
  • Accelerate deployment of advanced imaging technology to provide greater explosives detection capabilities -- and encourage foreign aviation security authorities to do the same -- in order to identify materials such as those used in the attempted Dec. 25 attack. The Transportation Security Administration currently has 40 machines deployed throughout the United States, and plans to deploy at least 300 additional units in 2010.
  • Strengthen the presence and capacity of aviation law enforcement—by deploying law enforcement officers from across DHS to serve as Federal Air Marshals to increase security aboard U.S.-bound flights.
  • Work with international partners to strengthen international security measures and standards for aviation security.

Key points here for the technical side of our industry are 1) research into advanced technologies (see some advanced security technology ideas in this article) and 2) deploy advanced imaging technology. Still, we're talking about 300 imaging units added in 2010. The problem is that when you spread 300 more imagers across this list of FAA recognized primary airports, you have some serious coverage issues.

The fifth point that Napolitano made was about working with international partners. This seems to me to be the really weak point here. We have little leverage to force foreign airports to deploy expensive technology or to train their staff (or manage their staff) as professionally as the TSA does. And, yes, I do think the TSA does a very good job overall. Over the last few years, I've talked with so many TSA employees and they generally are well-trained. And when I was recently flagged for having a half ounce more toothpaste than was allowed, I grumbled some (OK, a lot!) but ultimately respected the fact that the officer paid enough attention to something as mundane as toothpaste.

What's next after we fix aviation security? I was on the phone yesterday with Bob Hayes, who leads the Security Executive Council. Bob and I were both agreeing that as soon as we get airline/aviation security buttoned down, the terrorists are going to look elsewhere. Where will that be? I suspect it would be locations that are even easier to access like mass transit commuter trains. It's a scary proposition, but it's reality of changing vectors in our industry.