What we can learn from the TSA
How the administration inadvertently made physical security practitioners even more fiscally conservative
Often when SecurityInfoWatch.com interviews security directors, we ask them about what technologies they are investing in. The answers are pretty much what you might expect: access control systems, cameras, more intrusion alarm systems. We always wait with baited breath for the one who says, yes, we just spent $1 million on a new brand new facial recognition solution to grant access to individuals for the C-suite level of our office tower -- but we never hear that. The fact of the matter is that security budgets are tightly watched budgets, and most security managers are conservative spenders. In fact, the fiscally conservative nature of corporate security managers is so good, that I don't sometimes wonder why we don't have these men and women move up to Washington and to our state capitals to fix all the budget shortfalls.
Well, here's another story of caution that should keep our industry fiscally responsible. Back in 2008, there was a very real worry that terrorists might try to board planes with explosives and then detonate them in mid-air. As the "Christmas-Day" bomber's attempt later attested, the threat was real. This was before the era of the new body scanners that allows the TSA to see you naked, if you will, and the technology on the market was one called "puffers". These were the machines that used a puff of air to ostensibly dislodge particles from clothing, skin, etc. Those particles would then be scanned by an electronic nose, which would seek to identify if those particles registered positive for trace levels of explosives.
In theory, it was a a great system. Even explosives wrapped in plastic were likely to allow some trace that could be detected. In the lab, it was a great system. It seemed to work successfully. Companies like GE and Smiths Detection won contracts to deploy these technologies. The U.S. Transportation Security Administration spent an estimated $30 million dollars to buy about 200 of these machines at around $150,000 each. To put this cost in perspective, every man, woman and child in the United States would have had to line up and drop a dime in the basket to allow us to pay for this failed technology. Considering that every man, woman and child in our nation effectively donates $26.05 to be spent solely by the TSA every year, maybe that $30 million doesn't seem like a lot, but $30 million still is unquestionably "a lot".
The problem was that these machines didn't work well in the field. False positives and maintenance issues plagued the machines, and the program was eventually tabled before even half of the 434 planned units could be put in place. Most persons credit the cleanliness of the airport environment as the problem, and the machines were highly susceptible to dust and humidity. The program finally died quietly late last year, with the last puffer machine taken out of service.
It's the kind of story that keeps corporate security managers leery of new technology. In fact, I've never heard a single corporate security director say that they want to be the first to buy into new technologies. Biometrics, for example, has been around for years and years, but there is still a lot of suspicion about their effectiveness. The same has gone for video analytics, and to some extent even PSIM, according to a group of vendors I spoke with yesterday.
I think the concept to work on here is a failure threshold. We are all destined to have failures, and I hope that truth doesn't deflate anyone's ego. The question is how much are we willing to spend to find out whether something will be a success or a failure. As you consider your future technology implementations, I suggest you think about the amount of money you're willing to spend to find out whether something will work. Perhaps the TSA could have set that threshold at $2 million or $10 million. Certainly there is a cost of “finding out”, but it's a number that any technology buyer has to define – unless, of course, you have an $8.1 billion budget like the TSA.