Trying to secure the Super Bowl was nothing compared to the upcoming Olympic Games. The logistics involved in coordinating all the teams and athletes along with security personnel from numerous agencies should probably be considered an Olympic event all in itself.
Canada will spend about $900 million (U.S.) to keep the Games safe (up from initial estimates of $175 million!), according to this article in USA Today, but the U.S. is not just sitting back and enjoying the games.
Vancouver’s proximity to the United States— just 30 miles from the U.S. border crossing in Blaine, Wash. — has spurred an extensive security effort on the U.S. side, much of it focused on an 80-mile stretch of the Northwest border from the Pacific Coast to the western slopes of the rugged Cascade Range.
From a post in Bellingham, Wash., the U.S. government has built a $4 million communications center that will house law enforcement, public health and military analysts, with a total of 40 agencies represented.
The article said there has been about 12 drills in preparation for the Games. These drills range from bomb threats to biological threats along with drills to intercept aircraft and threats on the coast. With all this training and preparation, it’s not just the athletes who are preparing to give their best performance, and, unfortunately, security has no choice but to win every time.
In recent months I’ve spent a lot of time reading, talking, thinking and writing about aviation security. But, there’s nothing like seeing some of these processes in real life. In case you missed my series of live blogs, I was in Florida this week attending TechSec Solutions. As usual, I flew out of the Portland Jetport in all of its 11-gate glory.
Unless you’re flying out at 6am, getting through security in Portland is a breeze. I noticed, first of all, that there seemed to be an unusually large number of TSA workers on duty. I counted six behind one of two baggage screening stations, most of whom were sitting around the back, well, chatting. On my way through security there were also two Portland police officers stationed at the end of the security line observing passengers coming through the screening process.
THEN, as I was boarding my plane, I got pulled aside for secondary bomb-detection screening. While, I was slightly excited to experience this screening measure firsthand, I still had that slight moment of panic, because, well authority can be intimidating. (I tried to get Sam, who was also on the same flight, to take a picture to share with my loyal blog readers, but he balked saying it was illegal or some weak excuse like that.)
Anyway, while I certainly understand the nature of these additional security measures, I couldn’t help but think that these various resources could perhaps be better used somewhere else? Did I mention Portland only has 11 gates? That’s right, 11. In about a 200-yard space. Here I am in JFK on my way back to Maine and, comparatively, there’s much less security. I did watch two Port Authority police officers escorting a Garda security officer restock an ATM, but other than that, security has been much less prominent. Perhaps they’re just better at being discreet here in the big city.
Apparently, I’ve been distracted lately and haven’t had ports on my radar because two fairly significant changes to port security just came to my attention (not to worry, I’ve adjusted my Google alerts appropriately).
The first is that the Obama administration has apparently just dropped this whole 100 percent cargo screening initiative that was due to take effect in 2012. Well, perhaps that’s misleading. It’s not there are no longer efforts to increase screening of cargo, but rather that it’s finally being accepted that screening 100 percent of the 11.6 million containers that enters U.S. ports every year is, well, unfeasible.
As I mentioned earlier, I’m a little chagrined that I missed what seems to be such big port security news, but after I spoke with Aaron Ellis, director of communications for the American Association of Port Authorities, apparently this fell under the radar of a lot of other folks as well. After Napolitano suggested in one of her many appearances before Congress that this wasn’t going to happen, Ellis told me that there wasn’t a lot of reaction from the port community.
“This was a bit of foregone conclusion,” Ellis said. “There was enough building up to this point that I think, at least our port members felt like: ‘Was there any other choice at this point?”
He explained that the burden of this legislation would really fall on shippers, not so much ports, UNLESS there was a demand for reciprocity by foreign ports.
“There was some concern from ports had if the U.S. required to scan all containers before loaded at foreign ports wouldn’t foreign countries want the same over here? That was the bigger concern.”
For more on that, here’s a great article by the Heritage Foundation about implementing risk-based screening, which highlights layered security measures that can do an equally good job of protecting our ports, without running the danger of crippling commerce.
The other big piece of news that I missed (but only by two days) is about the official implementation of the long-awaited “Importer Security Filing and Additional Carrier Requirements” (A.K.A. The 10+2 rule) on Jan. 26. Here’s more detail from Logistical Management:
In its most basic form, 10+2 requires importers and carriers to electronically submit additional information on cargo at least 24 hours before ocean freight is loaded onto a vessel bound for the U.S.
This additional information requires importers to provide 10 data elements and vessel carriers to provide 2 data elements on containers and their cargo to Department of Homeland Security’s U.S. Customs and Border Protection group. This information will add to the information available to CBP and improve its ability to identify containers that may pose a risk for terrorism for additional scrutiny like scanning or physical inspection, according to an October 2009 report by the United States Government Accountability Office on Supply Chain Security.
By collecting more information from shippers about the contents of containers, those charged with security will have a better sense of what shipments need to undergo additional screening, without having to screen ALL cargo. Nice to know there’s finally some common sense being applied to port security, isn’t it?
I have counterterrorism on the brain these days. Prior to my attendance at the Private Sector Counterterrorism Awareness workshop (sponsored by the Maine Emergency Management Agency in collaboration with DHS) I hadn’t really thought that much about the role of the private sector in such efforts. And to be honest, living in Maine doesn’t exactly bring to mind concerns of terrorism, but apparently that’s exactly the wrong attitude.
As security professionals well know, one must be prepared for everything - all the time. There’s no such thing as “this can’t happen to me” any more. I’ll have a complete wrap-up of my experience at this event for Newswire (if you just can’t wait, check out my live blogging attempt here), but wanted to pass along another opportunity to learn about a slightly different aspect of combating terrorism.
The Webinar will include the impact of social networking and virtual worlds on intelligence collection. During the Webinar Edward Roche, a professor of Intelligence Technology at Henley-Putnam University, will discuss topics including methods of intelligence gathering and surveillance through social networks; actions being taken by law enforcement and intelligence agencies to monitor and combat terrorism through social networks; and the legal implications of using the Internet as a medium on intelligence gathering.
It’s 8am and here I am in Augusta, Maine attending the “Private Sector Counterterrorism Awareness” workshop hosted by the Department of Homeland Security and the Maine Emergency Management Agency. So far, the cinnamon buns are delicious and the coffee is most needed (I’m not exactly a morning person). I’m very anxious to hear what DHS has to say about the role of the private sector in the government’s effort to battle terrorism.
Rob MacAleer, director of MEMA is on:
Begins by talking about possibility of homegrown terrorism and the impact that could have on the security of our country. Asks participants to take away from this the ways that they can change the way they do business and a new found awareness and bring this back to their community and help us meet this challenge.
8:27
Larry Barrett will be the primary presenter.
This program is designed to enhance the knowledge of the private sector security professionals by providing exposure to key elements of improvised explosive device awareness, soft target awareness and surveillance techniques.
“The private sector is important because critical infrastructure is owned not by the government, but by the private sector, I’d say about 85 percent.”
National Efforts:
Use of IEDs represents the most likely domestic threat to the U.S.
The importance of building a culture of preparedness and common responsibilities. Role of everyone in this effort, many terrorism acts have been interrupted by awareness and vigilance.
Concept of “steady state” and the ongoing security plan of private companies. What you do for security on a daily basis. Compared to “threat initiated” which is what a company does if something happens. What are your procedures in a bomb threat, for example.
Barrett said that often companies are not prepared for terrorist attacks and those that is often not part of their plans.
8:51: Watching an overly-dramatic DHS video on the definition of terrorism. Sorry, but that was a little over the top - I think it was the voice-over that made it seem too Hollywood. My opinion, obviously.
9:04am: Talked about trends in terrorism. Some bomb-making tactics and the progression of IED development.
9:15: Break time is coffee time.
9:37:
Bob Hayworth talks to us about IED awareness: If you know the threat at least there’s improved situational awareness about how to respond and keep yourself alive as well as how to plan and communicate that to others.
10:16
Talking about how easy it is to use common products to construct IEDs. Things to be aware of: Suspicious mail or packages has way too much postage and weight tends to be poorly distributed with too much on one side. Also oil stains another indicator. Package rarely addressed to a specific person often just a title. No return address.
10:31 Awareness of terrorists targeting secondary sites such as the incident site and emergency vehicle staging area. Making a threat on a building, for example, where there’s likely a good amount of security and forcing administrators to evacuate people to a parking lot where there’s little to no security and that’s where there’s the most vulnerability.
10:47If you come upon a device, here’s what your immediate actions should be:
1. do not touch suspicious items
2. notify proper authorities/call 911
3. determine approximate evacuation distance
4. communicate evacuation need to staff, visitors and public
5. ocnduct evacuation
6. prevent others from approaching
7. ensure persons that located suspicious device remains avl to brief police
10:52When it comes to making your evacuation or business continuity plans, keep it simple.
“The more complicated you make a plan, the more likely it’s going to fail on game day.”
1:15 Back after lunch.
Now we’re into the good stuff. This is all about security planning. Identify threats, identify vulnerabilities to a terrorist attack and then identify the most appropriate measures to reduce the risk. Making sure that it’s not easy for a terrorist to drive a truck packed with IEDs near your building.
Ensure your communication methods work with others. Example of plan that had right equipment in place to communicate, but didn’t have anyone identified to make sure the batteries were charged.
1:25 Here are some highlights and bullet points:
Need some type of system to alert employees and need information system to get that out to them.
Do walk throughs with police so they’re familiar with facility and do it regularly.
All threats are not created equal.
Treat all threats seriously.
Background checks of employees to help protect assets
Do a general observation of your facility. Look at it like a terrorist and look for vulnerabilities. Where could this person watch me from? Where can I be observed from?
During a bomb threat, who’s going to look for the bomb? Don’t expect the bomb squad to do that. Is it part of your plan?
1:42One more module to go. Who’s with me?
Terrorists are smart and often conduct lengthy surveillance operations to select targets, assess security and gather information.
It’s important to recognize suspicious activity and identify:
What is suspicious?
What is normal?
It all comes down to your:
Experience
Judgment
Common sense
And it’s critical to conduct surveillance on yourself. Use the knowledge of your facility to identify vulnerabilities and critical assets and become familiar with what is “normal” in your facilities and surrounding areas.
And, most importantly, train your employees to do the same. They should be aware and tuned into suspicious persons and be educated on how to react and who to contact.
Terrorism training should be part of your security plan. Review and update it regularly.
Counterterrorism is everybody’s job.
End of session. There will be a more detailed review of this session in our upcoming newswire.
UPDATE: Go here to watch a video with Bill DeLong, director of Homeland Security for the state of Maine, about why these sessions are so important for members of the private sector.
There’s no let up to this debate about whether or not full-body scanners should be more widely adapted in aviation security. An article in the Huffington Post claims that during a test of the technology on a German television show, the scanner was unable to detect some of the components on a person’s body.
Schneir on Security concludes, “Full-body scanners: they’re not just a dumb idea, they don’t actually work.”
But there are a lot of people in the industry saying that this technology is far more effective than what is currently being deployed. There are obvious limitations to metal detectors and basically nothing in place (other than pat downs) to identify objects on people’s bodies. But, I think the most important thing to keep in mind is that there is no silver bullet for improving security in airports. While improved technology certainly plays a part, better training of employees is equally critical, as is improved communication and intelligence gathering.
According to this press release, Secretary Napolitano met with with members of the International Air Transport Association—which represents approximately 230 airlines and more than 90 percent of the world’s air traffic—in Geneva in an effort to work with the airline industry to meet both international and U.S. Transportation Security Administration security standards.
She outlined four broad areas for international public-private collaboration that will help bolster efforts to protect the aviation system while facilitating legitimate travel: improving information collection and analysis; increasing information sharing and collaboration in passenger vetting; enhancing international security standards; and deploying new screening technology.
Since the Christmas day terrorist attempt, the TSA has issued new security directives, including enhanced screening for anyone holding a passport issued by “nations that are state sponsors of terrorism.”
Nothing’s going right for the Transportation Security Administration lately. The Washington Post is reporting that Erroll Southers, on the year anniversary of no one being in charge of the TSA, withdrew his nomination to lead the embattled agency, citing “political ideology” as the primary obstruction to his confirmation.
“It is clear that my nomination has become a lightning rod for those who have chosen to push a political agenda at the risk of the safety and security of the American people,” Southers said. “This partisan climate is unacceptable and I refuse to allow myself to remain part of their dialogue. The TSA has important work to be done and I regret I will not be part of their success.”
As you may recall, Southers was facing conflict during his Senate confirmation, specifically from Sen. Jim DeMint who announced he would block Southers’ nomination due to collective bargaining issues.
Well, now we’re back to square one and there’s still no one at the helm of this agency. A spokesperson for the Obama administration did not say when the president might name a new TSA nominee or if the White House will just nominate Acting Administrator, Gale Rossides, to the job full-time.
During this ridiculous process I’ve been talking to all my aviation folks about what they think about Southers’ nomination. Without naming names (because this is a blog and I can get away with that), the majority of security people feel remarkably similar about Southers. First of all, no one was overly excited about him. Some said flat out he didn’t have the experience to run the agency, while others said they thought he had enough qualifications and would make an okay administrator.
But, the one thing everyone agreed about, is that this is a job nobody wants. There’s been speculation that five or six people were floated for this job with no takers. And who can blame them? Not many people would want to inherit such a dysfunctional agency and be the one to take all the blame when things go wrong (which they obviously have been lately).
But, that only means the TSA needs exceptionally strong leadership right now. It needs direction and vision and someone who is willing to go all in and probably take one for the team. It’s officially been a year since someone was in charge of the TSA - who’s going to step up?
The New York Times yesterday published a fairly in-depth article about additional warning signs the administration made that could have prevented the Christmas Day terrorist attack.
While the article notes that the intelligence community was very in tune with monitoring information coming out of Yemen, it was still unable to pull together and interpret the information it received in order to identify Umar Farouk Abdulmutallab as a potential suspect.
They apparently also had intelligence information disclosing a December 25 date, but due to a shortage of intelligence analysts and a system that the Times describes just short of clunky, inhibited the intelligence community’s ability to “connect the dots.”
At the National Counterterrorism Center just outside Washington, where specialists can draw on streams of information from more than 80 databases across the government, two teams of intelligence analysts worked on different parts of the same problem. Yet they never collaborated to piece together clues about the Christmas Day attack that were coming in.
And, as a result, the Obama administration now says the counterterrorism center needs personnel assigned solely to follow up on all tips.
Apparently, all this finger pointing has caused heightened tensions among these different agencies. The one thing I think we can all agree on is that it’s time to learn from these mistakes, improve the system to avoid such failures in the future and move forward. Because we know a little failure isn’t going to stop those who wish us harm.
The TSA just can’t get a break lately. It’s been made very clear to the public by the President and Secretary Napolitano that there needs to be some major improvements to the government’s system of gathering intelligence. But the media just can’t let it go. Now ABC News is reporting that an 8-year-old boy is on the government’s watchlist. Of course, the boy is not really on the watchlist, but rather someone who shares his name, but according to the kid’s mom, he has had to undergo secondary screening since he was two.
I agree with the mother (and probably the majority of the American public) that this is pretty ridiculous. This child obviously poses no threat to aviation security and there’s really no need to pat the little guy down. However, keep in mind the TSA is only following procedure. Individual screeners don’t get to decide whether or not it makes sense to pat down an infant, they just have to do it.
But the system obviously needs tweaking. A TSA spokesman said that the agency is working on cross-checking names with birth dates and gender. We need to keep in mind that the list is long and the database is enormous - there are going to be flaws. But this one, is frankly not that worrisome and is actually a demonstration that the system worked - sort of. I’m sure glad my parents chose to go with the unusual name…
*UPDATED BELOW 1.13.10
In the wake of all the aviation security discussion, the use of millimeter wave technology keeps coming up over and over. And while there is a strong possibility that this type of technology would’ve detected the vial of explosives hidden on the body of Umar Farouk Abdulmutallab, there has been conflicting reports about the public’s acceptance of this technology.
USA Today and Gallup conducted a poll of 542 adults who have flown at least twice in the past year and found that 78 percent of respondents said they approved of using the scanners, 20 percent said they did not approve and 2 percent had no opinion. So, based on those results, it sounds like the majority of the traveling public would be okay with having their body image scanned.
However, my guess is that a significant number of people are okay with this because they’ve been told that the image can be neither stored nor transmitted. I blogged back in February 2009 that as soon as the naked image of Britney Spears leaks to TMZ, there will be public outcry to ban this technology, therefore the Transportation Security Administration better be very certain there is no possible way to send these images.
Well, now there is speculation that the TSA may not be telling the public everything about the capabilities of this technology. A CNN article today said that privacy groups are reporting that the TSA is misleading the public and that the scanners can indeed store and transit images.
The TSA specified in 2008 documents that the machines must have image storage and sending abilities, the Washington-based Electronic Privacy Information Center (EPIC) said.
In the documents, obtained by the privacy group and provided to CNN, the TSA specifies that the body scanners it purchases must have the ability to store and send images when in “test mode.”
That requirement leaves open the possibility the machines — which can see beneath people’s clothing — can be abused by TSA insiders and hacked by outsiders, said EPIC Executive Director Marc Rotenberg.
However, TSA officials are maintaining that there are strong privacy regulations on this technology. They better be darn sure because I know TMZ is willing to pay a lot of money to some poor TSA lackey for that Britney shot.
UPDATE:
The TSA, via their blog, has refuted that body scanning equipment can store or transmit images:
All functionality to store, export or print images is disabled before these machines are delivered to airport checkpoints. There is no way for Transportation Security Officers in the airport environment to place the machines into test mode.
