Threat into Risk: A Challenge for Security Guidance Tony Beard

advertisement

Threat into Risk:

A Challenge for Security Guidance

Tony Beard

Office of Transport Security

Department of Transport and Regional Services

Current Security Environment

Threats:

 Al-Qa’ida and linked trans-national terrorism is the principal global threat

 Transport, including maritime, remains an attractive target

 Mass causalities through multiple, coordinated use of improvised explosive devices is preferred attack objective and methodology

 National CT Alert level remains at MEDIUM

Issues in Defining the Threat:

 “Home grown terrorism” does not help understand the terrorist threat

 Radicalisation processes are poorly understood

Profiling is problematic and not the answer

Extremism can transcend national, social and family identity

Terrorists have demonstrated outstanding operational capability

Nature of the Threat

 Transnational terrorism leads to traumatic, catastrophic consequences

 Focus is on mass casualties

 Terrorists have demonstrated intent and capability – coordinated attacks

 There is constant heightened level of threat

 Nature and level of threat means we Must Expect the Unexpected

 There is likely to be no prior warning of attack

 Criminal activity highlights vulnerabilities

The Threat to Maritime Security

 The Maritime industry represents an attractive target because:

– Large shipments of dangerous cargo may provide a ready ‘weapon’

– Cruise ships concentrate large numbers of people

Infrastructure is accessible

 Forms of terrorist maritime sector attack include:

– Hijacking of vessels (eg Achille Lauro, 1985);

– Boat-borne improvised explosive devices (eg Limburg, 2002);

– Sabotage / placed IEDs (eg Superferry 14, 2004);

– Assaults by commando-style teams (eg Seabourn Spirit, 2005);

– Stand-off weapon attacks (eg USS Ashland, 2005)

 But international shipping can also be used for other purposes

– Infiltration of weapon of mass destruction (‘bomb in a box’)

Infiltration of terrorists (as crew, stowaways)

Limits of Intelligence

 Strategic intelligence gives an insight into terrorist intent, capability

Useful in prioritising risks and developing preventative measures

Also helpful in focusing on key vulnerabilities

 Specific intelligence identifying a particular target, time is unlikely

Cannot rely on attacks always being foiled ‘in the nick of time’

Security posture needs to reflect threat environment

 Exploit terrorists’ vulnerabilities as they seek to exploit ours

Terrorists often need to conduct hostile reconnaissance

Encourage and enable resolution of suspicious activity

Engage with partners in government and industry

Criminal Threat to the Australian

Maritime Industry

Terrorism is a crime – not all crime is terrorism

Criminal activity highlights vulnerabilities in security systems which may be exploited by terrorists

Criminals want to preserve the transport system for their own ends

Terrorists want to destroy the transport system for their own ends

Organised and opportunistic crime threatens the integrity of the maritime sector

RISK: Frames of Reference

AS/NZS 4360 Risk Management

Corporate Risk

Regulatory Risk

Security Risk

A Security Risk Doctrine as the basis for Mitigation Planning

 Government policy – prevention is a business cost.

 Security risk management by industry

– 1. Non proscriptive regulation

– 2. Provides flexibility to owner/operators

– 3. It is not possible to eliminate all threats

Highly professional attackers – no prior warning

Probability of coordinated IED attacks on mass gathering

Traumatic and catastrophic consequences are untenable

Governments have NO RISK APPETITE

 Focus on Vulnerabilities and Suspicious Activity

Preventive Security Requirements

 Security must be a normal part of doing business

 Board and CEO responsibility

 Documented Security Plan for Risk Mitigation

Based on intelligence led security risk assessment

Including prioritised VULNERABILITIES

Prepared in consultation with internal & external partners

Ensuring reporting, logging and assessing security incidents

Providing for security awareness training to ensure identification and resolution of suspicious activity

“ Today we were unlucky, but remember we only have to be lucky once. You will have to be lucky always.”

- from a statement by the IRA addressed to

Margaret Thatcher

Building Key Partnerships

Partnerships harness and focus capacity

Security Risk Doctrine creates a common message for partners

Vulnerabilities are many and can exhaust resources:

– Need for focus and sustainability

– harness all human capacities

– utilise technology to aid human awareness – CCTV

Discussion Exercises (Desk-Top)

held routinely and regularly

to harness the capacity of all partners

against a common mental model

clarify:

- partnering roles and responsibilities

- policy and planning short falls

Partnership Objectives

To ensure:

 Government agencies; Businesses and Communities are together creating an environment hostile to terrorist planning and preparation by:

– Identifying and mitigating vulnerabilities; and

– actively disrupting and resolving suspicious activity.

Security Awareness Raising

 A common language is necessary

 Security awareness training for staff, contractors and regular customers is essential

 Security plans must include provisions for the reporting, logging and assessing of security incidents

 Identification and resolution of suspicious activity is essential

Vulnerabilities

 Vulnerabilities potentially amplify terrorist capabilities and therefore increases the chance of a risk eventuating

 Vulnerabilities must be prioritised to focus and ensure proportional targeting of risk mitigation strategies there by best utilising resources

 Vulnerabilities should be prioritised through an intelligence led assessment of likelihood and an understanding of the local security context.

The Challenge

Ensuring that even if the bomb doesn’t go off this week:

 Government remain focussed

 Industry remain vigilant and prepared

 Public interest and awareness is sustained

Summary

 Terrorist response must be focussed, proportional and recognise:

– Constant heightened level of threat

– Terrorists display personal and professional capability

– No prior warning of attack

 Risk based approach provides common language, ideas and focus

 Our operating environment is complex and sound partnerships are essential to achieving an effective response

 Government, industry and the public must remain focussed and alert to identification of suspicious activity

Download