Threat into Risk: A Challenge for Security Guidance Tony Beard Office of Transport Security Department of Transport and Regional Services Current Security Environment Threats: Al-Qa’ida and linked trans-national terrorism is the principal global threat Transport, including maritime, remains an attractive target Mass causalities through multiple, coordinated use of improvised explosive devices is preferred attack objective and methodology National CT Alert level remains at MEDIUM Issues in Defining the Threat: “Home grown terrorism” does not help understand the terrorist threat Radicalisation processes are poorly understood Profiling is problematic and not the answer Extremism can transcend national, social and family identity Terrorists have demonstrated outstanding operational capability Nature of the Threat Transnational terrorism leads to traumatic, catastrophic consequences Focus is on mass casualties Terrorists have demonstrated intent and capability – coordinated attacks There is constant heightened level of threat Nature and level of threat means we Must Expect the Unexpected There is likely to be no prior warning of attack Criminal activity highlights vulnerabilities The Threat to Maritime Security The Maritime industry represents an attractive target because: – Large shipments of dangerous cargo may provide a ready ‘weapon’ – Cruise ships concentrate large numbers of people – Infrastructure is accessible Forms of terrorist maritime sector attack include: – Hijacking of vessels (eg Achille Lauro, 1985); – – – – Boat-borne improvised explosive devices (eg Limburg, 2002); Sabotage / placed IEDs (eg Superferry 14, 2004); Assaults by commando-style teams (eg Seabourn Spirit, 2005); Stand-off weapon attacks (eg USS Ashland, 2005) But international shipping can also be used for other purposes – Infiltration of weapon of mass destruction (‘bomb in a box’) – Infiltration of terrorists (as crew, stowaways) Limits of Intelligence Strategic intelligence gives an insight into terrorist intent, capability – – Useful in prioritising risks and developing preventative measures Also helpful in focusing on key vulnerabilities Specific intelligence identifying a particular target, time is unlikely – – Cannot rely on attacks always being foiled ‘in the nick of time’ Security posture needs to reflect threat environment Exploit terrorists’ vulnerabilities as they seek to exploit ours – – – Terrorists often need to conduct hostile reconnaissance Encourage and enable resolution of suspicious activity Engage with partners in government and industry Criminal Threat to the Australian Maritime Industry Terrorism is a crime – not all crime is terrorism Criminal activity highlights vulnerabilities in security systems which may be exploited by terrorists Criminals want to preserve the transport system for their own ends Terrorists want to destroy the transport system for their own ends Organised and opportunistic crime threatens the integrity of the maritime sector RISK: Frames of Reference AS/NZS 4360 Risk Management Corporate Risk Regulatory Risk Security Risk A Security Risk Doctrine as the basis for Mitigation Planning Government policy – prevention is a business cost. Security risk management by industry – – – 1. Non proscriptive regulation 2. Provides flexibility to owner/operators 3. It is not possible to eliminate all threats Highly professional attackers – no prior warning Probability of coordinated IED attacks on mass gathering Traumatic and catastrophic consequences are untenable Governments have NO RISK APPETITE Focus on Vulnerabilities and Suspicious Activity Preventive Security Requirements Security must be a normal part of doing business Board and CEO responsibility Documented Security Plan for Risk Mitigation - Based on intelligence led security risk assessment Including prioritised VULNERABILITIES Prepared in consultation with internal & external partners Ensuring reporting, logging and assessing security incidents Providing for security awareness training to ensure identification and resolution of suspicious activity “Today we were unlucky, but remember we only have to be lucky once. You will have to be lucky always.” - from a statement by the IRA addressed to Margaret Thatcher Building Key Partnerships Partnerships harness and focus capacity Security Risk Doctrine creates a common message for partners Vulnerabilities are many and can exhaust resources: – Need for focus and sustainability – harness all human capacities – utilise technology to aid human awareness – CCTV Discussion Exercises (Desk-Top) - held routinely and regularly - to harness the capacity of all partners - against a common mental model - clarify: - partnering roles and responsibilities - policy and planning short falls Partnership Objectives To ensure: Government agencies; Businesses and Communities are together creating an environment hostile to terrorist planning and preparation by: – Identifying and mitigating vulnerabilities; and – actively disrupting and resolving suspicious activity. Security Awareness Raising A common language is necessary Security awareness training for staff, contractors and regular customers is essential Security plans must include provisions for the reporting, logging and assessing of security incidents Identification and resolution of suspicious activity is essential Vulnerabilities Vulnerabilities potentially amplify terrorist capabilities and therefore increases the chance of a risk eventuating Vulnerabilities must be prioritised to focus and ensure proportional targeting of risk mitigation strategies there by best utilising resources Vulnerabilities should be prioritised through an intelligence led assessment of likelihood and an understanding of the local security context. The Challenge Ensuring that even if the bomb doesn’t go off this week: Government remain focussed Industry remain vigilant and prepared Public interest and awareness is sustained Summary Terrorist response must be focussed, proportional and recognise: – Constant heightened level of threat – Terrorists display personal and professional capability – No prior warning of attack Risk based approach provides common language, ideas and focus Our operating environment is complex and sound partnerships are essential to achieving an effective response Government, industry and the public must remain focussed and alert to identification of suspicious activity