A Blueprint of CBRN Security
Architecture
Dr. Igor Khripunov
at the seminar “Toward a CBN Security Culture: Developing a
Holistic Approach,”
24 April 2012, Vienna, Austria
UNSCR 1977 (2011): Emphasis on Implementation
•
•
•
Encourages all states to prepare national implementation
action plans on a voluntary basis.
Promote the sharing of experience, lessons learned, and
effective practices in areas covered by resolution 1540 (2004).
Conduct a comprehensive review on the status of
implementation of resolution 1540 (before May 2016),
including, if necessary, recommendations or adjustments to the
mandate of the 1540 Committee.
The ten year extension of UNSCR 1540 (2004) is likely
to turn the resolution into an institution with a unique
counter-WMD terrorism mandate. However, this
emerging institution risks failure without a robust and
comprehensive security culture.
What is CBRN Security Culture?
CBRN security culture is an assembly of beliefs,
attitudes, and patterns of behavior which can
reinforce or complement hard (equipment) or soft
(rules and regulations) tools in the process of
achieving intended security goals.
• As its major subset, CBRN security culture (or equivalent
constructs under different names) derives its strength, or lack
thereof, from organizational culture, but in certain
circumstances it can have a positive impact across the board
shaping organizational culture.
What is CBRN Security Culture?
• In all four silos, the foundation of security culture includes human support or
•
enforcement of common risk-based elements such as:
- Deterrence
- Protection
- Detection
- Response to:
- Theft
- Sabotage
- Unauthorized Access
- Illegal Transfer
- Other malicious acts involving either materials that can be used for
unconventional terrorism purposes or their associated facilities
The major assumption that drives this pattern of human behavior is that the
risk of CBRN terrorism is real and security is important.
Four CBRN Silos
• The CWC uses “general purpose criteria” to define a
•
•
Chemical
•
•
weapon.
Global supply chains are increasingly vulnerable.
A multitude of industrial chemicals could be released in
massive quantities inflicting lethal effects despite their low
toxicity.
Less robust physical protection of sprawling petrochemical
plants requires a significant input from security conscious
personnel.
In its recently launched project, the “OPCW as a Platform for
Enhancing Security at Chemical Plants,” one of the
objectives is to establish “a chemical security culture.”
Four CBRN Silos
• The BWC uses “general purpose criteria” to define a
•
•
Biological
•
weapon.
The rationale for security is much more closely intertwined
with safety and material losses rather than terrorist risks.
WHO documents refer to “responsible laboratory practices”
defined as protection, control, and accountability for
valuable biological materials to help prevent their
unauthorized access, loss, theft, misuse, diversion, or
intentional release.
The International Federation of Biosafety Associations
(IFBA) has launched a five year strategic plan wherein the
mission is defined as “Safe, Secure, and Responsible Work
with Biological Materials” but the term “culture” is yet to be
prominently displayed in the professional parlance.
Four CBRN Silos
• Almost all radioactive substances can be used to commit
•
Radiological
•
•
acts of radiological terrorism, including fission products,
spent fuel from nuclear reactors, commercial radioactive
sources, and relatively low-level waste.
Radioactive sources pose a special challenge because they
number in the millions worldwide, and are in use in a
multitude of diverse operations.
The Code of Conduct for the Safety and Security of
Radioactive Sources has provisions on safety and security
culture but is not a binding legal instrument.
Major characteristics of this silo are too unique to merge it
with the nuclear silo.
Four CBRN Silos
• The Washington and Seoul Nuclear Security Summits
•
Nuclear
•
•
elevated the role of nuclear security culture and placed it on
par with physical protection and material accountancy.
The international legal framework for nuclear security (both
binding and nonbinding) has specific references to security
culture which may be seen reflected in a series of national
laws and regulations.
The IAEA adopted the concept of nuclear security culture in
2008, launched a training program, and intends to work
toward a new, more diversified security culture which
would cover transportation, spent nuclear fuel, and others.
Given its current record and advancement in security
culture, the IAEA and the nuclear sector can serve as a role
model for other silos.
Joint Foundation of CBRN Security Culture
•
•
•
•
Only personnel empowered by a security culture that comes as
second nature can continually evaluate the risk environment,
and stay ahead of the threat.
Among the most important shared characteristics of CBRN
security culture are: accountability, reliability, professionalism,
compliance, and vigilance.
A CBRN security culture will motivate the workforce to
meticulously comply with existing security requirements, select
the correct course of action when there are options, and
improvise effectively in the face of the unknown.
“Insider threats” are a common CBRN concern but best
practices to deal with them may differ in each silo.
Joint Foundation of CBRN Security Culture
• The manifestation of CBRN security culture is most important at
•
•
the organizational and individual levels, but their goals are fully
achieved only if there are adequate inputs from higher tiers, i.e.
international and national levels.
CBRN security culture promotion is more likely to achieve
sustainability goals if its underlying standards are embedded in
societal values, traditions, and best practices.
It is imperative for the leaders of organizations to be driving
engines for culture building/improvement and act as the role
model for their employees.
Joint Architecture of CBRN Security Culture
• Safety culture has been an integral part of the emergence and evolution of
•
•
science and technology, while CBRN security culture is a late-comer. In this
sense, security culture often follows the footsteps of safety culture or
remains an integral part of it.
The complexities of the safety-security interface make it necessary to look
for an innovative terminology across all CBRN silos of which “suerity” may
be just one option. However, in the short-term perspective, a uniform
terminology denoting security culture in all four silos seems unlikely.
Jointly developed and mutually acceptable risk assessment, culture
evaluation methodologies, and ways of monitoring and improving the
culture on an ongoing basis are important building blocks of a common
architecture for CBRN security culture.
Final Observations
• The CBRN threat environment makes it imperative to explore and shape an
•
•
•
appropriate culture-based response in support of the global effort against
WMD proliferation and terrorism.
Security cultures do exist in respective silos to safeguard sensitive materials,
protect assets, and prevent acts of sabotage, but their promotion and
implementation are largely isolated from each other in the absence of
sufficient horizontal communication and best practice sharing.
A major goal of developing a common architecture for CBRN culture is to
enable countries that are lacking relevant experience to optimize the role of
the human factor in dealing with CBRN risks and complying with their
international obligations, including those under UNSCR 1540 (2004).
If proven valuable in practice and acceptable across the board, a CBRN
security culture may become an important item on the agenda of the 2016
review process for UNSCR 1540.