When we were attacked on 9/11, I had already served several years in the aviation security industry and I felt I’d not done enough (as many of us did). Part of my mission became to make sure that we weren’t asleep at the switch when the next attack was launched. Writing the book Practical Aviation Security: Predicting and Preventing Future Threats, was my attempt to educate those who would be in a position to prevent the next 9/11.
A few years ago I was on a local radio show that was doing the bit on “it’s X years after 9/11, and are we safer?” They did a man-on-the-street interview (except it was more woman-in-the-coffee-shop in this case) and they asked the woman if she was afraid to fly. She said she was, because the plane might get hijacked – and this was about seven years after 9/11. Turns out she is a personal trainer and she drove all the way from Ohio to meet a client. I thought about her irrationality – you’re concerned that the one commercial flight, on one particular day, of 5,000+ flights that day, would be hijacked? Heck, the chances of you experiencing severe turbulence, much less a plane crash or hijacking, are far lesser than getting in a car accident on the way to Colorado from Ohio – my gosh woman, have you ever driven the Ohio Turnpike! I rest my case.
That said, there were hundreds of people on that day that were in a hijacked aircraft and even I’ve been in a plane crash. So, odds be dammed, stuff still happens and some people are still afraid to fly. I suspect that won’t ever change no matter how many gaps we plug.
Many people like to use Reason’s Swiss Cheese analogy when it comes to discussing things like the accident chain or risk assessment. The goal in the swiss cheese model is to prevent the holes in each slice from lining up and thus allowing an attack (or accident) to occur. That’s the fundamental theory of the layered security system. Each layer is another piece of cheese, with its own holes. No one slice stops all attacks. Remember, there MUST be holes in each slice because people must continue to move through the system. Our system is about deterrence – the only way the system will be 100% “safe,” is to quit flying planes, and the reality of the swiss cheese model is realize that some holes will never be plugged, mainly because:
- As long as people fly, there will always be risk. There is no 100% life safety guarantee to anything.
- Some risks are too expensive to mitigate – even paying $25,000 to fly on a private jet doesn’t guarantee the pilot didn’t just have a bad breakup with his girlfriend and decides to commit suicide and take you along for the ride. Maybe you should have checked his relationship status on Facebook first – if it says, “it’s complicated,” then ask for another pilot.
- Some risks are unknown – remember, the bad guys have a vote in this and they don’t always tell us our game plan. Uh, be nice if you did – call the FBI I’m sure they’d like to hear from you.
- Some risks are still there because we haven’t bled enough. Some attacks, such as a surface-to-air missile attack on a U.S. aircraft here in the States just haven’t occurred (unless you count the late Tom Clancy’s book Against All Enemies (still miss you Tom!). While that type of attack is in the aviation security vocabulary as a possibility, it still hasn’t happened. Once it does, we’ll close that hole a bit more.
While many people see TSA with their screening checkpoints and they hear about Federal Air Marshals, pilots carrying guns and F-16’s intercepting suspect aircraft there is one vital layer in aviation security that is rarely seen – the role of intelligence and interdiction.
Prior to 9/11:
- The FAA had no effective way to get the word out about a hijacking or threat to aviation and certainly no way to coordinate a response.
- FAA security personnel were a small and dedicated bunch of trained professionals, but to the intelligence community they were treated like mushrooms, which means they were kept in the dark and fed crap. Many of them relied on previous relationships with people they used to work with in the intel communities, just to get intel they could act upon. Check out Billie H. Vincent’s book Bombers, Hijackers, Body Scanners and Jihadists for a look at pre 9/11 security, plus some perspectives from one of the leaders in the aviation security field. Billie is the former head of aviation security for the FAA.
- Outside of the Air Traffic Control System Command Center the FAA had no central incident command center to manage an incident.
- Our national command strategy was still focused on stopping incoming Soviet bombers (even though the Soviet Union had been gone for nearly a decade)
- The FAA has the Domestic Events Network (DEN) which is essentially a hotline that the FAA can pick up and it rings throughout numerous incident and operations centers, including. . .
- … TSOC the Transportation Security Operations Center, which tracks the movements of aircraft and passengers on a 24/7 basis, monitors FAM deployments, knows how many good-guys with guns are on each flight, tracks the status of Selectee passengers and ramps up their activities when there is an incident.
- Navy SEAL teams, Delta Force and other members of the special operations community, including the CIA Special Activities Division are no longer neutered and leashed by nervous politicians and bureaucrats – we now have over a decade of using these special teams whenever and wherever force is necessary.
- One word: Drones
- We now have a (controversial) but effective intelligence net like no other that’s been cast over the entire world.
- Fusion Centers (intelligence collection and dissemination points) and Terrorism Liaison Officers which are local personnel being trained and connected to the national intelligence agencies are now providing, sharing and developing intelligence and investigative leads. Citizens are tied in through programs such as See something say something.
- The FBI is now focussed on counterterrorism, whereas previously it was more of an assumed role and they fought for funding for it. In the FBI, you get promoted by making arrests that the U.S. attorney can prosecute. You didn’t traditionally get promoted for gathering good intel on bad-guy A in country X as he orchestrated a financial transaction to bad-guy B so he could build a bomb and blow up good-guys C, D and E as they wandered through Times Square. Today, that intel can result in a Predator drone ending bad-guy A’s day while bad-guy B gets a 3:00 am visit from Seal Team something-0r-other, and the FBI Special Agent that started it all gets a little credit (hopefully). Not to mention the widely expanded Joint Terrorism Task Forces (JTTF).
- The creation of TSA and DHS; although these agencies have experienced many growing pains, prior to 9/11 we just didn’t have any government agency or department with the narrow mission of protecting the citizenry from harm, man-made or natural. The populace wanted the American version of the British MI-5 internal security service and we got them.
Now that we’ve filled many gaps, where does that leave new concepts such as Risk Based Security, which essentially increases the size of the hole in a few slices of the cheese? Aren’t we sort of taking our foot off the throttle here?
First, consider that there are numerous slices of cheese and passenger screening, the only area presently affected by the RBS programs, is just one layer (PreCheck and Known Crewmember, Screening for Active Duty U.S. Service Members, Passengers 12 and Under, Passengers 75 and Older and Managed Inclusion). While we expand the hole in that particular slice, the exchange of information required to be enrolled in PreCheck and the background checks that are performed (ideally), will make smaller holes in other layers (but only for the people that are in the program). That way we can focus more on those we know less about. While there is always the chance that a PreCheck passenger will smuggle something through screening because they bypassed the body imager, the thought is that they may be caught in one of the other layers – hopefully intel and intervention because that’s the farthest away from the target sites (airports and aircraft).
Plus, RBS represents a move back to what air travel used to be – somewhat fun and a whole lot less intrusive. A primary goal of terrorism is to cause the government to further erode the civil liberties of the populace through more and more security measures and more intrusive looks into our private lives. This hit unprecedented proportions after 9/11 – just read the Patriot Act if you don’t believe me. Personally, I agree with many of the measures that have been taken to protect us, but I’m also a former intelligence officer (USCG) and I understand that the vast majority of those working in that community are focussed on catching bad guys, not trying to figure out which Internet sites Joe Average Citizen is visiting. Regardless, I loved being able to go right to the gate and remember flying used to be a pleasurable experience – something people looked forward to, not something people dreaded because of the security lines (we’ll leave the nickel and diming of the airlines out of this discussion for now).
So are we safer? Yes, from the attacks of the past and we are better prepared to deter and respond to the attacks of the future. But as they say in academia, more research is necessary.
Pre 9/11, the swiss cheese didn’t have holes in it, just one gigantic hole. Those of us in the system at the time spent many frustrating years trying to convince everyone that we needed to start filling that in. In fact, many of us were amazed that there weren’t more attacks prior to 9/11 – the system was the equivalent of leaving your front door open with a gigantic diamond sitting just inside the door with a big sign saying “steal me.” Today, if nothing else, we are at least aware that there is a threat. That threat continues to evolve; bad guys continue to come up with new ways of killing people and breaking things. They play their games and we play ours. There are still holes in the system that need to be closed (like employee security) either through screening or shoring up other layers within the system.
On 9/11/01, I was in Kona, Hawaii at a Tony Robbins leadership seminar that was to feature Al Gore, and several others. I was also an airport director at an airport in Colorado at that time. After the attacks, I was concerned about the next time I flew (a week later to get home) and even concerned when I flew to the first AAAE Aviation Security Summit in December 2001, just weeks before the shoe bomber incident. For awhile, I still didn’t like to fly, but maybe because I knew the system was a sieve at the time. But as the system started to change, I started to get more and more comfortable. Even though I see “inside,” the industry and understand the possibilities for attacks and I still see the holes in the system, the only fear I have is that at some point we’re going to do what we always have done, and that is to relax and take our foot off the throttle, and then we won’t be safer anymore.