(Part 4 in a series that takes a look at whether aviation security is safer than it was in 2001)

The greatest thing we can do to improve air security isn’t about processes and technologies, it’s about understanding – understanding our enemy, understanding our capabilities and understanding each other.

The late Dr. Stephen Covey, author of The 7 Habits of Highly Effective People, coined the term “Psychological Air” for the emotional boost you get when someone truly understands you and your situation. There is a similar, but negative, reaction when someone tries to give you advice but you don’t feel like they understand your situation. Even if that person is brilliant, if you don’t feel like they understand you and your situation, you still hold their information to be suspect. Unfortunately, that’s been the challenge with TSA’s reputation within the industry and the traveling public – it’s a vulnerability that needs to be fixed and there may have been some recent moves by TSA towards that direction. However, as the saying goes, “Believe what people do, not what people say.”

Lieutenant General H.R. McMaster noted that failure to understand the enemy can produce strategies that are inadequate and inflexible. The same can be said of not understanding the industry in which you’re trying to secure. Let me immediately pause for the qualifier here – I’ve worked with, trained and associated with plenty of top notch TSA personnel. This isn’t a condemnation of the entire agency – it’s a prescription to heal a long-standing problem that may help TSA regain some semblance of respect with the traveling pubic and the industry.

When TSA stood up in 2001, it immediately got off on the wrong foot and it’s been limping along ever since. In the world of sports, whenever a team wins a major championship, the players always give credit to the team, not themselves. It’s never about one person (at least not until contract renewal time); aviation security is the same. Simply saying that we are a team does not make it so.

Case in point: TSA’s now somewhat famous layered security graphic (which occasionally pops up on its website) fails to include several airport security measures that are publicly known. It’s as if the airport security components weren’t even part of the security system. Within the past year, TSA has rolled out several videos, an active shooter program for airports and other security measures, but mostly it has focused on its own personnel: the screener workforce. As I said, it’s almost as if the rest of the aviation and airline security industry doesn’t exist. Some of the programs aimed at airport operators (such as the internal security threat program, “It’s Your Airport”) were good information but since they came from Olympus (i.e. TSA HQ) they were immediately suspect (hint: for programs like that to be successful, it helps if it starts at the local level).

To be successful it takes a team effort, and TSA needs to get on the team – the industry has been waiting for you.

After its creation TSA quickly earned a bad reputation with poor decisions at the checkpoint made by screening personnel who didn’t understand how air travel needs to work. At the same time, there were many newly appointed federal regulators behind the scenes who imposed unnecessary polices and procedures, resulting in higher costs and significant inconvenience to airport and airline operators. While “inconvenience” might be a bit of a weak term, realize that when airport and airline priorities are shifting to chase a variety of ill-advised, ill-conceived regulatory requirements and wild hairs, they are spending less time focused on providing real security and safety measures for the traveling public.

When TSA stood up, we expected a professional federal security workforce similar to Customs and Border Protection, but instead we got thousands of folks who didn’t understand the ramifications of their decisions, didn’t understand how airports and airlines work and were taught what to think, not how to think. For another sports analogy, that’s like hiring a bunch of brand new basketball referees to officiate at a football game – a game that they’ve neither played nor seen before.

The problems were top down. The very top levels of TSA were infused with former Secret Service types who lacked any understanding of how aviation itself must function, and how aviation security must function in order to allow the system to still move people and goods. Just because you’re good at protecting one individual at a time, doesn’t mean you’re automatically good at figuring out how to protect 80 million passengers moving through public areas on a routine basis at 450 public-use airports. In addition, any changes to the system needed to still provide the benefit of air transportation at an affordable cost to the traveling public, and must not create other vulnerabilities. Furthermore, decisions cannot be focused solely on how they affect checkpoint operations; there’s a lot more going on around the airport that needs to be protected. Since the aviation system is symbiotic, you can’t affect one component without a trickle down affect on all the others.

In the early years, many TSA Federal Security Directors were given near-absolute power over airport and transportation decisions. Those individuals made decisions that had lasting negative impacts on the industry. Chances at building valuable relationships with industry have been squandered, and instead a trail of scorched earth has been left behind. Any chance TSA has had to rebuild those relationships often failed as TSA has consistently transferred or promoted the good directors and managers (or they got frustrated and finally left), replacing them with an endless series of retired military flag rank officers or senior executive service personnel without industry backgrounds. While these people may have had successes in their past career, to someone in the aviation industry they were merely yet another Federal official who didn’t care to understand how things were done. Many violated a fundamental principle of effective operations management:

“Always listen to the guy on the ground.” – Pete Blaber, former Delta Force commander.

While the traveling public experienced new levels of ridiculousness at the screening checkpoint, behind-the-scenes former FAA security regulators were forced to sit on the sidelines while new TSA regulatory inspectors took their place. Even the inspectors who came from industry (mostly airline, military or police – very little from the airport world – and yes, there is a difference between airline and airport operations and management) were often required to impose odd procedures on airports and airlines and then report on the success of these procedures – procedures which were unrelated to improving aviation security but looked good on paper (“Hey, we don’t know where we’re going, but we’re making good time!”)

The question arises as to why the average passenger should care about the airport and airline regulatory issues. The answer is this: because failing to comply with TSA regulations results in fines – actual cash money your hometown airport has to pay to the feds, for compliance on security requirements that may not actually improve security. These fines are money that is passed right onto the passenger through a variety of fees. So you, as the passenger, should care because YOU’RE paying for it. More importantly, the money often gets spent on the wrong thing rather than being spent on improving the passenger experience, making the system truly safer, and implementing effective measures that truly do make the system more secure.

When you don’t understand the system, you end up making decisions like:

• Backing up checkpoint lines for hours while trying to fix your own screening detection rates;
• Screening personnel not knowing the name of the area they are protecting nor the basic rules for employees or visitors at a checkpoint, nor even how an airport works.
• Watering down the Israeli method of behavior detection, then deploying personnel to wander the airport in full uniform looking for suspicious people, without the ability to intervene if a real threat is spotted (these folks are unarmed and do not have police powers);
• Requiring airports to participate in programs such as Playbook (random anti-terrorism measures) without previous consideration to the budget impact of the airport operator (yes, we do have to operate on a budget) or understanding the effectiveness of such programs (I don’t disagree with the concept of Playbook as it’s a valid security measure throughout the world (it goes by different names, like VIPR, RAM, etc), but the early implementation was completely without industry consideration;
• Deploying Transportation Security Officers to public areas after the Brussels and Istantbul attacks, even though security experts said it was the wrong thing to do to mitigate the threat to the public area (you need armed police in those areas if you want to effectively respond to bad guys with guns and bombs);
• Focusing on metrics such as reducing access points to the airfield (a good security measure in general), rather than assessing whether the specific airport in question was already at their minimum access point levels for the airport to remain effective. We need to focus on whether we’re achieving outcomes rather than achieving metrics. To use another football metaphor: Who cares if we run for only 100 yards a game as long as we’re winning the game?
• TSA likes to tout its efforts at industry engagement but they won’t be fully trusted until they stop using Security Directives (SD) in lieu of rulemaking, stop using Information Circulars like SD requirements, and when they stop touting the newest senior level directors and managers as the next Messiah who just tells us what they think we want to hear – remember, we live here, you’re just passing through – whatever you do when you’re here, we have to live with after you leave. Want to impress us? Quit reading us your resume and start listening to what we’re saying.

There’ve been some excellent TSA deputy directors and senior managers and we cherish and greatly appreciate these folks. TSA simply needs more of them.

What’s the real solution? Just like a successful NFL team, everyone needs to know how the whole game is played, not just their role. We often hear that we should do aviation security like Israel does it. I agree… but probably not in the way you think.

In Israel, all security officers are trained in the history of aviation security and can name and describe key attacks. That way they truly “never forget” – they understand the system and their role in it. They understand how their decisions affect the rest of the airport and the air carrier operation, and they understand the impact on the passenger in front of them.

Whenever I train aviation security, I almost always hear grumbling about the historical section – many students just want to know what the requirement is, not the history behind it. But the why we do things is just as important as the what. When we forget our history (as we tend to do repeatedly), we fail to see and prevent the next attack. The same level of education needs to take place here in the U.S. for the TSA, airport and airline security workforces.

To truly adopt Israeli tactics on the U.S. scale, we need to begin with professional education for all TSA personnel of how aviation security, airport management and airline operations actually works.

A problem of pre-9/11 aviation security was that the Industry and the Federal Aviation Administration (FAA – the folks that regulated air security before TSA), shared a relationship that was close to being incestuous. There were too many retired FAA regulators that popped up months later as airline lobbyists or airline senior staff and some airline and airport personnel who were jumping over to jobs with the FAA. But the benefit of the FAA in the pre-9/11 days was the agency was largely filled with personnel who did have an understanding of how aviation works, as many had pilot, airport or airline backgrounds.

TSA needs that level of understanding. I’m not saying every TSA employee needs a level of understanding where they can go toe-to-toe with Transportation Security Inspectors, Airport Security Coordinators or airline security directors, but they should have a level of understanding of the system appropriate to their role. TSA personnel who have come from the industry already have this understanding and they’ve usually done very well – but then they eventually get frustrated with a system that’s designed to be relatively inflexible when responding to new threats, tends towards mission creep instead of focusing on their core roles and responsibilities, and puts personal benefit ahead of industry benefit. We can always tell when someone with no industry experience is trying to sell us on something.

While we all want to be safe and secure while flying, we must do so with security measures that are designed to fit aviation, not attempting to bend aviation to fit security. Bend it too much and the system breaks – hence the 4 hour wait times and the created vulnerabilities of having thousands standing in packed lines at airport checkpoints. With a fully educated and trained workforce, true success and true reduction in vulnerabilities can be achieved. Our enemies have certainly taken the time to educate themselves on our systems, our history and how things work. It’s time for us to do the same.

The AAAE/TSA/DHS Annual Aviation Security Summit is this week. Neffenger is scheduled to speak (hopefully we won’t be under the weather again). He has had a year to put the TSA house in order so now I want to hear his plan to improve the knowledge of his workforce on how the system needs to work. Neffenger has had a great reputation in the Coast Guard, particularly in handling the Deepwater Horizon disaster, and I know he understands that in order to be successful when regulating a transportation industry, the industry must still actually transport things and people. Many positive things were passed along during the recent ACI Safety and Security Summit, so now we’ll see if it was all just smoke and mirrors. If it’s all just more lip service then the system remains as vulnerable as it was on 9/11/01.

Next blog (5 of 5) the real threats and how to counter them.

To read more of my posts on aviation security, click HERE.