12th Annual AAAE Annual Aviation Security Summit and looking towards the threats in 2013
Hyatt Regency Crystal City
Hyatt Regency Crystal City
The annual aviation security summit brought out a good line of speakers this year, featuring decision makers and policy makers, not notetakers and staffers, which always makes for a beneficial conference. Gold stars for AAAE’s Carter Morris, Colleen Chamberlin and Sarah Pilli for the great line up.
I’ve already shared the two key opening sessions and the special session with Senator Landrieu in other posts. This post is a bullet list of highlights from the other sessions and some perspectives on what we can look forward to next year in aviation security.
The TSA’s Risk Based Screening programs will continue to expand, both at the passenger checkpoint, and (hopefully) within airport security programs. RBS recognizes that risk will never be completely eliminated and efforts to be 100-percent perfect actually result in lesser security. The more effective use of resources is to focus less energies on lower risk threats which allows for more resources to point at the higher risks.
Customs and Border Protection is setting the standard for TSA to follow, with their Global Entry program. Global Entry provides expedited customs processing for international travelers returning to the United States. However, the program requires an interview by a CBP agent and there is about a three-month backlog. CBP may start using Federal Air Marshals to assist in the interview process. Expect to see this program expand even more in 2013.
TSA’s first real foray into RBS is the PreCheck program. Doug Hofsass, TSA’s Assistant Administrator for Risk Based Security discussed the three key goals that RBS had achieved this year – the launch of PreCheck, the launch and expansion of the Known Crew Member (KCM) program and a partnership with the Department of Defense to bring active duty armed forces personnel into the lower risk category.
Jim Williams, former director of the U.S. Visit program and now a senior vice president for Daon, noted that the future of RBS programs is the establishment of a biometric identity. However, while this concept has been around for quite sometime, Williams’ said the main problem with widespread expansion of any identity program is integrating new software with existing identification systems,“God created the Earth in six days but he didn’t have to do it with legacy systems,” Williams said.
“God created the Earth in six days but he didn’t have to do it with legacy systems,” Williams said.
The challenge in implementing any access control or personnel identification system into a U.S. airport, or any facility, such as government office buildings is that there are already access control and credentialing systems in place. This is an important factor when we start talking about the much battered Transportation Worker Identification Program (TWIC) program. TWIC came from the Maritime Security Act but TSA and Congress have explored the program within the aviation domain.
TWIC is now in use in the maritime sectors and a bit in the trucking sector. The major challenge with implementing it in airports, is that each airport already has a proprietary access control system. The larger issue is that airport operators are responsible for the individuals who are provided access to the airside. Therefore, airport operators manage the credentialing process themselves and are hesitant to allow another form of identification to be used on the airport – particularly one in which the airport operator does not know the level of the background check, or other risk issues that may be involved with the person.
Back to RBS: Hofsass, who has done an outstanding job with the program, noted that so far Known Crew Member has removed 60,000-65,000 individuals from the footprint of the screening checkpoint. An estimated total of 2.7 million flight crew and flight attendants have already passed through a KCM location. By February 2013, Hofsass estimates that we’ll be at 165,000 to 170,000 pilots and crew members per week that do not pass through a traditional checkpoint. That should both decrease wait times at screening checkpoints (even the employees don’t like cutting in front of everyone) and possibly reduce TSA staffing requirements.
“What that means is in 2013, 8.5 million screening experiences will not be done at the checkpoint but at the KCM portal and that’s just at the current locations where KCM is in place,” said Hofsass.
Presently, TSA is working with DOD officials to enroll active-duty military personnel into a risk based solution. TSA is also currently looking at other populations, such as federal government personnel and those that already have an airport identification badge.
Hofsass was asked whether RBS applied to airport security programs, not just passenger screening – he deferred the question as this isn’t his area of management. However, later, when Pete Garcia, Dir., Compliance, Office of Security Operations, TSA took the stage on day two, he led off with the answer. Garcia said he wants to move towards a plan that doesn’t require as much testing, but looks at the vulnerabilities in partnership with the airports and airlines. The inconsistent application of security regulations, Airport Security Program (ASP) approvals and the sometimes cookie cutter approach to inspecting airport and air carrier security management is a frequent source of stress with airport security coordinators (ASCs). ASC’s must often devote hours of staff time to producing records for the TSA and responding to letters from the TSA.
“If you have a great relationship with the FSD and you’re doing what you’re supposed to do, I see (audits) going down,” said Garcia.
Garcia confessed that when the TSA does their own self testing they score rather well, but when GAO does the testing, the scores are much lower. “As we develop the tests (presumably with the airport and air carriers) we will identify where the vulnerabilities are.”
Also in 2013, expect to see x-ray based systems continue to be the primary checkpoint screening technology. CT (EDS-style) systems are still too large and heavy for use at the checkpoints. Body imagers, liquid threat detection and cast scanners are likely to continue to be the wave of the future.
The checked baggage security systems that first made their debut after 9/11, are now a decade old and showing their wear and tear. TSA is engaging in a re-capitalization program to replace old technology. Jenel Cline, Checked Baggage Screening Program, Ofc of Security Capabilities, TSA says they will conduct site visits with airports that are scheduled for recapitalization to work on the scope.
Nina Brooks – International Air Transportation Association Security and Facilitation Team, showed off the IATA checkpoint of the future concepts – it’s available on their website and will be the subject of a future blog.
One notable component came at the end of the conference – perimeter security. With all the penetrations of airport perimeters in 2012, TSA embarked on a study in September to assess best practices. TSA says it wants to share those best practices with airport operators and let the airport determine if they meet the standards. Federal funding is not likely to follow however, for airport operators that want to bring their perimeter security up to the industry standard.
I expect in 2013, perimeter security is one area that will receive more attention. Stay tuned on this issue.
One interesting note I have for next year did not come from the security summit, but from Mark Bowden’s newest book, The Finish: the killing of Osama bin Laden (Atlantic Monthly Press, New York, 2012). Bowden, known for his excellent works such as Black Hawk Down and Killing Pablo, noted that at one point in recent times, bin Laden asked his followers to launch more attacks on the United States, but there was no longer any way for al Qaeda to make the arrangements for a large style attack, like that carried out on 9/11.
“The 9/11 attacks had taken years to prepare, and had involved substantial international travel, long months of training, money and close coordination. When the plan had been set in motion, the group was a peripheral concern for the United States and the Western world,” Bowden said (p. 126). “This was no longer the case [post 9/11]. America had spread an invisible web of surveillance that registered seemingly everything that stirred. Death rained continually. It was dangerous for the organization’s leaders to move from one house to another, much less put another international plan in motion.”
Based on past experience, and if we take Bowden’s words here to heart, I would suspect that future attacks are going to be carried out at lower levels, single or small numbers of operators who may be ill-trained. However, these operators will likely have the advantage of also being U.S. citizens. Also, U.S. air carriers should continue to be vigilant in their security procedures. While the U.S. has become a much harder target than prior to 9/11, there is a history of U.S. citizens being attacked overseas, particularly on aircraft, and the difficulty of hitting the U.S. itself, may result in a rise of attacks on American’s overseas.