Introduction: why Behaviour Detection?
The concept of behaviour detection, or Behaviour Risk Assessment, as a method of detecting suspicious individuals continues to occupy the headlines. As a recognized layer of security screening that has been successfully deployed in Israel and other countries, it is part of considerable efforts worldwide focusing on reforming the existing legacy approach to security into a more risk-based system (read about Focus on Intent).
In recent years, two international bodies, IATA and ICAO, have been leading the way by advocating a transition from the current “one-size-fits-all model” of security to a model where passengers are screened based on established or perceived levels of risk. As part of a risk-based model, all passengers would be divided into Low, High, Unknown groups according to information available about them to security personnel in advance (e.g. Passenger Name Record) and identification of any suspicious indicators in real time. Various countries, such as the US, Canada, UK, France and Australia have been studying the subject very closely including in pilot projects and research studies to determine best practices and/or validate the approach.
A feature article in the September 2013 issue of "Passenger Terminal World" is dedicated to the coverage of Behaviour Detection as one of the risk-based screening methods applied in modern mass transit (e.g. airports) settings.
CHI Security's Michael Berk was interviewed by this leading industry magazine to provide insights into this highly specialized trade. Read the feature article here on-line or in the digital format here
(see page 18).
Note: the authors have incorrectly associated the Passenger Behaviour Observation pilot program with Transport Canada, as oppose to the Canadian Air Transport Security Authority. We asked them to update this (as well as the full name of our company) but the issue went to print already...
We live in exciting times. Those who can see or feel subtle changes in the matrix of our socio-economic system will understand what we mean. While some of these changes may be positive or negative, depending on where one stands, paradigm shifts take place everywhere. When observed in the ossified system that is Security -- a slow, legacy-based, mostly reactive and heavily tech-equipped giant -- the signs of changes coming present new and interesting opportunities. One of the fundamental changes we observe is the shifting of focus towards 'Intent' in security operations. Focusing on those who have the motivation, intent and capabilities to execute an attack makes security more proactive, risk-based and agile.
According to CBC and other sources, VIA Rail is considering to beef up its security procedures in light of the alleged terrorist plot to derail a train on New York to Toronto route. Among the possible security measures under consideration are greater scrutiny of checked luggage, use of sniffer dogs, mandatory ID checks and luggage reconciliation. Among other measures already in place, VIA Rail spokesperson mentioned that VIA employees have been trained in observing suspicious body language. Some pundits were quick to describe these measures as 'aviation security style' screening which will render traveling by train in Canada a lot less pleasant. We believe this won't be the case.
In our opinion, the addition of more serious security measures to Canadian rail cargo and passenger transportation has been long overdue. Rail infrastructure and communications constitute an integral part of the national critical infrastructure. A recent event at Lac-Megantic, QC has provided vivid images of what could occur in an urban area if an attack involving a heavy load of explosives is executed. In the current evolving threat environment the addition of sensible and scalable risk-based security measures makes a lot of sense.
Today's news are filled with articles citing another GAO report issued yesterday and entitled "TSA Could Strengthen Oversight of Allegations of Employee Misconduct".
Apparently the rate of complaints against TSA screening officers have increased by 26% in the past three years. The report said 3,408 misconduct allegations were filed against TSA workers last year, up from 2,691 in 2010. Many of the charges for screening and security-related incidents pertain to violating standard operating procedures, including not conducting security or equipment checks, and allowing patrons or baggage to bypass screening.
While the increase in allegations (if they're based on true foundations) is lamentable, with over 1.6 million of screened passengers per day and over 56,000 Transportation Security Officers involved, the numbers cited must be taken in a proper context.
Let us begin by defining what this means in the world of security operations. In our practice, it is the process of observing someone's behaviour and analyzing it for indicators of adversarial modes of operations.
In addition, especially trained officers would look at appearance, accompanying people, documents (if possible), verbal and other non-verbal cues, and conduct a security-driven interview (if allowed by regulations). All of the information thus assembled in a course of 5 sec to 1:30 min is analyzed relative to the operational environment or context in which the process is occurring. In the end, a qualified security officer will reach a simple decision: threat or no threat. Wait, you can ask, where does the racial / ethnic / religious profiling come into play? It does not.
Just came across an article in LA Times entitled "Randomizers' could ward off airport profiling accusations" stating that one of the reasons for deploying them "is so TSA officers can't be accused of profiling passengers when they direct some fliers to a line for regular screening and others to a line for a faster, less-intrusive search". This is peculiar, I thought.
CHI Security team includes professionals with diverse backgrounds and experiences. In this blog we share our musings on how to build a resilient security force. Hardware comes later...