Introduction: why Behaviour Detection? The concept of behaviour detection, or Behaviour Risk Assessment, as a method of detecting suspicious individuals continues to occupy the headlines. As a recognized layer of security screening that has been successfully deployed in Israel and other countries, it is part of considerable efforts worldwide focusing on reforming the existing legacy approach to security into a more risk-based system (read about Focus on Intent). In recent years, two international bodies, IATA and ICAO, have been leading the way by advocating a transition from the current “one-size-fits-all model” of security to a model where passengers are screened based on established or perceived levels of risk. As part of a risk-based model, all passengers would be divided into Low, High, Unknown groups according to information available about them to security personnel in advance (e.g. Passenger Name Record) and identification of any suspicious indicators in real time. Various countries, such as the US, Canada, UK, France and Australia have been studying the subject very closely including in pilot projects and research studies to determine best practices and/or validate the approach. CHI Security has been invited to participate in the international symposium on "Airport Security: Design, Governance, Performance, Financing and Policy" which will take place in Toronto in May 2014. Bringing together up to 50 top experts from government, corporate and academic spheres worldwide, the purpose of the symposium is to evaluate challenges and best practices in the current aviation security system.
Michael Berk, CHI Security's Director, has joined the Executive Advisory Board to assist with developing the symposium's agenda and will be presenting at the 'Layered Screening and Preemption in Airport Security' panel session. A feature article in the September 2013 issue of "Passenger Terminal World" is dedicated to the coverage of Behaviour Detection as one of the risk-based screening methods applied in modern mass transit (e.g. airports) settings. CHI Security's Michael Berk was interviewed by this leading industry magazine to provide insights into this highly specialized trade. Read the feature article here on-line or in the digital format here (see page 18). Note: the authors have incorrectly associated the Passenger Behaviour Observation pilot program with Transport Canada, as oppose to the Canadian Air Transport Security Authority. We asked them to update this (as well as the full name of our company) but the issue went to print already... We live in exciting times. Those who can see or feel subtle changes in the matrix of our socio-economic system will understand what we mean. While some of these changes may be positive or negative, depending on where one stands, paradigm shifts take place everywhere. When observed in the ossified system that is Security -- a slow, legacy-based, mostly reactive and heavily tech-equipped giant -- the signs of changes coming present new and interesting opportunities. One of the fundamental changes we observe is the shifting of focus towards 'Intent' in security operations. Focusing on those who have the motivation, intent and capabilities to execute an attack makes security more proactive, risk-based and agile.
According to CBC and other sources, VIA Rail is considering to beef up its security procedures in light of the alleged terrorist plot to derail a train on New York to Toronto route. Among the possible security measures under consideration are greater scrutiny of checked luggage, use of sniffer dogs, mandatory ID checks and luggage reconciliation. Among other measures already in place, VIA Rail spokesperson mentioned that VIA employees have been trained in observing suspicious body language. Some pundits were quick to describe these measures as 'aviation security style' screening which will render traveling by train in Canada a lot less pleasant. We believe this won't be the case.
In our opinion, the addition of more serious security measures to Canadian rail cargo and passenger transportation has been long overdue. Rail infrastructure and communications constitute an integral part of the national critical infrastructure. A recent event at Lac-Megantic, QC has provided vivid images of what could occur in an urban area if an attack involving a heavy load of explosives is executed. In the current evolving threat environment the addition of sensible and scalable risk-based security measures makes a lot of sense. Today's news are filled with articles citing another GAO report issued yesterday and entitled "TSA Could Strengthen Oversight of Allegations of Employee Misconduct".
Apparently the rate of complaints against TSA screening officers have increased by 26% in the past three years. The report said 3,408 misconduct allegations were filed against TSA workers last year, up from 2,691 in 2010. Many of the charges for screening and security-related incidents pertain to violating standard operating procedures, including not conducting security or equipment checks, and allowing patrons or baggage to bypass screening. While the increase in allegations (if they're based on true foundations) is lamentable, with over 1.6 million of screened passengers per day and over 56,000 Transportation Security Officers involved, the numbers cited must be taken in a proper context. Let us begin by defining what this means in the world of security operations. In our practice, it is the process of observing someone's behaviour and analyzing it for indicators of adversarial modes of operations.
In addition, especially trained officers would look at appearance, accompanying people, documents (if possible), verbal and other non-verbal cues, and conduct a security-driven interview (if allowed by regulations). All of the information thus assembled in a course of 5 sec to 1:30 min is analyzed relative to the operational environment or context in which the process is occurring. In the end, a qualified security officer will reach a simple decision: threat or no threat. Wait, you can ask, where does the racial / ethnic / religious profiling come into play? It does not. This philosophical question continues to occupy the minds of many security professionals and interested commentators. The answer, in most cases, is somewhere in the middle but this team believes that in a truly proactive security system Human Factor should-be the determining element.
While there are many security threats and risks outside, the reality is that we mostly fear those coming from other humans. In simple terms, this inherent mistrust in other humans, whether as risk factors or performers, is what causes us to look for technology as a solution. The problem of course is that humans in general (and evil-doers in particular) are quite inventive in circumventing various static barriers put in their way, be it a sensor-wired wall, a sophisticated X-ray machine or biometric devices (not to mention another apparent problem -- these 'solutions' have humans attached to operate them, oops). In reality, most security systems we witness today are passive and inefficient. They perform 'law enforcement' duties (e.g. CCTVs -- a post-event information collection), are not flexible to deal with evolving threats and in many cases contribute to the 'security theatre' perception. Generally speaking, security operations are human/technology systems designed to protect installations or people from natural or man-engineered threats. The real concerns, of course, are always with people who possess malicious intent and means/skills allowing them to execute an attack.
High-risk assets in transportation industry, such as air/ports and public transit hubs, present a particular problem for security operatives often due to larger territories to protect, multiple entry points, high passenger/cargo traffic and more. After conducting regular TRAs and identifying vulnerabilities, target hardening often ensues through the addition of infrastructure and/or technological 'barriers' and training of personnel to follow strict protocols. Apart from serious budget expenditures which continue to build-up as threats evolve and tech solutions are added (space allocation!), such typical responses often create a very rigid operational environment. Over time this vicious cycle leads to several outcomes: |
Details
AuthorCHI Security team includes professionals with diverse backgrounds and experiences. In this blog we share our musings on how to build a resilient security force. Hardware comes later... Archives
December 2013
Categories
All
|