Instituting efficient insider threat prevention in aviation
Avoid Being a Target this Holiday Season
The Pirates are invading the Vikings
Risk management disasters continue to capture the limelight with the latest one involving massive civilian causality. Growing evidence from the US and British intelligence indicate that terrorists successfully planted a bomb in cargo downing the Russia-bound flight in Egypt’s Sinai peninsula on October 31, killing all 224 people on board. While it is true that it is no easy task to “hermetically seal” any country border against these kinds of attacks, but it is equally true, with adequate risk management measures tragedies like this could be averted.
Amidst growing escalation in sophistication and propaganda of global terror groups, what has come to the fore in the Sinai saga is the involvement of an insider, without which it is next to impossible to plant explosive inside an airplane. Whether inspired by terrorist ideology or due to coercion or blackmail, the act by the insider is poised to rewrite the security dynamics of the aviation industry in general and that of Egypt’s commercial aviation sector in particular.
As far as risk management is concerned, it also comes under the purview of access control, in which sweating the small things goes a long way in securing a business environment. In the US aviation sector security vulnerabilities “come from more than 900,000 people whose jobs allow them largely unfettered access behind the scenes,” reported CNN. Airport security in the US is “viewed as the gold standard.” However, the reality is not as shiny. “While the US has spent billions of dollars beefing-up screening of passengers with scanners and background checks, some top US security officials worry about gaps in how airport workers are vetted.”
Transportation Security Administration’s (TSA) reliance on third party vendors (Read: Vendor Risk Assessment for ISMS and ISO 27001) for background checking of workers exposes “the nation’s more than 450 airports.” Alarmingly, a Department of Homeland Security (DHS) inspector general June report found that TSA had “less effective controls” in determining some key parameters of aviation workers. In a testing of the security checks on a sampling of airport workers it was found that TSA cleared as many as 73 workers who should have been flagged for terrorism-related category codes.
The report established, “TSA lacked effective controls to ensure that aviation workers did not have disqualifying criminal histories and that they possessed lawful status and the authorization to work in the United States.” The CNN report cited above quoted an unnamed US official with knowledge of American aviation security and its vulnerabilities as saying, “(The TSA) checkpoint is only one part of it. You can lock that front door all you want, if you’ve left the back window open it doesn’t really matter.”
Thankfully, security breaches in the global commercial aviation industry involving unstable insiders have been rare. However, the potential danger – due to growing sophistication and widening landscape of mass violence – cannot be exaggerated. The Sinai saga is “a hell of a wake-up call,” said New York Republican Peter King, to Bloomberg. “It’s one that we should take advantage of to alert everyone of what can happen. This can happen anywhere in the world.”
While it is true that insider threat in the aviation sector – or for any industry for that matter – raises considerable concern and can come in a wide variety of forms, tightening the airport’s security protocols by instituting an efficient insider threat prevention program can minimize the vulnerability. An insider threat vulnerability to an airport can be mitigated by adopting inclusive countermeasures which are proactive as well as reactive.
While authorities must continue to better anticipate and tackle surprise, the real home work must start from ensuring full employee screening by enhancing hiring standards. Workplace behavior management and monitoring brought into effect by involving all stakeholders will help in identification of problematic behavior that could lead to a risk event. Further, periodic and variable assessments of workers with key access permissions can deter or prevent insider threats.
Following the December 2014 incident of gun smuggling ring involving a Delta Airlines worker, a 90-day Aviation Security Advisory Committee (ASAC) report identified five areas for TSA to address potential vulnerabilities: security screening and inspection; vetting of employees and security threat assessments; internal controls and auditing of airport-issued credentials; risk-based security for higher risk populations and intelligence; and security awareness and vigilance.
DHS Secretary Jeh Johnson announced TSA “will take additional steps to address the potential insider threat vulnerability at US airports,” and felt confident “that the potential insider-threat posed by aviation industry employees will be significantly mitigated” as a result of the ASAC recommendations. On the contrary, the DHS inspector general June report showed how “less effective controls” TSA had in some of the basic functionalities. However, after the “hell of a wake-up call” authorities and stakeholders would do to quickly bring about appropriate changes in policy and practice and avoid catastrophic results.
