Threat into Risk:A Challenge for Security Guidance

Tony Beard

Office of Transport Security

Department of Transport and Regional Services

Current Security Environment

Threats: Al-Qa’ida and linked trans-national terrorism is the principal global threat

Transport, including maritime, remains an attractive target

Mass causalities through multiple, coordinated use of improvised explosive devices is preferred attack objective and methodology

National CT Alert level remains at MEDIUM

Issues in Defining the Threat: “Home grown terrorism” does not help understand the terrorist threat Radicalisation processes are poorly understood Profiling is problematic and not the answer Extremism can transcend national, social and family identity Terrorists have demonstrated outstanding operational capability

Nature of the Threat Transnational terrorism leads to traumatic, catastrophic consequences

Focus is on mass casualties

Terrorists have demonstrated intent and capability – coordinated attacks

There is constant heightened level of threat

Nature and level of threat means we Must Expect the Unexpected

There is likely to be no prior warning of attack

Criminal activity highlights vulnerabilities

The Threat to Maritime Security

The Maritime industry represents an attractive target because:– Large shipments of dangerous cargo may provide a ready ‘weapon’– Cruise ships concentrate large numbers of people– Infrastructure is accessible

Forms of terrorist maritime sector attack include:– Hijacking of vessels (eg Achille Lauro, 1985);– Boat-borne improvised explosive devices (eg Limburg, 2002);– Sabotage / placed IEDs (eg Superferry 14, 2004);– Assaults by commando-style teams (eg Seabourn Spirit, 2005);– Stand-off weapon attacks (eg USS Ashland, 2005)

But international shipping can also be used for other purposes– Infiltration of weapon of mass destruction (‘bomb in a box’)– Infiltration of terrorists (as crew, stowaways)

Limits of Intelligence Strategic intelligence gives an insight into terrorist intent, capability

– Useful in prioritising risks and developing preventative measures– Also helpful in focusing on key vulnerabilities

Specific intelligence identifying a particular target, time is unlikely– Cannot rely on attacks always being foiled ‘in the nick of time’– Security posture needs to reflect threat environment

Exploit terrorists’ vulnerabilities as they seek to exploit ours– Terrorists often need to conduct hostile reconnaissance– Encourage and enable resolution of suspicious activity– Engage with partners in government and industry

Criminal Threat to the Australian Maritime Industry

Terrorism is a crime – not all crime is terrorism Criminal activity highlights vulnerabilities in security systems which

may be exploited by terrorists Criminals want to preserve the transport system for their own ends Terrorists want to destroy the transport system for their own ends Organised and opportunistic crime threatens the integrity of the

maritime sector

RISK: Frames of Reference

AS/NZS 4360 Risk

Management

Corporate Risk

Regulatory Risk

Security Risk

A Security Risk Doctrine as the basis for Mitigation Planning

Government policy – prevention is a business cost.

Security risk management by industry– 1. Non proscriptive regulation– 2. Provides flexibility to owner/operators– 3. It is not possible to eliminate all threats

Highly professional attackers – no prior warning Probability of coordinated IED attacks on mass gathering Traumatic and catastrophic consequences are untenable Governments have NO RISK APPETITE

Focus on Vulnerabilities and Suspicious Activity

Preventive Security Requirements

Security must be a normal part of doing business

Board and CEO responsibility

Documented Security Plan for Risk Mitigation­ Based on intelligence led security risk assessment­ Including prioritised VULNERABILITIES­ Prepared in consultation with internal & external partners­ Ensuring reporting, logging and assessing security incidents­ Providing for security awareness training to ensure

identification and resolution of suspicious activity

“Today we were unlucky, but remember we only have to be lucky once. You will have to be lucky always.”

- from a statement by the IRA addressed to Margaret Thatcher

Building Key Partnerships Partnerships harness and focus capacity Security Risk Doctrine creates a common message for partners Vulnerabilities are many and can exhaust resources:

– Need for focus and sustainability– harness all human capacities– utilise technology to aid human awareness – CCTV

Discussion Exercises (Desk-Top)­ held routinely and regularly ­ to harness the capacity of all partners­ against a common mental model­ clarify:

- partnering roles and responsibilities- policy and planning short falls

Partnership Objectives

To ensure: Government agencies; Businesses and Communities

are together creating an environment hostile to terrorist planning and preparation by:

– Identifying and mitigating vulnerabilities; and

– actively disrupting and resolving suspicious activity.

Security Awareness Raising

A common language is necessary

Security awareness training for staff, contractors and regular customers is essential

Security plans must include provisions for the reporting, logging and assessing of security incidents

Identification and resolution of suspicious activity is essential

Vulnerabilities

Vulnerabilities potentially amplify terrorist capabilities and therefore increases the chance of a risk eventuating

Vulnerabilities must be prioritised to focus and ensure proportional targeting of risk mitigation strategies there by best utilising resources

Vulnerabilities should be prioritised through an intelligence led assessment of likelihood and an understanding of the local security context.

The Challenge

Ensuring that even if the bomb doesn’t go off this week:

Government remain focussed

Industry remain vigilant and prepared

Public interest and awareness is sustained

Summary Terrorist response must be focussed, proportional and recognise:

– Constant heightened level of threat– Terrorists display personal and professional capability– No prior warning of attack

Risk based approach provides common language, ideas and focus

Our operating environment is complex and sound partnerships are essential to achieving an effective response

Government, industry and the public must remain focussed and alert to identification of suspicious activity