As 2015 came to a close, the media was awash with a series of devastating and deeply concerning events, ranging from the terrible events that led to the Metrojet crash near Sharm-el-Sheihk, to the attacks in Paris and, most recently, the evacuation of an Air France jet after a suspicious item was found.
The recent attacks have highlighted a number of disparities in security standards across the globe. If we can get everyone to the same standard, that would be a massive bonus at the moment there is a huge disparity of standards between the EU, US and some other countries.
With that in mind, in order to guarantee high-quality security standards, we need to understand risk. Threat isn’t something we own it’s owned by the would-be attacker. We own the vulnerabilities, so the risk is a combination of the threat and vulnerabilities. We need to close down vulnerabilities which could be exploited by the attacker.
These key principles are something which I am keen to exercise across the whole business, which has recently expanded into events, CNI, corporate and cybersecurity fields. Of course, within each sector, some threats are graver than others, and there are a number of dangers we should look out for across each one of them.
For aviation security, the biggest threat is the insider threat someone who has passed background checks but later becomes radicalized. There are behavioral markers which can be used to great effect to mitigate this.
Meanwhile, for the corporate and CNI sectors, the ‘lone wolf’ or copycat attacker is the biggest threat. The recent attack at Leytonstone station was a good example of that someone who may or may not be known to the authorities, who has become radicalized. We cannot stop that from happening, but we can use robust procedures to deal with it effectively.
With large events coming up such as UEFA Euro 2016, overt security is the best way to deter an attacker. Armed police, bag and body searches and CCTV are all good deterrents. If you think back to the Olympics, there were even soldiers being used for security.
While we are still working on our cyber security offering, we have already begun expanding our product range in line with recent attacks. When we had the alleged bomb plan from Sharm el-Sheikh, we updated our training products so that in the event of copycat use, operators and screeners would have a better chance of recognizing a potentially dangerous device.
Financial constraints have slowed the development of some threat-mitigating technology. As an example, we’re only now getting to grips with effective technology that can deal with liquid explosives. The liquid bomb plot was in 2006.
Jim Termini is a director at Redline Assured Security in the UK and a former pilot. Redline Assured Security specializes in bringing in quality assurance activities, which can uncover deficiencies in training, equipment, policies or procedures