There is constant debate amongst security professionals if proactive security or reactive security is better or is a balance between the two the correct approach. I have come to the conclusion that the heavier emphasis on proactive measures the better. The more dangerous approach a client, organization or individual can take is focusing on the reactive components.
A reactive based security system that the majority of us use is the passenger screenings at airports within North America. I believe a more front-line proactive approach would work better. I will use recent historical events to demonstrate my opinion:
September 11th, 2001 – Terrorist attacks on the United States
We are all very familiar with the tragic events of this day. How were the hijackers able to take control of four planes? The speculation has always been that the hijackers took control with some type of sharp edged weapon like box cutters. The aviation security industry in North America reacted to this event and since prevented passengers from bringing anything on board that potentially could be used as a sharp edged weapon. Unfortunately this has become a hassle to many from having nail clippers confiscated to having to eat overpriced airport steaks with plastic knives.
December 22, 2001 – Richard Reid
Richard Reid better known as the “shoe bomber” attempted to detonate 283g of C-4 explosives mid-flight between Paris and Miami. Due to moisture (suspected from wearing the shoes in the rain and his own perspiration) Richard Reid was unable to light the fuse and was subdued by the flight crew and passengers. The aviation security industry in North America reacted to this event and now you must remove your shoes for screening (in Canada for international flights and in the US for all flights).
August 9th, 2006 – Transatlantic Aircraft Plot
The biggest surveillance operation in the United Kingdom’s history concluded with a massive raid and arrest of 24 individuals. These individuals planned on smuggling liquid explosives on up to 10 flights destined to the United States and Canada. The aviation security industry in North America reacted to this event and now has strict limitations on liquids being brought into sterile areas of the airports. To the extent that in Canada you cannot bring a Tim Horton’s coffee with you through security screening (sarcasm intended).
December 25th, 2009 – Underwear Bomber
Umar Farouk Abdulmutallab purchased a ticket from Ghana to Amsterdam and then purchased a one-way ticket with cash to Detroit, MI. Mid-flight to Detroit, Abdulmutallab attempted to mix PETN with TATP concealed in his underwear. Luckily the explosive ingredients only caused a fire to Abdulmutallab’s clothing (including his privates) and the direct area of the plane he was sitting in. The fire was put out by flight attendants and Abdulmutallab was subdued by passengers. The aviation security industry in North America reacted to this event by now having passengers pass through full body scanners that utilize x-ray technology. These scanners are commonly referred to as “naked- body scanners” in the media and are very controversial as they test the balance between security and invasion of privacy. Passengers have the option to opt out of the scanning in lieu of a full body pat down which doesn’t necessarily appease the invasion of privacy issue.
Using the four examples above, there is a clear pattern where the terrorists have adapted their techniques to circumvent passenger security and screening procedures. We can only imagine what they will do next.
If we focus too much on the reactive approach we will always be a step behind. The evolving variable will always be the destructive tool or device used by the terrorist. The one constant that is always present and will never change is determining ‘who is the terrorist’ and ‘who is not?’ To make a determination between the ‘good’ and ‘bad’ guys requires a proactive approach. Now granted there are proactive security approaches in place within the North American passenger screening process. Each country has their no-fly lists, watch-lists, intelligent gathering organizations etc., etc. However, these proactive approaches have been proven to not always work alone. Richard Reid (shoe bomber) flew a test run to see firsthand the security procedures of EL AL (Israeli Airline) prior to changing his target to the United States. During the passenger screening process, Richard Reid was marked as being a high-risk security threat and was sent to secondary screening where his luggage was searched including his shoes and he was interrogated. An armed undercover air marshal was reportedly repositioned on Mr. Reid’s test flight due to the suspicion he created. This info unfortunately was not shared with other countries or intelligence agencies. Umar Farouk Abdulmutallab’s father reported his son’s extreme views and links to Al-Qaeda in Yemen to the CIA. The UK sent a cable to the CIA that Umar Farouk Abdulmutallab had connections within Al-Qaeda and declared Jihad (holy war) on the United States. The CIA had Umar Farouk Abdulmutallab added to the Terrorist Identities Datamart Environment database but not to the no-fly list and chose not to revoke his US student visa (as they might have been able to gather more intelligence on Al-Qaeda by him keeping it).
I believe a heavier proactive emphasis on security training for front line airport workers in North America would be extremely beneficial. I don’t mean just the front line security screeners but all front line airport employees. Give everyone from ticket agents to janitors the training to ask open-ended questions along with simple techniques such as predictive profiling and deceptive detection. Both Richard Reid and Umar Farouk Abdulmutallab flew to the US with no checked bags. Imagine if the ticket agent who sold Umar Farouk Abdulmutallab his ticket in Amsterdam simply asked “Sir, you are flying to the US with a student visa on a one way ticket you just paid for in cash and you have no checked bags, please explain this to me?” The whole event could have been diverted then and there. This is the same tactic that sent Richard Reid to secondary screening on his test flight to Israel. I was recently screened in Canada and saw the image of my carry-on bag being scrutinized by airport screeners. I sat there wondering, what are they looking at? Finally I was asked “Sir, do you have an apple in your bag?” (A very poorly chosen closed ended question). Thank you for answering for me, I thought and then I simply answered “yes”. What the screener should have said is “Sir, what is in your bag?” and not given me the simple way out.
Part of the problem is that knives, bombs and guns are interesting, scary and highly publicized. Intelligence gathering, security training and proactive measures are boring. If we look at the recent horrific shootings at Sandy Hook Elementary School in Newton, CT how much emphasis is being put on the reactive variable “the guns used” and how little is being put on the constant “mental health, bullying, family issues, etc.” that are almost always found after the fact to be part of the equation in those who choose to carry out such horrific events. If we focus too much on the tools used by the bad guys like passenger screenings we lose focus of the constant that doesn’t change which again is separating and identifying the people that will commit these atrocities from the majority that will not. Until we start to put a heavier emphasis on proactive measures and not focusing too much on the variables that don’t change, we will always be a step behind.
I always appreciate when a client will come to our organization well ahead of their event that will require security services. Whether it is an organized protest, labour dispute, executive protection detail or other special event it allows our operations team to plan proactively. It is always tougher having to react to a situation and then start planning. There has been many times where our services are called in after the event hasn’t gone well and I appreciate those calls too. However, once the event has concluded and we speak with the client about what went well and what could have gone better, planning and being more proactive is always near or at the top of the list.
I believe in this philosophy so much that when I teach or recruit security guards, private investigators or other security professionals I always look for those who understand the proactive side of security. I always tell them that I don’t want the person who sees a fire, grabs and extinguisher and puts the fire out. I want the person who proactively prevented the fire from starting. The more proactive a security approach can be, in my view, the better.