The ISIS-inspired terrorist attacks in Paris in January and the threats against shopping malls in the U.S., Canada and the UK by Al-Shaabab highlight threats that call for more fully integrated surveillance solutions to enhance security. The horrifying Paris attacks demonstrated that, while various forms of video were available to record the attackers’ movements during and after the attack, the video wasn’t being made available in real time or near real time to help law enforcement’s response to the attack.
If an active shooter goes on a rampage at a local shopping mall, law enforcement will most likely not have access to video feeds from surveillance cameras in the mall. Nor would they have access to radio communications to the private security forces inside the mall that might give them critical intelligence. The common smartphone will still be the only way this information is likely to be made available to law enforcement, and that is purely dependent upon luck and someone communicating with the police during an incident. Depending on luck as a key component for preparation and response is simply unacceptable in this age of constant communication.
Nearly 14 years after the 9/11 attacks, with billions invested in the development and application of technologies, such gaping vulnerabilities still exist because there is a lack of integration to bring the technologies together across agencies and workflows. We still treat protection of our infrastructure and soft targets as silos rather than creating a holistic system that correlates threats with vulnerabilities to have a deliver situational awareness of what is going on around us and response resources to prevent tragedy. That said, there are bright spots that serve as an example of technology and workflows can be integrated and what opportunities exist for further advances.
One of the best examples we have of an integrated approach is the Transportation Security Administration (TSA). The vast majority of the TSA’s budget goes to protecting against the next 9/11 style of attack as well as the evolving threats of explosives that could bring an airplane down. Many may find it hard to admit, but they do a great job at it. There have been attempts to blow up aircraft, and luck (and brave passengers and crew) played a key role in preventing those tragedies. When one considers the number of flights, crews, passengers, related workers, systems, cargo, processes, etc. that comprise the “air transportation ecosystem,” it is truly a wonder that tragedy hasn’t occurred again.
There is still a lot of room for improvement, some of which is a direct result of TSA’s successful efforts to prevent further attacks. Our intelligence and security capabilities have become pretty effective; we know who the known “bad guys” are and can identify them, as manifested in the “No Fly List.” We know who the known “good guys” are too, through TSA PreCheck. The vulnerability lies in the unknown guys.
TSA’s risk-based security approach is a way to enable the collection of disparate data on travelers and the dangerous people with whom they are associated and correlate that data to channel the unknown bad actors for more detailed screening. We need to push the data collection perimeter further out from the checkpoint. This would entail correlating license plate readers for vehicles entering the airport grounds, facial recognition for identifying associates that might be a tipoff and pattern recognition and surveillance to identify anomalous behavior.
I always hear pushback in the security world that adding capabilities, utilizing advanced technologies for screening people and other approaches that have to date from government security programs aren’t feasible for use in commercial security because they are too expensive. No security company, integrator or end user has the money needed to buy or push the limits of their systems to bring surveillance together with other capabilities. I would argue that this excuse is no longer valid. The cost of technology is coming down fast, and the faster our industry demands them, the cost will come down more as new and more varied markets are opened for these systems.
Most importantly, the costs of not advancing and leveraging intelligence (data) surveillance and advanced technologies is far too high as terrorists and criminals are innovating faster than we are.