Rand: Security Environment Hurting Business
At the Rand Corp., a federally-funded research and development think
tank, business is suffering, because employees are not allowed to
travel to critical areas such as Afghanistan or Indonesia. “There
have been a lot of trips postponed in the last year, because it
isn’t safe,” said Cynthia Conlon, director of security
for Rand Corp., based in Santa Monica, Calif.
“How do you keep doing business, and how do you keep people
and property and assets safe?” she asked. “And I have
people very angry with me when I say ‘you are going to have
to postpone that trip,’” she said.
“We are being asked right now to assist with various public-policy
issues in Afghanistan. So I talked to our extraction company, and
asked them ‘what can you do for me...when the State Department
allows us to send people to Afghanistan?’ I found that nobody
can extract you from Afghanistan. You can’t extract yourself
from a lot of other places in this world, especially if, and this
happens frequently, the airports are shut down,” she said.
Conlon said she has to take the hit for losing business for the
company. “Maybe it is too dangerous today to send someone
to Indonesia, but I have business in Indonesia. It has a financial
effect on the company—it has an effect on our product that
we are going to provide to our client if we cannot meet deadlines.
But do I let people travel to places just because we need to meet
a deadline?” she asked.
Power Plant Consortium Creates Security Model
Electricity plants have unique security challenges because of the
large number of unmanned and remote locations, according to industry
officials.
The Bonneville Power Administration provides electrical power to
Oregon, Washington, Idaho, Montana and portions of Nevada, California,
Utah and Wyoming. During the past four years, Bonneville has been
working to develop tactics to protect its 590 facilities.
Before 1998, Bonneville’s facility was protected only by
chain-linked fences, and locks and keys. Control houses, equipment
and key electrical system components were exposed to threats of
vandalism, sabotage and even terrorism, said Robert Windus, manager
of security and emergency management for the company.
A group called the Interagency for Infrastructure Protection was
created in 1998, with representatives from Bonneville, the Tennessee
Valley Authority, the Bureau of Reclamation, the U.S. Army Corps
of Engineers, the FBI, Sandia National Laboratory, the Department
of Energy and others. The group asked for assistance from the Federal
Emergency Management Agency, the Environmental Protection Agency,
the Department of Energy and the Critical Infrastructure Assurance
Office (which at that time was part of the National Security Council,
but is now part of the Department of Commerce). The group requested
funding to “develop risk assessment plans for critical infrastructure,”
Windus said. They were denied federal funding, so “on our
own, we funded about $2 million to put into a risk assessment process,
which was completed August 21, 2001.
“Turns out we were the only sector that had completed a risk
assessment process,” he said. The interagency group created
a plan involving procedures such as positive identification checkpoints,
better traffic control, increased frequency of facility checks,
a “buddy system” and new gate designs. Also, all public
tours of facilities were canceled and there was a review of all
internal and external web pages to take sensitive information off
the Internet, Windus said.
“On September 12, we were inundated by calls from across
the country, and even from those agencies who we had asked to help
us. They asked us where we were in our developmental progress and
if it was complete, they asked if it was available to them,”
he said.
— • — • —
Navy Force-Protection Duties Require 15K Sailors
The Navy requires at least 15,000 sailors and officers to be dedicated
solely to force-protection missions. That is the reason behind the
service’s request for an additional $400 million in fiscal
year 2003. The goal is to add about 4,000 personnel, said Vice Adm.
Michael G. Mullen, deputy chief of naval operations for resources,
requirements and assessments. The Navy currently has an end-strength
of about 378,000. Ideally, it should be 382,000, said Mullen during
a breakfast with defense reporters in Washington, D.C.
After 9/11, he said, the Navy called up about 10,000 reservists.
About 3,000 were returned, because there was not enough money to
keep them.
The manpower demands are not expected to go down any time soon,
said Mullen. In the long term, he said, one way to reduce the demand
for force-protection personnel is to develop technologies that can
take over certain duties.
“We need to invest in technologies to automate,” said
Mullen, “so we can reduce the number of people involved in
force protection, over the next few years.”
Because it takes years to develop such technology, he is not optimistic
that it will be available in the short term. “That doesn’t
happen overnight,” said Mullen. The Navy’s strategic
view, he said, is that “we have to produce systems that require
fewer people.”
— • — • —
Document Authentication Technology Unveiled
A Great Falls, Va.-based company has developed a special paper—to
be used for passports and classified documents—that can be
authenticated by a signal-scanning device.
Recent events have highlighted the importance of ensuring that
documents are authentic, said an official from Chaotic.com, which
exhibited its new document authentication capabilities at an industry
symposium. With this technology, documents can be validated by a
device that identifies unique fibers in the paper, not unlike the
fibers found in U.S. dollar bills, said Ted Frison, marketing manager
for Chaotic.com. The same paper, when placed in a copy machine that
has been programmed for signal-processing, will prevent unauthorized
document reproduction, he said. The paper upon which the duplicate
would be made, comes out of the copy machine blank, he said. Frison
said the technology is already in use in some 80 million documents
worldwide.
— • — • —
Security Company Employs Special Forces Tactics
Force-protection planning and overall security programs are more
effective when they take into account the enemy’s perspective,
said retired Army Special Forces Col. Ross Kelly. He now runs a
company called Security Assistance and Special Operations (SASO),
based in Northern Va. The firm provides niche security support for
overseas military bases. SASO’s contribution, he said, is
“the credible adversary perspective” for security planning.
Kelly explained that he and his staff have first-hand knowledge
of the tools and equipment needed to penetrate a given area, and
can teach that perspective to those trying to protect it. “Industrial
security traditionally has a layered concept, but we think like
the bad guys,” he said. “We think how best to use the
skills available to us, not only to get in, but also to get out,”
he said.
— • — • —
Biometric Devices Eyed for Airport Security
EDS, Pricewaterhouse Coopers Consulting, Sun Microsystems and Oracle
are working on a program that would combine biometric and risk assessment
technologies to make airports safer.
The National Integrated Security Suite is based on a biometric
system initially developed by EDS, that has been in use at Israel’s
Ben Gurion Airport since 1998. According to EDS, that system has
processed 1.5 million passengers up to date.
The National Integrated Security Suite combines two programs —
the Known Traveler and the Secure Employee. Known Traveler is a
voluntary passenger registration program that will establish identity
and assess the security risk for registered travelers, who then
could move easily into and through security checkpoint areas. Passengers
would register either on the Web or at an airport kiosk by filling
out a brief questionnaire and agreeing to a background check. After
providing proof of identity, biometric information in the form of
an electronic fingerprint and iris scan data are encrypted on a
travel identification card, ready to be used at specific checkpoints.
Secure Employee is an employee registration and authentication
program designed to identify and assess the security risk associated
with airport workers. Specifically, Secure Employee uses a “ten-print”
scanner to obtain fingerprints required for pre-employment background
investigations of airport employees and contractors, authenticating
identity and establishing a risk assessment. The employee’s
biometric data is used to manage access to secure areas and computer
systems.
— • — • —
Pentagon’s Original Design Made It Vulnerable
“We came to the conclusion that the Pentagon was not designed
from a security standpoint,” said Robert Williams, security
director for the Department of Defense. Initially, it was designed
as an office building, and at one point, its blueprints were available
on the Internet, he said. In recent years, however, such sensitive
information was removed from the Web.
“People do evil things to the Pentagon on occasion. They
drive by and shoot into the Pentagon, and if you’re in the
Pentagon, this is not fun,” he said. Williams’ office
took action against drive-by shootings by putting thick laminated
glass in the Pentagon’s windows.
When the Pentagon was built, the windows were set up in such a
way that the glass was very heavy and crushed the brick down, he
said. “So, we put steel runners on the side of each window.
Floor to ceiling, bolted in,” he said.
“And when the building was hit on 9/11, [the steel runners]
held the building up and the windows didn’t break. Essentially,
we were hit at our strongest point,” he said.