How does the industry recognise the insider threat? Are screening and monitoring processes robust enough? Such questions were debated by a panel of senior aviation security figures during the final session at AVSEC World Day.
Moderated by Bucks New University’s Stephen Ackroyd, the panel included Hany Bakr, Acting Vice President Group Security, Qatar Airways; Nina Brooks, Director, Security, Facilitation & IT, ACI World; Stacey Fitzmaurice, Executive Assistant Administrator, Operations Support, Transportation Security Administration; Alexis Long, Head of Security, London Heathrow Airport; and Harris Markopoulos, Manager Security, Emergency Response & Crisis Management, Aegean Airlines.
Fitzmaurice stressed that the consequences of the insider threat could be catastrophic. “You can’t sugar-coat it,” she said. “We must recognize the threat for what it is.”
There are a number of challenges to address, however. Many aviation business models use systems provided by third parties, for example. This spreading of risk means any solution to the insider threat must therefore cut across the entire aviation value chain and beyond to governments and law enforcement agencies.
You can’t sugar-coat it. We must recognize the threat for what it is
The panel also noted that it is possible for an insider to be an unwitting accomplice. This might involve being deliberately misled, the poor application of the correct procedure, or not knowing the full implications of their actions—perhaps a small criminal scheme (smuggling cigarettes) is unknowingly used for a more serious activity (smuggling arms).
Long pointed out that whatever the nature of the threat, there needs to be better mechanisms in place for other staff to report concerns. “Posters and phone numbers are out of date,” he said. Heathrow has launched an app that includes a means to get a report to security in about 20 seconds.
The panel, however, were unanimous, in the need to fight against a culture of fear. Suspecting an insider threat and having evidence of it are very different.