‘Insider Threat Vulnerability’ Prompts Airport Security Enhancements

‘Insider Threat Vulnerability’ Prompts Airport Security Enhancements

Photo: John F. Kennedy International Airport terminal. File Photo.

Following the findings of a comprehensive Aviation Security Advisory Committee report, Department of Homeland Security Secretary Jeh Johnson this week announced that the Transportation Security Administration will take additional steps to address the “potential insider threat vulnerability” at U.S. airports.

The steps, Johnson noted, are the result of a 90-day ASAC review commissioned by Johnson after the discovery of a gun-smuggling ring involving a Delta Airlines worker that stretched from Brooklyn to Atlanta. The case, Johnson said, raised questions about potential vulnerabilities regarding the screening and vetting of all airport-based employees. Immediately following the December 2014 incident, TSA increased the random and unpredictable screening of aviation workers at various airport access points to mitigate potential security vulnerabilities.

As a result of the recommendations contained in the ASAC report, Johnson said that he has directed the TSA to take the following immediate actions: until TSA establishes a system for “real time recurrent” criminal history background checks for all aviation workers, require fingerprint-based Criminal History Records Checks every two years for all airport employee Security Identification Display Area badge holders; require airport and airline employees traveling as passengers to be screened by TSA prior to travel; require airports to reduce the number of access points to secured areas to an operational minimum; increase aviation employee screening, to include additional randomization screening throughout the workday; re-emphasize and leverage the DHS “If You See Something, Say Something™” initiative to improve situational awareness and encourage detection and reporting of threat activity.

Johnson indicated that he has directed TSA to “continue analyzing the recommendations of the ASAC report, and identify additional mitigating measures for future implementation.”

Additionally, Johnson thanked the ASAC for working so thoroughly so quickly.

“Their recommendations validate TSA’s risk-based approach to passenger screening and will help strengthen the overall security of our commercial aviation network,” he said. “I am confident that the potential insider-threat posed by aviation industry employees will be significantly mitigated as a result of these recommendations.”

Among the recommendations, the ASAC urged TSA not to implement “100 percent physical employee screening,” as it would not completely eliminate potential risks.

“Physical screening is incapable of determining a person’s motivations, attitudes, and capabilities to cause harm, among other limitations,” the report states. “Implementing such screening would divert resources from other critical security functions needed to mitigate other risks. In summary, [ASAC] believes that the necessary infrastructure installations, workforce expansion, and airport reconfiguration to accommodate ‘100 percent screening’ would be an ineffective outlay of significant security resources with limited security value.”

The ASAC focused on five areas of analysis and generated recommendations in each: Security Screening and Inspection; Vetting of Employees and Security Threat Assessment; Internal Controls and Auditing of Airport-Issued Credentials; Risk-Based Security for Higher Risk Populations and Intelligence; Security Awareness and Vigilance.

“The recommendations provided in the final report reflect [ASAC’s] belief that reasonable and effective measures, tailored to the unique circumstances at each individual airport, can and should be taken to protect against potential acts of terrorism and criminality,” ASAC Chairmen Stephen Alterman wrote in a letter to TSA Acting Administrator Melvin Carraway previewing the final report.

By Michael V. Cusenza michael@theforumnewsgroup.com


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>