AVSEC CONSULTING

View Original

Can you spot the potential terrorists in the work place?

Recently, I was asked, “Can you teach me to spot a potential terrorist in the workplace?”. The question arose in the context of identifying the insider threat. That could include dealing with a member of airport staff, who may be radicalising. We can’t ignore that such people present a credible threat to aviation security. 

Baggage handlers, maintenance engineers and fuelers have easy access to planes. Likewise, aircrew and cabin crew. Moreover, they have specialist knowledge. Thus, it may not be necessary for them to circumvent airport security to cause harm. Sabotaging systems, leaking information or assisting others are also possibilities.

It’s true that behavioural and lifestyle indicators may alert us to the malicious insider. Although, the innocent unwitting or complacent insider could go undetected by peers and supervisors. It’s essential to recognise the types of person who may be a threat: 

  • Malicious: Insider who seeks to aid or conduct an act of terrorism 

  • Complacent: Insider who takes a casual approach to security policies, procedures, and potential security risks

  • Unwitting: Insider is not aware of security policies, procedures and protocols.

So what does ICAO say?

Standard 4.2.4: Each Contracting State shall ensure that background checks are conducted on persons other than passengers granted unescorted access to security restricted areas of the airport prior to granting access to security restricted areas.

Pre-employment screening of staff working in restricted areas provides a degree of reassurance. These will detect those with criminal records. Although a criminal record is no indicator of potential terrorist activity. Such screening will also flag up of person of interest to the authorities.  

Organisations shouldn’t relax at this point, as even a cleared person can evolve into a threat.  Unfortunately, it’s important to stress that attempts to find “terrorist characteristics” by researchers have failed. None of the models or theories has proven helpful in providing distinctive patterns. 

For example, profiling the potential terrorist as uneducated grievance-driven young men is a misguided approach. To illustrate the point, consider the 2007 Glasgow Airport attack. Both perpetrators had comfortable middle-class backgrounds, and one was an engineer. In 2011, a British Airways employee convicted of four counts of preparing acts of terrorism had an IT background. Again, a well-educated man. 

Likewise, maintaining vigilance against groups based on race or religion is a misdirected undertaking. In the current climate, many would assert that militant Islam is the main threat. Yet this ignores the fact that militant Christians commit most terrorist attacks on US soil. Thus are we focused in the right direction?

Nor is evidence of radical views enough to spot a threat. At best, it’s an indicator. The evidence suggests only a tiny minority of such people go on to commit violence. On a more positive note, the research tells us that nearly 70% of people planning an attack will tell someone. That may be a friend, colleague, mother, father or brother. 

So what can an organisation do? For starters, managers and supervisors need coaching to identify behavioural indicators. A sample list of factors (not exhaustive) to watch for would include:

  • Threatening comments 

  • Radical opinions 

  • Significant changes in appearance, mood or behaviour 

  • Enthusiastic interest in security matters beyond the scope of assigned duties

In reviewing previous insider cases, for a multitude of reasons, co-workers did not inform their chain of command. They’d spotted suspicious behaviour but didn’t report it. In part, this was due to no guidance or awareness of the issue. Cultural factors, including a lack of open communication, contributed to their silence. In some instances, junior staff felt unable to raise their concerns, given the management style of their organisation. 

Of course, fair and open HR policies should steer action. Employers will need to demonstrate the system operates without discriminating. Likewise, the staff should feel free to come forward with suspicions. A blame-free environment, with confidentiality assured, is a must. Then again, a careful balance needs striking. You cannot discount the possibility of people exploiting the system to settle grudges. 

Clear guidance will be needed as organisations decide to take suspected staff ‘offline’ until resolution of the matter.

To answer the question, I’ve concluded that the first line of defence against the insider threat is effective communication. Frontline staff and supervisors must feel comfortable raising concerns. Awareness training with guidance on indicators is in the same way essential. All this comes with the caveat that no single factor is proof. 

Without a doubt, robust old-fashioned communication is the best option.