More action, less talk

Aviation industry members must work together to identify and repel threats to airline and airport operations experts told delegates at the annual International Air Transport Association Aviation Security conference last month.

by TOM BALLANTYNE FROM KUALA LUMPUR  

November 1st 2016

Print Friendly

Four principles to reduce terror attacks in aviation were presented in a landmark address by the director general of the International Air Transport Association (IATA) director general, Alexandre de Juniac, at the industry’s annual AVSEC conference, held this year in Kuala Lumpur. Read More »

The IATA strategy aimed to reduce threats to airline and airport processing systems, eliminate attacks on air passengers at airports and when over flying conflict zones, identify terror focused staff who have insider information and upgrade the accuracy and speed of sharing passenger information between airlines and governments.

'Paradoxically, the good that aviation brings also makes it a target for terror. No single entity has all the answers. That’s why partnerships are essential to address our major security challenges with the speed needed to stay a step ahead of those who would do our industry harm'

Alexandre de Juniac International Air Transport Association Director general and CEO

“Speed is of the essence. Threats emerge quickly. And they evolve fast,” de Juniac told the hundreds of delegates at AVSEC.

It became clear at the AVSEC conference that airlines were not alone in wanting speedier reforms to the industry’s security practices and regulations.

International Civil Aviation Organization (ICAO) secretary general, Liu Fang, said all nations should work more closely to combat security breaches and attacks. At ICAO’s triennial conference in September, she said, member states agreed to fast track a new global aviation security plan.

The United Nations Security Council unanimously has adopted resolution 2309 that calls on all States to work with each other and ICAO to continuously adapt measures to meet the “ever-evolving global threat” of terrorism, ICAO said.

“The new plan will create a dependable and co-operative framework that allows States to move in line with the industry and law enforcement stakeholders,” said Liu. “It will help define the roles and responsibilities of all the agencies and lead to more progressive and co-ordinated aviation security enforcement.” A draft of the plan will be available in May next year with a view to making it available for consideration by the ICAO Council shortly after that, Liu said.

The director-general of the European Commission’s directorate-general for mobility and transport (DG MOVE), Henrik Hololei, told AVSEC delegates that following the Paris, Nice, Brussels and Istanbul terrorist attacks, European citizens ranked the issue of security as their number one priority.

“It has been said many times that we must never waste a good crisis. So, we should use UN Resolution 2309, and the events of the past 12 months, to provide the necessary momentum to increase aviation security,” he said.

Speaking on a panel on ‘Terrorism and Radicalization’, the U.S. Transportation Security Administration (TSA) assistant administrator, office of global strategies, Paul Fujimura, said: “Terrorism continues to evolve and change. There are new actors appearing and people are being radicalized through social media and the Internet. The lone actors are harder to catch and difficult to disrupt. We are also seeing a shrinking timeline from when they are first recruited and then radicalized to actually carrying out an attack on a self-initiated basis.”

He said the UN security resolution agreed in September was a positive step, but there was not much time to “plan where we are going to go and what we are going to do or how we will accomplish this,” he said.

“We need to have the oversight to assure each other that the right measures are being undertaken and that countries that need assistance with regulatory oversight receive it so they are not left behind.”

At the conference de Juniac elaborated on the six priority areas identified by IATA for addressing security challenges:

'Civil aviation particularly is at risk of cyberattacks because all parts of the industry are highly interdependent. Present cyber defence systems are not adequate for dealing with this rapidly evolving threat. ICAO will be studying new preventive measures to deal with cyberattacks. ICAO will also work to develop an international framework from which civil aviation stakeholders can address cybersecurity threats effectively'

Liu Fang International Civil Aviation Organization (ICAO) Secretary general

Conflict zones: Timely and accurate information is needed to support risk assessments when overflying conflict zones. “The ICAO conflict zone information repository was an initial step. But it is not the solution. We need to evolve to a system that can function on a continuing basis with a free and fast flow of useful information. Information sharing is not just about conflict zones. If a government has any information about a risk to an airline’s operation, sharing it with the airline could save lives. There is a responsibility to get that information to the airline quickly and by effective means,” said de Juniac.

Landside security at airports: “Recent attacks in Brussels and Istanbul have brought this vulnerability to the fore. Local authorities must use intelligence to keep terrorists far away from airports and keep public areas free from threats. In parallel, the industry was working on solutions to reduce risk by processing passengers more quickly, said de Juniac.

Insider threats: “Eight million people are employed in air transport, so the threat from insiders is a big challenge. A perfect vetting system has yet to be invented. So intelligence analysis—from governments—is our most potent tool to identify threats, especially from radicalization,” said de Juniac.

Cyber security: Nimble layers of protection—a security culture—and advanced detection capabilities are needed. They must be powered by intelligence and information sharing. Cooperation with governments and across the industry is essential, said IATA.

Harmonization of Advance Passenger Information (API) and Passenger Name Record (PNR) information requirements: Airlines contribute to intelligence gathering with API and PNR information. Global standards existed for the collection and provision of this information. These are maintained by IATA, the World Customs Organization and ICAO.

“Despite the global standards for API and PNR, there are far too many exceptions to data collected and it’s transmission to governments. The complexity does not make us more secure. In fact, it could lead to risk. The situation is already difficult enough. And it could get much worse. There is no international agreement that spells out obligations for handling the exchange of such information,” said de Juniac.

Security checkpoints at airports: Airport checkpoints must be effective and convenient—the goal of the joint IATA-ACI Smart Security initiative. “Processes have improved, but can still be inconvenient and even intrusive. Smart Security is helping with a growing footprint at airports. But we need to see much faster progress,” said de Juniac.

Given the landside attacks at Brussels and Istanbul, airport security was a major topic of discussion at AVSEC. Hololei said: “I must be clear and state that landside security cannot be the sole responsibility of the aviation sector. Landside goes far beyond the airport terminal.”

He said the European Commission favoured a multi-pronged approach of risk based security, technology, mutual recognition and co-operation and a security culture to improve landside security. “Over-regulation is not the solution and one size does not fit all. Different situations require different solutions.”

Director general of Airports Council International (ACI), Angela Gittens, said: “Expensive technology is not always the solution.” Greater collaboration, improved training and the implementation of a security culture could prove to be more important, she said.

“Vigilance and security awareness is one of our great defences. All staff should have acquired knowledge that will allow them to detect, take note and report suspicious behaviour.”

ACI’s practical solutions for improving security include reducing crowds and queues, patrolling, surveillance and intelligence sharing. The recommended practices, including automated screening lanes, advanced X-ray equipment, centralized image processing for remote cabin baggage screening and speeding up passenger processing were being applied at airports worldwide.

“Cyber security is high on the agenda. ACI has launched an airport IT benchmarking tool, which allows airports to improve their IT security,” Gittens said.

Liu said all stakeholders wanted improved cyber security. “Civil aviation particularly is at risk of cyberattacks because all parts of the industry are highly interdependent,” she said. “Present cyber defence systems are not adequate for dealing with this rapidly evolving threat.

“ICAO will be studying new preventive measures to deal with cyberattacks. ICAO will also work to develop an international framework from which civil aviation stakeholders can address cybersecurity more effectively.”

From cyberattacks to airport landside attacks, there was agreement at AVSEC that the key to meeting the security challenge is co-operation among all effected sectors.

De Juniac said security is fundamentally a government responsibility but making flying ever safer and more secure “is engrained in the DNA of all air transport stakeholders”.

“Paradoxically, the good that aviation brings also makes it a target for terror. No single entity has all the answers. That’s why partnerships are essential to address our major security challenges with the speed needed to stay a step ahead of those who would do our industry harm,” he said.