SOURCE: US Department of Energy

According to a study published by the US Department of Energy, the Insider Threat is growing as one of the primary terrorism dangers to the Aviation Industry. The study finds that past insider threat attacks were in large part enabled by the reactive nature of security measures implemented by airports, airlines, and government agencies. Such reactive measures are usually is response to prior specific vulnerabilities exploited during previous attacks.

Part of the problem, according to the study, is that the Aviation Security industry often takes an “Outside-In” approach to security, in which measures are implemented specifically to guard against known external threats (i.e., prohibiting firearms on flights). In contrast, a more effective security approach- according to the study- would involve the implementation of a “Inside-Out” approach to security. This approach involves proactive security measures which begins by first analyzing potentially dangerous outcomes and then working back from the problem to find solutions which help to mitigate risk.

“U.S. aviation security is more reactive than proactive… This security implementation focuses on protecting based on the attack, not necessarily the threat.”

What does this mean for corporate flight departments? One of the study’s principal conclusions is that, despite the layers of security in place to guard against “external threats”, there is still a gap in measures which guard against the Insider Threat. The study clearly states: “The industry lacks insider threat initiatives and heightened security training and awareness against malicious employees.” (US DoE, 2016) Given this assessment, the question becomes, how can this capability gap be filled?

The study explicitly states that one of the best-known measures that exists to protect against the insider threat is a trained flight crew.  At Corporate Aviation Security International (CASI), we provide professional Assessment, Training, and Protection which help to prepare flight crews- and their executive clients- to be prepared in the case of an attack by an Insider Threat.

No Comments

Post A Comment