On October 21, 2010, a man named Piggee apparently torched the Galleria shopping mall in Roseville, CA, setting ablaze an as yet unextinguished fire over who was responsible for causing sprinklers to be deactivated. The theory offered up at the time was that the arsonist could have had an improvised explosive or an accomplice with him and that turning on the sprinklers could have impeded law enforcement's use of a robot that was to be used to deactivate the bomb. In the 70-minute self-inflicted wound arising from intentional deactivation of the sprinklers, the fire raged through the premises, ultimately causing an estimated $55 million in damage. Meanwhile, the controversy made worse with bureaucratic blame-dodging is this: who is really responsible for the sprinkler deactivation order?
So far, the identified agent of deactivation is an unnamed maintenance worker acting on the orders of police. However, law enforcement denies giving such an order. News accounts also mention a UPS driver as a possible witness and even hint that security guards may have something to say beyond their predictable lament that a shortage of security guards no doubt contributed to the catastrophe. Could there be a trace element of truth in all this apparent dodging? Perhaps.
In times of crisis, people turn to visible signs of authority, and few cues announce authority as convincingly as a purposeful order from someone in uniform. Thus a nurse wearing a uniform in the immediate aftermath of a Northridge earthquake is more likely to have her orders followed by passersby than a four-star general wearing a golf shirt. It is just the way things are.
Under the circumstances, then, it is within the realm of the conceivable that a uniformed janitor, guard, maintenance worker, or even police officer speaking with authority could very well have issued the command that hindsight now judges to have been ill-advised. Systemically, the problem is not so much with the bad call -- although there should be consequences for it -- as for the lack of accountability and, by extension, an implicit insulation against learning from such mistakes. Another problem is that anyone in uniform of any kind with enough experience of crisis to realize what power the uniform may carry with it should also demonstrate a corresponding sense of what responsibility goes with that power. If you think you can tell people what to do by virtue of your attire and some command presence, then you both you and your employer should be responsible and courageous enough to own up to your bad calls, to take credit not only for the sunshine but also for the rain. That such an admission of responsibility has not surfaced two months after the fact is troubling. It suggests that someone or some organization -- or both -- remain oblivious to a lesson that even a nodding acquaintance with Watergate should have taught them. It is not necessarily so much the error that results in your undoing. It is the cover-up.
Sooner or later, independent investigation bolstered by sworn testimony will make some bureaucrat regret not having made an early admission of responsibility in this matter.
-- Nick Catrantzos
Friday, December 31, 2010
Monday, December 20, 2010
Security and Time
In time, all security measures grow obsolete. The cavalry falls before the Panzer, the spear finds more space in museums than rifle racks, and the shoulder-fired missile makes short work of a biplane’s twin machine guns. Moats and ignited oil poured over the parapet offer little defense against precision-guided bombs or cruise missiles. As the means of successful attack change, so too must defenses adapt. Yet here we are, both attackers and defenders, ostensibly concentrating our adaptive skills into focusing on degree of attack and defense. Attackers seem to continue to concentrate on commercial airplanes as key targets, with innovation apparently limited to means of smuggling more exotic bombs that will elude detection. Similarly, defenders focus their resources on detection technology and increasingly more technologically invasive inspections at control points. Is this wise?
It certainly may be, for the attacker. A relatively modest investment in occasional aviation attacks – no matter how ham-handed or unsuccessful – does appear to consistently spawn more costly expenditure at the security screening point. The cost to defenders is not only in the expense associated with fielding and training screeners to use the latest equipment. An arguably greater cost comes in the form of alienating the constituency the screeners exist to defend. This, in turn, opens the door to new vulnerabilities and erosion of the kind of voluntary compliance at the heart of most effective security systems. Alienate enough passengers, and you will no longer find them engaging productively to report suspicious characters or take any part in what they perceive to be a supporting role for an unthinking bureaucracy.
Meanwhile, as this erosion of support accelerates further with each periodic aviation security scare, what is an attacker to do? Hatch the next plot and fine tune new tactics. Mumbai offers an example. After the attack’s devastation is over, residual dividends come from whispers of another such attack about to occur somewhere else. So now the European travel and hotel industries can look forward to decline in business thanks to November scares hinting at an imminent attack of the Mumbai variety that was to be transplanted to Germany or France.
These are great times for underfunded adversaries and difficult times for inflexible defenders. The former appear to be dictating the latter’s tactics and major investments – a sure signal that the next big surprise attack will not so much be inconceivable as just not addressed in time to limit the attending devastation.
FOOTNOTE: One day after the foregoing, the Washington Post presented this article questioning TSA's impetuous embrace of technology as panacea:
http://mobile.washingtonpost.com/c.jsp?item=http%3a%2f%2fwww.washingtonpost.com%2fwp-syndication%2farticle%2f2010%2f12%2f20%2fAR2010122005599_mobile.xml&cid=578815
-- Nick Catrantzos
It certainly may be, for the attacker. A relatively modest investment in occasional aviation attacks – no matter how ham-handed or unsuccessful – does appear to consistently spawn more costly expenditure at the security screening point. The cost to defenders is not only in the expense associated with fielding and training screeners to use the latest equipment. An arguably greater cost comes in the form of alienating the constituency the screeners exist to defend. This, in turn, opens the door to new vulnerabilities and erosion of the kind of voluntary compliance at the heart of most effective security systems. Alienate enough passengers, and you will no longer find them engaging productively to report suspicious characters or take any part in what they perceive to be a supporting role for an unthinking bureaucracy.
Meanwhile, as this erosion of support accelerates further with each periodic aviation security scare, what is an attacker to do? Hatch the next plot and fine tune new tactics. Mumbai offers an example. After the attack’s devastation is over, residual dividends come from whispers of another such attack about to occur somewhere else. So now the European travel and hotel industries can look forward to decline in business thanks to November scares hinting at an imminent attack of the Mumbai variety that was to be transplanted to Germany or France.
These are great times for underfunded adversaries and difficult times for inflexible defenders. The former appear to be dictating the latter’s tactics and major investments – a sure signal that the next big surprise attack will not so much be inconceivable as just not addressed in time to limit the attending devastation.
FOOTNOTE: One day after the foregoing, the Washington Post presented this article questioning TSA's impetuous embrace of technology as panacea:
http://mobile.washingtonpost.com/c.jsp?item=http%3a%2f%2fwww.washingtonpost.com%2fwp-syndication%2farticle%2f2010%2f12%2f20%2fAR2010122005599_mobile.xml&cid=578815
-- Nick Catrantzos
Subscribe to:
Posts (Atom)