Safety vs. Security: The conflating flourishes. The certified security vulnerability analyst (CSVA) and like certifications championed by Chemical Facility Anti-Terrorism Standards (also known as CFATS and periodically the subject of full-throated debate among lawmakers) in its original state trace directly to a source of revenue created by the American Institute of Chemical Engineers (AIChE) between 2002 and 2003. While these creations offer value if one is approaching security from zero, as presumed for the chemical sector, in the more mature areas of protection they quickly reveal some serious flaws. Nothing better begins to illustrate this disconnect than the requirement for anyone seeking this certification to begin to qualify for it by necessarily being a process safety engineer for at least five years. (Ironically, one or two of the three individuals who created the body of training material that went into preparing applicants for this certification numbered among my former subcontractors who possessed neither an engineering nor a safety pedigree, thereby making them unqualified to sit for the exam and certification they helped create.)
The fundamental point of cognitive dissonance between safety and security when dealing with anti-terrorism is that the two disciplines see the world differently. Safety, for the most part, is concerned with avoiding self-inflicted wounds. Inherent in this mind set is the notion that most hazards are avoidable if properly communicated, hence the absolutely supreme importance of communicating everything to everyone to the fullest possible extent.
To the security professional, however, the concern is not with minimizing self-inflicted wounds. It is with defending against the focused attack of adversaries bent on one’s annihilation. In this world, over communicating means exposing one’s vulnerabilities to the point of inviting attack. Consequently, security professionals board certified in security management cannot even qualify to sit for the Certified Protection Professional exam until they have demonstrated a good 10 years of having served in responsible charge in a security capacity, namely, of being the main person held accountable for the protection of people, property, or some kind of operation. The level of security expertise on tap from a CPP is thus significantly more substantive than that of a CSVA who lacks any requirement for direct security experience but, instead, qualifies for the CSVA certification by virtue of a safety pedigree plus successful completion of a coin-operated program for manufacturing instant security experts. Moreover, by embracing the process safety language and bias of AIChE, CFATS aligns its stated security function with a safety function which, in the world of asset protection is a one-off endeavor. Safety and security are not the same. To the extent that CFATS continues to reflect a process safety bias that is oblivious to traditional security focus on protection against hostile forces and instead accords greater priority to communicating hazards or OSHA-style compliance, the safety-security disconnect ultimately performs a disservice not only if extended to the water sector but even to the chemical sector. Only the chemical sector, inured as it is to risk management process-intensive protocols and compliance orientation, finds the familiar in this safety bias, in other words, its comfort zone. Sadly, this approach offers little anti-terrorism protective value in and of itself.
-- Nick Catrantzos
Subscribe Now
AddThis
Nick Catrantzos + Tom Goff
- All Secure
- NICK CATRANTZOS is the lead author of the All Secure website and is the emeritus security director for a large public organization. He has also managed security aspects of corporate takeovers, response to international hostage situations, and finding and keeping secrets. He has been board certified in security management, licensed as a private investigator, and certified as an incident commander. He worked as a case officer for a discreet branch of public service. He protected stealth technology at Lockheed and, later, as a consulting security director for both Kroll and Control Risks, he assisted executives with workplace violence cases and with protecting VIPs and critical assets globally in volatile areas. Nick's partner, TOM GOFF, was a captain in the Military Police Corps, U.S. Army Reserve and has a law degree from the University of California at Davis. He is a former reporter for Fortune Magazine, was senior editor at New York Magazine and Esquire, and has provided crisis and communications counsel to senior executives at Fortune 500 companies, including Lockheed, ARCO, Microsoft, Nissan, and Sony Pictures.