Critical Infrastructure Q&A

Erica Wolfkill, Federal Government & Critical Infrastructure Director

Shawn Garcia, Business Development Manager

Introduction

FR recently sat down with Federal Government & Critical Infrastructure Director, Erica Wolfkill, and Business Development Manager, Shawn Garcia, to weigh-in on how the Critical Infrastructure landscape is changing due to new threats arising every day. Check out the exclusive interview to get their take on how threat levels are evolving and what solutions are on the horizon to combat these growing concerns—both domestically and internationally.

Q&A

Q. Talk to us about the current state of the Critical Infrastructure landscape and what keeps you up at night.

EW: The more time that has passed since the tragic events of 9/11, the focus on security seems to have lessened across numerous sectors; however, recently it’s been resurfacing and reemerging to the forefront. As a nation, we have become very reactionary and that is a huge concern. The leaders in Critical Infrastructure (CI) security are having to fight for dollars against an imaginary ideal that the threat to the U.S. CI is less of a concern as time progresses. Based on the tenacity of ISIS/ISIL and other terrorist groups, industry leaders continue to believe it’s an “if not, when” scenario for a CBRN (Chemical, Biological, Radiological & Nuclear) attack on our homeland. The technologies that are used to protect and detect against these inconceivable substances are competing with dollars to keep out guns, knives, and other commonplace threats. These are, unfortunately, the attacks and incidents that make the daily headlines across all forms of media.

SG: What keeps me up is knowing that CI represents a target-rich environment due to the, typically, large amounts of people at risk. Also acknowledging that CI attacks act as a destruction force multiplier and, ultimately, give actors with nefarious intent more destructive “bang for their buck.” For example, a crude CBRN weapon release on a subway has direct casualty/fatality implications, but would also have negative economic and public confidence consequences.

Q. How do Critical Infrastructure priorities vary across the globe? What do other countries deem a priority and what are some of the U.S.’s major concerns?

EW: Here in the U.S., there is a tremendous focus on large targets, major cities, and a handful of large-scale events (i.e., Super Bowl, concerts, etc.). The Boston Marathon was eye-opening and has increased security efforts and spend across the country for similar mass gatherings. The security enhancements in U.S. mission-critical and top-tier government facilities has caused terrorist groups to switch their focus and realize they will get more “return,” so-to-speak, in softer targets. Regrettably, these groups and ideologists are counting on factors such as fear, panic, and economic effects.

SG: Globally, different regions/countries will have unique considerations. For example, some countries in the Middle East must prioritize and allocate resources to protect CI when planning for mass gatherings at holy sites which includes the air, ground, and rail transportation supporting the travel to and from these locations. In 2017 the hajj, an annual Islamic pilgrimage to Mecca in Saudi Arabia, brought over two-million pilgrims to the Kingdom while ~13 million religious Shiite pilgrims traveled to Karbala in Iraq for the Arba'een holiday that same year.

Q. How many layers of security are currently being utilized and what are some strategies those affected can use to protect against inside- and outside-threats?

EW: They key to effective security is a layered approach. The individuals seeking to do harm are calculated and, at times, the very insiders working in a particular building or company. It’s essential that security perimeters are armed with the latest technologies to assist in keeping weapons and tools of mass destruction outside of the workplace and/or venue. Cameras and video management systems are constantly evolving to give security leaders the opportunity to tie-in that key information with things like state-of-the-art chemical and radiation detectors. This approach provides a security director or decision-maker with a bigger picture in order to make clear and intelligent decisions.

SG: I’ve been fortunate in my career to have supported USG chemical and biological security assistance programs which often included CI physical and personnel security components. As a result, I’ve witnessed a multi-layered implemented approach to protect sensitive information, expertise, materials, and infrastructure. When dealing with information and expertise, it’s imperative to have proven recruitment and vetting processes in place and ensure personnel understand information management best practices, including what not to do (e.g., post on social media, speak causally about sensitive work topics, take unapproved work home, etc.). Regarding materials and infrastructure protection, it’s also necessary to establish procedural management practices, inventory controls, and robust physical security (which could range from cabinet locks to facility-wide integrated security systems). Fortunately, options are plentiful with these extremes and can be executed accordingly per infrastructure realities, requirements, and resources.

Q. How do you think the investment in mass transit protection can improve the threat climate?

EW: It all goes back to funding. These agencies need the capitol so they can be proactive versus continuing to be reactive as the threat climate shifts. The major mass transit groups were given large-scale security and system-wide grants as a result of 9/11. These grants enabled a few of the larger Metro areas to deploy state-of-the-art sensor systems and networks to add additional technologies to their security profiles. Unfortunately, the sustainment dollars are drying—if not already dried-up. This creates a unique challenge for agencies who face a large decision on whether or not to continue supporting programs for things like chemical security protection. Again, we see an unfortunate common theme with terrorist groups counting on these types of scenarios.

SG: If smart investments are made to protect CI and the mass transit sector, the result will bring technologies that are more responsive, sensitive, and/or predictive which, by extension, should either serve as a deterrent to those who seek to do harm, or an asset to security forces and law enforcement by providing them with the necessary tools to mitigate and prevent future attacks.

Q. How do you see the field of Critical Infrastructure evolving? Do you think the R&D in this space is keeping up with the pace of threats and are combative mechanisms available in commercial markets?

EW: The threat detectors are not keeping up fast enough with the changing threat landscape. There are numerous technologies that are in the early stages across various labs and companies; however, the struggle for development funding is real. Due to long procurement and grant hurdles, some of the collaborative technological advancements for warfighters take years to get to the front lines and, longer, to expand to the commercial market space.

SG: As we continue to see terrorist organizations and individuals develop and employ unconventional weapons designed for use against civilian populations, we should see a commensurate focus on the development of protections, countermeasures, and techniques to protect CI. The R&D community will need to keep pace to identify solutions that combat weapons that already exist and, in partnership with military, law enforcement, and counterterrorism experts, anticipate horizon weapons; in other words, they need to be on the cutting-edge of emerging threats/weapons that may be constructed using products of rapidly evolving dual-use technologies (i.e., 3-D printing, UAV/UAS, cell phone/mobile applications, etc.) and ubiquitous dual-use/non-scheduled chemicals, biological pathogens, or radioactive materials.

This is no small challenge. Moreover, what will add to this already difficult requirement is ensuring that mechanisms are in place to get R&D solutions to the commercial sector—efficiently, responsibly, and quickly.