FOR IMMEDIATE RELEASE
In adoption of Resolution 40-11 at the 40th Session of the ICAO Assembly, the UN organisation continues to work on the development of tools to enhance security awareness and security culture. The designated Year of Security Culture (YOSC 2020-2021) focuses on raising awareness for security culture campaigns that support organisation globally. Especially in the light of COVID-19, the aviation community is encouraged not to turn a blind eye to other security threats.
To this regard, JAA Training Organisation (JAA TO) – in liaison with dyami.services – developed a 5-day training Aviation Security Management for security managers to understand their role and responsibilities in establishing and maintaining security policy and internal quality control programmes to effectively secure an organisation’s assets against outside threats. Robust security management helps to mitigate security risks to the organisation and the aviation system as a whole.
JAA TO instructor Eric Schouten, security and crisis management expert, talks about the importance of intelligence network building and leadership-driven security culture.
JAA TO: Flying is one of the safest ways to travel, what is the difference between aviation safety and security (AvSec)?
ES: I often use the terms unintentional and intentional. From a safety perspective, human error is a possibility but you can train people not to make errors. Setting norms and standards inform the approach to training people and good training reduces human error. You want to make sure that the aeroplane maintenance is good to avoid accidents.
AvSec is a newer discipline to the security community. In the security domain, you can have preventive measures but the perpetrator is always intentional. Outside threats which want to harm your organisation intentionally, find ways around these measures. By applying a risk-based approach you understand that you cannot always take away the risk because the intention is present. Robust aviation security management lowers the risk and anticipates.
JAA TO: Having worked in intelligence and countermeasures, what security challenges are affecting the travel and aviation industry right now and in the future?
ES: Currently, aviation is focused solely on COVID-19. The topic is omnipresent also in the debate about security, yet it diverts attention from existing threats. Focusing only on COVID-19 means we will lose awareness of other perpetrators like terrorist organisations. For example, Foreign Affairs travel advisories use colour codes to assess a destination’s risk level. Nowadays, the colour often represents a COVID-related issue, the traveller misinterprets the actual story and other threats in the advisory are being neglected. There again is the misperception of health safety risk vs. security risk.
While there has not been a major terrorist attack using aviation as a tool, global events show us that the insecurity in the world is only increasing. We have unstable regimes, terrorist organisations wanting to attack Western society could use aviation as means. We are not in a safe environment and people tend to look away.
From my background in security services, I know the threats to aviation and it was my job to raise awareness so an organisation can take measures and create a security policy. It will be the big thing for the next couple of years to refocus on the other threats and initiate a change of mind for proper contingency planning.
JAA TO: What are the lessons learnt from global security threats (e.g. 9/11)? What are recommendations/tactics to secure the high-value target that is aviation?
ES: My lessons learnt are: talk to the stakeholders, be in touch with the stakeholders. Not only between the walls of organisations, but to actively share intelligence. Knowing your partner's mutual security measures encourages cooperation between stakeholders without compromising the information and mission.
Secondly, build a security culture to ensure that everyone within the organisations knows why security is needed. The understanding and appreciation of security should become a fact that can be fostered through a top-down approach – management needs to make sure that everybody thinks about security, including themselves. Management also needs to make budgets available, raise awareness, train the organisation.
JAA TO: As JAA TO’s expert instructor for AvSec, you teach the new course Aviation Security Management: why are training and capacity-building so important in strengthening an organisation’s line of defence?
ES: Besides robust internal policies, the focus of capacitating and enabling lays in cooperation with others. Share your intelligence to build your own network so that appropriate measures during crisis management can be taken. This partner approach goes beyond any standard operating procedure (SOPs) because not every manual can accommodate different situations. Instead of looking up the SOP, you need to be able to know who to call first to get the information. Against the assumptions that intelligence organisations sit on their information value, I try to teach awareness to tell your partners and recommend sharing the information as part of the crisis management.
JAA TO: What are the characteristics of a robust risk and security management system?
ES: Your organisation needs to develop its own strategy of security policies, put them in place and not be limited by the mandates of ICAO, EASA, etc. Robust security management includes risk management, contingency readiness and quality assurance. Audit your policy to see how it affects the organisation. The following mindset is also important: in risk management, you cannot solve the problem. There will always be a residual risk. The training helps organisations to develop the mindset to draft the right policy papers and how to work with those threats in the risk management model. Once you are aware of the threats, you have a professional eye for the right measures that can prevent countless incidents.
JAA TO: Can you train to establish a security culture in organisations? Why is culture so important especially for aviation stakeholders?
ES: As previously mentioned, security needs to be leadership driven. Security managers need to be appointed, make budgets available and establish a culture where everybody understands the deeper reasons and benefits of strong security management systems. This readiness loops back to risk and threat management. If the reasoning of why there are certain measures in place is widely understood, you can apply it to the structure of the organisation. The resulting culture recognises the threats early and protects the values of organisational, staff, and reputational security.
JAA TO: ICAO/Europe has common rules to protect civil aviation against acts of unlawful interference, are the provisions reflective of our current times and how can industry leaders like JAA TO and dyami.services increase awareness for trending topics?
ES: A common financial motivation is that if nothing happens, budgets can be cut. But it is because of these deterrents that the organisation and its environment are safe. Organisational security should not be a rule-driven necessity, as a preventive measure to protect people, the organisation, its assets, and its reputation.
So for training and consultancy organisations, we have to raise awareness. Telling people why security is needed, why security culture can protect reputation. Working in security is sharing incidents from other organisation or countries from which learnings and improvements can be derived. Establishing robust systems allows one to anticipate threats, manage risk and launch countermeasures. Through practical training, we can develop the security mindset for managers and expand their receptiveness to the right security policies.
If you want to learn how to identify and apply a multi-agency threat and risk management process within the aviation sector, including the management of change, register for JAA TO’s Aviation Security Management on:
For more details & registration, click here.
JAA Training Organisation (JAA TO)
Senior Marketing & Communications Officer