Risk analysis, security, terrorism
 

I wanted to point people to a fascinating article on risk analysis and how it applies to the "war on terrorism".

http://www.csoonline.com/read/040105/undercover.html

Might be useful reading for anyone who wants to think intelligently about aviation security.

It's so true. I don't think there are many true security professionals in the TSA/DHS. If you encountered one you'd have to consider them the same way you'd consider a professional mathematician running a lottery: either they are not competent enough to understand what they are part of, or eating their pride and cashing a paycheck in an enterprise they can barely stomach.

The article makes sense and offers a practical approach to analyzing risk - however, the so-called 'war on terror' and the government's 'efforts' post-9/11 have less to do with approaching the terrorism issue practically, and everything to do with stirring emotion, fear and furthering a political agenda that many Americans would find repulsive absent of the 9/11 event.

Why else would such diverse issues unrelated to security as environmental management and energy policy have agendas pushed through which were somehow 'tied' to a security concept?

As long as the 'war on terror' remains an emotional and political issue, one of control, we will never see a practical approach to security in our country

Regarding the containers? if someone wanted to detonate a nuclear device in one of them, there would be no need or chance to do an inspection...a device can be detonated while the container is still onboard ship entering the harbor and do just as much damage. We will never be perfectly safe...and part of designing a proper, reasonable security policy is accepting that fact and applying proper risk analysis to security policy.

Interesting. I think the time is long past for a serious cost-benefit analysis of the security measures we're all paying for. However, this analysis is very very complicated and the article oversimplifies the cost of a terrorist attack. It's not just about the lives lost, but also about the economic damage: to the New York area economy, to the travel industry, etc. due to the perhaps irrational reactions of people to an attack. That's why it's called terrorism after all.

Similar complicating factors enter in to the analysis of , for example, health care costs, which is what makes the whole excercise of comparing health care dollars to security dollars a political rather than an economic question.

Once you've decided to commit resources to security, however, serious analysis of where those resources will do the most good is required and long overdue.

Michael

hmm
 

The article overlooks the obvious spectrum of impact that a terrorist attack has on society. There is more to it than just loss of life. You also cant compare socio-economic lifestyles with terrorism. People take expected risks in some things and accidents happen. People choose to take risks like drinking and driving, crossing the street or smoking. Terrorism isnt an expected risk in the United States. Security is an enigma. If you dont catch someone like a terrorist, does that mean that your security is a failure or does it mean that it works beyond all scope of imagination? Therefore to look at it from a ROI standpoint is wrong.

That's nice, but you have to take return on investment into account as long as you have investors. It's simple economics. A dollar for security or a dollar for education? No amount of flowery language keeps that from being a choice. If, as studies seem to show, the marginal benefit of adding dollars is infinitesimal (or possibly even negative!) then it really shortchanges the kids, doesn't it?

My suspicion is that even if we see one or two more attacks on US soil from Al Quaeda, the threat won't last more than ten to twenty more years. Events change too quickly. You may not agree, but I doubt that England thought its IRA troubles would vanish after such a short while.

I dont think the article is preaching a "ROI" approach...I think the thesis discusses balancing security efforts with the chance at delivering a practical result in a wider context of risk management.

If we don't balance the application of security with a reasonable expecation of success, we are just spending huge wasteful resources in a vain attempt to possibly, hopefully, maybe, prevent a terrorist attack which is unfortunately better planned and executed than our efforts to prevent it.

To ignore the balanced approach is to commit endless resources to prevent that which is technically unpreventable. We might catch them 9 times out of 10, but they only care about being successful that one time - then all the resources committed to prevention resulted in failure anyway.

Honestly, this is war we cannot win by using "security" as our only weapon.

It's a brave government that says "You know, 3000 people isn't really that much, lets spend the money on educating people on health issues", however I think these things DO need to be taken into account. It should be possible to say that expending billions of dollars, losing 1700 soldiers with 13000 wounded in Iraq for negligable gains in security is a pointless policy. The pros and cons for Afghanistan on the other hand are far more clearly pointing to something that worked quite well. It's possible to apply this to internal security too.

I can't find figures for how much the UK spends on airport security per traveller but I'm willing to bet that it's less than the US and I'm also willing to bet that it is far less as the government don't feel the need to put on a show for the peace of mind of travellers.

Realistically there has been one attack on US soil, albeit a big one, and this was one that used all the very obvious security holes in US airports to their fullest. I have doubts that airport security is doing much to deter further attacks of the same kind as this was a one-shot deal; nobody is sitting in their seats for a hijacking ever again. Other attacks (such as dirty bombs) aren't being prevented by the TSA so ever increasing spend is doing nothing of any real value so it is valid to think of it in terms of ROI.

Personally, I think that America would be far better served acting on intelligence coming in that it can't handle in a timely fashion and improving the lives of Americans than throwing muscle at the problem as they're doing now. All comes down to the old "Work smarter, not harder" slogan really.

Probably because the dirty bomb "threat" is way overhyped :rolleyes: (ie. virtually non-existent) , which shouldn't come as much of a surprise.

http://www.tdh.state.tx.us/radiation/notices.htm#1

well
 

IF that is the case then there has to be a quantitative way of measuring success. If you spend x number of dollars on security and nothing happens that was prevented, did you spend too much? On the other hand if you spend X dollars on security and something does happen, did you not spend enough? Given that nothing has happened since 9/11 can you dismiss what TSA is doing as a waste of resources? (you could nit pick this and be right but as a whole) Most people would say that with security (any type of security) keeping events from occurring would mean that it was a worthwhile investment. Does this hold true with TSA?

How can you say this with a straight face? Is "security" peventing terrorist attacks, or are the terrorists simply laying low (or not here in the first place)? This is no better than my "magic rock" that keeps flying saucers away. You don't see any flying saucers around, do you (except in the Weekly World News)?

Bruce

I don't want to be shocking, I may be the first person some TSAers have come in contact with proposing this, but what if the TSA got someone to impersonate a baddie and try to carry on some prohibited items? If the TSAers catch him/her we could call that a success and if they don't we could call it a failure. I'm no testing expert, but it looks quantitative to me. Watcha think?

In science we call that the "coincidence is causation" fallacy. A testing regimen like what I describe above (and I really suspect the TSA has been tested by the rest of the govt that way) can be used to figure out how effective security is.

Now, here's the rub. When you adopt some metric like this, the rubber hits the pavement. You have to define what acceptable failure is. There's no sticking heads in the sand and saying "oh, we can't bear to have anything less than 100% security." You'll never get that, but you can get something, and by measuring it, you can figure out what you are getting and what you aren't. The question is really whether we are mature enough to surrender the notion of absolute security and adopt a real standard.

this has been done extensively by government auditors and the media, and the TSA has failed these tests too often - just as often as the private screeners they replaced. What is shocking is the amount of money thrown at the TSA which has not translated into quantifiably better security.

Let the FAA set the security standards and procedures to be enforced systemwide, let their inspectors ensure compliance and fine/terminate contractors and airports who fail their inspections, and let's return to private screening staff with our 'security fee' being directed in whole to the development and implementation of new technologies designed to improve screening effectiveness and efficiency.

I find it utterly amazing that, apparently, screeners in this forum didn't know about that testing. :( Perhaps with more money, they can keep their screeners informed.

They were aware they are subject to audit...but it gets worse...alot worse. The TSA decided to create its own audit system which displayed fake images of prohibited items (usually weapons) on the monitor to see if the screener could catch it. The result of this 'test' was the passenger's bag was sent for secondary hand search to 'resolve' the test image IF it was caught - so the result of a successful audit ended with the passenger being inconvenienced. I found that totally unacceptable and a monstrosity of bad judgement - a certainty the TSA doesn't give a rat's behind about the passenger.

Now it gets even worse - there have been instances where the 'test' image was not caught in time, and the passenger (victim) was sent on their merry way...but then the image was seen later, after the passenger left the screening area. The result? An evacuation of the terminal and a re-screening of all the passengers. Yes, a terminal evacuation caused by the mishandling of a test which should never have been inflicted on one passenger in the first place, let alone hundreds. This agency and its wasteful anti-passenger management needs to get the boot, and fast.

I challenge anyone to provide a true, quantifiable argument that supports any cost-benefit the TSA has provided our aviation security infrastructure.