Data Security

Data sharing key in response to terrorism

The importance of planning emergency responses, including the importance of public private partnerships, is key to mitigating against the terrorist threat. Looking at the role of information sharing, Weynand Haitjema explores this further

Ten years ago no-one could have predicted that terrorists would switch to using vehicles as weapons and drive them into crowds of pedestrians. However, a change of tactics that wrong-footed many security services might have the effect of making people in Europe more aware of their surroundings, hopefully more vigilant and willing to report suspicious behaviour.

Planning against these types of usually lone wolf attacks on soft targets is difficult for the authorities but sharing information, like tip offs from the public, in a private/public partnership, can help improve emergency response plans to mitigate, and even prevent, the terrorist threat to people and property.

Terrorists need the oxygen of publicity to fuel their cause so while incidents like the Westminster Bridge atrocity resulted in relatively few casualties, it gained massive worldwide media coverage due to the nature of the attack, highlighting how vulnerable citizens can be to this type of assault. Visibly increasing physical security as part of counter terrorism measures is normal practice, but what about the battle behind the lines to minimise or avoid the attack in the first place?

Contingency planning
High profile potential targets, like shopping centres, airports and major railway stations, need to have contingency plans for a major incident, such as vehicle-ramming, in place. It may not cover every eventuality but if staff are aware of what is expected of them then the actions taken in the initial minutes of an emergency can be critical. A thorough, pre-planned response by organisations to cope in the event of a terror attack, or any other emergency for that matter, offers a prompt warning to employees and the public to evacuate, shelter or lockdown which can save lives.

Despite recent events, in reality people living in countries such as the UK are more likely to face emergencies due to fires and explosions caused by faulty equipment on premises, than by the hands of a terrorist. However, by sharing information the authorities can maximise preparations to prepare for and cope with any major incident.

In Europe, many countries have different threat levels designed to give a broad indication of the likelihood of a terrorist attack. This will be dependent on the information held at the time by the authorities - but is such information shared among all the stakeholders?

As I’ve mentioned, many large organisations will have plans in place for responding to an emergency – they would face huge risk if they didn’t have a contingency strategy – but these may not be as effective as they could be if the planners are not privy to all the information available relating to a possible attack, whether in the private or public sectors.

External resources can provide the missing link for emergency response planning. Agencies, like Pinkerton, can support organisations through proactive background screening of people, which provides accurate data and knowledge on potentially rogue or disgruntled citizens or employees.

Behind the screen
Working within the law – so as to avoid running afoul of the privacy rights of employees which can bring hefty penalties for both company and provider – comprehensive people screening carried out by private security agencies at regular intervals is one line of defence for protecting businesses, staff and the public in the event of an attack, be it physical or cyber.

Cyber terrorism is becoming increasingly prevalent, so businesses must deploy robust measures to protect their digital infrastructure. Vetting new recruits and monitoring worker behaviour can play significant roles in safeguarding a company’s assets.

Police and national security forces are more likely to receive names from the public of potentially suspicious characters, but there are certain limitations placed on the police who are not able to carry out some of the preliminary investigations a private security agency can when screening employees. The information gathered and, where legally possible, shared can strengthen an early warning system.

Awareness training, people profiling and behaviour analysis for the likes of managers and customer-facing employees will help them recognise suspicious behaviour. Even the tiniest and seemingly irrelevant piece of information when combined with other sources could help predict that an outrage is potentially in the making. Every snippet of information reported relating to a possible attack should be welcomed and recorded. We want that data to be shared between security organisations as we are convinced that this will improve emergency response planning.

Public-private partnerships
Private and public sector working together can strengthen defences against attacks. An emergency response with this kind of partnership at the heart of the planning process can mean that private security companies can rapidly deliver boots on the ground following an outrage, so that the police can take the measures needed to keep people safe.

There is a lot of discussion about how the UK and the rest of the European Union will share security information once Brexit kicks in, but collaboration between private and public national organisations is just as important to prevent or deal with destructive incidents.

There are over 500 million people in the EU and those of working age and relevant skills are currently still free to travel and apply for jobs in the UK. This poses potential challenges for keeping tabs on their movements, backgrounds and right to work in the UK, which will be almost impossible to verify through ID cards and passports alone. While workers are a company’s most important asset, that person walking through your door every day is potentially also one of the biggest risks to your electronic information, physical and human security, and reputation, if not vigorously vetted prior to placement.

Comprehensive people screening can help in the fight against terrorism by protecting the public, property, networks, computers, programs and data from attack, damage or unauthorised access from potentially rogue or disgruntled employees. A third party expert in vetting develops very fast background screening techniques, requiring just a name and a place of residence to access diligence on individuals. If national police forces or other agencies already have some information on a suspected lone wolf so much the better.

Intelligence analysis
Analysing all the information available can help draw up the best possible plans for an emergency response but whilst people screening will help strengthen security, it cannot legislate for the future behaviour of an individual. Good people sometimes do inexplicable things if under duress or their personal circumstances change. A thorough background check provides vital information on a person, but it cannot predict how that individual will act once in place.

In the current climate of a heightened terrorist threat, it is very important to check Terror Lists, which are issued by almost every government. The UK government has a current list of designated persons believed to be involved in terrorist activity. This is easily accessible on its website, but one of the benefits of using a screening company is that it has the ability to check lists from around the world. Some countries share information more freely than others or have different criteria – as the saying goes, a terrorist to some is a freedom fighter to others – a screening provider will check hundreds of government terrorist lists.

Periodic checking is highly recommended. Someone may have been a fine upstanding citizen five years ago but in the time they have worked for a company they may have suffered stresses in life that have resulted in a brush with the law. Without regularly updating background checks a company may not be aware of any issues since the start of employment.

An information partnership between the private and public sectors can only boost security by contributing to improved emergency response plans for everybody. I think that should be the main goal, a united front to counter terrorism. It is not about who is the biggest or the best but together we are stronger in our fight against terror.

Weynand Haitjema serves as Pinkerton’s region managing director for EMEA. Pinkerton is a global provider of corporate risk management services, including security consulting, investigations, executive protection, employment screening, protective intelligence and more.