The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency’s (CISA) Infrastructure Security Division has established a strategic partnership approach to securing the nation’s critical infrastructure.
Brian Harrell, the Assistant Director for Infrastructure Security, discussed at GSX 2019 CISA’s specific collaborative efforts with industry and community partners, and how their organisation helps secure critical infrastructure and civilians.
Unmanned aircraft systems
Among the top national security threats posed today in the U.S., according to Harrell, is the rise of unwanted or hostile drones in the airspace. Drones, when in the wrong hands, are interrupting operations at military bases, airports, and correctional facilities, and threatening the safety and security of public events, such as those at stadiums and festivals.
The issue of unwanted drones will only continue to escalate, and according to Harrell, "Unmanned aircraft systems do not represent an emerging threat, but rather, an imminent threat, given their retail availability here in the United States." In the U.S. and abroad, drones have interrupted operations at airports, such as Newark and Gatwick, at correctional facilities and stadiums, and critical infrastructure such as pipelines managed by Saudi Aramco.
Significant technological advancements
As it relates to the rise of drone technology and airspace threats, the threat landscape is ever-changing
The U.S. Federal Aviation Administration (FAA) announced at GSX that the agency has registered five times more drones (more than 1.5 million) in just four years, than all the commercial aircraft that have been registered up to now (300,000) in the history of the agency. As more drones enter the international airspace, regulations and policies must also follow suit to address the increasing safety and security risks they pose.
According to Harrell, as it relates to the rise of drone technology and airspace threats, the threat landscape is ever-changing. There have been significant technological advancements in drones, and they are solving problems and helping industries with important tasks like inspections, search and rescue, and videography. With these advancements, however, comes the opportunity for misuse.
Although the airspace threat will always be evolving, Harrell provided GSX attendees with practical information and questions to ask their teams on how to build a security program that addresses and advances with the drone threat. Organisations can act today to start understanding their security gaps in their airspace.
Harrell posed to the audience the question, ‘Is your organisation prepared to be overwhelmed?’ As it relates to the airspace threat, without counter-drone technology, security leaders are working with incomplete information about their airspace activity. However, this gap of knowledge can change with the integration of counter-drone technology. With drone activity data, teams can then defend what assets matter most to them and protecting what Harrell qualifies as ‘pencils like pencils, and diamonds like diamonds.’
Identifying airspace activity
Counter-drone technology is an essential tool that addresses this hybrid threat landscape
With consideration of the evolving threat landscape, the rise and advancement of drone technology is a clear demonstration that security threats no longer fall clearly into the ‘physical’ or ‘cyber’ security categories. Drones can cause damage both to physical and cyber infrastructure. Without counter-drone intelligence to help identify airspace activity, organisations are powerless against protecting against all drone threats. Counter-drone technology is an essential tool that addresses this hybrid threat landscape.
Harrell prompted GSX attendees to ask themselves, what can security providers do today to increase the understanding of security threats at our organisation. He continued by outlining a four-step framework for building out a new security program or advancing an existing one.
Advancing security programs
Four steps to advancing security programs are as follows:
- Connect: Connect with local law enforcement to determine what steps you should take should there be an unwanted drone in the area. This proactive approach will ensure that those who need to respond to emergencies are aware of the threats at the operations, and can begin the next step, which is to plan.
- Plan: If it can happen there, it can happen here. There are drone incidents reported in the news from all over the world. No organisation is immune to drone threats. If a drone incursion can paralyse operations at Heathrow and Gatwick, it can also do the same to JFK and Newark.
- Train: Counter-drone technology provides data about the airspace activity at a particular area and exposes where there may be vulnerabilities in an organisation’s operations. Data from counter-drone programs can include flight times and durations, the types of drones flown, and the flightpath or point of origin. With situational awareness, security teams can develop new safety and response protocols to respond to drone incursions, direct resources to ‘hot spots,’ and execute training exercises. Organisations shouldn’t wait for a crisis to occur, but rather, use a crisis as an opportunity to showcase the strength of their security operations.
- Report: The picture is always clearer from the rear-view mirror. Post-event analysis determines where organisations can better streamline resources, achieve security goals, and grow in their understanding of how to prevent damage or disruption from a drone incursion.
Unwanted drone activity
“A drone is a computer in the sky,” Harrell reminds the audience. Drones are small and discrete enough to operate unnoticed, but powerful enough to drop payloads, hack into systems, or covertly spy on operations. By considering these four steps, organisations will be able to stay ahead of the drone threat and ensure the strongest defence should there be an incursion or unwanted drone activity.
Many organisations will focus their efforts on compliance with standard practices and regulations
Many organisations will focus their efforts on compliance with standard practices and regulations. Resilience is not built on compliance, but rather, by continuing to advance and go beyond standard practices and operations. As regulators and legislators continue to research and respond to drone incursions, individual organisations will need to decide whether or not they want to go beyond the current standards or wait for additional federal guidance. Harrell states that organisations can be proactive in defending their operations against the growing threat of uncooperative drones.
Understanding airspace activity
Harrell points to GSX attendees to challenge their teams with the question, “are we ready?” Can security teams confidently answer whether they have taken steps to build resilience into their existing security programs? And if not, what assets and technologies are available to make an impact today?
Counter-drone programs should begin under ‘blue sky’ conditions, where security teams can connect, plan, train, and report under ideal conditions. Data collection with passive counter-drone technologies, such as radio frequency sensors, can begin immediately and without any interference with existing operations. The first step to understanding airspace activity and the threat to an organisation is to build awareness and gain access to data sets and analysis. From there, organisations can which can help identify the most vulnerable or essential areas for protection.