The following article was adapted from a speech given at a conference titled Islamic Radicalism in the Workplace sponsored by FIRM (Forum on Islamic Radicalism and Management) in Paris November 16, 2017.
The airline business has been a target for terrorists since the early 70’s. There were bombings on planes prior to this, but the first terrorist attack was against a Swissair aircraft in 1970 and was attributed to the PLO at the time.
But the attack that shook the world and changed the face of airline security was the bombing of the Pan Am flight over Lockerbie, Scotland in December of 1988.
Since then, the airline industry has spent an enormous amount of money and resources on ways to protect itself. These measures were boosted hugely following 9/11 when governments became involved – in the U.S. through Homeland Security and the Transport Security Administration (TSA).
There are now good, automated systems to identify potential threats and solid security processes in place that vet passengers and their baggage prior to boarding, starting with intelligence and ending with prevention and detention.
However, that is not the end of the story.
The big change in terror tactics, from the early days of hijackings and bombings, is the willingness of terrorists to sacrifice their own lives in the commission of the act.
In aviation, we saw this first in 2004 when two domestic Russian aircraft were brought down by Chechen suicide bombers. The tactic grew in the Middle East with individual attacks and was further developed in Paris with the combination of the suicide bomber and armed attacker.
This was a significant shift in tactics, one that changes how a siege or attack is handled and what the results will be. Although these were high profile events, there have been more localized attacks with employees attacking colleagues or supervisors.
The insider threat is real, and we are vulnerable. If negotiation is no longer an option, the consequences can be more shocking and devastating. Preventing an attack by persons willing to sacrifice their own lives is extremely difficult. The only hope is to spot the early signs and stop it before it develops.
An attack on an airline or a music event causes many causalities and gets huge media attention but, like the airline business, these sectors have become better protected due to the lessons learned after each attack.
Yet, the harder these targets are to access, the more the terrorists will move to softer options and easier methods – away from sophisticated IEDs (improvised explosive devices) and military weapons to rented vans and kitchen knives. It is therefore vital to plan and protect ourselves before we have to pay such a high price in human lives.
We have a safety process in the airline business called near-miss analysis. After an accident or incident, we are very good at analyzing what happened, identifying root causes and putting corrective actions in place. Every time you do that analysis you invariably see a pattern of events that led to the final accident or incident.
So instead of waiting until a catastrophic event happens, we need to bring this skill to bear on lead ups and near-miss events. To do that businesses need to train their staff to identify and report events that could potentially, if left unchecked, lead to a major incident.
When these near misses are identified, a root cause analysis must be made and corrective actions put in place as if it was a major event. This greatly reduces the chances of negative trends developing that can culminate in a significant incident.
It is important to note that this only works when employees are empowered to confront potential threats head on and have the tools and management support to do it. This type of employee empowerment can benefit all industries to protect them against terrorism.
All those in management must ask: Do your employees have the tools to do this and is management responsive enough to listen and implement corrective actions?
Many businesses today are vulnerable in ways they weren’t just a number of years ago because of the diversification of services. Take, for example, how freight cargo works in the airline business.
Multiple freight forwarders combine goods, which are then trucked by road from exposed geographical locations to consolidators. These consolidators then fly this freight to legacy carriers in large hubs. Multiple people end up handling millions of pieces of freight in multiple locations.
It’s the same for airline catering. In the past, airlines had their own kitchens where the food was made, packaged and sent to the plane. Now, airport kitchens are merely assembly points where trays are built from items that come from many distribution points.
The possibility of an IED attack or the introduction of a chemical contaminant is in direct proportion to the number of elements in this complex chain. Outsourcing may make good business sense in that is cost effective in many areas, but it can be a security nightmare for the end provider, upon which rests the ultimate responsibility for the protection of its employees, facilities and customers.
These examples make it clear that we cannot defend ourselves against terrorists and radicals by simply building defenses. This strategy no longer works as our structures are too complex and porous.
For example, temporary and seasonal employees are the norm now for many industries. These employees are traditionally lower paid and thus can be susceptible to bribes. A significant bribe to someone who works 20 hours a week would be hard to resist. Bribes are small change to groups that are funded by wealthy benefactors.
What we don’t do is look closely for any signs of Islamist radicalism in our employees, nor do we have any provisions in our work rules to prohibit radical behavior. Similarly, we do not have good human resource (HR) provisions to deal with infractions that stem from radicalization.
In many cases, HR managers are afraid to confront the issues for fear of accusations of prejudice or Islamophobia. Managers don’t want to discuss the issue openly. This is something we must help them with. They have to be given the tools and the backing to adequately deal with these situations so that when they arise, a company’s management can be firm and effective while at the same time balanced and sensitive to religious and cultural diversity in the workplace.
All people are entitled to their religious beliefs and that should be respected in the workplace and out, but it’s up to management to decide to what extent it is accepted during working hours and which extreme religious practices are not acceptable in the workplace of a civilized society.
It is important to understand enough about other religions to avoid misunderstandings and conflict. Managers must take the time to talk to Muslim employees about their religion and understand it more. They must do some background reading. This fosters better work relationships and also allows managers to differentiate and identify signs of radicalization.
When we think of the radicalization of an employee, we naturally think of violence, but there are many other subtler variants: workplace disruption, colleague intimidation, union infiltration and a general drain on employee morale that cost organizations productivity and lost revenue. These are all tactics being used today.
Safety and security is everyone’s top priority but it requires effort and expense, planning and training. It can be hard to justify this effort when success is measured by nothing negative happening. However, the threat we all face is not going to go away any time soon. Battle-hardened terrorists are returning home from Syria and Iraq daily and will continue the fight on their home turf.
Fundamentalist imams will preach hate and these returning jihadists will act as role models and train susceptible young men and women who hold down jobs and were never in trouble with the police before.
Most security is geared to prevent outsider attacks. In the airline business, we have federal marshals traveling on most international flights and airports have good security. But there are no stringent defenses in place to counter the insider threat. It’s a glaring gap that we need to fill.
With the right people in place who have been given them the right tools, we can mitigate our exposure. The raw truth about security is that we want it strong enough so that any potential attacker will go elsewhere to a softer target. You do not want to be that soft target.