Cincinnati/Northern Kentucky International Airport. Partnership for Nuclear Security Insider Threat Summit September, 2015

Similar documents
TSA/FTA Security and Emergency Management Action Items for Transit Agencies

ACI-NA 2018 Risk Management Conference SAFETY Act. Washington, D.C

SAFETY Act AAPA Port Security Seminar July 19, 2012 Miami, FL. Washington, D.C

Security Guideline for the Electricity Sub-sector: Physical Security Response

COUNTERING IMPROVISED EXPLOSIVE DEVICES

PIPELINE SECURITY An Overview of TSA Programs

Airport Security & Safety Thales, Your Trusted Hub Partner

The Beyond the Border Action Plan

Risk-based security in practice Turning information into smart screening. October 2014

PREPARED STATEMENT OF ERNEST R. FRAZIER, SR., ESQ. AMTRAK, CHIEF OF POLICE AND SECURITY DEPARTMENT

Compliance with ISPS and The Maritime Transportation Security Act of 2002

AVIATION. The leading provider of integrated security solutions in the field of aviation fjcsecurity.com/fjcaviation

Department of Homeland Security Updates

Aviation Law Enforcement Officer Security Training Kansas City International Airport May 21 & 22, 2014

TELEPLAN JOURNEY TOWARDS ACHIEVING ISO Presented by Anthony Abraham & Tejpal Singh Date : 2 nd April 2013.

AGENDA Regular Commission Meeting Port of Portland Headquarters 7200 N.E. Airport Way, 8 th Floor August 13, :30 a.m.

SOC 3 for Security and Availability

INFORMATION SECURITY. One line heading. > One line subheading. A briefing on the information security controls at Computershare

La gestione di Security e Safety con un singolo sistema di supporto alle decisioni Baltimore/Washington Airport - USA

Beyond the Border: A Shared Vision for Perimeter Security and Economic Competitiveness

SECURITY CODE. Responsible Care. American Chemistry Council. 7 April 2011

Critical Infrastructure Protection and Suspicious Activity Reporting. Texas Department of Public Safety Intelligence & Counterterrorism Division

PROGRAM SUMMARY OBJECTIVES RESULTS. Last updated date: 7/27/2017. Target Beneficiaries. Donor Security

Department of Homeland Security Customs and Border Protection. Centers of Excellence and Expertise

Airport Consultants Council

Science & Technology Directorate: R&D Overview

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

The Beyond the Border Action Plan

TERRORISM LIAISON OFFICER OUTREACH PROGRAM - (TLOOP)

Your single source for a safe, secure, and sustainable airport

Management. Port Security. Second Edition KENNETH CHRISTOPHER. CRC Press. Taylor & Francis Group. Taylor & Francis Group,

Optimize postage savings. Expedite mail delivery. Pitney Bowes helps you make your mailstream more efficient.

Chemical Facility Anti-Terrorism Standards. T. Ted Cromwell Sr. Director, Security and

Introduction to Cyber Security Issues for Transportation

Member of the County or municipal emergency management organization

The Office of Infrastructure Protection

Why C-TPAT? An Overview

Supply Chain Security Since 9/11

Written Statement of. Timothy J. Scott Chief Security Officer The Dow Chemical Company

Securing the New Perimeter:

The Office of Infrastructure Protection

Twilio cloud communications SECURITY

INTERNATIONAL ASSISTANCE AND CAPACITY BUILDING IN AVIATION SECURITY Briefing for AVSEC/FAL/RG-PA May, 2011

Transportation Security Planning in British Columbia David Morhart, Deputy Solicitor General

TRANSPORTATION SECURITY ADMINISTRATION. Insider Threat Awareness ICAO Global Aviation Security Symposium 2018

COUNTERING IMPROVISED EXPLOSIVE DEVICES

Highway & Motor Carrier Orientation & Modal Overview. June 2018

The APEC Model. Global Partnership through Regional Initiatives

Canada s Atlantic Gateway and Trade Corridor

American Association of Port Authorities. Navigating the Cyber Domain. Homeland Security UNCLASSIFIED

STRATEGIC PLAN. USF Emergency Management

175 Progress Place. 40, ,000 Square Feet of Highly Efficient Office Space. Cincinnati, Ohio

Statement for the Record

Air Entry/Exit Re-engineering (AEER)

Marine Security Overview

Legal, Ethical, and Professional Issues in Information Security

Gallagher Airport Security Solutions. aviation sites around the world trust security management solutions from gallagher

AAPA Smart Ports. Cyber Management for Ports Panel. Small Port Cyber Security Workshops. March 6, 2018

Security and Privacy Governance Program Guidelines

Department of Homeland Security Customs and Border Protection. Centers of Excellence and Expertise

NATIONAL STRATEGY FOR GLOBAL SUPPLY CHAIN SECURITY

CYBER SECURITY AIR TRANSPORT IT SUMMIT

Canadian Port Security Regulations and Implementation Overview. July 2005

Published Privacy Impact Assessments on the Web. ACTION: Notice of Publication of Privacy Impact Assessments (PIA).

Overview of Customs-Trade Partnership Against Terrorism (C-TPAT)

Watson Developer Cloud Security Overview

Inter-American Port Security Cooperation Plan

Cyber security tips and self-assessment for business

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

SOLUTIONS BRIEF GOGO AIRBORNE SECURITY SUMMARY 2017 Q3 RELEASE

Could the BIGGEST Threat to Your Business be INSIDE Your Company?

Standard CIP Cyber Security Critical Cyber Asset Identification

DHS Cybersecurity: Services for State and Local Officials. February 2017

Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS

Student & Exchange Visitor Information System (SEVIS) SEVIS II Briefing

Standard CIP Cyber Security Critical Cyber Asset Identification

Biometric Entry-Exit. July 11, 2017

Defense Security Service. Strategic Plan Addendum, April Our Agency, Our Mission, Our Responsibility

Maintaining Trust: Visa Inc. Payment Security Strategy

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers

Cybersecurity Overview

How Cybersecurity Initiatives May Impact Operators. Ross A. Buntrock, Partner

Infrastructure Security Overview

June 5, 2018 Independence, Ohio

National Policy and Guiding Principles

Best Practices for a Cyber Fortified Supply Chain. By Craig Bowman. Vice President Verizon Advanced Solutions Division.

TWIC Transportation Worker Identification Credential. Overview

Security Standards for Electric Market Participants

Ready, Willing & Able. Michael Cover, Manager, Blue Cross Blue Shield of Michigan

Heavy Vehicle Cyber Security Bulletin

Regional Security Initiatives in the Columbia River. One Port s Prospective

EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS

Grid Security & NERC

Pipeline Security Guidelines. April Transportation Security Administration

DATA SECURITY THE PROTECTION OF YOUR INFORMATION IS OUR PRIME DIRECTIVE

Tip Sheet: Safety Communications During Severe Weather

Electric Facility Threats and Violence

Grid Security & NERC. Council of State Governments. Janet Sena, Senior Vice President, Policy and External Affairs September 22, 2016

Donor Countries Security. Date

Cyber Management for Ports Results of Small Port Cyber Security Workshops

Transcription:

Cincinnati/Northern Kentucky International Airport Partnership for Nuclear Security Insider Threat Summit September, 2015

Cincinnati USA Story 2 28 th largest metropolitan area in the USA with 2.1M population Global business center with 9 fortune 500 headquarters and 14 fortune 1000 headquarters Site Selection ranked the region 6 th in the US for business expansion and new facilities 2 nd lowest business operating costs in the United States Labor force of 1.5 Million people within 50 miles of CVG Corporate diversity with 450+ foreignowned firms employing over 40,000 people

Cincinnati/Northern Kentucky has a healthy and diverse economy with more Fortune 500 companies per million residents than New York, Chicago or Los Angeles Aerospace Automotive Chemistry & Plastics Financial Services Advanced Energy Consumer Products Information Technology Life Sciences 3

Strategic Geographical Location CVG: 2014 Statistics Total Passengers 5.9 million Total Flights 133,518 4 52% of the Nations Population 53% of the Nations Purchasing Power 52% of the Nations Manufacturing Establishments

CVG Airport Infrastructure Single passenger terminal Two Active Concourses Automated Guideway Transit All Contact Gates (no ramp boarding) Room for expansion Four Runways: 3NS/1EW 18R/36L: 8,000 Feet 18C/36C: 11,000 Feet 18L/36R: 10,000 Feet 9/27: 12,000 Feet 133,000 Annual Aircraft Movements 9th Largest North American Cargo Airport Approximately 7,500 acres of airport property 5

DHL Hub at CVG Global super hub for DHL; employs nearly 2,400 at CVG Processes 2.6 million cargo pieces a month and sorts 92% of all US delivery shipments as well as all Canadian, Mexican, and Latin American shipments at CVG Connects over 100 service centers and international gateways in DHL s International network in the U.S. 6

Operating with Excellence #1 Best Regional Airport In North America * 5 Years in a Row! #2 Best Airport in North America * #4 World s Best Airports Serving 5-10 M passengers * #4 World s Best Domestic Airports * SAFETY ACT Certification Ranked # 1 as America s Safest Airport 7 * = SKYTRAX 2015

Insider Threat at World s Busiest Airport Atlanta December, 2014 a man carrying a backpack containing 16 firearms with ammunition flew aboard a Delta Air Lines passenger jet to Kennedy International Airport in New York from Hartsfield- Jackson Atlanta. Six people have been arrested as part of a ring smuggling guns and ammunition on planes from Atlanta to New York, in an investigation that revealed a "devastating breach of security," 8

Atlanta Airport Response to Insider Threat Incident: Full (100%) Employee Screening at Airport Portals 96.1 million passengers in 2014 6.8 million square foot terminal complex 63,000 Employees 9

U.S. Airport Industry Response to Atlanta Incident: Formation of Aviation Security Advisory Committee (ASAC) Working Group Committee formed January 8, 2015 24 Member Working Group comprised of airport operators, airline and cargo carriers, airport industry trade associations, Transportation Security Administration and Homeland Security and Analysis Institute representatives Report issued April 8, 2015 5 areas analyzed, with recommendations in each area 10

ASAC Areas of Analysis Five Areas of Focus: Security Screening and Inspection Vetting of Employees and Security Threat Assessment Internal Controls and Auditing of Airport-Issued Credentials Risk-Based Security for Higher Risk Populations and Intelligence Security Awareness and Vigilance 11

ASAC Report Key Findings: Security is a complex issue that requires multiple responses No single measure can provide broad-spectrum protection against risks or adversaries. Therefore, risk-based, multi-layered security offers the greatest ability to mitigate risks through the application of flexible and unpredictable measures to protect commercial aviation. 12

1. Security Screening and Inspection Recommendations: Random and unpredictable security measures are most effective means to enhance employee security TSA and DHS should utilize roving security officers, behavior detection officers and security inspections to conduct random and unpredictable employee screening and inspection Airport and aircraft operators should post signage at all portals to alert employees that they are subject to random screening/inspection 13

2. Vetting of Employees and Security Threat Assessment Background checks (required since 1985) are not enough: Use FBI Rap Back Service- immediate notification of criminal activity Update and review list of disqualifying employee offenses Provide airport operators with enhanced training on identification documents, identity fraud and behavioral analysis TSA should maintain national database of employees who have had badges revoked for cause TSA Security Threat Assessment should be enhanced to run foreign born employees against international databases. 14

3. Internal Controls and Auditing of Airport Issued Credentials TSA and airport operators should enhance auditing program requirements for airport issued identification media Establish biometric standards to enhance identity and badge verification Fine/penalize for failure to immediately report lost, stolen or unaccountable badges Restrict access privileges and/or reduce access points Enhance and expand CCTV and other measures to monitor employees 15

4. Risk Based Security (RBS) for Higher Risk Populations and Intelligence RBS requires continuous reevaluation due to changing vulnerabilities, better understanding of risks and new technologies Develop risk matrices for various employee groups using RBS principles Use social media to track and assess emerging threats TSA and airport operators should partner to conduct an Airport Risk Evaluation and provide all risk vulnerability assessments to appropriate parties TSA should analyze insider threat cases to create a model of predictive risk factors TSA, FBI and CBP should partner with airport operators on enhanced training and information on insider threat activity and suspicious indicators 16

5. Security Awareness and Vigilance TSA and DHS should consistently brief airport operators on results of security assessments Airport operators should develop and implement employee engagement/recognition programs for security TSA and airport operators should promote existing national anti-terrorism reward/employee engagement programs to increase security awareness and reporting of suspicious activity Establish anonymous tip line to receive employee security concerns 17

Insider Threat Considerations at CVG CVG is only airport in the United States to receive SAFETY Act certification and designation Support Anti-terrorism by Fostering Effective Technologies Act of 2002 or the SAFETY Act. The SAFETY Act provides important legal liability protections for providers of Qualified Anti-Terrorism Technologies - whether they are products or services In short, CVG meets or exceeds all Department of Homeland Security requirements through deployment of technology and human resources 18

Insider Threat Considerations at CVG Utilize best practice, multi-layered, risk based approach- Infrastructure Design new facilities with security standards (current and proposed) in mind Reduce access points for both passengers and employees Limit employee access based on job functions Limit access via badging credentials Establish and monitor secure perimeter Change locks and security codes on frequent but unpredictable basis Utilize CCTV and other visual surveillance technology throughout facility 19

Insider Threat Considerations at CVG Utilize best practice, multi-layered, risk based approach- Human Factors Utilize background screening for all employees Employ and empower Airport Security Coordinator Train all airport employees on aviation security considerations and insider threat potential require annual recurrent training Monitor social media and email communication of employees on a random basis Post watch tips in breakrooms and in concourses Utilize anonymous hotline to report concerns Reward employees for proactive behavior 20

Insider Threat Considerations at CVG Utilize best practice, multi-layered, risk based approach- Coordination with Security Agencies and Stakeholders Conduct regularly scheduled and ongoing meetings with all stakeholders to discuss security Work cooperatively with TSA and DHS taskforces stationed at CVG Act on recommendations following TSA and DHS assessments (funding always a consideration) 21

Summary--Recommendations Safety and security must be primary considerations Promotion of security awareness and vigilance must be led by the top but practiced actively throughout company No single measure can provide broad protection against risks and adversaries. Security measures must be multi-layered and unpredictable to protect against those who would cause harm 22

Thank You! Questions?

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback