Page 17

3

Threat Assessment and Vulnerability Analysis

INTRODUCTION

This chapter provides guidance for federal agency administrators to obtain threat information relevant to an agency's buildings. The committee believes this should be undertaken through a formal means of threat assessment using liaison channels to disseminate information to appropriate personnel within the agency.

The building security program should also provide guidelines for the security management team to conduct a vulnerability analysis of the building. In this chapter, the committee offers vulnerability guidelines to help determine what elements of a building and its security program could be exploited by terrorists. Twenty-three areas of concern are listed; in Appendix A, these areas of concern are expanded into a sample checklist that illustrates how a vulnerability analysis could be conducted.

Other Reference Works

A great number of commercially available manuals and other documents exist to help security planners analyze the risk, conduct threat assessments, and undertake building vulnerability analyses. For example, Walsh and Healy (1987) is considered to be the basic



The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement



Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.

OCR for page 17
Page 17 3 Threat Assessment and Vulnerability Analysis INTRODUCTION This chapter provides guidance for federal agency administrators to obtain threat information relevant to an agency's buildings. The committee believes this should be undertaken through a formal means of threat assessment using liaison channels to disseminate information to appropriate personnel within the agency. The building security program should also provide guidelines for the security management team to conduct a vulnerability analysis of the building. In this chapter, the committee offers vulnerability guidelines to help determine what elements of a building and its security program could be exploited by terrorists. Twenty-three areas of concern are listed; in Appendix A, these areas of concern are expanded into a sample checklist that illustrates how a vulnerability analysis could be conducted. Other Reference Works A great number of commercially available manuals and other documents exist to help security planners analyze the risk, conduct threat assessments, and undertake building vulnerability analyses. For example, Walsh and Healy (1987) is considered to be the basic

OCR for page 17
Page 18guide in private industry for threat and vulnerability analyses; material presented is appropriate for managers of buildings as well as security personnel. James Broder (1984) presents a thorough primer on the subject of risk analysis, including the identification of vulnerabilities and threats, measuring and quantifying risk, and quantifying and setting priorities for loss potential. Reber and Shaw (1980), in a book aimed primarily at executive (personnel) protection, presents vulnerability surveys based on past terrorist incidents against multinational corporations. Finally, Gigliotti and Jason (1984) discusses levels of physical security culminating in the concept of maximum security—the integration of a number of elements in a security program. The committee urges security planners and managers to keep current, through the literature or otherwise, with developing security technologies and with new security management techniques. THREAT ASSESSMENT It is necessary to establish a base line or minimum acceptable level of protection for a federal office building to be able to determine an acceptable risk. Because the threat will change over the life of the building, it is important to establish this minimum acceptable level of protection that is required as the basis for any redesign or modification. For example, a minimum level of protection could require that all building exit doors to be secured, alarmed, or guarded. The level of threat establishes the level of protection that is required, and it is the threat trend over a long period of time that should establish the level of building protection. For example, a building that is designed and constructed for today's identified threat does not take into account that the building will be in existence for 40 years or more. Terrorism Threat Analysis A terrorism threat analysis involves assessment, quantification, and measurement of the risks that a building will be the target of a hostile act. While it is difficult to anticipate the conduct of a terrorist acting in isolation, as soon as a terrorist acts in concert with others or acts in a repetitive fashion, opportunities exist for gathering information. In the hands of the right parties,

OCR for page 17
Page 19this information can be useful in assessing the threat against other buildings, and, therefore, in preventing the same terrorist from being successful a second time. There are some obvious considerations: The pertinent information must first be gathered, and it must be made available (either routinely or upon request) to the party who can do something with it. Terrorism threat analysis involves intelligence gathering and sharing, which, if successful, may actually help reduce risk or prevent a terrorist incident. The magnitude of the potential threat must be evaluated before resources are committed for either temporary or permanent security measures. This evaluation involves analysis of at least two categories of information: (1) those variables unique to each federal agency because of its nature or mission (real or perceived), and (2) consideration of the variables that pertain to all federal office buildings simply because they are that. The former may be viewed as the individualized aspects of a threat assessment effort, and the latter as the generalized. The nature or mission of the federal agency is important to the extent that history may show a pattern of that agency's buildings being a target of terrorism. Quite obviously, a federal day care center would differ from a military intelligence office, and knowledge of the history of hostile acts against a type of federal agency may be among the most important components of a terrorism threat assessment. However, even when no evidence exists that a given type of federal agency previously has been targeted, a threat analysis is far from complete. Information regarding the existence and activities of terrorists whose expressed or logical aspirations are opposed to the federal agency may be as important as the consideration of historical patterns. The foregoing factors—i.e., the nature of an agency, the historical pattern of terrorism against such an agency, and the existence of militant organizations with hostile intentions toward the agency—are the primary components of a terrorism threat assessment. General considerations exist as well. Any federal agency can be a target of a terrorist with an undifferentiated hostility toward the U.S. government. The terrorist may strike merely because the agency or a federal building is: (1) the only federal presence in a community, (2) the most conspicuous physically, (3) the most conspicuous symbolically, or (4) the most vulnerable.

OCR for page 17
Page 20 Moreover, because terrorism is cause-motivated and symbolic targets with a high publicity value are preferred, contemporary events and political incidents can increase or diminish the likelihood of a given building becoming a terrorist target. Therefore, generalized considerations can quickly become individualized considerations. Who Has Jurisdiction? Planning for and responding to many types of terrorist activities require the coordinated efforts of several federal law enforcement agencies, each with different subject matter jurisdiction. Additionally, because some federal office buildings are rented, or are on or adjacent to property not under the exclusive control of a federal tenant, the jurisdiction of local authorities may be involved. In other words, the statutory authority of a given enforcement body and the location of an incident may have an impact on both the preventive measures undertaken in advance of an anticipated hostile act and on the response in the event that one occurs. These considerations may not only influence the effectiveness with which a hostile act is handled, but also may affect whether or not a terrorist who is apprehended can be prosecuted successfully. Therefore, it is prudent to address jurisdictional issues at the time that threat and vulnerability assessments are undertaken. Accordingly, once enforcement coordination issues are resolved from an operational standpoint, the agency in question should assure that jurisdictional complications are not likely to arise. Who Has the Information Necessary to Make the Assessment? Because a threat assessment involves generic information as well as information unique to each agency, the information that is critical for a proper assessment may repose in several locations. Local information (information unique to an agency and already in the agency's custody) is an internal information management matter. It is the responsibility of each federal agency to assure that information pertinent to a threat analysis is in the hands of the party responsible for making the analysis. * But in many

OCR for page 17
Page 21federal office buildings there may be several federal tenants, not all of which may possess critical information (either because it was developed by or is uniquely applicable to another tenant). The problem with this is that a hostile act, even though targeted at one federal agency, may cause equal damage to a neighboring agency. There may be critical information available in the hands of several different parties, but not necessarily all pertinent parties. * Walsh and Healy (1987) recommends that threat assessments should be in the domain of an organization's security planning group. This group might include representatives from each of the following organizational disciplines: security, legal, finance, personnel or human relations, communications, and international operations. Domestic terrorism intelligence is currently the concern of the Federal Bureau of Investigation (FBI). The FBI's Domestic Terrorism Unit has access to intelligence regarding foreign terrorism. For example, the Deputy Assistant Secretary of State for the Diplomatic Security Service is required to “consult regularly with federal law enforcement and intelligence agencies, including the Federal Bureau of Investigation and United States Secret Service...” as well as with state and local law enforcement agencies with respect to certain security matters (22 C.F.R. Part 2a). That consulting should result in intelligence sharing and should transpire between all federal intelligence agencies and the FBI. Thus, the FBI, in most cases, should be privy to whatever pertinent information might exist. Although the FBI has indicated that it does dispense specific terrorism threat information to agencies on an ad hoc basis, no formalized system or periodic reporting mechanisms are in place. * More noticeably, no obligation or system exists that would encourage, require, or even facilitate agencies or tenants of federal office buildings to share threat information with the FBI or other building tenants. This is not to say that information sharing is not done, but rather that in each instance whether it is done, when, by whom and to whom are all uncontrolled variables. *Mr. Donald Wofford in his April 24, 1987 oral presentation to the committee. To summarize, intelligence pertinent to a terrorism threat may be in the possession of a specific federal agency, developed by itself or obtained from others. The intelligence, however, may not necessarily be in the hands of the proper parties within that agency. It may be in the hands of federal law enforcement and

OCR for page 17
Page 22intelligence agencies in general, and the FBI Domestic Terrorism Unit in particular. However, there does not now appear to exist a formal system for the reporting or sharing of such information between building occupants or enforcement agencies to the extent that it would be useable for effective threat assessment planning. The Domestic Terrorism Unit is the most likely central federal office to have responsibility for the coordination of information pertinent to a threat assessment The committee believes that a formal means of threat communication should be established between the security management team (for the building occupants) and law enforcement agencies that possess the information. Who Can Use the Information? Information concerning threat assessments would be useful to at least the following: (1) the appropriate management official of each federal agency in the building, (2) the security personnel responsible for the building, (which may be under the control of an agency tenant, the General Services Administration, the building manager, or a contractor), (3) the building managers who may be federal employees or private sector employees in the case of leased space, and (4) individual employees, especially to the extent that their vigilance may help prevent an anticipated hostile act. What Is To Be Done With the Information? Perhaps the weakest link in the process of threat assessments is intelligence or information sharing. The issue is especially complicated by the fact that pertinent information is often classified, and those who need it most may not have appropriate clearances. Even if no classified information is involved, tedious bureaucratic processes, which may be tolerable in non-emergency situations, become intolerable in life-threatening situations. Finally, the wide dissemination of information, while desirable for obvious reasons, may be counterproductive because the terrorist may acquire information that will increase the probability of success. When reliable information ends up in the hands of the right party, the threat assessment conclusions should be mated with other pertinent information, such as the building vulnerability

OCR for page 17
Page 23analysis and available observations regarding the consequences of a successful terrorist act. Checklist for Threat Analysis The following questions will help those responsible for preparing a threat assessment and will serve as a checklist that all elements are considered: 1. What factors about your agency and its mission invite potential hostility? 2. How conspicuous is your building? 3. How vulnerable does your building appear? 4. What current political event(s) may generate new hostility toward you? 5. Have buildings like yours or activities performing functions like yours been targeted in the past? 6. What groups exist with known violent propensities, whose social or political positions are antithetical to yours? 7. Is any group a current suspect in an investigation of any act of terrorism, foreign or domestic? 8. What information do federal law enforcement officials have with respect to your concern? What information do local law officials have? 9. Who else might be in a position to have pertinent information? 10. Who else should be notified of the information you have within your organization, within your building, near your building? 11. Have federal and local law enforcement officials been sufficiently involved in planning activities? 12. Do local medical or health facility officials need to be alerted or involved in your planning? VULNERABILITY ANALYSIS A definition of building vulnerability is any weakness in the physical plant, a flaw in the building security program, or a hole in the carrying out of the program. Simply put, vulnerability is anything a terrorist could take advantage of to carry out a threat. A terrorist threat can be one or a combination of at least four types: (1) to kill, injure, or kidnap (hold hostage) persons, (2) to damage

OCR for page 17
Page 24property, (3) to steal or destroy information or materials, or (4) to halt operations. Typical weapons used by terrorists include handguns, rifles, automatic weapons and improvised explosive devices. Tools and equipment for entry may include simple tools for barrier penetration, false credentials and communication equipment. Many terrorists are trained in weapons tactics, explosives manufacturing, forgery, codes and security. Therefore, a vulnerability checklist should target the characteristics of the building and its personnel that terrorists could easily exploit. Vulnerabilities can be determined by any or all of the following four methods: (1) interviewing key personnel at the building, (2) conducting field inspections and observations, (3) reviewing documents, and (4) undertaking field testing of hardware and electronic systems. Reports of past incidents provide excellent data for the occurrence rates and probability determination. If these reports are not available, they should be recreated through interviews (Sennewald, 1985). Any vulnerability analysis made by the security management team of a given building should consider that some agencies (e.g., those with a degree of public access) are more susceptible to a hostile attack than others, and that some agencies are at a relatively higher risk of being targeted than others. If an agency cannot be adequately protected in a particular building, or if the mere presence of such a relatively high-risk tenant imposes excessive security restrictions on other less-sensitive tenants, relocation of the high-risk tenant to a different building should be considered. Agencies that manage federal office buildings, such as the General Services Administration, should give careful consideration to the proposed agency occupancy mix when planning new buildings and relocating tenants. The following list shows 23 areas of concern that a vulnerability survey should include. Appendix A presents an example of a vulnerability checklist that can be used by the security management team as a base line of information to be considered when developing the vulnerability analysis. The areas of concern are: 1. Security manager (general checklist/verification information) 2. General facility function and tenants - Ownership or occupancy - Number of employees

OCR for page 17
Page 25 - Tenant agencies and missions 3. Building construction, perimeters and entrances. - Envelope construction - Number/type of entrances - Type of perimeters and access to building 4. Vehicle movement and controlled areas - Public/employee parking areas - Traffic control zones 5. Lighting systems and locations - Site lighting - Building lighting - Security lighting 6. Locking controls - Keying systems - Positive ID systems - Area control systems 7. Alarms - Locations - Control personnel - Devices 8. Guard force - Number of guards and posts - Terrorist training and review - Guard functions and review 9. Employee and visitor controls - Positive ID systems - Visitor access procedures/clearance 10. Mail handling areas - Processing areas - Inspection procedures - Outside storage areas 11. Information (control of classified) - Check-out procedures - Disposal 12. Trash pick up and scrap control - Location of pick-up areas - Fixed pick-up hours 13. Personnel security checks 14. Symbolic characteristics of the building - VIPs in building - Shrines, museums, etc.

OCR for page 17
Page 26 15. Availability of anti-terrorist security force 16. Secured communication lines - Primary/secondary 17. Response time of security force 18. Location in or outside of urban area 19. Geographic region and proximity to foreign borders 20. Access to the building by the public - Roads - Airfields - Waterways 21. Surrounding terrain - Built-up - Mountainous/open 22. Utilities location - Air intake - Potable water - Power: primary/secondary 23. Site analysis - Vegetation - Land use - Circulation, (vehicles/people) - Lines of sight - Lighting (area/security) - Services (police/fire/medical) NOTES Walsh, T.J., and R.J. Healy. 1987. Protection of Assets Manual. Santa Monica, California: The Merritt Company Publication. Broder, J. 1984. Risk Analysis and the Security Survey. London: Butterworth Publishers. Reber, J., and P. Shaw. 1980. Executive Protection Manual (Second Edition). Schiller Park, Illinois: MTI Teleprograms, Inc. Gigliotti, R.J., and R.C. Jason. 1984. Security Design for Maximum Protection. London: Butterworth Publishers. Sennewald, C.A. 1985. Effective Security Management (Second Edition). Boston: Butterworth Publishers.