menu

Ken DunlapBy Ken Dunlap

Last week Peter Neffenger challenged his TSA to “re-envision the entire system as an integrated whole.” That’s what great leaders do—they set their sights on a destination and inspire their people with great ideas. I applaud him.

Great visions, however, also require great strategies. If the vision is the destination, then the strategy is the flight plan. TSA needs to get back to basics on strategy development if it hopes to fulfill Neffenger’s vision.

In this ongoing series, we discuss the six key reforms that can lead to a more strategic and effective agency (i.e., TSA 2.0). Part 1 of this series advised that the Office of Security Operations (OSO) should be moved out of TSA. The next priority, greatest responsibility and most important contribution to national security for a TSA 2.0 is the development of a commonly shared and understood grand strategy to ensure that our security capabilities outpace the threats over time.

Every day, this nation confronts persistent adversaries as they attempt to engage in a cycle of increasingly ruthless attacks. What is more, the American people often observe that TSA is prone to “knee-jerk reactions.” Industry grumbles that ever-expanding security regulations are too complex to understand (much less effectively implement). And America’s allies complain that the “our way or the highway” mentality wastes scarce global security resources.

Now, more than ever, TSA needs robust sector-wide counter-strategies. But we’re not there yet because we have collectively placed grand strategy development on the back burner for more than a decade. By focusing a disproportionate amount of national attention on new and novel attack scenarios, we’ve neglected our game plan. As the military says, “All tactics and no strategy.”

So where is TSA now on strategy development? Stakeholders are taking away from all of the various forums on strategy that the focus of TSA efforts and strategy in the upcoming years will be the integration of technologies used in screening people and things. Maybe a bit of DARMS (assigning risk scores to flights/people/cargo) is thrown in as well. In short, integration and strategy are understood to mean the same thing in many parts of the TSA.

That’s in error. We should be asking, “Where does integration fit within the broader continuum of an overarching strategy to upgrade our national capabilities?”

In my view, integration should be viewed as a waypoint on the map and not the entire flight plan. Such confusion will never realize Neffenger’s vision. TSA 2.0 needs to develop in collaboration with industry a back-to-basics approach that results in the development of a long-term strategy linking the trajectory of the threat to security capabilities and closing gaps over time. With this strategy in place, fundamental changes can be made to security screening procedures, the structure of the security programs, and the mutual recognition agreements we enter with other nations.

There are two fundamentals to this exercise:

Fundamental 1: TSA needs to put in place a permanent mechanism whereby the threat trajectory is fully shared and collaboratively analyzed with relevant stakeholders. No better example for TSA 2.0 can be found than the FAAs Commercial Aviation Safety Team (CAST). This group of preeminent government and industry experts use data to identify trends in safety and develop solutions. How’s about a Security Team for each sector TSA oversees?

Such a body would be key to developing data-driven and outcome-focused risk based security frameworks. This will assist equipment vendors in understanding what capabilities to build towards over time and allow them to provide feedback on the limits of physics to help define what can be built. It would allow industry to provide guidance/feedback on specific policies and procedures to close gaps and complement existing capabilities.

Fundamental 2: Put the strategy down in writing and have it serve as the foundation for everything that follows. While TSA bears ultimate responsibility for the creation of the strategy, the Security Team would serve as the ideal forum for providing peer review. Most critically, it would help with the development of the robust business cases that should serve as the foundation for key parts of the strategy. But these are not just profit and loss statements. Each business case needs to answer the order of magnitude that an identifiable risk is brought down and the order of magnitude that it plugs a hole in the existing system. If these answers are not immediately apparent, unmeasurable or statistically insignificant, we need to send it back to the lab or policy shop.

Arguably, “grand strategy” is an outdated term, but it defines the focus on where TSA 2.0 needs to go. It needs to be an organization moved by strategy and not by events. Cam Newton says it best: “My thing is to execute the given play, execute the game plan to the best of my ability. If the option is for me to make a play when I have to, I will. Or I’ll put myself in the best situation to do so.”

In the next installment, we look at the role of innovation in creating TSA 2.0.

Ken Dunlap is a Senior Fellow at the George Washington University Center for Cyber and Homeland Security. For more than a decade, he led many of the International Air Transport Association’s (IATA) key government affairs activities relating to airports, passengers, cargo, and security. He launched and guided the Checkpoint of the Future program for IATA, and he has testified on global aviation security issues before the U.S. Congress and Canadian Parliament.