Home       Previous newsletters

29 March 2004

1. Brief News from Engineers Australia
2. Brief News
3. Woomera explosives trial
4. New business-government forum announced
5. Two new industry representatives join the Critical Infrastructure Advisory Council
6. Bid lodged to establish a CRC for Security, Risk and Data Intelligence
7. Maritime Security Framework being assessed
8. Rational for the proposed Australian Government Department of Homeland Security

1 Brief news from Engineers Australia

1. Bruce Howard, Security Commissioner appeared in the 15 minute segment on the ABC TV program, Inside Business, on 7 March. The segment was called "Corporate Australia ups security measures". The segment focused on corporate risk management in an era of terrorism. The transcript and streaming video of the segment is available here.
2. Bruce Howard, Security Commissioner, and Athol Yates, Associate Director Policy, attended as observers Exercise Twilight on 23 March 2004. The exercise run by the NSW State Emergency Management Committee (SEMC) examined the interdependencies amongst key infrastructure. These exercises will be based on a scenario of a major power outage designed to identify the effects across a wide range of infrastructures and service providers. SEMC is planning 3 more related exercises over the new few months. They are Exercise Flashlight which will address more detailed issues of selected infrastructure; Exercise Moonlight which will address issues of additional infrastructure; and Exercise Sunlight which will deal with Recovery issues. Information: Brendan Beckett on Ph (02) 8247 5913 or brendan.beckett@oes.nsw.gov.au.
3. Engineers Australia was mentioned in the article " Terrorists tipped to target ships" in The Sun-Herald, 21 March 2004. Read it here.
4. Athol Yates, Engineers Australia was mentioned in the article "Today, fortune favours the cautious" in The Australian on 28 February 2004. The article discussed the potential "security dividend" of derived from better protecting a business.
5. Engineers Australia was mentioned in the article "Safety boffins and bosses plan to battle the suicide bombers" in The Australian on 28 February 2004. The article focused on the upcoming workshops on preventing suicide bombing.

2 Brief news from around the country

1. The chair of the Critical Infrastructure Advisory Council (CIAC), Ian Carnell, Deputy Secretary, Criminal Justice and Security Group is moving on. He has been appointed as the Inspector-General of Intelligence and Security, replacing Bill Blick.
2. It appears that the CIAC's Futures Expert Advisory Group will be looking at 4 areas: strategic security environment; business governance; technology changes and social/demographic changes.
3. It appears that a mission is being planned to identify around the world best practise in the mass transit security. The mission will be probably headed by the Secretary of the Department of Transport and Regional Services, and include senior State transport bureaucrats, and representatives of the police.
4. The Adelaide Advertiser on 17 March 2004 reported that in South Australia the " private sector was better-prepared than the public sector, but many companies had their top security in the wrong place, said former deputy police commissioner Neil McKenzie". Mr McKenzie was the head of the State Government's Critical Infrastructure Review Project. The project had identified that 140 facilities as crucial infrastructure, including utilities, energy producers, communications, transport and health.
5. The Sun-Herald on 14 March 2004 reported the NSW Premier Bob Carr stating "The lesson out of Madrid, as out of Bali, is that they [terrorist] go for soft taregts. They go for any building anywhere, any time and that's very sobering".

3 Woomera explosives trial

Engineers Australia is organising a group visit to the Woomera explosive trial to observe the impact of detonations on building elements. The tour will observe the detonation on 5 and 6 May 2004 of 5 Tonnes of high explosive.

The tour will be very relevant for engineers working in physical security design, security risk management and blast resistant design. It looks like it will be an exciting trail as you will be able to observe the blast effects on two metal commercial buildings, US-supported above and below ground bunkers, Singapore-supported earth blast walls, blast resilient glass and a host of other experiments.

Draft program
5 May 2004
6:30am flight on Regional Express from Adelaide to Olympic Dam. Return flight $620.40.
8:30am arrive in Olympic Dam. Travel to Woomera Defence Corporate Support office to check in for site tour.
12:30 site tour departs Woomera for trials range. Tour of tour range and experiments.
4:00 travel to Roxby Downs Motor Inn. $110 per night single room tel (08) 8671 0311
6 May 2004
Travel from Roxby Downs to Woomera.
8:30 arrive at the trials range gate for the blast
10:00am blast Investigation of blast impact Drive from Woomera to Olympic Dam 4:15pm flight from Olympic Dam to Adelaide

Costs
Thus the cost for the flights and hotel will be $720 from Adelaide. Other costs will be the shared cost for 2 days of an Avis Tarago ($250 = $31 per person), and food. If you would like to come, then call Athol Yates on 0402 419 583

In case you need it, the defence contact is Major Keith Parker, 02 6265 7974. He will be preparing a detailed joining instruction for the site visit over the next few weeks. This is a great opportunity to see engineering blasts test and look forward to seeing you on the tour.

4 New business-government forum announced
The Commonwealth has announced that it will be forming a forum to further strengthen the partnership between industry and government in the effort to protect Australia against terrorism. The Ministerial Forum will bring together ministers responsible for dealing with the threat posed by terrorists, including Defence Minister Robert Hill and Foreign Minister Alexander Downer, plus heads of government agencies. It will also provide chief executives with access to high-level briefings. Attorney-General Philip Ruddock will chair the briefings.

The Forum will provide an opportunity to

• provide a high level briefing on the current high level security environment.
• outline relevant Government initiatives and examine arrangements involving both Government and industry.
• consider further ways that Government and industry can work together to advance the counter-terrorism and critical infrastructure protection agenda.

The announcement was made by the Prime Minister at a business conference. In introducing the initiative he stated that "the Government is working in partnership with the business community to strengthen security arrangements, especially in areas such as transport security and critical infrastructure". "But there is more that we can do together and in that spirit I've asked the Attorney-General to convene a Ministerial Forum with business leaders to further strengthen that partnership and that meeting will review our domestic capabilities and be an important step towards mitigating the dangers posed to the economy by terrorism."

A media release, media interview and newspaper article quoting the Attorney-General provide the justification for the new body. Points of significance include:

• cooperation with industry is absolutely essential to national security and counter-terrorism
• industry must play a key role especially in prevention and response activities
• businesses need to broaden their risk assessments to include the full range of risks, including from terrorism and should involve boards and top management
• chief executives and company board members need to take a far more "pro-active" role
• companies need to do more as no government is able to fund every security-related initiative that might be necessary to protect all critical infrastructure
• a prudent manager needs to take those sort of risks into account and need to be properly advised on them, plan accordingly, and make provision of resources
• the case for a stronger government-industry partnership was highlighted by recent bleak assessments from Washington, Jakarta and London on the likelihood of more terrorist attacks
• planning for possible attacks is now an essential element of good corporate governance, and businesses should contemplate doing simulations to test whether their arrangements are up to the mark in the event of a terrorist incident
• if terrorist activity is likely to bring your business to a grinding halt, prudent corporate governance arrangements require that the senior people - chairman, CEO, board - are involved in decision making

Effort was made to ensure that this new business-industry initiative was differentiated from the Trusted Information Sharing Network. " The TISN has an important sector focus whereas the forum announced by the Prime Minister will provide a link with senior industry figures", stated the Attorney-General's media release.

According to a spokesperson for the Attorney-General, the decision to form this Forum was made by Prime Minister. Many of the details regarding the Forum are still be worked out including which government group will provide the administrative support for the Forum. It is likely this will be the PSCC or the CIP Branch, both within the Attorney-General's Department.

It is expected the Forum will be held before the middle of the year.

Following the Forum's announcement, a spokesperson for the Attorney-General said that numerous businesses have expressed interest in getting briefings. He suggested if additional businesses wanted to be involved, they should watch for details on the Department's website.

An important reason for establishing the Forum was identified by the Attorney-General. "It is important, and I've been told over a period of time by people who are involved in decision making in industry, that it is crucial that there be a whole-of-organisation approach to dealing with those issues and that means it has to start at the top and operate throughout the whole of a business."

This initiative addresses some of the major issues raised by Engineers Australia. These are that while risk and security managers within companies recognise the vulnerabilities of their businesses, many CEOs and company boards have not. Consequently the resources and senior management support nay have not been provided to treat the risks. In addition, the Forum also addresses the concern that while TISN is sector based (which is appropriate), for those companies outside areas deemed "critical", there has been no formal way they can be engaged in enhancing national security.

Consequently Engineers Australia strongly welcomes this initiative. "We have identified that effectively engaging CEOs would be a major advancement in making Australia more secure", said Bruce Howard, Security Commissioner, Engineers Australia. "Specifically in a June 2003 report called Securing Critical Infrastructure and the Built Environment, we highlighted that not enough attention has been given to influencing business so that it incorporates security as a central concern of its activities." The report at the time stated that there had been little demonstration of attempts to inject the security dimension into the corporate governance debate, into procurement guidelines or into definitions of good corporate citizenship" (section 5.3.2)

"In addition, we identified that creating business awareness of the changed security environment was a key research priority to enhancing protection of critical infrastructure and the built environment", said Mr Howard. This was one of the 6 key research priorities as stated in the 2004 report Thematic research priorities for the protection of the built environment including critical infrastructure.

This report identified a range of impediments related to substantially increasing business awareness of the changed security environment including:

• lack of corporate awareness of the risks that infrastructure organisations are facing
• lack of willingness to treat risks
• failure to integrate security considerations into governance frameworks
• lack of business awareness that sound business/infrastructure risk management, security and resilience can be a long term revenue enhancer
• lack of business tools to demonstrate the business case and financial benefit of addressing business continuity and other protection activities
• lack of benchmarks and metrics for effective security investment
• lack of education initiatives (eg workshops and briefing sessions) to address awareness problem
• lack of management funding once the problems have been identified in internal reviews of business risks · confusion over the utility of insurance as a way of treating all risks
• lack of integration of security into the issues of consideration for all professionals and managers

5 Two new industry representatives join the Critical Infrastructure Advisory Council

Two additional industry representatives have been appointed to the Critical Infrastructure Advisory Council (CIAC). The CIAC coordinates the work of the Trusted Information Sharing Network for Critical Infrastructure Protection (TISN) which was established in November 2002 to provide a mechanism for advice to government on the protection of Australia's critical infrastructure.

They are Mr Mark Loves, Corporate Security Manager, Optus who represents the communications sector Infrastructure Assurance Advisory Group (IAAG) and Mr David Kindon, CEO, Australian Diagnostic Imaging Association and Australian Association of Pathology Practices who represents the health sectors IAAG.

The CIAC comprises representatives from relevant Australian Government departments and agencies, each of the States and Territories and the National Counter-Terrorism Committee. The CIAC also includes a representative from each of the designated Infrastructure Assurance Advisory Groups (IAAG) of the TISN, reinforcing the important role the private sector plays in protecting our national critical infrastructure.

Six industry representatives have now been appointed to the CIAC, covering the banking and finance, communications, energy, food chain, health and water services sectors. Representatives from additional sectors are expected to be appointed soon.

6 Bid lodged to establish a CRC for Security, Risk and Data Intelligence

A Preliminary Business Case has been lodged for the 2004 Selection Round for the formation of Cooperative Research Centre on Security, Risk and Data Intelligence.

Called the CRC for Security, Risk and Data Intelligence, it aims to research and develop knowledge, capacity, competency, products and services in the areas of data and systems security, risk, and intelligence. Activities will include modelling and threat analysis, design and development of protection mechanisms and systems for trustworthy computer systems and the interface between the built and cyber environments of critical infrastructure.

• To help provide a national focus for security related research.
• Creating proof of concept demonstrators leading to commercial outcomes for Australian industry.
• To help deliver the requirements of the Government's policies for national emergency response.
• At least 24 Ph.D. level and 50 Research Masters trained in data security and risk technology.
• A national data security and risk curriculum at undergraduate university level. · Business education programs on data security and risk technology.
• Measurable improvement in Australia's Security, Risk and Data Intelligence and the public's perception of Australia's capability.
• At least six spinout activities providing the main mechanism to commercialise research outcomes

Information: Dr. Peter Beadle, 0417-416-231, peter_beadle@worxpace.com Key outcomes from the CRC will include:

7 Maritime Security Framework being assessed

Australia's maritime security framework will be assessed by the Secretaries' Committee on National Security (SCNS). This was announced by Deputy Prime Minister and Minister for Transport and Regional Security, John Anderson on 21 March 2004.

The new assessment of maritime security will bring together key intelligence, transport, border control and security experts to ensure Australia's systems are positioned to meet emerging threats. As with the aviation security SCNS assessment conducted in the second half of last year, the maritime security review will aim to ensure Australia is actively managing its transport security environment. The maritime security SCNS assessment will build on the significant body of work already underway in the transport security sector.

Mr Anderson said that "Our legislative efforts have greatly strengthened the transport security framework. The Maritime Transport Security Act will enable greater protection of Australia's maritime sector and trade interests. The new Aviation Transport Security Act enables the introduction of a broader range of aviation security measures.

"Australia is committed to meeting its international obligation of 1 July for compliance with the International Ship and Port Facility Security Code. More than 90 per cent of security plans from maritime industry participants are now lodged, and the handful of outstanding plans is expected within the next week.

"The aviation security regulatory regime has been significantly expanded, including a move to cover all airports and domestic freight. The Office of Transport Security has been established within my Department, while the Government responded to the SCNS review of aviation security with a package of measures last December costing $93 million.

"Recent events in Spain reinforce that no one can afford complacency. Since September 11, the Government has worked with industry and the states and territories to put in place a robust transport security framework.

Based on an interview with Laurie Oakes on the TV program 'Sunday' on 21 March 2004, John Anderson provided additional information on the need for the security review.

Anderson said that the review was needed to address concerns about maritime security. "Explosives on ships - there are a surprising number of potential bombs, if you like, that do go through our harbours.". Other threats include hijacked ships, al Qa'eda's own fleet, weaponised goods on ships such as gas, and smuggling in terrorists.

Another reason for the security review is that there is to increase the effort by some state governments. Anderson said that "I would make the point firstly that we've been keen to co-ordinate with the states what they do, to make sure there is uniformity across the nation, and again I think we've had pretty good co-operation from the police states, but I will make one observation - I'll put just one gentle warning shot out there, transport departments have to be involved in this. I've set up a full division of transport security federally, and the states must take it equally seriously."

He also stated that "The record has not been as uniformly strong as it might be. There's just a gentle warning shot to a couple of states. Have a look at what your transport departments are doing. Are they taking it seriously enough. For example, at a high watermark, what was done in Sydney in preparation for the Olympics was very high quality stuff. And many of the measures that could reasonably be adopted are operational here. But there are a couple of other states where they're not taking seriously enough simple things. Like lockers for bicyclists who bicycle into the railway station. That's a good thing to encourage. But leaving those lockers there can be potentially very dangerous. Receptacles for rubbish, and where they're placed. Those sorts of things. So just a warning shot there. We'll be after that."

8 Rational for the proposed Australian Government Department of Homeland Security

In an interview on Sunday Sunrise on 7 March, Robert McClelland, Shadow Minister for Homeland Security, provided an outline of Labor's proposed Department of Homeland Security and the reasons for it. He had recently returned from a US fact-finding mission in which he met the chief of staff of Tom Ridge, and senior representatives of the FBI, the Department of Homeland Security, the Coastguard, the ports and aviation.

To the question of what were the difficulties of creating the US Department of Homeland Security by merging many disparate government agencies McClelland observed that "departments have built up their own cultures over time and there was difficulty merging the cultures in a couple of the areas, [notably] Customs and Immigration. But a year down the track, they're convinced that the merger, in particular, of Customs, Immigration, Quarantine, as well as having the Coastguard capacity, has given them specific benefits. There's daily cross-flow of information."

McClelland claimed that the key to bringing bureaucrats together from different organisations was a major event, such as September 11, or you need a change of government while saying that the change "is in the national interest". McClelland said that you needed to state that efficiencies can be obtained, there are benefits of information sharing in the national interest, and "with respect to your position in the public service, it has to take a second place to the national interest".

The rationale for mimicking the American DHS model was identified by the US experience, according to McClelland. "Their research after September 11 found that the information silos of the respective agencies may, indeed, have been an impediment to them finding out about the terrorists, and this is why they wanted to draw all the agencies together under the one department, so that there is daily cross-flow of information in intelligence on an operational sense." He noted that while there has been considerable inter-agency cooperation in Australia, you are not getting the cooperation "lower down - literally, the Immigration officers, the Customs officers, the Quarantine officers on the job on a daily basis. We saw them operating together, for instance, in Los Angeles Airport. They literally said that the ability to have the cross-flow of information made them far more efficient and effective.

Rather than revamping the existing agencies, McClelland advocated merging them. "The problem with revamping what we've got now is - yes, you can have cooperation at the top, but until you break down the walls of the silos so that there is cooperation, communication on a daily basis, you are going to be far less effective, particularly in the intelligence area. Again, it may be a controversial issue, but in terms of the boat that's arrived on the Ashmore Reef - we're seeing immigration officials there, we're seeing Federal Police officials there, we're seeing Naval officials there, we're seeing Customs officials there, and we still don't know what the full story is."