Sobran cornerFacing the challenge: Protecting critical infrastructure in an apathetic environment // By M. K. James, SoBran, Inc.

Published 18 December 2009

Security measures which, in the immediate aftermath of the 9/11 terrorist attacks, were accepted as necessary for defending our way of life, are now viewed as unreasonable and irritating disruptions; critical infrastructure security programs are viewed as intrusive, unnecessary, and a financial burden; managers are under pressure to modify or minimize security processes and protocols in an effort to reduce cost, delays, and personal disruptions; this retreat to a pre-9/11 mind-set is dangerous because the risk has not disappeared; for security professionals, mitigating this growing apathy and instilling a continuous yet realistic level of threat understanding and awareness is now a most challenging task.

“Science may have found a cure for most evils; but it has found no remedy for the worst of them all — the apathy of human beings.” Helen Keller

2001 — America is attacked and we declare with one voice that we will not bend to the demands of those who would use terror against us. We insist our officials take action, and willingly agreed to the changes they said were necessary to insure the long-term sustainment of our way of life. We accepted new restrictions and security protocols. We unlocked our suitcases, took off our shoes, allowed our mail to be irradiated and screened, tolerated long lines, answered a seemingly endless litany of personnel questions, and subjected ourselves to previously unthought-of levels of intrusion, all in the name of national security.

At the same time we proudly displayed the flag from our houses, offices, vehicles, and lapels. We attended memorials, volunteered our time, and gave historic sums to charity. We stood together, strong, determined, unwavering.

2009 — TSA, Border Patrol and Customs Agents who once earned our thanks, patience, and respect are treated with distain and rudeness, their mission now viewed as an unreasonable disruption to our oh-so-busy lives. Critical infrastructure security programs are viewed as intrusive, unnecessary, and a financial burden. Managers are under constant pressure to modify or minimize security processes and protocols in an effort to reduce cost, delays, and personal disruptions.

Those flag waiving citizens who were so willing to do whatever was necessary to guarantee our security have been replaced by an apathetic public inflicted with an advanced case of “out of sight, out of mind” disease. We are back in our pre 9/11 comfort zone. We get up, go to work, and return home without giving security a second thought. We feel safe, protected, unthreatened, and are more concerned about the “jerk” that cut us off on the interstate than terrorism.

Senior management is not immune from this apathetic mindset. Why should an agency or company dedicate resources and personnel to enhance security against a seemingly nonexistent threat?

As security professionals, mitigating this concern and instilling a continuous yet realistic level of threat understanding and awareness is now our most challenging task. The approach that we take in addressing this issue is critical. Here are a few points to remember:

Cybersecurity sector report from Homeland Security NewsWire