One of the experts on aviation security in the UK is Andy Blackwell, the Consultancy Practice Director at 3DAssurance and former Head of Security at Virgin Atlantic. He was the first to implement the British Aviation Security Management System (SeMS) Framework. Since then he has remained a leading SeMS voice and has authored numerous articles on the matter.
Andy is also the joint owner of a partnership specializing in management systems of corporate risks. He speaks regularly at international security events – his upcoming engagement will be at International Security Expo, formerly the UK Security Expo. In this blog, Philip Ingram, MBE had the opportunity to sit down with Andy and gather his views on security in the airline industry.
So, Andy, what is SeMS?
Security Management System (SeMS) is an organised, systematic approach to security management that is embedded into the day to day activities of an organisation. It provides the necessary structure, policies and procedures to ensure effective oversight. In summary, a SeMS is an assurance system for security operations.
In a regulated industry such as the airline industry it also helps reduce costs and improve efficiencies by targeting security measures appropriately and measuring their performance. This allows organisations to satisfy EU quality assurance obligations under EC 300/2008. Also, by collecting measurable data that is of wider use to the Civil Aviation Authority (CAA) and the aviation industry as a whole, it helps to build the evidence case for a move to more performance-based regulation.
What are the current security priorities in your area and how do you see them developing over the next year?
I would like to emphasize the adoption of SeMS to organisations as being critical. It will help the aviation sector move away from the ‘terrorists act, then we react’ cycle to more informed security, threat and risk management.
A robust SeMS will also produce assurance beyond compliance under a simple framework that makes best use of an organisation’s resources, policies, systems and tools. In this way, the industry escapes from the costs and inefficiencies they cause.
The uptake of this framework is encouraging and will no doubt increase over the next year as more organisations realise the many benefits that it delivers. Key to this is international alignment of SeMS approaches and to avoid inconsistencies, confusion and duplication of effort.
How do we stimulate a better security culture?
We stimulate a better security culture by promoting a relentless focus on threat and risk, and at the same time helping organisations analyze their performance data. This will in turn help provide certainty of compliance. Sharing of mutually agreed data sets with regulators will optimise security oversight, build trust and identify areas where additional work is required.
Developing positive security cultures remains a priority as people are the strongest link in the security chain. Get this wrong and they can quickly become the weakest link!
Growing security cultures is a complex task which requires management commitment and leaders who ‘walk the talk.’ It’s so important to get the balance right, as too much security can be as damaging to a business as too little. However good your resources, policies, systems and tools are, a SeMS will not fully function without a positive security culture embedded throughout the organisation.
Are there any wider security issues that you believe the security community should look at as a priority?
The aviation sector is facing complex and persistent cyber threat activity at a time when connectivity between devices, aircraft and systems is increasing, therefore it’s important that the industry works with government and other key stakeholders to fully understand the cyber vulnerabilities across the sector. The ‘search for risks’ must include unintentional acts as well as deliberate acts by those with sinister intent.
What is next on your calendar?
I’m delighted to be speaking at the Aviation Security Conference at the International Security Expo in London on 28th and 29th November, along with my business partner John Wood, on the subject of ‘assuring security in an uncertain world.’ We will share the latest SeMS insights, tips and lessons learned from our work with clients and other key stakeholders in the UK and overseas.
The event provides excellent learning and networking opportunities due to the influential mix of industry and government stakeholders participating. My view has always been that collaborative approaches will help government and industry stakeholders achieve common goals, and International Security Expo provides the ideal conditions for this. It is a must attend event!