bruce avrill
Post on 23-Jan-2015
308 Views
Preview:
DESCRIPTION
TRANSCRIPT
Challenges in Protecting High-Value and Energy Infrastructure
Bruce Averill, Ph.D.Bruce Averill, Ph.D.
What is the risk of a major supply interruption due to a terrorist attack?
Ernst & Young 2008 report on
Strategic Business Risks for Oil & Gas Industry: “Supply Shock” #9 on list of top 10 risks Triggers are primarily geopolitical events
(regional instability and/or deliberate disruptions by exporters for political purposes)
Only one expert suggested possibility of terrorist attack on Middle East oil facility
Bottom line: terrorist attacks not a major concern
Why should we be worried about terrorist attacks on energy facilities?
Osama bin Laden, 1996: I would like here to alert my brothers, the Mujahideen … to protect this (oil) wealth and not to include it in the battle as it is a great Islamic wealth and a large economical power essential for the soon to be established Islamic state.
Osama bin Laden, 2004: One of the main causes for our enemies' gaining hegemony over our country is their stealing our oil; therefore, … make every effort … to stop the greatest theft in history of the natural resources of both present and future generations, Focus your operations on [oil production], especially in Iraq and the Gulf area, since [lack of oil] will cause them to die off.
Why should we be worried about terrorist attacks on energy facilities?
2006: ‘Decree on Targeting Oil Installations’ published, containing a comprehensive religious and political argument in favor of attacks on energy facilities.
2007: ‘Bin Laden and the Oil Weapon’ article published, calling for attacks worldwide on oil facilities supplying U.S.
2008: ‘Al-Qaeda and the Battle for Oil’ posted, claiming al-Qaeda must provoke a rise in oil prices through energy attacks to damage US economy.
Why should we be worried about terrorist attacks on energy facilities?
Non-jihadist threats: MEND (Nigeria), ELN (Colombia), EPR (Mexico), PKK (Turkey), Maoist insurgents (NE India)
Pipelines & transmission lines almost impossible to defend (“10,000-mile targets”)
Low cost of energy infrastructure attacks (in materiel & personnel) allows small groups to exert disproportionate impact
Why should we be worried about terrorist attacks on energy facilities?
Why should we be worried about terrorist attacks on energy facilities?
Energy infrastructure can be a tactical target as well as a strategic one
For example, disrupting electric grid can facilitate terrorist attacks against other targets
Consider 26/11 attack if Mumbai electric grid had been taken out beforehand…
U.S. Global Critical Energy Infrastructure Protection (GCEIP) Strategy
Attacks against energy facilities (M/V Limburg, Oct 2002; Oasis Compound, Al-Khobar, 2004; Abqaiq, Feb 2006; Yemen refineries, Sept 2006) demonstrated terrorist threat
Senior USG officials concerned about security of global petroleum supplies
Interagency group tasked to develop strategy to work with host nations to improve security, survivability, and resiliency of energy infrastructure to decrease probability of successful terrorist attack
U.S. Global Critical Energy Infrastructure Protection (GCEIP) Strategy
2006: NSC convened group of USG energy experts
State Dept. overall lead, DOE technical lead, plus DHS/Coast Guard & DoD
GCEIP Working Group agreed on criteria for “critical” petroleum facilities around the globe
Relatively small number of facilities met criteria: Processing centers, import & export terminals,
and pipeline junctions (no refineries, nothing in Western Hemisphere)
GCEIP Strategy Implementation
All bilateral interactions held in strict confidence Deploy team of USG interagency security and
petroleum subject matter experts to assess security and provide recommendations
Hold bilateral discussions on improving energy site security
Host nation pays for actual security improvements
CEIP in the Private Sector
US GCEIP Strategy focused exclusively on a very few nations that contain energy facilities assessed as being critical to U.S.
Many other nations depend upon fossil fuels and a secure supply of electricity (e.g., India), but unlikely to be approached by USG with offer of assistance
Such nations often spend large sums unwisely – they are easy marks who need advice from credible advisors
The Public-Private Security Disconnect
Private sector security: Facility owner/operator is IOC, NOC, or utility Private security force operates inside perimeter Focused on industrial security and safety, often
under HSE umbrella Not allowed to carry weapons (in most countries)Not allowed to carry weapons (in most countries) Unable to stop attack by well-armed terroristsUnable to stop attack by well-armed terrorists Very conservative -- doing “all they can”, unwilling Very conservative -- doing “all they can”, unwilling
to risk upsetting delicate relationships with host to risk upsetting delicate relationships with host governmentgovernment
The Public-Private Security Disconnect
Public sector security: Operates outside the perimeter Armed personnel belonging to host
government ministry Responsible for preventing determined Responsible for preventing determined
terrorist attack terrorist attack In most cases operationally unable to fulfill In most cases operationally unable to fulfill
this function this function Security & response functions stove-piped,
no cooperation between ministries
Facility Management’s Dilemma
Unable to take effective action inside perimeter Security depends on armed forces outside
perimeter that are known to be ineffective A successful terrorist attack will raise questions at
corporate level re due diligence and proper fiduciary responsibility
Two options:
Continue to rely on “good fortune”,
or seek professional assistance
What Can Facility Operators Do to Decrease Risk of Successful Attack?
Political & budgetary factors can make it difficult to improve public sector security
Expensive “high-tech” measures don’t always decrease risk, BUT
Inexpensive “low-tech” measures can decrease vulnerability to, e.g., “double-tap” attack
Need realistic assessment of effectiveness of Need realistic assessment of effectiveness of current protective measurescurrent protective measures
If at high risk, detailed computerized vulnerability If at high risk, detailed computerized vulnerability analysis may be advisableanalysis may be advisable
SESS & Partners Offer:
Consultation visits to help government officials visits to help government officials and facility management work together to and facility management work together to develop policy-level, procedural, and/or physical develop policy-level, procedural, and/or physical improvements in energy infrastructure securityimprovements in energy infrastructure security
Development of specific recommendations for Development of specific recommendations for security improvements security improvements
Assistance in obtaining high-quality site security Assistance in obtaining high-quality site security assessments (as needed)assessments (as needed)
Oversight of implementation of recommendationsOversight of implementation of recommendations
for security improvementsfor security improvements
SESS & Partners Have State-of-the-Art Expertise in:
Computerized physical security assessment and training tools (US)
Maritime and transportation security (US) Electric grid and substation design (US/India)Electric grid and substation design (US/India) SCADA and control system security (Canada)SCADA and control system security (Canada) Pipeline security & incident mitigation (Hungary,
Lebanon) Open-source intel analysis capability (UK) Regional- & national-level security planning (US) Project management (US)
CONTACT INFO
Dr. Bruce AverillDr. Bruce Averill
energysecurity@me.comenergysecurity@me.com
(434) 242-5486
top related