Securing our Critical National Infrastructure

With global security an ever present concern, the protection of critical national infrastructure or CNI has rapidly become an area requires better public and private sector cohesion. With security threats increasing in size and scope governments, the traditional protectors of CNI, are increasingly finding that their resources are over-stretched through commitments at home and abroad. Therefore there is no alternative but to involve the private sector more fully in the protection of CNI, particularly so given the private sector already funds, builds and operates critical infrastructure in its own right.

Former US president Bill Clinton once famously described CNI as "so vital that its incapacity or destruction would have a debilitating impact on the defence or economic security of the nation". This statement has been reflected in the UK, with the establishment of the Government's Centre for the Protection of the National Infrastructure which sets out nine CNI sectors covering communications; emergency services; energy; finance; food; government services; health; transport; and water. Without these services, any state could suffer serious consequences, including economic damage, social disruption or even the large-scale loss of life. It is therefore down to those operating in these key sectors to wake up to the realisation that securing their facilities is essential.

Terrorist attacks and insurgency remain the key threats and the issues which dominate the headlines, particularly following the recent outrages in Mumbai and Lahore. The difficulty on countering these threats is driven by their dependence on disparate social networks across international boundaries and the difficulty of identification of those involved. However, there is a huge risk if our efforts and expenditure decisions are dominated by terrorism alone.

Companies need to consider a wider range of risks they may face, from natural disasters to the growth in more malicious activism. The devastation caused by Hurricane Katrina, the 2004 tsunami or even the more recent floods across the UK, threatened the viability of communities and the infrastructure upon which they depend. While the recent financial crisis and global warming have stimulated an increase in activism, the UK is currently experiencing the third Climate Camp of the summer, which has already lead to public shutdown of the Kingsnorth power station in 2008. Companies need to start preparing now to effectively combat this growing spread of national and international threats.

When a disaster strikes, we assume that it should be governments and their agencies which will spring into action to provide essential services and infrastructure recovery, restoring social and economic normality. We also tend to pin the blame on government if there is chaos and disruption following any event we judge to have been foreseeable, avoidable or easily controlled. However, whilst governments do prepare for such events, providing in many cases an excellent response, emergency services and armed forces are often stretched to their limits due to operational or budgetary constraints.

There is also the complicating factor that national governments and agencies are also not always able to deal with international incidents, for a wide range of reasons from political to a lack of capability. So where can they find additional resources that can not only protect assets but also help them assess the threats to which they're exposed?

The obvious response is the international security industry which has deployable resources across the globe and a major vested interest in helping to prevent and minimise the effects of CNI disruptions. Companies within this industry already have the expertise to handle these tasks, both domestically and when necessary overseas. We protect airports, power stations, water treatment centres and banks in many countries and, in some of them, we also build and operate critical infrastructure such as prisons, youth offender facilities and cash centres. As both CNI operator and protector, this puts us in a strong position to deliver real support to governments seeking to improve national resilience.

So what should Governments do? To kick start the process they need to force all relevant parts of the private sector to take protection of CNI more seriously by creating explicit obligations on owners and managers to protect their infrastructure, as the UK Government already does for those in the aviation or water industries. These obligations can be created either through legislation or through regulation: but whilst they remain discretionary and voluntary, some businesses will continue to ignore the problem for financial or operational reasons.

Governments can also take a more pragmatic approach to using the private sector to operate, protect and provide surge capacity in the protection of CNI both at home and abroad. In many circumstances, the private sector's flexible, national and international resources are equal to or superior to those owned by individual governments and as such should be trusted to perform as required.

Take G4S for example. In the US, we are already relied on to secure around 50 per cent of commercial nuclear power stations and to help protect high sensitivity sites such as the Pentagon and NASA. In Europe, we protect the European Parliament, NATO headquarters, a number of secure UK Government facilities and a growing list of major international ports and airports such as Amsterdam's Schipol airport and Heathrow International. We also protect Embassies and diplomats for the UK, US and other sovereign governments in a wide range of complex environments around the world as well as providing timely, emergency cross-border services which far outstripped the efforts of individual government agencies.

With increasing commitments on governments both home and abroad together with the private sectors existing experience of providing CNI related services there really is no alternative but for the public and private sector to work more closely together to protect our CNI. Governments who choose to ignore the benefits of private sector involvement are therefore taking unnecessary risks and ultimately run the risk of over stretching themselves exposing and subsequently expose their CNI to potential attacks.

Therefore the private sector has already proved the very real benefits of using it to provide CNI-related services previously thought of as the exclusive domain of the public sector. In reality there is no alternative but for the public and private sector to work together to protect and build critical infrastructures. Governments that choose to maintain the status quo rather than involve the private sector in CNI protection are taking unnecessary risks and ultimately over stretching their resources and exposing their CNI to potential attacks.

David Taylor-Smith, Regional President and CEO G4S Secure Solutions

Contingency Today | 28 September 2009