The Human Factor in Securing Critical Infrastructure

The Human Factor in Securing Critical Infrastructure By Lawrence A. Howard, PhD Professor SUNY Maritime College [email protected] (718) 409-2977 Abstract This paper draws upon the author’s experience as an instructor in maritime-related security and research showing that even putting in place the most up-to-date security technology to secure critical infrastructure is not effective unless its use is closely integrated with knowledgeable, motivated, and well-trained human beings. The paper documents examples of the human factor at work, e.g. in a highly modernized container terminal in the Middle East, sophisticated surveillance cameras were in place and constant coverage was routed to a central control room manned for seven to ten hours by a single individual. Sharp attention to detail and alert monitoring begins a quick downward slide after four hours. Moreover, teams of individuals operating in a complex environment can provide greater coverage than can one individual. Even when alarms and highlight graphics single out potential problems for a monitor’s attention, one person is unlikely to be attentive to everything, especially in the event of multiple alarms. The managers of the facility were proud of their up-todate security technology, which had cost thousands of dollars, but because of the human factors involved in implementing that technology, it provided only an illusion of security. The illusion of security is a major vulnerability. After documenting vulnerability created by the human factor, the paper goes on to suggest how those vulnerabilities can be overcome. As an example, the Maritime Transportation Security Act (MTSA) of 2002 mandates ship owners and port facility operators to drill and exercise so as to test their vessel and facilities security plans. The problem is that there are competing reasons for conducting such tests and the original main purpose of the exercises and drills, testing and updating security, is often subordinated to others, such as public relations, and justifying budgets and equipment purchases, among others. Competing issues have to be set aside, or again, an illusion of security results. The author reflects on successful strategies to accomplish setting aside those competing issues and concludes the paper with a test that can be used by any facility operator to determine whether he/she has appropriate security or an illusion of security. 1 The Physiological Problem Visualize a technologically up-to-date container berth and terminal. It could be located anywhere in the world, but this specific terminal is located in a Middle Eastern country that has suffered terrorist attacks against both hard and soft targets. The facility boasts newly constructed infrastructure and re-configurations of roads, fencing, equipment storage, and surveillance cameras so as to make it nearly impossible to be unobserved within its bounds. All of the cameras route back to a state-of-the art monitoring system in a central office. At this modern terminal, a worker (or it could be an infiltrator) sets down a package and takes off, leaving it behind. The newly placed package triggers an alert within the software and a blinking box appears around the image of the package on the monitor covering the scene. A soft audible alarm sounds. The program automatically logs the activity so that later it can be reviewed. All of this sophisticated surveillance technology is monitored by a single employee who is drinking coffee to stay alert, and thinking about something other than the screens in front of him, or his partial attention may have been distracted by an earlier event on another screen among all those that he has to watch. He is dimly aware of the audible in the background of his consciousness but he isn’t focused on it. By the time he pays attention to it, several minutes have passed from the moment when the worker (or intruder) dropped the package; time enough for catastrophe if the package had contained a “hot” device. The monitor notifies a security supervisor who dispatches a guard to investigate the package. In this instance all is innocent, the package contains nothing hostile. The foregoing scenario was fictional, but the facility is an actual one. The scenario as described could occur in reality because there is nothing to prevent it in the way of how the technology is used and how security employees are expected to accomplish their work. Management is confident in the personnel because they have all been vetted as having an honorable military service record. Nobody is hired without such a record. But veterans can be affected by long hours, routine tedium, and disruption of circadian rhythm as much as any other person. Lessons Drawn from the Literature in Four Areas of Study There is a growing body of studies in the fields of medicine, and occupational health, safety and labor relations, not specific to supply chain management and security, which study the effects on worker alertness and performance of disrupted circadian rhythms, fatigue, and sleep deprivation. There are no systematic studies of the size of the problem as it might specifically regard the security of critical infrastructure, but extrapolating the results from the literature as is does not make for a quantum stretch of applicability. Three representative examples are presented here. A major study from the body of occupational health, safety and labor literature, with applicability to the security of critical infrastructure, is one originally published in 1991 by the late Office of Technology Assessment, United States Congress. As part of its New Developments in Neuroscience studies, OTA released “Biological Rhythms: Implications for the 2 Worker.” This work presented a case study of control room operators in American nuclear power plants. It is hard to think of infrastructure that is more critical and sensitive than a nuclear power plant, and that is underscored by the authors of the case study, who recounted an incident that took place in March, 1987 at the Peach Bottom Atomic Power Station in Delta, Pennsylvania. After it was discovered that several control room operators were sleeping on the job, the Nuclear Regulatory Commission (NRC) shut down Peach Bottom for two years, until April, 1989. 1 Apparently the learning curve of the responsible parties at Peach Bottom is steep, because in March 2007, a whistleblower at the station videotaped security guards asleep on the job and gave the video to WCBS television in New York City. 2 The 1991 OTA case study concluded in part: Since working on the same tasks and remaining stationary for a long period of time can cause fatigue, experts suggest that managers who design work assignments attempt to vary operators’ tasks every 2 hours. Experts have also recommended several strategies to reduce fatigue and sleepiness, since remaining awake late at night is often difficult. These may include allowing operators to take scheduled breaks away from the control panel and balancing the workload across shifts to eliminate continuous periods of stress. 3 Another area in which human job performance is no less critical to successful outcome than in nuclear power stations is that of space transportation. The effects of sleep disruption on astronauts have been well-documented by NASA, and to a lesser extent, so have the effects on mission control personnel on the ground. A recent study concluded in part: In order to ensure safety and efficiency during space operations, NASA has taken the critical step in funding research that will allow for the planning and implementation of successful missions by understanding and considering the role that sleep and circadian physiology play in the regulation of alertness, performance, and sleep in a challenging space environment. However, in order to achieve the goal of safety, a comprehensive approach in the management of fatigue and alertness needs to be employed, which includes: 1) educational efforts; 2) effective scheduling policies and procedures; and 3) implementation of specific fatigue remedies and countermeasures. 4 The third representative example presented here is a study of emergency room physicians and the effects on them of disruption to their circadian rhythms. A human circadian rhythm is defined as 1 Congress of the United States, Office of Technology Assessment. “Biological Rhythms: Implications for the Worker,” New Developments in Neuroscience originally published 1991, p. 143. Accessed March 23, 2014 https://www.princeton.edu/~ota/disk1/1991/9108/910809.PDF 2 Steven Mufson, “Video of Sleeping Guards Shakes Nuclear Industry,” Washington Post, Friday January 4, 2008: http://www.washingtonpost.com/wp-dyn/content/article/2008/01/03/AR2008010304442.html?sub=AR 3 Congress of the United States, Biological Rhythms: Implications for the Worker, p. 150. 4 Melissa M. Mallis, Charles W. DeRoshia, “Circadian Rhythms, Sleep, and Performance in Space,” Aviation, Space, and Environmental Medicine 76, No. 6, Section II , (June 2005) p. B103: Accessed March 23, 2014 http://docserver.ingentaconnect.com/deliver/connect/asma/00956562/v76n6x1/s15.pdf?expires=1395610091&id=77 617665&titleid=8218&accname=Guest+User&checksum=8186B568094697C0ECA6EFA6679287F8 3 a physiological system that works in synch with other bodily systems on a repeated, sustained cycle occurring within 24 hours. One particular circadian rhythm pertinent to people tasked with providing security to critical infrastructure is that of the sleep/wake cycle and consequent alertness. According to Dr. Gloria Kuhn of the Medical College of Virginia, who relied on previous studies to make her observations, a person’s ability to be alert and perform is synched with his/her circadian rhythm : The neural processes that control alertness and sleep produce an increased sleep tendency and diminished capacity to function during the early morning hours (circa 2 to 7AM) and to a lesser extent, during a period in the mid-afternoon (circa noon to 5 PM). 5 Emergency room physicians work a heavy, rotating schedule that ignores the body’s circadian rhythm. As a result, these physicians experience deterioration in their health, and problems in handling their work responsibilities at the high level of performance that is demanded. Several coping strategies have emerged, from carefully timing caffeine intake to determining the best time to take a nap; however, Kuhn wrote in conclusion that “thus far there is no effective way of combatting the ill effects in human subjects elicited by disruption of the circadian rhythm.” 6 Kuhn’s focus was on the negative effects on the workers and while that focus is certainly merited, the concomitant focus has to be on the deleterious effects to job performance. Information about the fatigue of air traffic controllers is also extant, and it is similar to what is covered here about nuclear plant personnel, astronauts, and emergency room physicians. 7 There is also evidence that fatigue is an issue for truck drivers, bus drivers, and train operators, a recent crash at O’Hare Airport in Chicago being a case in point. 8 In addition, a recent security fiasco at the new World Trade Center (WTC) in New York poignantly underscores the problem of disrupted circadian rhythms and fatigue. A half-blind 65-year old man was hired as a security guard and fell asleep on the job. There have been startling breaches of security at the WTC “Freedom Tower” in recent weeks. 9 There is one other area of study that has relevance to the human factor in fully securing critical infrastructure, and that is the study of multitasking, which some refer to as “multiprocessing.” It is a term often used to describe doing many different tasks at once, e.g. watching a bank of TV screens that display the input of over 50 surveillance cameras in a port terminal. It is interesting that the term originated out of the IBM professional environment in the mid-1960s and originally applied to the capabilities of an IBM computer, not the humans who used it: 5 Gloria Kuhn, “Circadian Rhythm, Shift Work, and Emergency Medicine,” Annals of Emergency Medicine, 37, no. 1 (January 2001), p. 90, doi: 10.1067/mem.2001.111571. 6 Ibid, p. 96 7 Charles Czeisler, “FAA Knew Controllers Nap, Ignored Fatigue Issue,” CNN Opinion, Updated April 27, 2011: Accessed March 29, 2014 http://www.cnn.com/2011/OPINION/04/26/czeisler.sleep.air.traffic.controllers/index.html 8 William Turvill, “'Exhausted' Train Driver Worked 69 Hours in the Seven Days Before Crashing at O'Hare International Airport,” Mail Online, Updated March 29, 2014: Accessed March 31, 2014 http://www.dailymail.co.uk/news/article-2592328/the-operator-train-crashed-OHare-International-Airport-worked69-hours-seven-days-accident.html 9 Philip Messing, Reuven Fenton and Bruce Golding, “Half-blind Guard Caught Sleeping at WTC Site,” The New York Post, Updated March 26, 2014: Accessed March 29, 2014 http://nypost.com/2014/03/26/half-blind-wtc-guardcaught-snoozing-on-the-job/ 4 Multitask operation: Multiprogramming; called multitask operation to express parallel processing not only of many programs, but also of a single reenterable program used by many tasks. 10 There is also some irony that the term was first used at IBM in company with a discussion about problems that could occur because of “half completed tasks” in a multitasking operation. 11 There is a general recognition that humans are naturally able to best do one cognitive thing at a time and to the extent that an individual performs several such activities simultaneously, the outcomes are not as robust as might be expected in the performance of a single task. Linda Stone, a prominent multi-media consultant, distinguishes between multitasking and a continuous, high state of alert that she calls “continuous partial attention.” 12 In this state people attempt to constantly scan for opportunities and information, a highly cognitive activity, compared to multitasking, a more automatic, routine activity, an example of which is answering the phone and opening an envelope at the same time. According to Stone, continuous partial attention cannot be done on a sustained basis without dysfunction. An analogy is that of a quarter horse, so-called because that equine is great for speed and endurance in the quarter mile, but cannot excel on a longer track. An integrated consideration of the foregoing information leads inescapably to two general conclusions: • • Sustained, concurrent performance of difficult tasks, free of flaws and over a length of time that ignores natural physiology is humanly impossible; Security work should be designed so that the consequences of disrupted circadian rhythms, fatigue, sleep deprivation, and multiple cognitive demands on the attention of professionals are directly taken into account There also are human factors other than physiological imperatives, but just as critical, that need to be accounted for when designing and implementing a good security system. The Willfulness Problem After 9/11 and before the implementation of the Maritime Transportation Security Act, there was held a conference in Miami that addressed the implementation of the International Ship and Port Facility Security (ISPS) code, and related matters of maritime and port security. One of the presentations was given by a man in charge of security for a major stevedoring company. In his remarks and the Q & A session following them he more than once acknowledged that the first 10 IBM, “IBM Operating System/360: Concepts and Facilities” (IBM Systems Reference Library, 1965) p. 83: Accessed March 24, 2014 http://bitsavers.trailing-edge.com/pdf/ibm/360/os/R01-08/C28-65350_OS360_Concepts_and_Facilities_1965.pdf 11 Ibid, p.58 12 Linda Stone, “Continuous Partial Attention,” The Attention Project, 2014: Accessed March 24, 2014 http://lindastone.net/qa/continuous-partial-attention/ 5 people likely to spot any anomaly on the docks were longshore workers. In a private lunch setting, he was asked how he integrated longshore workers into his security planning. His surprising response was that he did not, and offered a pithy observation about being unable to trust those particular maritime stakeholders any further than he could throw them. The same gentleman was asked what he thought were the model credentials for a good facilities security officer. His response was that a Special Forces background plus some civilian law enforcement experience were optimum qualities. His own CV directly reflected his preferences. This issue has immediate contemporary resonance because the recently-fired security chief at the World Trade Center in New York is a 37-year veteran of the Federal Bureau of Investigation. 13 Here was a man willfully blind to the point of creating a major vulnerability for his organization, first in refusing to include a major maritime stakeholder in his security planning, and second in preferring to hire people who were clones of his own experience. Two more anecdotal case studies further illustrate the problem of human willfulness. In early 2004 a visiting scholar came to an American maritime academy from a maritime academy in the Russian Federation. His recent expertise included having designed and implemented an ambitious program that had, by the time he came to the United States, trained over three hundred vessel security officers in anticipation of the ISPS code coming into effect in July of 2004. During this time in the United States, meetings and discussions were being held on the subject of creating a model course and whether there should be any national certification. The American maritime academy at which the Russian scholar came to visit was attempting to construct a program to train vessel security officers (VSOs), facility security officers (FSOs), and company security officers (CSOs). The president of the American academy had welcomed the visiting Russian scholar in part because it was hoped his expertise could support the academy’s attempts in developing its training program. An agreement had been reached, through the academy’s office of extended learning, with a classification society. The main role of the classification society was to certify the training curriculum and recruit students, and the role of the maritime academy was to design the course and teach. The agreement proved fruitless in context of inertia on both sides of the agreement; no students were ever sent to the academy, and no course was ever taught. Many industry stakeholders, who might have been expected to participate in the instruction, were in a wait-andsee holding pattern as regards training, concentrating instead on getting mandated vessel and facility security plans approved by the United States Coast Guard in advance of an impending July 1, 2004 deadline. The Russian scholar teamed up with an American colleague and designed a course and program, including a method of outreach to industry stakeholders. The approach called for an “Institute of Maritime Security,” fully under the auspices of the college, but with a board of industry partners, and links to maritime academies in other countries, to sustain the program. 13 Philip Messing, “Head of WTC Security Forced Out After Embarrassing Breaches,” The New York Post, Updated March 28, 2014: Accessed March 29, 2014 http://nypost.com/2014/03/28/head-of-1wtc-security-booted-afterembarrassing-breaches/ 6 After initial warm reception the project was laid to rest through the combined efforts of people in the academy’s extended learning program, who fought to protect their perceived turf, and a new chief academic officer, who called the proposed institute a threat to the academy, largely because he could not have full control over it. The security education and training program thereafter languished. The last example of the problem of human willfulness presented here regards an attempt to develop a cooperative public/private forum in which the annual exercises mandated under the 2002 Maritime Transportation Security Act, and codified in the Code of Federal Regulations, 14 would become a means to not only test vessel and facility security plans, but to identify and develop best practices in an environment where experimentation was encouraged. The corollary of such an environment was to be that the experimenters faced no administrative or executive displeasure if their ideas didn’t pan out. The details of how this project, “Trojan Horse,” originated and later took place are recounted in an earlier article by this author, 15 but the dysfunctions caused by human willfulness are remarked upon here. The project that came to be called “Trojan Horse” originated out of a grant from the International Association of Maritime Universities to develop around the world regional, public/private maritime security forums in which academia, industry, and government could come together, perform drills and exercises as envisioned under the International Ship and Port Facilities Security (ISPS) code, and identify and promulgate the best maritime security practices to counter terrorists, whoever they might be, who tried to target maritime assets. The project was introduced at the Fourth Asian-Pacific Economic Cooperation (APEC) STAR Conference in Hanoi, Vietnam on February 24, 2006 and at its zenith in the summer of 2007, it encompassed international participation from the Institut Maritime du Québec (IMQ, the Quebec maritime institute), and the Maritime Studies Program of the University of Piraeus. 16 Some examples of human willfulness derived from Trojan Horse and relevant here include the following: • Administrators at the host college were concerned that the University Police might be shown in a bad light and project organizers were cautioned to exempt them from any critique or specific debriefing at the end of the conference. Organizers were willing to make such an exemption for purposes of keeping the larger project in place, especially in light of the fact that individual members of the University Police were very cooperative and supportive of the project. Moreover, one of the original principles of the project was that activities were to take place in a spirit of experimentation and innovation without 14 33CFR104.230 specifies the requirements for the vessel security plan, and 33CFR105.220 specifies for the facility security plan. 15 Lawrence A. Howard, “Form vs Substance: A Case Study in Developing a Dynamic Project in Maritime Security,” Journal of Security Education, 2, no. 3, (2007), 13-32, DOI: 10.1300/J460v02n03_02 16 Lawrence A. Howard, Pavel Novikov, “Joint IAMU Maritime Triad Project on Development of Training Courses, Qualifications, and Standards for Security Trainers and Instructors, “Asia-Pacific Economic Cooperation, Maritime Security Roundtable1, 2006/SOM1/STAR/010. Accessed March 27, 2014: http://aimp.apec.org/Documents/2006/CTTF/STAR/06_star_010.pdf The material at this site is a .pdf of PowerPoint slides used by Dr. Howard in his presentation to the conference, February 24, 2006. 7 • • pointing fingers of blame when something did not go as expected or when vulnerability was discovered. The point was to learn and to assess and to come back the next time with changes in place. The following year, however, the official stance towards the University Police was exactly the same and nothing was institutionally learned or assessed in the way of good security regarding that organization’s role at the facility. The exercise required simulation of the progression of security conditions from MARSEC 1 to MARSEC 3. MARSEC 2 requires heavy scrutiny of all inbound traffic into a facility, and MARSEC 3 effectively shuts down all inbound traffic because a terrorist attack is imminent or is in progress. Several contractors at the site had delivery schedules to make to the college cafeteria, and some examinations were in process for summer professional programs on campus. Both the contractors and examiners declined to cooperate with any exercise activity that disrupted their schedules and ultimately the MARSEC 2 and MARSEC 3 parts of the Trojan Horse exercise were purely imaginary on the part of the exercise participants, and therefore had less utility than intended. A direct approach was made to the Captain of the Port, requesting Coast Guard participation in Trojan Horse. After some internal deliberations, an official USCG presence was minimized and some observers attended the exercise as it unfolded, on a part-time basis. This participation was understandable in the bureaucratic context that Trojan Horse was a project that had not originated within the USCG, nor within the local Area Security Committee set up under USCG auspices. In the months following the exercise, private conversations were held with a leading official of the Area Security Committee in which clear reservations were expressed about Trojan Horse as a “maverick” project developed outside of the committee’s auspices. The clear impression gained by project organizers was that the concept of a public/private partnership was being given a cold shoulder unless the public sector fully subordinated the private sector to its dictates and took over the project. Ten private sector operators of facilities and vessels originally participated in the Trojan Horse project. These operators were mandated under MTSA to conduct annual exercises testing their security plans. As a result of the ensuing public sector domination of the next iterations of Trojan Horse, private sector participation in the project began to decline. An integrated consideration of the foregoing discussion of the human factor of willfulness leads inescapably to two general conclusions: • • Plans, well-arranged though they may be, are unlikely to survive the unhampered willfulness, or subjective behavior, of critical participants Security work should be designed so that it takes directly into account the possibilities of unintended consequences caused by the willful behavior of people who are expected to fill crucial roles within the security system Integrated Recommendations Re-visualize the technologically up-to-date container berth and terminal discussed at the beginning of this paper. In this iteration things happen differently, and are fundamentally changed from what transpired in the first vision. 8 In the first vision, a worker set down a package and left it behind him, never returning for it, setting off alarms. In the revisualization, all terminal workers have been immersed in an intensive course of indoctrination that demonstrates to them the capabilities of the security system and the consequences of setting it off. Work rules are made clear and all workers understand that causing a false alarm will mean termination from employment. All of the sophisticated surveillance technology is monitored by a group of employees, the members of which are individually responsible for the feed from no more than five cameras, including at least two individuals who rove in the back of the other watchers, keeping eyes and ears on both the screens and the human monitors. All activity in the control room is automatically taped and logged and available for instant replay, as is the feed from each of the surveillance cameras. The rovers are relieved every two hours, the other monitors every four hours. Each seated worker has an area of screens for which he is responsible, with an overlap of attention from his neighbor. The set up enables each worker to focus more directly on one camera screen at a time, with back up from the rovers behind, and the close neighbors to each side. The physiologically-rooted problems of disrupted circadian rhythms, inattentiveness, and inability to sustain multiple cognitive processes for long periods of time are interdicted and mitigated by the foregoing work design. Problems stemming from willfulness are also addressed by the work design. The intensive indoctrination of the terminal workers leaves little room for casual mistakes, like misplacing a box of tools. All of the workers in the control room are subject to each other because of their close proximity and overlapped viewing. The activity of security workers in a facility such as that described above is more prosaic than the activity of planners and executives. It is at the higher level of the latter that willfulness is more likely to intrude as an issue, and when it does, it may be hard to recognize as something more than a legitimate executive prerogative to, e.g. not extend cooperation to a worthwhile project because the executive’s organization doesn’t control the project. The mechanisms of accountability have to be just as strong at the higher levels of management as they are at the front-line of activity. Some boards of directors in the security industry have recently shown a tendency to take an active role in holding executives accountable for willful behavior that led to poor or catastrophic performance. The roster of executives that have been fired or forced to resign because of security issues include the head of security at the new “Freedom Tower,” or World Trade Center, 17 the CEO at Symantec, 18 the CIO at Target, 19 the VP for Special Events at 17 Philip Messing, “Head of WTC Security Forced Out After Embarrassing Breaches” Nicole Perlroth, “Symantec Fires Chief Seen as Too Slow on Innovation,” The New York Times, March 21, 2014, p. B3 19 Howard Baldwin, “The Other Shoe Drops for Target’s CIO,” Forbes, Updated March 11, 2014: Accessed March 28, 2014 http://www.forbes.com/sites/howardbaldwin/2014/03/11/the-other-shoe-drops-for-targets-cio/ 18 9 Contemporary Service Corporation (CSC), 20 and several executives at USIS, the company that did the background check on Edward Snowdon. 21 How to identify willful behavior for what it is in a timely fashion and incorporate mechanisms of accountability as swift and sure at the executive level as at the front line? There is no easy answer to this question. The organizational culture involved will create a context of what is possible and probable; however, when an executive is fired, objective reality rudely intrudes into any local cultural situation and brings with it outside forces including everything from plunging stock prices to legal actions. A good way to pre-empt things from getting that far is to set up objective criteria for continuous assessment and rigorously review them. For example, in the case of the Vice President for Special Events at CSC, a company responsible for security at major athletic events, the issue had to do with consistent racist and belittling remarks in email and other communications. That kind of behavior does not happen overnight nor occur in a vacuum. A continuous and systematic review of the VP’s email should have caught it almost immediately after he was hired, and a good background check should have caught it before the hiring. Both elements of the human factor, physiological problems, and those of willfulness, occur in the context of competing issues. For example, if the monitoring room work design described above were employed, it would be considerably more expensive than designating one worker to do the job, as would be the intensive immersion training of all terminal employees. The two primary competing issues are good security and its short-term cost. Traditionally, cost usually wins out. The most iconic story of short-term cost winning out is that of the levees around New Orleans. For decades, engineers had warned that the levees could not withstand a level 5 hurricane. Politicians always demurred to do something about the problem because the historical records showed that no such hurricane had struck New Orleans in living memory. Everybody went about their business, trusting to the security of the levees, but little did most know that they were trusting to an illusion of security. Along came Hurricane Katrina. There is a simple test to decide between competing issues. It can be used by any company executive, any politician, any facility operator or security officer to determine whether he/she has good security or an illusion of security. It has three parts: 1. Ask the question: If the worst happens, what would be the lost value? 2. Compile the answer to question #1 20 Kenneth Fasick, “Tennis Security Exec’s ‘Racist’ E-mails,” The New York Post, Updated September 17, 2013: Accessed March 28, 2014 http://nypost.com/2013/09/17/tennis-security-execs-racist-e-mails/ 21 Christian Davenport, Jia Lynn Yang, “Report Says Security Background Check Company Received $16 Million in Awards,” The Washington Post, February 11, 2014: Accessed March 28, 2014 http://www.washingtonpost.com/business/economy/report-says-security-background-check-company-received-16million-in-awards/2014/02/11/537f5e0e-932f-11e3-84e1-27626c5ef5fb_story.html 10 3. Compare the answer to short-term costs and then make an evaluation and come to a decision. Conclusion Security systems and the work within them have to develop integrated designs to counter two elements of the human factor in securing critical infrastructure, or anything else of value. One of the problematic factors is physiological; the other is best described as willfulness. Sustained, concurrent performance of difficult tasks, free of flaws and over a length of time that ignores natural physiology is humanly impossible. Similarly, plans, well-arranged though they may be, are unlikely to survive the unhampered willfulness, or deliberate subjective behavior, of critical participants. Interdicting and mitigating the adverse effects of these two human factors may be costly and require labor intensive or continuous and rigorous methods of managerial review. The question for those charged with designing security systems and continuously improving them is what is the value lost if the human factors are ignored or relegated to the back of the management queue because they are so problematic? Bibliography Baldwin, Howard, “The Other Shoe Drops for Target’s CIO,” Forbes, Updated March 11, 2014: Accessed March 28, 2014 http://www.forbes.com/sites/howardbaldwin/2014/03/11/the-othershoe-drops-for-targets-cio/ Congress of the United States, Office of Technology Assessment. “Biological Rhythms: Implications for the Worker,” New Developments in Neuroscience originally published 1991, p. 143. Accessed March 23, 2014 https://www.princeton.edu/~ota/disk1/1991/9108/910809.PDF Czeisler, Charles, “FAA Knew Controllers Nap, Ignored Fatigue Issue,” CNN Opinion, Updated April 27, 2011: Accessed March 29, 2014 http://www.cnn.com/2011/OPINION/04/26/czeisler.sleep.air.traffic.controllers/index.html Davenport, Christian, Jia Lynn Yang, “Report Says Security Background Check Company Received $16 Million in Awards,” The Washington Post, February 11, 2014: Accessed March 28, 2014 http://www.washingtonpost.com/business/economy/report-says-security-backgroundcheck-company-received-16-million-in-awards/2014/02/11/537f5e0e-932f-11e3-84e127626c5ef5fb_story.html Fasick, Kenneth, “Tennis Security Exec’s ‘Racist’ E-mails,” The New York Post, Updated September 17, 2013: Accessed March 28, 2014 http://nypost.com/2013/09/17/tennis-securityexecs-racist-e-mails/ 11 Howard, Lawrence A., “Form vs Substance: A Case Study in Developing a Dynamic Project in Maritime Security,” Journal of Security Education, 2, no. 3, (2007), 13-32, DOI: 10.1300/J460v02n03_02 Howard, Lawrence A., Pavel Novikov, “Joint IAMU Maritime Triad Project on Development of Training Courses, Qualifications, and Standards for Security Trainers and Instructors, “AsiaPacific Economic Cooperation, Maritime Security Roundtable1, 2006/SOM1/STAR/010 . Accessed March 27, 2014: http://aimp.apec.org/Documents/2006/CTTF/STAR/06_star_010.pdf IBM, “IBM Operating System/360: Concepts and Facilities” (IBM Systems Reference Library, 1965) p. 83: Accessed March 24, 2014 http://bitsavers.trailing-edge.com/pdf/ibm/360/os/R0108/C28-6535-0_OS360_Concepts_and_Facilities_1965.pdf Kuhn, Gloria, “Circadian Rhythm, Shift Work, and Emergency Medicine,” Annals of Emergency Medicine, 37, no. 1 (January 2001), p. 90, doi: 10.1067/mem.2001.111571. Mallis, Melissa M., DeRoshia, Charles W., “Circadian Rhythms, Sleep, and Performance in Space,” Aviation, Space, and Environmental Medicine 76, No. 6, Section II , (June 2005) p. B103: Accessed March 23, 2014 http://docserver.ingentaconnect.com/deliver/connect/asma/00956562/v76n6x1/s15.pdf?expires= 1395610091&id=77617665&titleid=8218&accname=Guest+User&checksum=8186B568094697 C0ECA6EFA6679287F8 Messing, Philip, Reuven Fenton and Bruce Golding, “Half-blind Guard Caught Sleeping at WTC Site,” The New York Post, Updated March 26, 2014: Accessed March 29, 2014 http://nypost.com/2014/03/26/half-blind-wtc-guard-caught-snoozing-on-the-job/ Messing, Philip, “Head of WTC Security Forced Out After Embarrassing Breaches,” The New York Post, Updated March 28, 2014: Accessed March 29, 2014 http://nypost.com/2014/03/28/head-of-1wtc-security-booted-after-embarrassing-breaches/ Mufson, Steven, “Video of Sleeping Guards Shakes Nuclear Industry,” Washington Post, Friday January 4, 2008: http://www.washingtonpost.com/wpdyn/content/article/2008/01/03/AR2008010304442.html?sub=AR Perlroth, Nicole. “Symantec Fires Chief Seen as Too Slow on Innovation,” The New York Times, March 21, 2014, p. B3 Stone, Linda, “Continuous Partial Attention,” The Attention Project, 2014: Accessed March 24, 2014 http://lindastone.net/qa/continuous-partial-attention/ Turvill, William, “'Exhausted' Train Driver Worked 69 Hours in the Seven Days Before Crashing at O'Hare International Airport,” Mail Online, Updated March 29, 2014: Accessed March 31, 2014 http://www.dailymail.co.uk/news/article-2592328/the-operator-train-crashedOHare-International-Airport-worked-69-hours-seven-days-accident.html 12