Remarks at the Homeland Security Policy Institute Strategy and Leadership Forum

Administrator John S. Pistole
George Washington University, Washington, DC
Wednesday, December 3, 2014
As Prepared for Delivery

Good morning. Thank you Frank for the kind introduction, and thank you for inviting me to speak with you today.  I last addressed this group in the fall of 2011 at a time when our agency was just beginning to make a fundamental shift in the way we carried out one of our core functions – the security screening of approximately 1.8 million air travelers every day.

I had been on the job as Administrator a little more than a year and a series of unsuccessful attempts to replicate the terrible destruction of the September 11 attacks had recently occurred.  These included the Christmas Day, or underwear, bomber whose explosive device failed to detonate and the toner-cartridge plot which, thanks to the great work of the global intelligence community, was disrupted prior to activation or detonation of the concealed, improvised explosive devices. A third uncovered plot involved an attempt to use liquid explosives to take down commercial aircraft making the transatlantic flight between the UK and the United States. 

Clearly, it was a time when aviation security was a paramount concern and screening operations at TSA were being modified to give our officers the greatest opportunity to detect non-metallic IEDs or their components and keep them from being carried into the cabin of an airliner.

As a policy-based organization, you understand better than most the nuances and challenges associated with making broad policy changes. Those challenges are even greater when the organization seeking to make fundamental changes is a large, federal government entity whose customer base is essentially the entire population of the country. Add to that the facts that our missions are mandated by legislation, our operating budget is appropriated by Congress and our operational focus is driven by the Department of Homeland Security and ultimately, the President. With all of this in mind, you can appreciate how difficult it can be to effect fundamental changes at the organizational level. These were some of the challenges we were facing at TSA when I joined the organization in 2010.

Part of the foundation for moving to a more risk-based approach to transportation security can be found in the Department’s 2010 Quadrennial Homeland Security Review, which states, and I quote, “…a safe and secure homeland must mean more than preventing terrorist attacks from being carried out. It must also ensure that the liberties of all Americans are assured, privacy is protected, and the means by which we interchange with the world – through travel, lawful immigration, trade, commerce, and exchange – are secured. Ultimately, homeland security is about managing risks to the Nation’s security.”

The idea that an organization should seek to identify and minimize its risk is not new, especially in the private sector. While it is somewhat less common throughout public sector entities, the success of risk-based programs such as TSA Pre✓® may serve to hasten the development of other risk-mitigation efforts across the federal government. In fact, it was recently reported by Federal News Radio that the Office of Management and Budget will, in 2015, issue guidance to all federal agencies regarding the potential benefits of evaluating risk at the enterprise level – something TSA has been actively engaged in on a daily basis for the last several years.

Of course, one of the keys to managing risk is sound decision making, which is the ability to correctly identify, understand and address challenges and opportunities. In terms of risk-management we define the process of sound decision making a little more specifically as identifying, analyzing and communicating risk and accepting, avoiding, transferring or controlling it to an acceptable level considering associated costs and benefits of any actions taken. This is what I mean when I say we’re buying down risk through a broad range of RBS initiatives at TSA.

I hope all of you enjoyed the recent holiday, and were able to spend some time with family and friends.  From the numbers I’ve seen, I’m guessing at least a few of you did some traveling recently. This past Sunday for example, throughput at our nation’s airports topped 2.3 million and was the highest single-day total since July 2008. Included in that figure are more than 1 million passengers who experienced some form of expedited security screening as a result of our risk-based security policies – a record number for a single day’s activity.

And while TSA Pre✓® is certainly the most well-known of the many risk-based security efforts in place, our agency has been using risk-mitigation principles to help draft policy and fine-tune security procedures and protocols across all modes of transportation, including passenger rail and mass transit as well as our nation’s vast networks of highways and pipelines. Considering there are more than 140,000 miles of active rail, hundreds of thousands of miles of pipeline and more than 4 million miles of roadways, we have to make decisions every day on where best to deploy our resources when it’s simply not feasible to be everywhere all the time. While we have hundreds of surface transportation security inspectors performing compliance inspections all year long, we must also rely on our ability to gather, analyze, and use intelligence, often in real time, so that we can respond to emerging or credible threats quickly and efficiently.

Of course, the ability to implement risk-based methodologies throughout such large and diverse national and international transportation networks also requires making smart investments in the latest, and most effective, technology.  Within TSA, for example, we are constantly evaluating the detection capabilities of new technologies, looking for the best combination of features such as accuracy, reliability and speed – all of which are useful in helping us make those smart decisions about whether or not to write policy that will change security procedures on the front lines.

As many of you know we built a testing facility – the Transportation Security Integrated Facility, or TSIF – over at Reagan National where our supervisors and front line screening officers can evaluate the effectiveness of a new piece of technology in a testing environment that closely mirrors the conditions of an airport security screening checkpoint.

Putting a new piece of technology through its paces in such a way helps our senior leadership team evaluate its potential and plays an important role in the policy- and decision-making process. Facilities such as this also allow us the opportunity to develop and, in many cases, modify our standard operating procedures.

Doing so in a testing environment helps ensure a smooth and efficient rollout when a new or modified policy is about to be deployed across a nationwide workforce of approximately 50,000 security screening officers. Getting it right before going live is essential to how well any change is received by our customers, the traveling public.

Of course, the entire process of formulating an idea, making a decision, and setting a policy is somewhat dependent on the kind of organization that’s making the changes. A privately owned corporation can effect change much easier than a publicly traded company, and by the same token private sector companies, regardless of ownership, can set and change policy more freely than a public entity such as TSA can. Because we are authorized and appropriated by the U.S. Congress, our budget comes under close scrutiny by lawmakers seeking the best value for the taxpayer dollars they spend throughout the federal government. And that is as it should be. We at TSA applaud Congress for their efforts to be good stewards of the American people’s tax dollars. In fact, efficiencies gained through risk-based security at TSA enabled the agency to realize $100 million in savings against the budget we were given to do the job in FY13.

However, this additional layer of oversight is significant and must be taken into consideration whenever TSA looks to establish policy or modify existing policy. As a result, the need for clear and consistent communication between TSA and its stakeholders is critical. We sometimes find ourselves in a position where one group of stakeholders favors an anticipated policy decision which is equally opposed by another group of stakeholders. We must be fully prepared to not only explain what the new or modified policy means, but also why we believe it is necessary.

Naturally, effectively communicating the details of a decision or policy is what needs to happen after said policy is written, and the decision to implement it has been made. On the front end of the decision making timeline, in the beginning, we need to be cooperating and collaborating with potentially affected stakeholders in an effort to gain their support when the time comes to take an idea or concept off the paper and put it into practice. And we are doing that. Because our officers interact with the American people more than virtually any other federal workforce, we want to include the traveling public, along with industry and Congressional stakeholders, in the whole process as early as possible.

Of course, there are times when policy is either made or modified in response to an immediate security issue or a credible threat. In those instances, strengthening security supersedes any other concern and we will rely on our ability to communicate both the policy and the reason it was necessary. And with respect to aviation security – which is a matter that transcends borders between nations – foreign government partners are yet another group of stakeholders with whom we collaborate, cooperate and communicate when it comes to security policy.

From a policy communications standpoint, I think our workforce continues to do a tremendous job keeping the traveling public fully informed and educating passengers on what to expect when they arrive at a TSA checkpoint. We have subject matter experts throughout the agency who regularly brief our stakeholders in Congress, and we meet with both industry and advocacy groups as often as possible to ensure open, two-way communication is the norm and not the exception at TSA.

The caliber and composition of our workforce – 25% of whom are United States military veterans – is really what makes our growth and continued evolution as a high-performing counterterrorism agency possible. Whether it’s an analyst in the field, or a headquarters-based program manager, or a TSO at the checkpoint, we have invested significantly in our people so that everyone at TSA has the tools they need to help move the agency forward. Our people believe in what we’re doing and it shows.

With a workforce that numbers more than 50,000 we are using risk-based security policies to change the way the American people see our agency, and it is working. Wait times are down. The number of passengers experiencing some form of expedited screening is increasing almost daily. Customer complaints are also down, and all of this is occurring at a time when passenger volume is higher than it’s been in years.

I am often asked in settings such as this to offer a few thoughts on where I see the agency down the road; to describe in broad terms a medium-term vision for aviation security in general, and for TSA more specifically. Because I believe we are clearly moving in the right direction, my response to this question typically begins with the phrase “more of the same.” In other words, I see an agency in which a majority of all bags are screened using RBS principles. These principles we’ve used in the passenger screening arena should be readily adapted to checked-baggage and cargo screening. Some of this is already underway. I expect to see a greater effort to integrated checkpoint technology that is adaptable as threats evolve, and I think we will get to a point where most liquids, aerosols, and gels will be allowed in the cabin.

A key part of getting from where we are today to where I think we can be as an industry includes a solid majority of passengers taking advantage of TSA Pre✓®. Providing expedited security screening with a high degree of confidence is the best way to ensure we are focusing resources where they are most needed. Greater collaboration and increasing our information sharing capabilities can help raise the overall effectiveness of the commercial aviation network.

It is often said that life is a journey, not a destination. Well, in the years since we began implementing the first of what is now nearly three dozen risk-based security policy decisions, we can take this simple aphorism and appropriately apply it to the complex work that we’ve been doing at TSA. Strengthening security – whether it’s national security, transportation security, or aviation security – is not a race and there is no finish line. It continues, evolving as threats change and the capabilities or priorities of our adversaries shift.

That’s why I am confident that the progress we have made in implementing a risk-based and intelligence-driven security model will continue long after my tenure as Administrator draws to a close at the end of the year. It has been an honor to serve, thank you all for supporting our efforts, and at this time I am happy to open the floor for any questions you might have.