5 Contemporary C-UAS Challenges that Keep Government Security Professionals up at Night.
Government security professionals face a variety of threats, depending on location, weather, and natural geography. For decades, security strategy and systems have focused on ground intruders – the only realistic threat vector. Recent developments in robotics raise the threat level for government assets and facilities. While the cyber realm justifiably receives ongoing attention, the low barrier to drone access and capabilities is raising the alarm for perimeter and asset protection.
The bell curve of drone risk ranges from drone operators flying illegally but without malice, often called clueless or careless, to those flying with various levels of criminal intent. There are clear differences in action but the net result of a drone in the wrong place at the wrong time makes all rogue flyers a realistic threat. Take the recent drone incursions at various NFL stadiums as examples. Drones are not “just another threat” – their low cost, small size, significant capabilities, ease of use, and vast open space for flight represent a new set of high-risk security challenges.
The complexity of managing for today and predicting what will be important tomorrow is further complicated by these five challenges:
- Authorities
- Operating Silos
- Threat dynamics
- Resourcing
- Airspace density
1. Authorities to deploy and operate airspace security tools and systems must be broadened.
Drone disruptions at airports, utilities, prisons, and large public events continue to rise. It is a matter of time until one of these incidents results in tremendous long-term damage and even the loss of life. Currently, the authorities to actively stop drones when they pose a threat is granted to limited federal agencies. The gap between the drone threat and our ability to respond is uncomfortably wide, leaving security professionals with a known risk and no legal means to achieve the proper level of control over their fate. This leaves government facilities, high value assets, and critical infrastructure vulnerable to disruption and attack. Waiting for a terrible event to extend authorities might feel politically comfortable, but it makes for terrible days and nights for security professionals and our agency leaders.
2. Countering the drone threat is not an individual agency problem – it’s a national challenge.
The benefit of specialization among government agencies also presents an ongoing challenge – siloed knowledge and processes. This is evident in counter drone space, just as it was in cyber security in the early days. Cross-coordination of teams to develop commonly shared practices is an absolute must and requires cooperation and commitment across agencies – all the elements that constitute a civil society. Common tactics, techniques, and procedures (TTPs) will allow industry to cost effectively scale solutions that meet cost and quality targets. The potential for a government-directed list of approved products and technologies, similar to physical access control systems (PACS) and cyber security domains, will provide a common framework for industry competition and agency evaluation. Collaboration around technologies, tools, and solutions will weed out poor performers and strengthen security for everyone.
3. The drone threat is highly dynamic.
The drone threat moves and evolves at significant speed. Aircraft designs, propulsion systems and batteries, cameras and sensor payloads, easy release mechanisms, communications systems – the creativity and velocity of threat dynamics are operating at high rates of change. A few years ago, the drone threat came from one company that used unlicensed spectrum for communications. A tool from the same company could rather easily manage all these devices, until it couldn’t. Today’s threats can be bought in parts, built with expert guidance from YouTube University, and operated in ways well outside the capabilities of yesterday’s solutions. The threat velocity requires agility in solution design and the baseline data must be able to detect all airspace movement – high and fast, low and slow, RF-shielded or “dark”, or hovering out of sight. This requires a layered system of sensors and software to effectively detect, track, and respond to intruding aircraft in all weather and lighting conditions.
4. Agencies lack required resources.
The drone threat will not disappear by itself. Most agencies today are ill-equipped to manage the disruption and damage a small drone can create, let alone provide the guidance and compliance for securing high value assets, facilities, and critical infrastructure. Staffing levels must be sufficient for broad expertise and systemic transfers of knowledge across government and industry. These entities require dependable budget cycles for long-term investments in personnel and capabilities. We must invest in our physical security as we do in our cyber security.
5. Airspace density is challenging.
Yet another decision to be made in our shared airspace is how to manage the influx of existing drones and the many more that plan to enter, whether it be for recreational or private use purposes, autonomous flight vehicles, and those used by public sector. The drone industry intends for a UAS Traffic Management (UTM) system that incorporates all known and planned flight activity into a system that de-risks operation through coordination and flight plans. Integrating this data for situational awareness would reduce overall threat levels and focus security resources on drones that are not part of the cooperative system or focus on other critical duties. U As continued use of drones and UxS devices enter the shared air space, the UTM data will play a critical role in any high-risk security environment.
This gap between drone threat and drone security can be found in a much broader context in the recent 383 ARC report, in which committees considered and made recommendations for establishing a working counter drone framework for the national airspace system through authorities extended across the Federal government, to State agencies and critical infrastructure owner operators. While extended authorities remain in the distance, seeing industry, government and academia convened to focus on this problem is a healthy step forward. Government legislation for extended counter-drone authorities is still the best path forward.