As of 1 April 2014, responsibility for aviation security in the UK has been the responsibility of the Civil Aviation Authority (CAA), not the Department of Transportation (DoT).
Six months into the new arrangement, Peter Drissell, Director of Aviation Security, CAA, has told SecurityNewsDesk that the move has been a success and explained that the way the UK’s aviation industry is regulated is going to see a new approach in the near future.
“The shift to the CAA came about as a result of the Government’s ‘user pays’ initiative,” Drissell said, “and as aviation security and its regulation is of most benefit to users of airlines it was an obvious area to fall under this scheme. At the other end of the spectrum, from a regulation perspective, aviation security was the only aspect of regulation not already with the CAA. So there were obvious benefits to making security part of the CAA’s remit.”
Drissell explained how the handover earlier this year took place in two phases. Phase one was what he described as a “lift and shift”, so that all of the capabilities of the DoT as of the 31st March could simply be handed over without change and be working as normal with the CAA as of the 1 April. He explained that this was crucial to reassure the industry that there would not be any overnight changes.
However, this was not without its challenges, according to Drissell. For instance, prior to the change aviation security was not a single entity within the CAA, so the directorate had to be built up from scratch. To ensure the directorate would be ready to take the helm and run independently it spent a great deal of time shadow running the system with the DoT. A great deal of effort was also put into ensuring the CAA and DoT could continue to communicate securely with improved IT security measures put in place.
Despite these obstacles, Drissell said that phase one was very successful and smooth, meaning the industry barely noticed the physical and cyber move.
Phase two involves building on the synergies between security and the rest of the CAA’s operations, for example safety regulation.
“There are obvious parallels between safety and security,” he said, “so we’re looking at how we can adjust aviation security regulation to follow the safety model as near as possible. The most tangible aspect of this would be a move to performance-based regulation that follows a quality assurance process. This would give more power and freedom to the industry and elevate the CAA into position to oversee the whole process. We’re exploring security management systems that would see individuals in the industry develop their own quality assurance process to allow greater independence.”
At such a time of change and evolution, it’s important that the CAA has a finger on all of the key issues the aviation industry needs to safeguard against, and Drissell is aware of this. He told SecurityNewsDesk that one of the main concerns that must be addressed within the industry is that of cyber security.
He said, “This is a very important issue. The CAA has had a regulatory role in the cyber aspect of aviation traffic management, but we need to expand our approach with aviation security in partnership with the DoT. The DoT has actually recruited cyber security experts to assess what needs to be done and how to improve IT security. Dealing with the issue of cyber security is a Government-led initiative and it’s made it clear how important it is for all the risks to be understood. Cyber security is essential, and it’s important that we advance to reach an acceptable benchmark standard.”
The security situation around the world is volatile, with the threat of terrorism and the fallout of Malaysia Airlines MH17, shot down over Ukraine in July, and Drissell knows that the CAA has to walk a fine line between securing airports and planes without impairing travel.
Drissell and his team are working closely with the DoT to ensure they can keep up in this dynamic world.
Drissel will also be speaking at the Transport Security Expo in London on 2 December.