I’ve written before about the urgent need to update and develop airspace regulations for commercial drone technology, and I want to share further thoughts and ideas with the security industry and policy leaders, as I am frustrated with the speed of change on these matters. The time has come to make real changes and develop clear policies.
Actions to date focus primarily on federal interests which is a good start but where our public gathers are not addressed outside of designated SEAR events. This is a problem. In the private sector, most security programs fail to address commercial drone technology which, like cyber-attacks a decade ago, demanded swift action through a public-private partnership and collaborative approach. Since 2010, the advent of the commercial drone, we’ve seen tremendous growth and momentum with this technology across multiple verticals associated with this market. Not only has platform access grown, simply go to the web to view a myriad of choices with very sophisticated payloads and purchase with a swift click, but drone detection and monitoring, counter unmanned capabilities, drone as a security service, and delivery/taxi options have emerged. This technology is by far the fastest-growing unregulated technological growth in the market today. That should be cause for concern for many reasons but primarily due to our lack of understanding of its impact and the inability to quickly legislate private sector protections.
To be fair, there is some movement with FAA guidelines concerning the “digital license” plate, the current Administration’s National Action Plan (NAP), and the U.S. Chamber of Commerce’s response to the NAP, but it is not only severely short of what is needed it doesn’t address the need for private sector businesses that host the public to be included in the conversation. To put it bluntly, we are at a critical point for action, yet the discussion remains stalled. Most recently, some federal legislators have raised concern over the threat of information theft regarding platforms in the national capital region, but it was a weak call to action that has passed quickly in our rapid news cycle. It highlights growing interest and knowledge that drones of this size and capability are not only privacy but kinetic and intellectual property threats. Simply put, the commercial drone evolution comes in three prongs, surveillance, data theft, and weapons delivery. Think about that for a moment.
In a recent article, a plan of action that supports efforts beyond federal interests reiterates the need to include private sector businesses that host the public in a counter-UAS manner. This is very important because it’s exactly where the general public goes for entertainment and to gather for various informational events. Simply put, this is where your family goes! In military and law enforcement terms, it’s what we call the soft target. So why is this an urgent need? Simply, look at the war in Ukraine and the explosion of readily available information on every social platform about the “drone war.” Ukraine is by far the biggest laboratory and drone experiment we’ve seen since this technology became available to the consumer. The information is so prevalent that it’s overwhelming and requires too much time to digest the full library of information. Stories concerning innovation and creativity surrounding drones are a YouTube video away, new research and development concepts on weapons delivery are a quick search engine query, and unique uses in conflict zone environments are celebrated through official government news sources. In a nutshell, it’s all too real to seem true. So, what is needed and what can be done to help the private sector plan appropriately, mitigate risk, and provide a semblance of safety and security for its patrons?
The simple answer is that we need delegated authorities backed by regulation or law that help to incentivize action. Additionally, like the Safety Act protections these businesses need the government at all levels to act as an umbrella for legal protections which will include insurance provider understanding for private sector businesses to take the threat seriously, budget responsibly, plan, certify, train, and exercise competently to address the need. The dire requirement for a public/private task force is at a critical juncture. As I’ve stated in the past, it is now time to execute the following program.
- Form an official public/private CUAS task force with decision authority. The task force should identify and approve technologies for purchase and use in large private-sector public events, including detection, monitoring, and take control components.
- Provide certification training and testing for private businesses that wish to implement the technology, like the FAA Part 107 requirement for drone operation.
- Establish a national training area that certifies take control operators on the use of the technology while building proficiency in a training environment.
- Form a task force “no notice” certification/inspection capability that can evaluate implementation while providing quality control during execution. This capability should have the authority to cease operations at locations that have not met requirements or have shown the inability to successfully use the technology.
- Inculcate the duty of care responsibility for private businesses as it pertains to public security and safety during large events and incentivize their participation.
The above actions are needed from a law and policy perspective, but what can be done “where the rubber meets the road?” The easy answer is to lean forward and plan. Private sector companies need to update their security programs and think about the dimensions of airspace security from a physical and cyber lens. This is going to require help and take time but the sooner the needs are addressed, then the better positioned the company will be. Additionally, businesses need to invest now in training and certification. Leaning forward concerning the over-the-horizon requirements for security in this physical dimension will save time and money. As a security and public safety professional, start by reviewing your plans. If the air domain is not included, then you’ll know right away that action is needed.
This thought piece is a “Call to Action!” We are behind and experts in this space know it. No one ever thought the Russian Fleet in the Black Sea would be attacked by a combination of air and sea drones but it happened and surely there is more of that thought generating in an age of tremendous technology growth. This technology is limited only by the imagination. We can no longer accept a slow roll regarding substantive action. Don’t sit on your hands any longer or wait for someone to do something. That’s a failed course of action. The bottom-line message for policymakers is “pick up the pace” and for businesses hosting the public “make planning and budgeting a priority.” Take the steps necessary to “get the conversation going” but do more than that, act while there is still time.