Measuring more than 5,500 miles, the border between Canada and the United States is the longest between any two countries in the world. These two neighbors share much more than geography and a robust trading relationship; they also share a vulnerability to security threats of all kinds. This was illustrated most clearly on 9/11, when at least 25 Canadians died in the terrorist attacks in the United States and Canada accepted 234 aircraft and more than 30,000 passengers after U.S. authorities closed U.S. airspace to incoming international flights.
Margaret Purdy has had a front-row seat as security perceptions, policies, and capabilities have evolved over the past 30 years in Canada. She has occupied senior positions in almost every major component of Canada's federal security establishment and has provided advice to successive Canadian governments not only on counter terrorism, but also on emergency management, critical infrastructure protection, transportation security, and cyber security.
In this exclusive interview with Buildings.com, she revealed the threats that keep her awake at night and shared her advice on how building owners can take a responsible and systematic approach to security and emergency preparedness.
About Margaret Purdy
Margaret Purdy is one of Canada's most knowledgeable and experienced national security experts. During a career that spanned almost 30 years, Purdy worked in a wide range of policy, operational, and senior management assignments in Canada's security and intelligence community. Most of her work had a counter-terrorism focus, but she also provided advice to successive Canadian governments on protective policing, VIP and major events security, cyber security, critical infrastructure protection, emergency management, and transportation security.
With academic credentials in journalism, education, and national security, Purdy started her working life as a newspaper reporter. A job as a writer/editor with the Royal Canadian Mounted Police (RCMP) launched her public service career. She spent a dozen years with the RCMP, initially as a protective policing specialist and later as a criminal intelligence analyst on major international investigations. In the mid 1990s, she managed the counter-terrorism program at Canada's domestic security intelligence agency. Purdy then spent 6 years in Canada's Privy Council Office, providing security and intelligence advice and support to the Prime Minister and Cabinet. In 2001, the Prime Minister appointed Purdy to the second-ranking civilian position in Canada's defense department, with a mandate to "stand up" a new entity to manage the federal government's role in critical infrastructure protection, cyber security, and emergency preparedness.
Purdy retired from government service in 2006 and moved into academia as a Resident Scholar in the Centre of Intl. Relations at the University of British Columbia in Vancouver. At the same time, as the principal of Margaret Purdy Consulting, Purdy provides government and private-sector clients in Canada and abroad with security advice and services. Purdy returned to Ottawa briefly in 2007, responding to a request from the Minister of Transport to serve as interim Chair of the Board of Directors of the Canadian Air Transport Authority, the Crown Corporation responsible for security screening at Canadian airports.
Purdy has published on topics such as the root causes of terrorism, security of trade and transportation gateways, and the evolution of Canada's counter-terrorism policy. She has delivered dozens of lectures and presentations in North America, Europe, and Asia, and is currently Vice President of the Canadian Association for Security and Intelligence Studies (CASIS), a non-partisan, voluntary association that promotes informed debate in Canada on security and intelligence issues.
Barbara A. Nadel: Is security a high priority in Canada?
Margaret Purdy: Yes, especially since the events of 9/11. The attacks that day had a profound impact on Canadians' perceptions of the threat environment and the country's vulnerabilities. This is not to say that Canadians "discovered" terrorism on that day. Indeed, 16 years earlier, Vancouver was the point of origin for the most serious act of modern international terrorism up until that point — in terms of numbers of fatalities. Almost-simultaneous bombings on board an Air India plane and at Narita Airport killed 331 persons, most of them Canadians.
Even earlier, Canada had been the venue for assassination attacks on Turkish diplomats by Armenian terrorists, and violence on the part of Tamil and Kurdish terrorist organizations. More recently, as the 20th century was coming to a close, al Qaeda adherent Ahmed Ressam spent considerable time in Canada, acquiring materials for a planned bombing of Los Angeles Intl. Airport.
Yet none of these earlier events resonated with Canadians in the same way as the 9/11 attacks — partly because of their spectacular nature and partly because they illustrated the maxim that "security trumps the economy." Not only did Canadians worry about the spillover of terrorism to Canadian soil, but they also worried about the impact of increased border security on their economic prosperity. New voices suddenly entered the security dialogue in Canada - economists, manufacturers, bankers, and big business.
To this day, Canada has to counter claims by high-profile U.S. commentators that it is "soft on terrorism," including erroneous accusations that some of the 9/11 hijackers had walked across the U.S.-Canada border.
For all these reasons, security moved from the margins to center stage in Canada following the 2001 terrorist attacks. As someone who had worked in the security sector for 25 years, the changes were breathtaking. The machinery of government — at the Cabinet and public service levels — was reorganized, billions of federal dollars were pumped into security programs, new anti-terrorism legislation was enacted in record time, Canada's first-ever National Security Policy was published, a new border accord was signed with the United States, and Canadians' interest in security soared.
Importantly, the private sector also started taking a keen interest in countering terrorism and securing its facilities and operations as a result of the horrific images of the Twin Towers falling. The interest in learning more about how to respond to the altered threat environment was widespread and included building owners and managers across Canada.
What advice would you offer to building owners and managers in Canada and the United States who want to put appropriate security measures in place?
I would urge them, if they have not already done so, to undertake a serious and careful security assessment of their facilities.
They should analyze all potential threats and identify which ones are most applicable to their facilities. Based on this threat assessment, building owners need to take stock of deterrence, detection, and prevention measures already in place, and assess what would happen if these measures failed. Impact assessments should take into account not only financial costs, but also inconvenience costs and potential damage to the building's reputation and client confidence.
In many cases, building owners may conclude that they have adequate and appropriate measures in place; in other cases, the security assessment will reveal gaps or deficiencies needing attention. Importantly, security assessments need to be revisited regularly, as threats, vulnerabilities, and counter-measures are dynamic and ever-changing.
When you use the term "threat," are you thinking mainly of terrorism?
There is no doubt that building owners in Canada and the United States need to take potential terrorist threats into account. Individually — or ideally through their regional or national associations — they need to establish an ongoing dialogue with local and national police and security agencies so that they can keep current with the evolving terrorism threat environment. In cities such as Vancouver, building owners also need to be aware of developments and trends in organized crime, and establish channels to report suspicious activity to the authorities.
Let me open a bracket here and state my personal view that security and intelligence agencies need to share much more information with companies and associations in the private sector, especially with critical infrastructure owners and operators.
Federal agencies should be sponsoring more security clearances for senior officials in the energy, banking, telecommunications, transportation, and other sectors, should be briefing them regularly on the threat environment, and should be promoting a robust, two-way sharing of information about threats, vulnerabilities, incidents, and counter-measures. In particular, government agencies need to revisit their Cold War-era security rules and ensure that information and assessments get to those in a position to act on it — inside and outside government. Private-sector security officials do not need — and usually do not want — access to classified data about sources and methods. They do, however, deserve to be treated as security partners.
While terrorism and organized crime deserve serious attention, building owners should adopt a much wider perspective when considering the security of their facilities and the protection of the individuals working or living there. I am a keen advocate of an "all-hazards" or "all-risks" approach, especially in countries such as Canada. We have had more than our share of disasters in recent years — a crippling ice storm; a major electricity blackout; serious denial of serious attacks on essential computer networks; floods, hurricanes, and tornados; a SARS outbreak; and so on. In many cases, measures taken to prepare for terrorism will also help during natural disasters and public health emergencies (and vice versa).
I have seen encouraging signs of collective action on the part of building owners in Canada. Earlier this year, the Building Owners and Managers Association (BOMA) of Canada released a pandemic planning guide for commercial buildings. This is a fine example of private-sector leadership in preparing for serious non-terrorist emergencies.
Is the threat perception different in Canada?
Yes, I think that Canadians take a more holistic and less terrorism-centric view of the threat environment. The Woodrow Wilson Intl. Center for Scholars produced a fascinating comparative study of U.S. and Canadian threat perceptions a couple of years ago. It concluded, as I have, that most Canadians do not equate "risk" with "terrorism." For Canadians, more so than for Americans, security and risk are highly multidimensional, with the terrorist risk a relatively modest part of the overall threat hierarchy.
Which of the many threats you have mentioned worries you the most? Which one keeps you awake at night?
Frankly, I am surprised that we have not experienced more malicious cyber-based attacks directed at essential services, systems, and networks. In the lead-up to Y2K, Canada identified its critical infrastructure and also took the time to map and analyze the web of complex interdependencies among the key infrastructure sectors. Through that exercise, we learned just how dependent we were on information technology. Today, more than three quarters of Canadians over the age of 12 are Internet users and, of course, Canada is the birthplace of the ubiquitous BlackBerry®.
The scenario that worries me the most is one in which terrorists launch a successful cyber attack on critical systems and networks simultaneously with more traditional attacks using bombs or guns. I share the worries of Thomas Homer-Dixon, a Canadian scholar who warns of "synchronous failures" and the potential for small groups of people to use readily available technological means to sabotage complex, interconnected critical infrastructure systems and to kill large numbers of people.
I also worry about the release — or even the threatened release — of chemical, biological, or radiological materials in heavily congested areas, such as high-rise buildings. You will recall the anthrax scare that hit just 1 week after the terrorist attacks in 2001. Letters containing anthrax spores were mailed to several U.S. news media outlets and two U.S. Senators, causing severe psychological stress far from the crime scenes - including among Canadians. Five people died and the decontamination and clean-up work took years and millions of dollars to complete. As far as I know, the crimes remain unsolved.
Finally, I worry about complacency and "it-can't-happen-here" attitudes. I agree with those who say that interest in security diminishes in direct proportion to the time lapse since the last incident. Everyone - policymakers and building owners included - are easily distracted by here-and-now demands on their time and their attention.
What actions can building owners take to prepare for such a broad range of possibilities and to avoid complacency?
I am a strong advocate of year-round security awareness programs as a responsible way to keep security on people's radar and to help them take action in the workplace. Some tips:
- Include references to good security practices in building newsletters.
- Advertise the availability of emergency preparedness brochures aimed at families.
- Participate in Emergency Preparedness Week activities in your city.
In addition to acting on the results of security assessments, building owners should also ensure that their business continuity plans are updated regularly. Where will the building management team meet if the building is inaccessible? How will they communicate with each other and with their tenants if phone and Internet networks are overloaded or damaged? Are plans in place to move tenants to alternate sites in the event of prolonged building closures?
I am also a huge fan of tabletop exercises for senior management teams in the public and private sectors. The key is to develop a fictional (but realistic) scenario against which to judge the strengths and weaknesses of current plans and precautions. Tabletop exercises are a low-stress, yet efficient, way for senior managers to discuss how they would react and take decisions in the event of a major earthquake or reports of a dirty bomb explosion in the vicinity of their building.
What do you say to Canadian building owners who worry about the costs of enhancing their security posture, especially if they have never experienced a serious threat or incident?
I would say that, in the contemporary security environment, Canadians expect both their governments and major businesses to take security and emergency preparedness seriously. Building owners who ignore these matters to save money are near-sighted and naïve. The challenge is to find the right security posture for each facility based on an objective review of the threats, vulnerabilities, and potential impacts Don't overact, but don't put your head in the sand.
Many security enhancements (guards, lighting, and sophisticated access control, for example) do come with hefty price tags. But, many other enhancements are low cost. I am thinking here of signage and other awareness raising initiatives, business continuity planning, and tabletop exercises.
Barbara A. Nadel, FAIA, principal of Barbara Nadel Architect in New York City, may be reached at (BldgSecure101@aol.com).
- Homer-Dixon, Thomas. "The Rise of Complex Terrorism," Foreign Policy, January/February 2002.
- Purdy, Margaret. "Canada's Counterterrorism Policy," Book Chapter, How States Fight Terrorism: Policy Dynamics in the West," Lynne Rienner Publishers, 2007.
- Purdy, Margaret. "Gateways and Corridors: Assessing and Addressing Strategic Security Concerns," Paper presented at Intl. Conference on Gateways and Corridors, Vancouver, May 2007.
- Purdy, Margaret. "Countering Terrorism: The Missing Pillar," International Journal, Winter 2004-2005.
- Purdy, Margaret. Targeting Diasporas: The Canadian Counter-Terrorism Experience, Working Paper series of The Armed Groups Project, 2003.
- Woodrow Wilson Intl. Center for Scholars (The Canada Institute). One Issue, Two Voices: Threat Perceptions in the United States and Canada, October 2005.