The lessons from September’s Washington Navy Yard shootings should not include expanding metal-detector searches of federal employees, building security specialists said on Tuesday. But next steps ought to involve improved training of guards and heightened monitoring of agency compliance with recommended risk-mitigation procedures.
Officials from the Homeland Security and Defense departments defended the progress that’s been made on building security governmentwide since the incident, in which mentally troubled contractor Aaron Alexis brought weapons into Navy Yard Building 197 and murdered 12 co-workers.
“In the aftermath, it is only natural that we wonder if all people entering a federal facility -- even employees -- should be screened in some way,” said Sen. Tom Carper, D-Del., chairman of the Senate Homeland Security and Governmental Affairs Committee. “Should we -- to borrow a phrase from Ronald Reagan -- ‘trust, but verify?’ ”
Carper framed the hearing by asking how agencies determine the threats to their specific facilities; whether agencies are properly assessing and prioritizing the vulnerabilities; and how they are responding to threats as they evolve.
Tough questioning came from Sen. Heidi Heitkamp, D-N.D., who faulted both the intergovernmental body advising agencies on improving security and the quality of training of primarily contract guards in confronting active shooters. “There doesn’t seem to be a lot of coordination and when there is, there's not much follow-up,” she said. “When the public sees a uniformed security guard sitting at a desk, there’s an aura of power” except that the guard’s capabilities and role are not clear. “It sends the wrong message to the public.”
Though local commanders have the option of requiring random screening of people entering a facility, “the drawback to screening is a negative impact on mission,” said Stephen Lewis, deputy director for personnel, industrial and physical security policy at the Office of the Undersecretary of Defense for Intelligence. “With 10,000 people coming in the same window, there’s a disincentive to getting the work done.”
Once background checks are performed, “you have to trust the system,” said Caitlin A. Durkovich, Homeland Security’s assistant secretary for infrastructure protection. “There are opportunity costs and resource implications” to checking everyone.
Some agencies, such as the Transportation Department, already screen all employees, said L. Eric Patterson, director of the Federal Protective Service. “But after a background check, people are trustworthy, so I would think this through carefully.”
In discussing solutions, witnesses said all agencies are studying responses to active shooters. They pointed to the limits on training of guards, who, during a crisis, focus on shielding and evacuating employees but depend on local law enforcement under varying state laws to pursue an attacker. They are permitted to confront a live shooter on sight but cannot leave their posts in pursuit, which requires finding “a happy medium” between responding and keeping security officers safe, Patterson said. “There are thousands of buildings, and we don’t have resources to put law enforcement in every building.”
Durkovich said governmentwide protection is a “risk-based process.” Not all buildings are the same, she said, noting that strategies differ for urban versus rural buildings and, for example, for buildings that have child care centers or historic designations.
She acknowledged under questioning that compliance with recommendations of the intergovernmental panel set up after the 1993 bombing of the federal building in Oklahoma City has been left to the agencies themselves.
Patterson said his agency has met six of 13 Government Accountability Office recommendations for improvements in training and communication with staff. GAO analyst Mark Goldstein, however, testified that FPS “continues to lack effective management controls to ensure its guards have met its training and certification requirements.”
Lewis said since the Navy Yard attack, the Pentagon has conducted “internal reviews of gaps and deficiencies and shared other agency best practices.” He expressed promise in a new “enterprise-wide” tool called the Identity Management Enterprise Services Architecture that provides real-time vetting of individuals requiring unescorted access against multiple databases.