Why do we need to consider the international threat in addition to a local or national threat when trying to define them? There are two motives behind this consideration. One is due to modern businesses often being intertwined with businesses overseas. At a minimum, many of today's businesses have interests overseas. Most large companies import items from overseas for resale here in the US. This means that the business will be more exposed to intelligence gathering as well. Every country has unique laws that govern competitive intelligence collection. What is legal and ethical here is not necessarily so elsewhere. Additionally, the security of their personnel when traveling is higher. This may mean that the business needs to have training in cultural awareness and local customs and laws prior to travel as well as establishing and providing points of contacts within the foreign nation for the representative to contact in the event of an emergency. Businesses "cyber" connections to their contacts overseas may be at more risk for the many of the same reasons listed above. Completely defending the threat prior to conducting the threat assessment focuses businesses limited resources where they need to be.
Additionally, the events surrounding September 11, 2001 showed private industry that they may be at risk to international terrorism also. Prior to 9/11, most businesses convinced them that the only risk that existed was criminal and tended to overlook terrorism. Even the US Government did not take terrorism as seriously as it should have. Many military installations were characterized as "open post" installations (installations that had free and open access to the civil community). This all changed after 9/11 with all military installations becoming "closed posts" (posts that restrict access to those that have a need to be on post). This is mostly due to redefining the threat to include international terrorism. Not all aspects of government have been quick to respond, however. The General Accounting Office (GAO) conducts periodic assessments of the federal government and lists the shortcomings as "high risk". While this list constantly changes as some shortcomings are removed and others are added, a recent General Accounting Office (GAO) report on the US Governments High Risk Areas (2007), ensuring the protection of technologies critical to US national interests was added among others. It is amazing to note, when these reports are viewed together, how deficient our government continues to be even though eclipsed by 9/11.
Finally, it is worthy of note, that international terrorism is not a new phenomenon. Skyjacking and other attacks against Americans was far more prevalent in the 1980's than today. In 1980 alone there were 278 terrorist attacks against Americans worldwide with 416 attacks total between 1968 and 1980 (CIA, 1980). Removing the 9/11 attack, Iraq and Afghanistan from the equation, this number dwarfs the number of attacks against Americans today. The difference is our focus on Islamic terrorism as opposed to terrorism in general. From the 1970s through the 1990s, other than Islamic terrorism counts for most of the terrorist attacks worldwide. From the Red Brigade in Italy kidnapping of the high profile American Brigadier General Dozier in 1981 to the assassination of the founder of the US Army's Survival, Evasion, Resistance and Escape course, Colonel James "Nick" Rowe by the New People's Army in the Philippines In 1989 to the assassination of Archbishop Romero and two US nuns by the El Salvadoran Faribundi Marti National Liberation Front (FMLN) in 1980 to the kidnapping of three American military contractors by the Revolutionary Armed Forces of Colombia (FARC) in 2003. Should I continue ? The Baader Meinhof Gang in Germany, Basque Separatists in Spain, The Provisional Irish Republican Army, the Tamil Tigers of Sri Lanka and the Shining Path (Sendero Luminoso) of Peru. This should be a wake up call illustrating the danger that exists in the real world from international terrorism.
There is a message in all this. International terrorism is alive and well and transcends Islamic Fascism. The difference between the examples listed above and 9/11 is not terrorism. Terrorism is what links them together. The difference is we were attacked on our own soil and close to 3,000 Americans died as a result. As long as terrorism happened somewhere else, even if it happened to other Americans, it was easy to be apathetic. This is no longer the case as the events of 9/11 have fundamentally altered perceptions, both of the security industry as well as expectations of its future performance. There is little excuse post-9/11 for overlooking terrorism as a possible threat to the security of a company. The essence of accurately defending the threat helps a business marshal its resources more effectively. Sadly, as 9/11 may have sent the wrong message to the security industry. In Rethinking Corporate Security in the Post 9/11 Era (2003), Dennis Dalton argues in his introduction that the events of 9/11 pushed the security industry backwards. He thinks that it should have simply been added to the list of existing threats, but appeared to create a larger focus on the physical security aspect. If this is true, then the security industry has a challenge to meet in convincing executors of the importance of threat definition in the overall threat assessment.
Garcia, M. (2001). The Design and Evaluation of Protection Systems. MA: Butterworth-Heinemann.
Government Accounting Office. (2007). High Risk Series, an update. Retrieved 12 November 2007 from http://www.gao.gov/new.items/d07310.pdf
Dalton, D. (2003). Rethinking Corporate Security in the Post 9/11 Era. MA: Butterworth-Heinemann.
Central intelligence Agency. (1980). Patterns of International Terrorism: 1980. Retrieved 13 November 2007 from [http://www.terrorisminfo.mipt.org/pdf/1980PoGT.pdf]