The popular Airside access program, which allows guests who aren’t traveling on a flight to visit any of TPA’s four Airside terminals, officially makes its return to Tampa International Airport beginning November 3.
Visitors will be able to register in advance for passes through TSA security screening checkpoints to reach any of the airport’s dining and shopping options.
That means if you want to eat in Airside C at the only Goody Goody location in Tampa Bay or shop for luxury bags at Tumi in Airside F, even when you’re not flying, you can!
TPA All Access was first launched in 2019 but was suspended during the Covid-19 pandemic. Now it’s returning thanks to repeated requests from our devoted customers.
“We’re thrilled to bring back our popular TPA All Access program, giving the entire community a chance to once again shop, dine and relax at Tampa International Airport without requiring a boarding pass,” CEO Michael Stephens said. “Our guests have been eagerly asking for this special perk to return, and we’re proud to reinstate the program as part of TPA’s ongoing commitment to delivering an exceptional customer experience.”
To get a TPA All Access pass, passengers must follow these three steps:
Register online in advance for an available two-hour window to enter the Airside of their choice on the Tampa Intl. Airport website.
Pick up their pass with a photo ID at the Information Desk on Level 3 in the Main Terminal between 9 a.m. and 7 p.m. on the day they’re visiting.
Go through the TSA security screening checkpoint for the Airside they selected with their pass and ID like they’re catching a flight and they’re good to go.
With the TPA All Access pass, they’ll be able to move throughout the Airside just like they’re one of the travelers. Passholders also will be welcome to shop at Duty Free stores in Airsides E and F, but aren’t allowed to buy tobacco or alcohol products at those stores.
Space is limited for each two-hour entry window to keep the Information Desk and TSA checkpoints from getting overcrowded, but visitors may stay as long as they want. Passes are only good for one Airside per visit. Visitors younger than 18 must be registered and accompanied by an adult. TPA All Access users are subject to the same TSA security screening regulations as passengers boarding a plane. Guidelines for items prohibited in carry-on luggage, including liquids, aerosols and gels, apply to personal items taken through security.
Smiths Detection announced that its proprietary iCMORE Automated Prohibited Items Detection System (APIDS) has been certified by the German Federal Police Technology Center (FPTC) for use at airport security checkpoints in Germany.
iCMORE APIDS leverages AI in image analysis to identify a wide range of prohibited items on computed tomography (CT) screening systems with proven accuracy and reliability, at pace. Real time alerts give operators invaluable support, enable faster decisions and safely raise throughput for a more seamless passenger experience.
Certification from the German FPTC marks a step toward the ambition of alarm only viewing with iCMORE APIDS. The iCMORE algorithm was tested against EU APIDS Standard 1 alongside additional national requirements. Coverage applies to HI-SCAN 6040 CTiX in the certified configuration, and Smiths Detection will work with customers to align versions, schedule updates and deploy within the approved scope.
“This certification is another forward step for aviation security, operational efficiency and the passenger experience, said Cymoril Métivier, global digital portfolio director at Smiths Detection. “With iCMORE APIDS delivering proven results on CT, passengers will know with certainty that they are protected with world-leading precision while airport operators gain a transformational uplift in efficiency. Smiths Detection is leading this shift, enabling our customers’ security policy and paving the way for the future of airport security and alarm only viewing.”
London, United Kingdom, 20 November 2025 – Smiths Detection today announces that its IONSCAN 600 explosives trace detector (ETD) has achieved ECAC/EU G1 approval, ensuring that all ECAC-approved units equipped with the new Control Parameter (CP) set are fully compliant with the latest G1 standards for passengers/cargo.
The IONSCAN 600 had previously achieved the ECAC/EU ETD standard for explosives detection (hand and wand sampling). This new evaluation focused on G1 compliance for detecting chemicals using particulate sampling, meaning the system now holds the ECAC/EU G1 standard in addition to its existing explosives detection certification.
Meeting the most current ECAC security requirements reassures customers that they are operating with technology that meets Europe’s highest and most up-to-date performance standards. G1-approved systems deliver stronger protection against evolving threats, reduce regulatory and operational risks, and are fully eligible for deployment across ECAC/EU-regulated environments. Through a quick CP set upgrade, customers benefit from a smooth cost-effective transition to the new requirements, extending the life and value of their existing IONSCAN 600 units.
As airports and security agencies across Europe prepare for the transition to G1 requirements, this milestone reinforces Smiths Detection’s commitment to supporting customers with future-ready solutions that meet evolving regulatory demands. The upgraded CP set enhances the performance of the IONSCAN 600, ensuring robust, reliable detection capabilities across a broad range of threat materials.
“Our role is to be a trusted partner for our customers, making sure our solutions meet the latest security standards” said Matt Clark, VP Commercial at Smiths Detection. “Achieving G1 compliance affirms the robustness of the platform and means our customers can rely on the IONSCAN 600 to deliver consistent, compliant performance without the added burden of managing compliance risk.”
The IONSCAN 600 is one of the most widely deployed and trusted trace detection systems worldwide. Compact and portable, it detects a broad range of explosives and narcotics, including potent synthetic opioids. Its non-radioactive IMS source requires no nuclear licensing, and cost-effective, single-use swabs enable efficient, hygienic sampling with reduced contamination risk.
New drugs, routes and tricks spur operators and vendors toward smarter, faster, safer devices.
Air, ground, maritime and rail operators as well as enforcement officials face rapid changes in drug smugglers’ tactics, while detection vendors that support them are refining technology — including artificial intelligence (AI) — for products to help foil the crooks.
Tougher enforcement efforts around the world, greater supplies and higher prices have spurred smugglers to decentralize their organizations, outsource methods and diversify routes for moving narcotics, such as “designing” more potent drugs that can be shipped in smaller, less detectable parcels.
“The traditional smuggling routes and methods have not changed significantly,” said Jeff Sweetin, a retired U.S. Drug Enforcement Administration (DEA) special agent and counter-narcotics consultant for Thermo Fisher Scientific. However, he and his colleagues have seen “several methods of countering added border enforcement. While these trends have not yet amounted to a complete shift in cartel tactics, enforcement personnel are reporting them more frequently.”
In May, Thermo Fisher introduced TruNarc Delta and Tau upgrades of its handheld narcotics analyzer, shown here. Thermo Fisher image.
Thermo Fisher in May unveiled the TruNarc Delta and Tau upgrades of its handheld narcotics analyzer, which uses Raman spectroscopy for rapid, non-contact identification of more than 1,200 substances. The Delta is aimed at U.S. customers, the Tau for others worldwide.
Vendors look to build on their portfolios of proven spectroscopic- and radiation-based detectors by increasing the speed, range and adaptability of results for field investigators, in part with AI-based tools. For instance, they are linking detector results with cloud-computing libraries of spectroscopic signatures that can detect specific drug ingredients from tens of thousands of possibilities within seconds and can learn new signatures without the need to add them manually.
Smugglers’ New Tactics Vary
Many have foregone top-to-bottom supply chain control and outsourced shipping phases, processing stages and money-laundering. Police have seized single bulk shipments that contained drugs labelled for competing gangs and destined for a multitude of customers — an Amazon-like model for saving money and speeding delivery. Cryptocurrency is replacing cash to evade scrutiny as payments change hands.
More roundabout routes are adopted — say by ship from Latin America to West Africa on to Scandinavia and Russia, then by truck to inland points — to break patterns that make police suspicious. Some smugglers have moved upstream products like coca paste from Latin American cocaine labs to final processing closer to consumers in Europe and fentanyl powder to pill pressers in the U.S. Others are experimenting with liquifying drugs to hide them in fuel tanks, seat cushions and insulation, Sweetin said. Smugglers are hiding drugs in auto batteries and masking them with chemicals to throw off detectors.
Some are developing submersibles to sail tons of drugs between continents, even as far as Europe and Australia. There are reportedly smugglers hiring professional divers to attach drug shipments outside cargo ship hulls then fly to the destination to remove them.
“Illicit trafficking networks have evolved into increasingly industrialized criminal economies that exploit weaknesses in border security, customs controls and screening technologies,” Smiths Detection, aviation marketing manager for Smiths Detection, said. “This shift is creating distinct smuggling patterns across all major modes of transportation.”
He added, “While the methods differ across transport modes, they share a common thread: growing sophistication that poses significant new challenges for global border security.”
The Smiths SDX 10080 SCT is a modular hold-baggage and air cargo screening system. Smiths image.
Smiths in October released the SDX 10080 SCT, the latest product in the global EDS line. It is a modular hold-baggage and air cargo screening system that combines advanced dual-energy computed tomography (CT) with an optional high-resolution dual-view line scanner that Smiths said “offers exceptional modularity, reliability and efficiency.”
Among its other products is the HCVM XL mobile scanner, which provides high-energy X-ray imaging for non-intrusive inspection of cargo to enable customs officers to rapidly and accurately identify illicit goods without disrupting the flow of trade. At the turn of the year, Smiths installed four with Trinidad & Tobago’s customs agency at Port of Spain and the Port of Point Lisas.
Efforts to counter new drugs and tactics are bolstered by greater counter-drug funding, particularly in the U.S. and Europe.
Kevin J. Knopp, 908Devices
That increased funding “will institutionalize demand” in the narcotics-detection and related markets and support growth in them, said the CEO and co-founder of 908Devices, Kevin J. Knopp. “This is setting up not only in the United States, but globally.” One recent report forecasts the global market for narcotics detection equipment to grow from $3.76 billion last year to $5.05 billion by 2029, maintaining a compound annual growth rate of more than six percent.
Recently, the U.S. Coast Guard bought 23 of 908Devices’ MX908 handheld mass spectrometers for narcotics interdiction efforts. 908Devices image.
Additional funding in the U.S. includes this year’s budget reconciliation law and last year’s DETECT Fentanyl and Xylazine Act, which should boost research and development of means to detect those drugs.
In October, 908Devices said the U.S. Coast Guard bought 23 of its MX908 handheld mass spectrometers for narcotics interdiction efforts and hazardous threat detection. The service now fields more than 35 of the MX908, which combines thermal desorption, chemical ionization and high-pressure mass spectrometry to detect hundreds of chemical substances at trace levels, including fentanyl, explosives and other threats. The MX908 can identify over 2,000 fentanyl analogs, the company said.
In Europe, funding boosts stem from increased defense funding by NATO members and others. Customers are showing greater interest in detection capabilities elsewhere in the world, too. For instance, Bruker Corp. saw a 30 percent year-over-year increase in orders for its airport-deployed detectors, related consumables and services through October.
“There are significant improvements outside of the U.S.,” Bruker president and CEO Frank Laukien said, including in Europe, Japan, China, South Korea and the Middle East. He added that the company’s Applied Markets segment is “growing very nicely” with “a pretty broad international distribution.”
The Road Runner is a 7.5-pound, handheld device to detect narcotics and explosives vapors and particles made by Bruker. Bruker image.
Bruker’s products include the Road Runner, a 7.5-pound, handheld device to detect narcotics and explosives vapors and particles. It uses ion mobility spectrometry (IMS) with a compressed high-intensity radiated pulse (CHIRP) algorithm and guides its user step by step via a touchscreen display. Another product is the Mobile-IR II, a portable, battery-powered Fourier Transform Infrared (FT-IR) spectrometer that the company said delivers laboratory-level spectral performance with an intuitive workflow set-up for IDing illegal substances.
The greater funding also stems from Europe’s efforts to combat a spike in cocaine use there (which now may exceed that in the U.S.). “Belgium, the Netherlands and Spain have reported the highest volumes of seizures, reflecting their importance as entry points for cocaine trafficked to Europe,” said a March report by the U.S. State Department’s Bureau for International Narcotics and Law Enforcement. That has increased cross-border criminal activity, “with European organized crime groups expanding their footprint in Mexico and South America and vice versa.”
Facing such crime, geopolitical conflicts and terrorism, “governments worldwide are investing heavily in advanced systems to enhance detection, deterrence, and response capabilities,” said Ajay Mehra, president, CEO and director of OSI Systems. He added customers are addressing the growing threats by increasing their focus on technology innovation and shifting policy priorities, supported by targeted funding.
OSI Systems designs and manufactures specialized electronic systems and components for critical applications, serving customers in 170 countries. Its Rapiscan Systems unit offers a wide range of scanners and inspection systems for aviation security, cargo, and vehicles.
These include the MobileTrace simultaneous dual-mode narcotics/explosives detector, which uses the company’s patented Ion Trap Mobility Spectrometry. It has been deployed at airports, border crossings, military bases and other critical global checkpoints.
In September, Rapiscan launched its Orion Road 930DX-V mobile X-ray system. With a van-size footprint, the system is designed to detect narcotics, concealed weapons, explosives and other contraband for customs and border protection, critical infrastructure fortification, law enforcement and other missions.
The Threat of Drugs is Broad and Changing
Fentanyl — the synthetic drug and most potent narcotic used by doctors (50-100 times more potent than morphine) — is highly addictive. Fentanyl analogs are synthetic opioids generally engineered to be more potent; carfentanil is 100 times more so. More potent ones can be small enough for hundreds of lethal doses in envelopes to be mailed — still a major smuggling method — or hidden on the body.
Heather Colby, Apstec Systems
“Detecting narcotics concealed on the body under clothing is incredibly challenging,” said Heather Colby, who manages sales channels and alliances for Apstec Systems. “Technology has struggled to deliver effective solutions, and large-scale manual operations are intrusive, costly and generally impractical.”
Detecting narcotics hidden on the body has long been a complex challenge for customs authorities, with traditional methods proving costly, intrusive and inefficient. Apstec says its HSS Falcon Select changes this by offering fast, non-intrusive, real-time screening for large numbers of passengers and their belongings. The solution identifies drugs concealed on the body while respecting privacy and ensuring a smooth border crossing experience. Apstec image.
Apstec develops high-throughput screening technology to detect narcotics, explosives and weapons. It said its products can screen large numbers of people and identify diverse threats while ensuring seamless, non-intrusive processing. It described its flagship product, HSS Falcon, as a powerful, AI-driven solution that provides comprehensive detection on people and in body-worn/hand-carried bags.
Dr. JihFen Lei, Teledyne FLIR Defense
The first fentanyl analogs emerged in 2019. Last year, there were 688 reported variants, according to the United Nations. Today there are nearly 1,400.
Teledyne FLIR Defense says its Griffin G510x portable chemical detector is specifically designed to analyze and identify explosives and narcotics (such as fentanyl and its analogs) within five minutes. Teledyne FLIR Defense image.
“Drugs like fentanyl remain a deadly threat and drain on our country, consuming lives and resources across America,” said Dr. JihFen Lei, president of Teledyne FLIR Defense. In October, that company got an order from U.S. Customs and Border Protection (CBP) for 15 of its Griffin G510x portable chemical detectors, which are specifically designed to analyze and identify explosives and narcotics (such as fentanyl and its analogs) within five minutes. The instruments are to be fielded across the U.S. to help CBP identify the most challenging drug samples, such as those containing fentanyl in extremely low concentrations mixed with other compounds.
Those analogs are among a diverse group of lab-made compounds called novel psychoactive substances (NPSs). Most are created to mimic prescription or illicit drugs’ effects and to evade controlled-substances laws by slightly modifying an existing drug. With unfamiliar chemical signatures, these drugs can evade detectors until those signatures are added to devices’ libraries. Thermo Fisher’s Sweetin recalled that when traffickers began mixing fentanyl with xylazine, a pet sedative, detectors didn’t recognize it because its signature wasn’t in their libraries. Once it was added, investigators looked back and found it had been used widely.
“No matter how good the devices are,” he said, “if we don’t know to add an emerging drug to a device library, our customers can’t identify them.”
The N2300 Fentanyl Trace Detector can be added to any Autoclear X-ray baggage scanner, the company says. Autoclear image.
That need is one reason vendors are adding AI. In February Leidos said it was partnering the AI software company SeeTrue to improve the efficiency of airport security and customs screenings through AI-enabled algorithms for detecting prohibited items. Smiths has partnered with BigBear.ai, Deepnoid and other AI experts to hone its systems threat-detection capabilities.
The threat-detection company Autoclear offers proprietary AI Threat Assist software with its X-ray security screening systems. Its N2300 Fentanyl Trace Detector can be added to any Autoclear X-ray baggage scanner.
TactiScan’s pocket-sized narcotics scanners use cloud AI that taps advanced deep learning algorithms together with commonly used reference standards to analyze readings, identify substances and update its signature library. This reduces the risk that TactiScan will be confused by cutting agents and adulteration.
“AI and advanced analytics are transforming the detection landscape,” Smiths’ Kaufmann said. “These tools will be critical in busy logistics hubs, where authorities must assess large volumes with limited resources.
Old drugs still prevail. Around the world, the stimulants methamphetamine and amphetamine dominate the use of and trafficking in synthetic drugs, according to the U.N., and cocaine production and use is setting records year after year. The U.N. estimated worldwide illegal cocaine production in 2023 at 3,708 tons, 34.5 percent more than 2022 and 327 percent more than 2014. (Heroin production is dropping.)
Smugglers have long used aircraft, trucks and ships. They also are expanding their use of trains, which have been used mostly to traffic people. In one example, officials in India’s Kerala state said trains are now a prime narcotics smuggling method. In 2024, they said 1,232 pounds were seized on trains in the state. By this March, police had seized 928 pounds. Those totals were for only one of India’s 68 rail divisions.
Tactiscan enables officers to identify unknown substances through plastic bags without contamination and ensures the occupational safety of officers when identifying drugs. The entire identification process is digitally documented.
That development is just one indication that drug smugglers are always seeking new markets and new ways of getting their products to them.
“Looking ahead, traffickers will remain exceptionally agile, exploiting distinct vulnerabilities across various sectors of international trade and travel,” Smiths’ Kaufmann said. “Global drug trafficking today is not constrained by geography, mode of transport, or concealment method. Countering this evolution will require next-generation detection capabilities.”
Insider threats are one of the most insidious dangers to face the transportation industry. This is because of the element of betrayal and surprise associated with them. The reason: “Insider threats are risks that originate from trusted individuals, namely employees, contractors, or third parties who have legitimate access to an organization’s systems, data, and infrastructure,” said Ryan LaSalle, CEO of Nisos (nisos.com, which helps organizations detect, prevent, and respond to insider threats before they escalate). “Historically, the term referred mostly to negligent mistakes, such as misconfigurations or mishandling sensitive information. Today, the definition is far broader. Insider threats now encompass deliberate acts of sabotage, theft, fraud, and policy violations, as well as negligent or accidental behaviors that expose the organization to risk. In transportation companies, this can result in financial leakage, smuggling or industrial espionage.”
Ryan LaSalle, Nisos
“While some organizations may have a robust security posture, all that it takes is just one employee to conduct their own security controls assessment to identify weaknesses in an attempt to evade detection,” added Jim Henderson. He is CEO of the Insider Threat Defense Group (ITDG, www.insiderthreatdefensegroup.com). It has assisted more than 700 organizations in developing, implementing, managing and optimizing their insider risk management programs. “The damages inflicted by these insiders have caused billions of dollars of damage. Some affected companies have suffered large layoffs or gone out of business as a result.”
Three Types of Insider Threats
Although there are many kinds of insider threats, the experts interviewed for this article generally agreed that they can be classified into three main categories:
• The Malicious Insider: This is an employee who intentionally damages systems, steals data, or sabotages operations.
• The Negligent Insider: This is an employee who unintentionally causes harm through mistakes like clicking phishing links, mishandling credentials, or ignoring procedures.
• Third-Party Insider: These are an organization’s vendors or partners who have access to the organization’s systems and misuse this privilege, sometimes for profit, other times through carelessness.
Dealing with negligent insiders is a matter of detection, education, and — if they then refuse to improve — possible termination. It is the malicious and third-party insiders that constitute the real risks.
So why do they do it? Their motivations vary as widely as the crimes they commit. But there are some common threads. “Malicious insiders are often driven by motivations such as personal gain, revenge, ideology, or coercion, but these motives rarely appear in isolation,” said Ashleigh Diserio, president of Diserio Consulting (https://www.diserioconsulting.com), which specializes in behavioral consulting, insider risk detection, and risk management. “They can be influenced by factors in a person’s professional or personal life, such as job dissatisfaction, financial hardship, burnout, feeling undervalued, or unresolved conflicts with management or coworkers. For example, a frustrated employee who feels overlooked for promotion or mistreated by leadership might rationalize leaking sensitive data to a competitor or sabotaging logistics systems as a form of payback or self-justified justice.”
Third-party insiders, such as contractors, vendors, or technology partners, can be motivated by similar pressures. “Financial strain, loyalty to another organization, or even social manipulation can lead them to share or misuse access,” Diserio told TSI. “In some cases, their weak security habits or personal vulnerabilities make them easy targets for coercion or exploitation by external actors.
Detecting Insider Threats
Detecting insider threats is a daunting task, especially for transportation companies that cover great distances and often have multiple locations to monitor. But it is a task that can be done — and must be.
“Transportation companies operate with large, distributed workforces and high access environments, from logistics centers to maintenance shops and drivers in the field,” said Col (Ret) Brian “Patton” Searcy, president and founder of The Paratus Group (www.paratus.group), which trains people to recognize and respond to threats. “This makes insider threat awareness essential.”
So how can an organization generate insider threat awareness internally? “Train employees to look for changes in behavior, unusual stress, sudden wealth, rule-bending, isolation, and who to report it to,” Searcy replied.
“Detection begins with visibility,” added Diserio. “Transportation companies must understand who is accessing what, when, and why. Given the scale and complexity of logistics operations, insider risk detection cannot rely on guesswork. It requires structured policies, layered monitoring, and a clear framework for accountability.”
Being aware of what is happening in the organization at all times is paramount. “The key is to monitor all three potential dimensions of insider threat: behavioral, technical, and organizational,” LaSalle noted. “Behavioral signals might include sudden changes in work hours, unexplained conflicts with colleagues, or controversial activity on social media. Technical signals could be large, unauthorized data transfers, use of personal devices on the network, or attempts to disable security controls. Organizational signals include declining performance reviews, disciplinary actions, or notice of resignation.”
“Detecting insider threats involves more than just monitoring the network,” said Henderson. “Comprehensive insider risk management involves many key stakeholders: the Insider Threat Program manager, the Insider Threat investigator-analyst, the FSO, CSO, CISO, human resources, CIO – IT, network security, counterintelligence investigators, mental health/behavioral science professionals, and the legal department. These stakeholders must work together sharing employee risk and threat information, as no one individual within an organization is positioned to see every single employee risk factor or behavioral indicator. Collaboration among key stakeholders is a critical element for detecting and mitigating insider threats.”
To maximize the value of these actions, transportation companies should have monitoring policies that integrate their internal detection results with external intelligence. “For example, detecting unusual financial behavior, side employment, or suspicious online affiliations outside the company can provide early warning before an insider escalates to harmful actions,” LaSalle said. “Once risks have been identified, companies need clear escalation paths — often through a collaboration between HR, security, and legal teams — to investigate quickly, attribute activity accurately, and take proportionate action.”
How the Experts Do It
Transportation companies exist to move people and goods. Dealing with insider threats is not their core business, which is why hiring an outside expert to do this for them can often make sense. We asked the experts we interviewed how their companies do this.
“At Diserio Consulting, we take a full-lifecycle approach to insider threat management, from prevention and early detection to investigation, response, and long-term resilience,” said Ashleigh Diserio. “We understand that insider risks are not just a technology problem but a human one. That’s why our services combine behavioral science, analytics, and organizational strategy to address risk from every angle.”
This is how Diserio Consulting helps transportation and logistics companies protect their people, assets, and operations from insider threats.
The process begins by compiling insider threat risk assessments at the client company. To do this, “we conduct comprehensive assessments that evaluate vulnerabilities across an organization’s systems, workforce, and vendor ecosystem,” Diserio told TSI. “Our process involves structured interviews, behavioral risk mapping, and analysis of access controls and workflows. For transportation companies, this often includes reviewing logistics management systems, driver access points, cargo tracking data, badging data, and maintenance records to uncover where insider risks are most likely to emerge.”
Having done this, Diserio Consulting starts monitoring and assessing employee activities on an ongoing basis. “Our behavioral analytics platforms go beyond standard cybersecurity monitoring,” said Diserio. “By establishing individual and team baselines for everyday activity, we can identify deviations that indicate emerging risks, such as increased data downloads, sudden changes in work patterns, or behavioral red flags like frustration or disengagement. Our team integrates these tools with existing IT and HR systems, ensuring seamless insight across both digital and human data points.”
Of course, the transportation sector depends heavily on vendors, contractors, and logistics partners, all of whom can introduce third-party insider risks into a client’s business environment. To mitigate these risks, Diserio Consulting assists organizations in establishing a structured third-party risk management framework. “We conduct vendor security assessments, review access controls, and develop standardized onboarding and offboarding protocols to minimize exposure to external partners and ensure a secure environment,” Diserio explained.
Whenever an insider incident does occur, Diserio Consulting’s response team is ready to investigate and contain it. “We use digital forensics and behavioral analysis to identify root causes, preserve evidence, and recommend remediation steps,” said Diserio. “For transportation clients, this may involve tracing unauthorized access to routing systems, shipment databases, or employee credentials, while maintaining operational continuity.”
Beyond the above, Diserio Consulting develops tailored training programs that educate employees, supervisors, and contractors on how to identify and report potential insider risks. They also conduct behavioral workshops that teach leadership teams how to spot early warning signs of stress, burnout, or dissatisfaction, factors that can precede malicious or negligent actions. “In addition to training, we help companies build supportive, transparent workplace cultures that reduce the motivations behind insider threats,” Diserio said. “Our consultants work with HR and management to develop employee engagement strategies, confidential reporting channels, and intervention processes that address personal or professional issues before they escalate into security incidents. By combining behavioral insights with advanced analytics, we help transportation organizations shift from a reactive stance to a proactive one, predicting and preventing insider risks before they impact operations.”
The Insider Threat Defense Group (ITDG) offers similar services to its clients. “A first step for any organization, to include transportation companies, is to have a baseline and much deeper understanding of what insider threats are, and what is involved in insider risk management (IRM) — including extensive training,” said Henderson. “Key stakeholders must have a comprehensive understanding of the collaboration components and responsibilities required by them, and the many underlying and interconnected components that are essential for a comprehensive IRM program. Key stakeholders must be universally aligned from an enterprise/holistic perspective to detect and mitigate employee risks/threats. As well, an IRM program must be built on a solid framework of non-technical and technical security controls for the program to be comprehensive and effective.”
Worth noting: In addition to its IRM services, ITDG publishes a fascinating free monthly newsletter that details the latest happenings in insider-related crime. Available at www.insiderthreatdefense.us/insider-threat-incidents-reports-news, this newsletter provides insights into insider threat activities (much of it sourced from U.S. Department of Justice news releases), including the following: “Operations Manager Charged For Role In Embezzling $500,000 From Trucking Company.” In this report, ITDG explained how an operations manager at a large trucking business filed fraudulent truck driver reimbursement requests. This insider activity happened for over three years before the fraud was detected and stopped.
As for Nisos? “Our Insider Threat solutions combine technology with white-glove analyst services to provide holistic coverage,” said LaSalle. “By integrating external intelligence, continuous monitoring, and AI-driven attribution, Nisos helps organizations detect, investigate, and prevent insider threats before they manifest internally.”
Nisos’ Insider Threat services include:
• Early Risk Identification: Detecting potential indicators of insider threat – from concerning financial behavior, to social media, to undisclosed side employment — before they can escalate.
• Accurate Attribution: Connecting digital accounts and external signals to real-world individuals with AI-powered attribution and confidence scoring, to reduce false positives.
• Actionable Investigation Insights: Transforming risk signals into investigation-ready insights, to enable informed decision-making and speed up threat responses
• Continuous Monitoring: Maintaining real-time awareness of emerging insider threats with dynamic, always-on coverage that complements internal telemetry and reduces blind spots.
Finally, the Paratus Group provides a full range of threat detection services, staff training programs, and surveillance technology solutions to help their clients detect and defeat insider threats. Brian Searcy contextualizes these offerings in terms of the practical steps that transportation organizations can take to protect themselves:
• Behavioral Observation and Communication: Train employees to look for changes in behavior, unusual stress, sudden wealth, rule-bending, isolation, and know who to report it to.
• Micro-Learning and Scenario Training: Short, consistent awareness sessions are far more effective than one-time lectures. The Paratus Group uses five-minute daily and weekly drills that fit seamlessly into operations.
• Integrated Monitoring: Combine human awareness with technical monitoring. Systems can detect unusual logins; people can recognize unusual attitudes or motives.
• End-of-Shift “Hot Wash” Reviews: Encourage teams to share observations before they forget, because small concerns often connect to larger patterns.
• Faith and Purpose Mindset: When employees understand the higher purpose of their work, that they’re protecting people, not just property, it strengthens both ethics and performance. This approach transforms employees from passive observers into active protectors of the mission.
• An important point: “All of this requires buy-in at the highest levels,” said Searcy. “If they continue to conduct ‘check the box information events’, then nothing will change.”
Nisos says their Insider Threat solutions combine technology with white-glove analyst services to provide holistic coverage. The group says by integrating external intelligence, continuous monitoring, and AI-driven attribution, they can help organizations detect, investigate and prevent insider threats before they manifest internally. Nisos image.
Success Stories
Deploying a comprehensive insider threat defense program takes time, effort, and money. So, is it worth it? To answer this question, Ashleigh Diserio offered the following two success stories.
Case 1: Airline Industry
An airline approached Diserio Consulting after noticing inconsistencies in maintenance scheduling and access logs. “Our behavioral analytics platform flagged an employee who was repeatedly accessing sensitive aircraft maintenance data outside regular working hours and from an unusual geographic location outside the United States,” Diserio said. “This employee was not authorized to take their work computer outside the United States.”
After some digging, Diserio Consulting detected a pattern suggesting both insider knowledge and external coordination. “Our investigation revealed that the employee had been approached by a third party offering financial incentives to share internal system access credentials,” said Diserio. “By combining data analytics with behavioral profiling, which identified sudden changes in the employee’s work habits, communication tone, and stress indicators, we were able to alert the airline’s security and HR teams before any data was leaked. The individual was removed from their role, and the incident was contained without operational disruption or public exposure. The airline was later able to utilize our findings to enhance employee wellness programs and improve communication between maintenance and management teams, thereby addressing the root causes of insider risk.
Case 2: Bus Transportation
A bus transportation company faced a potential insider threat when Diserio Consulting’s continuous monitoring system detected irregular data activity from an operations supervisor’s account. The account had begun accessing passenger manifests and route scheduling data at irregular intervals, an activity that didn’t align with the employee’s role or prior work behavior.
“Our response team immediately launched a forensic review, uncovering that the employee’s access credentials were being used to gather and sell data related to competitor routes and operational schedules,” Diserio told TSI. “Motivated by personal financial stress, the insider had been approached through social media by an external buyer. Due to early behavioral flagging, which included signs of disengagement, attendance issues, and changes in communication tone, our system alerted leadership before any significant data was shared.”
Working closely with HR and law enforcement, the company managed to contain the incident. “Notably, our consultants helped management implement new employee support channels and financial wellness initiatives to mitigate similar motivational risks across the workforce,” she said.
The Paratus Group has its own success story to offer. “In one transportation maintenance operation, a team we had trained noticed a pattern that didn’t sit right: an employee was repeatedly accessing restricted maintenance records and working after hours without authorization,” said Brian Searcy. “Instead of ignoring it or assuming it was harmless, they used the Paratus Process: Identify, Assess, Predict, Decide, Act. They verified the pattern, documented what they saw, and escalated appropriately. The investigation revealed a contractor attempting to exfiltrate operational data. The issue was stopped before any damage was done. That’s what true awareness looks like; not paranoia, but informed observation and confident action.”
Actionable Expert Advice
Based on the experts’ insights, it is possible for transportation companies to successfully detect and defend against a wide variety of insider threats. To conclude this story, TSI magazine asked the experts for actionable advice that transportation companies could implement on their own. Here is what they told us.
“The best defense against insider threats starts with building a trusted workforce,” LaSalle said. “That means looking beyond traditional background checks to adopt proactive vetting strategies — verifying identities, validating credentials, and using modern tools to uncover hidden risks or fraudulent employment attempts. Equally important is adopting a lifecycle approach, monitoring for risk ethically and proportionally from pre-hire to exit. Transportation companies should also expand their visibility beyond the firewall. Internal telemetry alone won’t reveal hidden affiliations, online behavior, or financial stressors that often precede insider threat activity. By combining inside-the-network monitoring with external intelligence, organizations can connect the dots earlier, investigate with greater clarity, and take swift action.”
“You need to start with education for all key stakeholders involved in managing and supporting the Insider Threat Program,” said Henderson. “The success of a program is largely dependent on key stakeholders collaborating with the Insider Risk Program manager, and sharing employee risk and threat information of concern. This proactive approach is critical to ensure that everyone is universally aligned from an enterprise/holistic perspective for identifying, responding to, preventing and mitigating insider risks and threats.”
TSA agents, Jose Gonzalez and Labarius Williams, were caught on camera stealing from passengers’ luggage at a security checkpoint at the Miami International Airport. Both agents were charged with grand theft in the third degree.
“Start with a clear framework: define what ‘insider risk’ means for your organization, including the scope of employees, contractors, and vendors,” Diserio said. “Insider threats often intersect with behavioral or workplace issues. So, HR, legal, finance, civil liberties, and security teams must work hand in hand. Leverage automation but keep the human element. Technology should assist, not replace judgment, so combine AI-based monitoring with human oversight. You should also create a culture of security awareness because employees are your first line of defense while regular training builds vigilance and trust. Finally, insider risk programs should grow with the company and adapt to new technologies, regulations, and threat landscapes.”
The question of whether the June 12, 2025, Air India Flight 171 crash was an example of an insider threat (an intentional act) is a central focus of the ongoing investigation and has not been definitively confirmed or ruled out. The cause of the crash remains under investigation by India’s Aircraft Accident Investigation Bureau (AAIB).
Brian Searcy delivered his advice in the following list:
• Start with Culture, Not Technology. Technology is an enabler, but awareness is the foundation.
• Empower Every Employee. Make security everyone’s responsibility, not just IT’s.
• Train Continuously. Replace long, once-a-year training with short, real-world refreshers that build muscle memory.
• Lead with Values. Whether that’s faith-based or organizational values, grounding people in purpose creates accountability.
• Review and Adapt Regularly. After incidents or near misses, conduct “hot washes” to capture lessons learned and reinforce awareness.
“At the end of the day, insider threat prevention isn’t about surveillance, it’s about stewardship,” said Searcy. “It’s about empowering your people to protect what matters most.” That’s a thought worth remembering for anyone tasked with protecting their organization against insider threats.
Improving security across borders but privacy concerns persist.
Biometric technologies are changing the way people move across borders, redefining both passenger convenience and security assurance. Facial recognition and multimodal biometric systems are integral to airport operations worldwide. From automated eGates to digital identity credentials, these systems are accelerating passenger throughput while reinforcing border integrity. Yet, their growing adoption raises complex questions around privacy, compliance and data protection. As innovation advances, regulators, technology providers and airport authorities must strike a careful balance between operational efficiency and the responsible use of personal data.
Measurable Improvements
Facial recognition is part of a broader spectrum of video image processing techniques, according to resources available from the European Data Protection Board (EDPB). “Some cameras can capture images of people within a defined area, particularly their faces, but they cannot be used as such to automatically recognize individuals. The same goes for simple photography; a camera is not a facial recognition system because photographs of people must be processed in a specific way to extract biometric data,” the team says.
Françoise Bergasse, border marketing manager at Thales, points out that implementation of biometric authentication at airports and border checkpoints shows an average time saving of 30% to 40% for travelers. “Biometric authentication achieves what was once thought impossible — increased security with faster processing. Real-time facial recognition at automated eGates combines the best of both worlds: speed and certainty. Travelers enjoy a smoother journey, while operators benefit from a highly reliable and tamper-proof identification process,” she says.
Data from various sources show that biometric systems have improved processing efficiency at border checkpoints while maintaining high security standards, affirms Rob Sutton, director of solution enablement for aviation at HID. “For example, automated eGates in Europe can verify a traveler’s identity in less than 20 seconds, compared to several minutes for manual checks. In the United States, programs such as Global Entry and the Biometric Entry-Exit Program have reduced wait times by up to 70%, thanks to facial recognition enabling rapid, document-free verification,” he says. “Multimodal systems, which combine face, fingerprint, iris, and voice recognition, add redundancy, ensuring reliability even if a biometric trait is compromised. Furthermore, decentralized identity frameworks and real-time data sharing between agencies help maintain productivity without compromising privacy or compliance. However, processing speed and productivity represent only one dimension of the benefits.”
Biometric systems have improved processing efficiency at border checkpoints while maintaining high security standards, according to Rob Sutton, director of solution enablement for aviation at HID. HID image.
IDEMIA Public Security’s biometric deployments at major airports in the Middle East and Asia have demonstrated the ability to process millions of traveler’s annually with minimal manual intervention, affirms Marwan Elnakat, technology and marketing strategy manager at IDEMIA Public Security. “Today, over 15,000 passengers are processed per hour at UAE airports using automated multi-biometric eGates for border control. The system ensures border security with a comprehensive traveler database, enabling the secure storage of facial, iris, and fingerprint biometric data,” he says. “To balance security requirements and traveler demands, we collaborate with individual clients and regulatory agencies to identify the best solution. Most of our solutions enable contactless identity verification and can be seamlessly integrated into existing systems. The balance between security and productivity is achieved through intelligent system design.”
Risk-based orchestration ensures that pre-registered, low-risk travelers quickly pass through automated checkpoints, while those who trigger alerts or have poor-quality matches are seamlessly redirected for secondary screening by human agents, according to Elnakat. “Adaptive quality and match thresholds, an approach supported by NIST research on biometric performance, allow systems to dynamically adapt based on context, maintaining low false alarm rates and rapid throughput. Pre-registration programs and mobile or digital identity verification also contribute to speed. By pre-verifying traveler’s identities via secure digital travel credentials (DTC) or mobile IDs, border systems offload part of the verification process, maintaining security and minimizing bottlenecks at physical checkpoints,” he says.
Deployment Strategies
Sutton observes that airports and border agencies are implementing advanced security measures to prevent breaches and misuse of biometric information, such as facial images and fingerprints. “These biometric data are protected through a multi-layered approach that includes data transformation, encryption, strict access control, and policy-based reporting. The most critical security measure is not storing the raw biometric image. Instead, the raw data is converted into a biometric template. This template cannot be reverse engineered back into the original image, making it unusable to fraudsters in the event of theft. Many systems also feature vitality detection and anti-spoofing capabilities to prevent fraud attempts such as the use of masks or synthetic supports,” he says. “A key innovation for protecting privacy is the biometric passport, which securely stores a traveler’s facial and fingerprint data on a chip embedded in the passport itself. This means that personal biometric identifiers are not stored in centralized databases, reducing the risk of mass data breaches and giving travelers greater control over their information.”
The European Data Protection Board cautions that facial recognition technology can lead to false negatives, bias and discrimination. The misuse of biometric data can also have serious consequences, such as identity theft or impersonation. Individuals should have maximum control over their biometric data, the group advocates.
Airport operators and airlines around the world are increasingly experimenting with systems that allow passengers to more easily pass through various security checkpoints, the EDPB resources illustrate. “It is important to be aware that biometric data is particularly sensitive and that its processing can pose significant risks to individuals. Facial recognition technology can lead to false negatives, bias and discrimination. The misuse of biometric data can also have serious consequences, such as identity theft or impersonation. Individuals should have maximum control over their biometric data. In the EU, there is no uniform legal obligation for airport operators and airlines to verify that the name on a passenger’s boarding pass matches the name on their ID, and this may be subject to national laws,” the EDPB says. “Therefore, where no verification of passengers’ identity with an official identity document is required, such verification should not be performed using biometric data, as this would result in excessive data processing. We assessed the compliance of the processing of passengers’ biometric data with four different types of storage solutions, ranging from those that store biometric data exclusively in the hands of the data subject to those that rely on a centralized storage architecture with different modalities. In all cases, only the biometric data of passengers who actively register and consent to participate should be processed.”
The only storage solutions compatible with the principles of integrity and confidentiality, data protection by design and by default, and security of processing are those in which biometric data are stored in the hands of the data subject or in a central database, but with the encryption key held exclusively by that person, according to the EDPB resources. “These storage solutions, if implemented with a list of recommended minimum safeguards, are the only methods that adequately counteract the intrusiveness of processing, offering data subjects maximum control. The solutions based on storage in a centralized database, either within the airport or in the cloud, without encryption keys held by the data subject, cannot be compatible with data protection requirements by design and by default,” the EDPB says. “Regarding storage limitation, data controllers must ensure they have sufficient justification for the intended retention period and limit it to what is necessary for the proposed purpose.”
International regulations, such as the European Union’s General Data Protection Regulation (GDPR), will continue to further shape implementation strategies and the evolution of privacy-protecting technologies, standards, and certifications, affirms Sutton. “For example, the GDPR classifies biometric data as ’special category’ information, requiring explicit consent, transparency, and strict purpose limitation. These regulations have led to privacy-by-design approaches, decentralized identity frameworks, and minimum data retention policies in global aviation systems,” he says. “Furthermore, biometric systems are rapidly adapting to digital identity credentials, such as IATA’s One ID and ICAO’s DTC. These initiatives aim to create seamless, paperless travel by connecting biometric verification with mobile-based digital identities.
Thales designs its solutions to be cyber-secure by design, meaning data protection is built into every layer, from capture to storage and transmission, Bergasse affirms. “Biometric data is end-to-end encrypted, stored in secure environments and accessed only with strict role-based controls. Advanced encryption and anonymization ensure that, even in the unlikely event of a breach, data remains unusable outside of our secure infrastructure,” she says. “Global standards like the GDPR and similar frameworks around the world have established a clear direction: citizens must maintain control of their data. We believe that cyber resilience is about anticipating, not reacting. It is not about knowing if a system will be attacked, but when, and ensuring that, when that happens, sensitive data remains protected and trust intact.”
IDEMIA’s Marwan Elnakat says their IDEMIA Public Security product applies multi-layered security measures, including end-to-end encryption, hashing and template transformation techniques, to ensure that biometric images are never stored in an accessible format.
IDEMIA Public Security applies multi-layered security measures, including end-to-end encryption, hashing and template transformation techniques, ensuring that biometric images are never stored in an accessible format, Elnakat explains. “Role-based access control, rigorous audit logging, and real-time monitoring strengthen data protection throughout the system’s lifecycle. Templates are typically retained only for the minimum time necessary to complete the verification process, in accordance with privacy-by-design principles. To further ensure data integrity, we maintain compliance with international standards, including regular audits and independent benchmarking to ensure the security and reliability of all its solutions,” he says. “Our research teams are strategically located across the EU, particularly in France and Germany, to ensure full compliance and a thorough understanding of the GDPR and the upcoming EU Artificial Intelligence Regulation. Algorithms are constantly being realigned to keep pace with evolving biometric regulations. Furthermore, international regulations such as the GDPR have significantly shaped the way biometric systems are implemented.”
HID’s cutting-edge facial recognition portfolio is transforming the airport experience, offering travelers a seamless and secure journey powered by innovation and design excellence. Deployed across major international airports, the system integrates Red Dot Design Award-winning Facepods and eGates to deliver a smooth, intuitive, and aesthetically refined user experience. Built on a modular architecture, HID’s solution ensures effortless integration into existing airport infrastructures. It combines ethically trained AI algorithms with advanced multispectral imaging to provide industry-leading facial recognition accuracy and robust security. This fusion of technology and design sets a new benchmark for biometric travel, redefining how passengers move through airport environments Biometric identifiers fall under the “special category data” category under the GDPR, which requires a legal basis and robust data minimization measures, affirms Elnakat. “European data protection authorities have pushed implementers to conduct formal Data Protection Impact Assessments (DPIA) and apply retention and deletion rules that define when and how biometric data can be used,” he says. “At the same time, emerging regulations such as the EU AI Act are introducing additional transparency and accountability requirements for biometric technologies. These regulatory frameworks have encouraged developers such as IDEMIA Public Security to strengthen documentation, auditing, and third-party testing, referencing NIST benchmarks to ensure responsible and compliant use of biometric AI in border environments.”
Implementation Initiatives
While there is no official ranking for the adoption of biometric border controls, several regions stand out in terms of both infrastructure and traveler flow, Sutton affirms. “The EU leads the way in terms of reach and implementation, with its entry/exit system (EES), implemented in the 29 Schengen countries. This system requires biometric registration; namely facial images and fingerprints, for non-EU travelers, replacing manual passport stamping with automated checks. With millions of travelers crossing EU borders each year, the EES will likely become the most comprehensive biometric border system in the world,” he says. “In terms of traveler volume, the United States leads the world. U.S. customs and border protection (CBP) has implemented facial recognition at over 50 airports and border crossings, processing hundreds of millions of travelers through programs such as Global Entry and the Biometric Entry-Exit Program. The United Arab Emirates are also piloting high-flow biometric corridors.”
Several regions are leading this new era of safe and seamless travel, according to Bergasse. “India, with its DigiYatra initiative, is a pioneer in offering biometric travel experiences at scale. Singapore and other major Asian hubs are setting global benchmarks for seamless AI-powered passenger processing. Thales’ biometric border control solutions have been recognized internationally, earning a Frost & Sullivan award for its eGate automated border control (ABC) technology and for its leadership in next-generation border management,” she says. “With deployments in Europe, the Middle East, Latin America, Africa and North America, we support governments in strengthening border integrity, ensuring interoperability and preparing their systems for the era of digital travel credentials and secure digital identity.”
Elnakat points out that several countries and regions are now recognized as leaders in the adoption of biometric border control. “Australia has implemented IDEMIA Public Security’s automated border control solutions at several airports, ensuring swift and secure processing for both incoming and outgoing travelers. Major U.S. airports are conducting real-time trials of biometric verification to streamline immigration and boarding. We have also collaborated with the rise of mobile identification on additional solutions to continue simplifying travel processes. In the U.S., we have partnered with the transportation security administration (TSA) to upgrade its credential authentication technology (CAT Solution), which now accepts state IDs and mobile driver’s licenses at security checkpoints,” he says.
India’s DigiYatra initiative is a pioneer in offering biometric travel experiences at scale, according to Thales expert Françoise Bergasse. With DigiYatra, travelers pass through various checkpoints at the airport through paperless and contactless processing. The project is being implemented by the DigiYatra Foundation — a joint-venture company whose shareholders are the Airports Authority of India and airports around the nation. Ministry of Civil Aviation Government of India image.
Pioneering implementations share key characteristics such as clear regulatory frameworks, significant investments in national entry/exit systems, and a willingness to experiment with technologies that integrate airlines, airports, and border agencies into a unified traveler verification ecosystem, according to Elnakat. “Biometrics are replacing the era of paper travel documentation and manual identity verification, evolving rapidly to support new forms of identity credentials. Biometric systems are being upgraded to verify DTCs and mobile IDs, in line with ICAO standards,” he says. “These digital documents are protected by cryptographic keys and linked to the issuing authorities, allowing travelers to authenticate their identities using their smartphones or digital wallets, offering a simple and secure extension of traditional electronic passports.”
An Evolution
The global rollout of biometric border control represents an evolution in transport security where speed, accuracy, and trust must coexist. The successes seen across Europe, the United States, the Middle East, and several Asian hubs highlight how intelligent system design and rigorous governance can deliver measurable benefits for both operators and travelers. However, sustainable progress depends on continued alignment with privacy frameworks such as the EU GDPR and emerging AI regulations. As biometrics become embedded in digital identity ecosystems, the challenge ahead lies not only in technological advancement, but in preserving public confidence through transparency, security, and respect for individual rights.
In September, millions of travelers faced a modern nightmare: delays, cancellations, and chaos at some of Europe’s busiest airports — Heathrow, Brussels, Berlin — triggered by a ransomware attack on Collins Aerospace’s check-in and boarding software. It’s very much the reality of today’s hyperconnected infrastructure.
This shows how hidden cyber risks can be. It also shows how unprepared many important systems are for these kinds of threats.
The vulnerability of supply chains can put businesses in trouble. Collins Aerospace isn’t an airport or airline but a software vendor, a third-party provider whose systems connect together vast and complex air travel operations.
This sort of third-party risk is increasingly a preferred target for ransomware gangs. A flaw in one vendor’s software can cascade through the global transportation ecosystem, unleashing disruption across an entire continent.
The lesson here is that just making your own computers and firewalls stronger isn’t enough. Real protection means keeping a close eye on every part of your supply chain. Are vendors’ security practices robust? Do contracts demand transparent vulnerability disclosure? Is patch management swift and audited? Those questions are foundational.
Then, there’s the often-overlooked fallback mode: manual operations. This hack blew up the digital convenience airports pride themselves on: automated check-ins, seamless boarding. The reversion to handwritten boarding passes and paper manifests was crude but necessary.
Investing in these manual backups and making sure staff are trained to execute them under pressure is as essential as any other security measure. In the race to digitize, this old-school readiness often gets pushed aside, until it becomes a lifeline.
Experts are trying to find out who’s responsible. Terror law watchdog Jonathan Hall KC says it’s possible state-sponsored hackers could be behind the attack. Places like Heathrow in the U.K. are quite obvious targets during big political and economic tensions. Figuring out who’s behind attacks like this is always tough, but it shows that important systems like airports are now key targets in global cyber battles.
This incident shows that being ready for cyberattacks isn’t just about building stronger defenses. It means taking care of the entire system — making sure every part, including suppliers, is secure, planning for the worst, and having backup plans that keep important services running no matter what.
The aviation sector might be racing toward a more automated future, but we have to keep in mind that the digital runway isn’t invincible, and resilience must be built in from the ground up.
About the Author
Mantas Sabeckis is a security researcher at Cybernews, specializing in identifying data leaks, detecting vulnerabilities, and enhancing the security of AI systems. With a strong commitment to responsible disclosure, he collaborates with both large corporations and small organizations to help them address security issues before they can be exploited. Mantas’s work centers on understanding how sensitive data is exposed and sharing insights that contribute to stronger cybersecurity practices. His mission is clear: to make the internet a safer place for everyone by advancing research, promoting responsible security measures, and supporting initiatives that protect digital ecosystems.
CBT is an important tool to teach and increase screening competence and threat detection.
Computer-based training (CBT) plays a central role in improving the detection performance of transportation security screeners. Its primary function is to support the development of visual expertise in detecting threat items in X-ray images, which is an essential skill for maintaining high security standards, particularly in aviation. CBT enables systematic training of screeners using various imaging technologies, including single-view, dual-view and 3D computed tomography (CT). Through repeated exposure and practice in different visual conditions, screeners increase their competence to detect threat items effectively.
Important and Challenging
“A CBT program is important because screeners are rarely exposed to threat items during their routine work,” says Dr. Stefan Michel, research scientist at the University of Applied Sciences and Arts Northwestern Switzerland (FHNW), Olten, Switzerland. “Consequently, they do not gain sufficient experience in detecting such items through real-life screening. CBT enables screeners to systematically learn to detect a wide variety of threat items under different visual conditions, such as different viewpoints, levels of superposition and bag complexities. Immediate feedback during the training process supports learning by helping screeners understand their mistakes and improve their detection performance over time.”
CASRA says they have developed robust mental representations that enable screeners to generalize their detection skills to novel and evolving threats. CASRA image.
Computer-based training (CBT) for transportation security screeners must comprehensively cover the identification of a wide range of prohibited items. Screeners need to be exposed to these items in varied rotations, with different levels of superpositions, including items hidden beneath other objects and within complex baggage configurations. This variety ensures that screeners develop a robust ability to detect threats in real-world scenarios. Michel explains that, “Key challenges to address in CBT include balancing standardized training content with local operational requirements, ensuring that the training environment accurately reflects the complexity of real bags and threat items, and continuously updating threat libraries to keep pace with emerging risks.”
Working at any transportation security checkpoint is indeed an important and demanding task. Michael Flaherty, division manager at Battelle, at Columbus, Ohio, believes that screeners have an extremely challenging job because, “Not only do they need to find every potential threat; they have to do it more quickly and efficiently than ever. Training time is limited, so it is incredibly important that every minute spent is impactful and effectively supports real-world performance.”
Battelle has partnered with Security Training International (STI) with the goal of maximizing the benefit of training for every screener that uses Battelle’s screener training platform, ProDetect. Built using Battelle’s human factors expertise, this platform ensures that training is accessible, accurate and adaptable, to effectively meet the demands of today’s screening workforce.
Screening Functions
CBT serves several key purposes; ultimately it enhances the visual-cognitive skills necessary for interpreting X-ray images. “Some CBTs allow content to be adapted to an individual’s learning progress and help organizations meet international regulatory requirements (e.g., ECAC, TSA, ICAO),” Michel says. “Research by the Center for Adaptive Security Research and Applications (CASRA) has shown that CBT, when grounded in cognitive psychology and supported by adaptive learning principles, leads to large improvements of detection performance. Moreover, CBT is a cost-effective, scalable training solution and a critical component of the security architecture of modern transportation systems.”
Modern CBT programs for transportation security screeners, as developed by organizations like CASRA, focus primarily on interpreting X-ray images to identify threats such as guns, knives, improvised explosive devices (IEDs) and other prohibited items. Today’s CBT programs use highly realistic threat images embedded in a wide range of bag configurations to mirror real-life screening scenarios. “The emphasis is not merely on rote memorization, but on developing robust mental representations that enable screeners to generalize their detection skills to novel and evolving threats,” sources at CASRA say. “As well as standard cabin and hold baggage screening, modern CBT also covers the inspection of cargo, mail, air-supply items and staff belongings.”
The needs of the screening workforce across the world vary widely — different technologies and systems, different screening protocols and operations, different baggage types and content. Also, training must be capable of being tailored to each specific screener’s needs. Flaherty believes, “A one-size-fits-all approach doesn’t work. Items seen by a screener in Alaska are much different than those seen by a screener in Dubai!”
ProDetect was designed to be highly adaptable to meet these specific needs. Its high-fidelity user interfaces precisely mimic each screening system and the ability to rapidly implement user interfaces for new systems coming to market. Through Battelle’s partnership with STI, it has designed a screener training approach that provides an initial training regimen that evolves to a personalized approach over time as the screener gains further skills.
New training content can be rapidly created and adapted to account for regional differences and to counter emerging threats.
CASRA’s core training system is widely used across Europe and other regions worldwide. X-ray Tutor uses an adaptive training approach, with personalized difficulty levels based on screeners’ performance. It also enables remote access, updates and centralized performance monitoring. The training solution also allows screeners to be tested and certified, providing a reliable and valid competency assessment tool through the X-ray CAT. Sources at CASRA explain, “This tool is fully compliant with EU Regulation 2015/1998 and supports the mandatory regular certification of all security screeners, ensuring consistently high levels of competency in interpreting X-ray images.”
Updated and Modernized
Security screener CBT has evolved significantly over the past decades. Early CBTs mainly focused on static, low-resolution X-ray images, providing limited interactivity. Image databases were small and included relatively simple prohibited items.
In contrast, modern CBT systems integrate high-resolution single-view, dual-view and even 3D computed tomography (CT) scans of passenger bags, providing a far more realistic and immersive training environment. A key advancement is the inclusion of adaptive algorithms that adjust the level of difficulty to suit the individual’s learning curve. This personalized approach, combined with gamification elements and user-friendly interfaces, increases user engagement and motivation. Furthermore, modern CBTs utilize extensive and realistic image databases, ensuring a broad representation of both threat and non-threat items.
“CBT programs such as X-ray Tutor incorporate insights from cognitive psychology to support effective learning strategies,” Michel says. “Training modules are continuously refined based on usability studies to ensure they meet the practical needs of end users. Furthermore, modern CBT platforms are often compatible with mobile devices and tablets, enabling flexible and accessible training anytime, anywhere. Research by CASRA has substantially contributed to this development. Their studies have helped define how image interpretation training should be designed to maximize learning outcomes. These insights have been published in several scientific articles and form the scientific basis for effective, evidence-based CBT programs.”
Regulators, airports and their screening workforce demand highly accurate simulations of their specific systems. Training must be tailored and readily available whenever and wherever the screeners need it. Local and global administrators need the ability to effectively manage their workforces’ training needs and regulatory requirements. These complex requirements, like so many other industries, demand an integrated solution that helps users make sense of complex data. Battelle’s ProDetect was designed with a data engine that captures every data point from every screener interaction during training. “Coupled with STI’s OTS Management System, this deep dataset can provide administrators with insights into their workforce’s performance — identifying potential gaps in detection, [establishing] the need for new training content and ensuring compliance with regulatory requirements,” Flaherty says.
AI and Open Architecture
Many believe artificial intelligence (AI) is the next frontier in baggage screening. Michel explains that, “It is important to train security personnel in the appropriate use of AI-based support systems. Studies have shown that unreliable automation can reduce trust in such systems. When alerts are frequently incorrect or irrelevant, screeners may begin to ignore system suggestions entirely, a phenomenon known as the ‘cry wolf effect.’ Therefore, CBT should also include training elements that foster proper understanding of AI reliability and limitations, so that operators can make informed decisions when interacting with automated systems.”
Flaherty predicts open architecture (OA) is going to continue to be a major driver across the aviation security industry. He believes OA has the potential to deliver significant efficiency improvements in the screening workflow, as more technologies and systems integrate to improve security and the passenger experience. “Ensuring that training evolves at the same rate as innovation is critical, especially as AI becomes a mainstay of every screening operation. Training data is no longer an afterthought; it will be key to understanding how human screeners and threat detection algorithms work together to detect threats. Leveraging AI to analyze enterprise-level training data against real-world performance will be critical in understanding how to better train, support and empower screeners to protect against the next generation of potential threats.”
CBT is not just about knowledge acquisition, it’s about perceptual and cognitive skill development. Screeners require deliberate practice to build expertise in threat detection. New Zealand History image.
BAE Systems, Boeing and Saab have signed a Letter of Intent to collaborate on the UK Royal Air Force fast-jet trainer programme, leveraging T-7 as the core of the training system and creating a path for the three companies to support future international pilot training opportunities.
The companies will collaborate on a training system, integrating live and synthetic training capability and associated mission systems and will explore further opportunities for growing the UK supply chain on the aircraft.
BAE Systems will lead the activity, which will include a UK-based final assembly, creating high-value jobs in the UK.
Simon Barnes, Group Managing Director, BAE Systems’ Air sector, said: “Our new collaboration with Boeing and Saab will enable us to present a compelling offer to the UK Royal Air Force and our global customers, leveraging the latest tech innovation in training systems and a world-class jet trainer aircraft. We’re committed to ensuring this solution offers the best overall outcome for the nation to support the UK’s combat air readiness and deliver economic benefit.”
“Together, Boeing with Saab and now BAE Systems will offer innovative training solutions to best prepare RAF pilots for the future, including advanced fourth-, fifth- and sixth-generation fighters,” said Bernd Peters, vice president of Boeing Defense, Space & Security’s Business Development & Strategy. “This collaboration enhances the best of our technological capabilities, strengthens the transatlantic industrial base and offers opportunities for cooperative development.”
“The strong partnership between Boeing and Saab developed the T-7 to be the world’s best solution for future pilot training. By working with BAE Systems, Saab believes the UK can gain a worthy successor to the Hawk that is the right choice for pilots for decades to come,” said Saab Head of Business Area Aeronautics Lars Tossman.
The requirement for a new UK Advanced Jet Trainer was set out in the 2025 Strategic Defence Review.
The T-7A Red Hawk, selected by the U.S. Air Force in 2018 for its advanced pilot training system, is the centrepiece of this collaboration. The T-7A is a leading-edge, integrated-live, virtual and constructive fourth-, fifth- and sixth-generation aircrew training system that delivers a multi-generational leap in capability. Its versatile design allows it to adapt to changing technologies and mission requirements, training new pilots to fly the most advanced multi role fighter/fast-jet and bomber aircraft in the world.
The Security Industry Association (SIA) has named Jonathan Aguila as the 2025 recipient of the SIA Insightful Practitioner Award, an honor recognizing excellence in promoting the implementation of innovative security solutions. Aguila will be recognized Nov. 19 during the 2025 SIA Celebrates & Honors event.
Aguila is the global services director, systems and technology at Meta. He entered the security industry as a technician about 30 years ago and progressed through the industry, serving in roles in project management, global program management, national accounts and global accounts and then transitioning to the end-user space at Meta. Aguila previously served on the SIA Board of Directors’ Executive and has advised the SIA Executive Committee on topics that were important to end users or could create additional value for them and has shared his insights as a speaker at SIA and other industry events. He has also provided leadership and expertise in the formation of SIA’s Security Systems Technician Apprenticeship Program for security technicians and installers.
During Aguila’s board tenure, he was a constant advocate for SIA within the practitioner community and strongly contributed to the vision for creating the Security Practitioners Advancing Real Conversations (SPARC) community, a forum for technical end users within SIA. SPARC is a community of security professionals dedicated to advancing state-of-the-art security technology that provides access to cutting-edge research, training and networking opportunities for its members and works to influence the direction of security technology standards and compliance. The community has produced intelligence reports on mobile credential development trends and guidance for evaluating artificial intelligence vendors and service providers, and further resources and publications are underway.
“I have always gravitated toward problem solving and helping people, so I transitioned to the end-user space to focus on wide-impact challenges and long-term implications within a single company, and growing a team that understands how to work across all aspects of the community has been a passion ever since,” said Aguila. “Giving back to the security industry and helping to improve collaboratively was the driver in working with SIA to form SPARC and the Apprenticeship Program. I am grateful for this award, but I am most grateful to be welcomed by the industry and to have the opportunity to help others feel welcomed and supported as well.”
“Jonathan Aguila is an innovative leader in our industry whose vision and initiative have propelled SIA’s efforts to engage with security practitioners and end users,” said SIA CEO Don Erickson. “He has been a tremendous advocate for SIA and SPARC as a community platform for end users, and his insights have been crucial in identifying end users’ top concerns and trends within the practitioner community. We applaud Jonathan for his many impressive contributions with SIA, Meta and the industry overall and thank him for his support of SIA and commitment to driving our industry forward, and we look forward to recognizing him at SIA Celebrates & Honors.”
SIA’s Insightful Practitioner Award was created to honor security practitioners who demonstrate leadership and excellence in promoting the implementation of innovative security solutions through education, advocacy and teamwork with the security industry and other stakeholders.
SIA Celebrates & Honors is an event dedicated to leaders, legends and the next generation of security, held concurrently with ISC East—the Northeast’s leading security and public safety event, hosted in collaboration with premier sponsor SIA. On Wednesday, Nov. 19, security industry professionals of all ages will gather at City Winery in New York City for an unforgettable night of celebration, connection and entertainment—including upscale networking, gourmet dining, live music and a heartfelt awards program recognizing standout leaders who are shaping the future of our industry. Additionally, the event will support the work of the Foundation for Advancing Security Talent (FAST) to grow the security industry’s workforce. In addition to presenting the Insightful Practitioner Award, SIA will also present the 2025 George R. Lippert Memorial Award and Progress Award.
