These remarks were prepared for delivery at Bahrain Security Forum & Exhibition, February 25, 2009

It is an honor to be here and to address this most important gathering of security officials from around the Arabian Gulf. A word of special thanks to the Government of Bahrain for making it possible, to His Highness Sheikh Khalifa bin Salman al-Khalifa, the Prime Minister for his patronage of this event, to His Excellency Lieutenant General Sheikh Rashid bin Abdulla Al-Khalifa, the Minister of the Interior, and to the Royal United Services Institute for their sponsorship. Distinguished panel members: Professor Gubash, Minister the Interior of Iraq Bulani, Chief of Public Security Major General Al-Zayani, Deputy Minister of the Interior of Saudi Arabia Al-Salem, Dr. Lootah, and distinguished guests.

My comments today focus on a security challenge that all of us clearly recognize the tactical requirements but it taking a strategic view of the challenge is more problematic. What I want to offer here is a more comprehensive, more strategic way of approaching the exploding number of security challenges from a broader point of view. My comments focus on what I have chosen to describe as Operational Integration and the Future Gulf Threat Environment.

For the foreseeable future, the critical security challenge for the states of the Arab Gulf is not the strategic threat – invasion or an overt attack on infrastructure and population centers. The danger of an overt attack is only likely to occur as the result of an adversary’s gross miscalculation or desperation – literally a situation in which the adversary elects to risk both the existence of its regime and perhaps even its society. Instead non-state or state sponsored elements, with plausible deniability, are the real and growing threat. This capability is steadily increasing. Direct destabilization and even political coercion through the threat of asymmetric action are the real means through which they seek to enhance their political influence and power throughout the region.

Constituting far less risk, the asymmetric threat is low-cost, has plausible deniability, and is available not only to governments but also to any disaffected group in the region. For almost four decades, the threat has grown in size and sophistication. Strategically speaking, their general lack of success reflects well on the efficiency and vigilance of the security forces of the region. There is not a single case in the Arab world of terrorists toppling a sitting government. That said there have been spectacular tactical successes, some with strategic implications. These tactical and/or media successes have encouraged and emboldened various independent groups and even potential state actors to pursue an array of similar operational capabilities aimed at covertly destabilizing their neighbors. When they have been evenly tactically successful the inability of security forces to respond effectively almost always resulted from inadequate operational integration and seldom flowed from either lack of availability of adequate security forces or supporting technology. Simply, it is less what you have in the way of resources than how you integrate and deploy those resources.

Future Gulf security rests on operational integration of security assets at multiple levels to preserve political, economic and social stability. The economic crisis with its social and political implications promises to exacerbate the security threat environment. The regional wars have created graduate schools of insurgency with sophisticated cadres of terrorists that promise to make the future security environment of the Gulf more challenging that anything heretofore seen. New threats, as yet unseen, will likely emerge. Various groups will seek to cooperate with criminal and state sponsors to create new toxic combinations that will attempt to attack and/or subvert the political, economic, and social structures of the region. This broadened security challenge will at the same time blur the linkages between internal and external threats. In addition, while the term “Failed State” is in my view overused, there are states in the region where their government’s historical inability to control its territory has created regional vacuums from which any number of terrorist and criminal groups can and do operate with virtual impunity, either in tandem with or totally outside the control of local authorities. Afghanistan, Pakistan, and Yemen are three states in which political and security control in much of the country is an illusion. In Somalia, control is non-existent. The list could go on. In all of these areas the global economic downturn and already scarce natural resources, combined with exploding population growth, promise to make a volatile mixture even more so. This will require security forces to focus on issues and threat development at a level not yet seen in the region.

Multiplying threats and increasing vulnerabilities mean that old ways of thinking about responsibilities and prerogatives within the security establishments of the region will no longer be sufficient. Security forces must evolve into the operationally integrated environment.

What is the operationally integrated environment?

It is a concerted coordinated attempt to create a comprehensive security environment based on a truly integrated operational deployment of all available security assets. This is far easier said than done. It is an on-going, never-ending challenge, a goal that will never truly be achieved by any security services anywhere. It is a process of self-awareness, self-assessment, and self-improvement. In distilling operational integration down to a simple expression, it encompasses six attributes or rules:

· Rule One: Technology alone is no solution! This may sound heretical coming from someone who has spent a significant part of a thirty-year career implementing security and defense systems. Better than most, I know that technology has its limitations. No amount of technology can make up for the lack of a rock solid concept of operation focused on the strengths and weaknesses of existing security assets. In fact, technology can create a false sense of security. It always sounds better than it is and adversaries are very good at finding its weaknesses. As a result, we must build and rigorously train to a flexible, evolving concept of operations in which technology is a key support element whose incorporation and integration is driven by the concept of operations and the physical resources, not by the technology itself. Technology applications must be independently tested in an operational environment for any assessment of effectiveness to have any validity whatsoever. The question is not whether contractor personnel can operate and trouble-shoot a system; rather, it is whether or not the corporal on the frontline can operate and maintain it. The technology tail cannot be allowed to wag the security organization or operations.

· Rule Two: The institutional organization between security assets and jurisdictions creates natural avenues of vulnerability and attack. This is the most difficult problem for any security operation to overcome. Everything from careers to budgets and the distribution of credit and blame get in the way of cooperation. It was a key contributor to 911 and Mumbai, and other security failures. In the Gulf region, the structure and philosophy of security operations add a degree of complexity to the problem. Services are often institutionally predisposed maintaining separateness. While internal monitoring between security organizations is both prudent and wise, it detracts from the overall security mission. It is critical that the missions of the various MOI security functions and those of other quasi-security agencies – border security, special security forces, police, customs and immigration-be integrated to the greatest degree feasible.

· Rule Three: Share Information: Everybody always withholds something but to the degree possible and consistent with internal security requirements, share information between the MOI, MOD, and ‘muhabbarat’ functions within the governments. This problem lay at the heart of 911 – you have read the report. The CIA did not talk to the FBI and no one talked to the FAA or local police. It was a fundamental systemic failure and it is an on-going challenge that is never solved. Here technology to enhance information sharing is of enormous importance, but even more critical is a change in attitude and the level of cooperation between security organizations.

· Rule Four: Very close MOD and MOI cooperation in the security operations of the Arabian Gulf will be increasingly critical in the future. In the Maritime arena alone Mumbai clearly demonstrates what happens when a small relatively low-cost operation penetrates the seams between navy, coast guard, and harbor police. One look at a map and a brief discourse on the history of trade and illegal enterprises in the Gulf should be enough said in this regard. Not only are population centers and petroleum infrastructure vulnerable but now there is advanced planning for the construction of nuclear power plants in the region. The implications are obvious. In addition, Mumbai underscored the problems in coordination. When you have an incident it should not take hours to reinforce MOI and police units with MOD Special Operations Forces. Integrate MOD and MOI training and operations and run joint exercises. Depending on the particular incident, MOI and police forces will require rapid support from military units. For this to work MOI and MOD have to train together.

· Rule Five: Assume that your opponents are intelligent and resourceful and will think outside the box. Usually the best safeguard against complacency is to give opponents credit for being smarter and more creative than they really are. Also focus on how they might “get lucky.” Assume that you have a vulnerability that you have not identified and look hard at new areas of potential vulnerability. Use your best, most aggressive people and realistic operational exercises to continually test and frankly assess your vulnerabilities. Be brutally honest with yourself. If security forces are always performing at 100% in exercises, then they are not training or being challenged hard enough. As a rule, one learns more from failure than from success and in the security business, it is very, very important that failures occur in training and not during a real crisis.

· Rule Six: Expand regional sharing of information and operational coordination including realistic joint exercises. Here again, if security forces don’t struggle in training then the exercises are probably not realistic or aggressive enough. Trans-national integration is critical. The Arabian Gulf and the Indian Ocean are not barriers but rather avenues of economic, social and cultural exchange as well as an expanding number of security threats. For the foreseeable future, the situation is not going to improve; therefore, to the degree possible, the Gulf and Indian Ocean communities need to think about ways to achieve trans-national security integration to combat transnational threats – the broader the conception and application of transnational operational integration, the safer the Gulf and Indian Ocean communities.

Again, I want to thank the government of Bahrain and RUSI for giving me this opportunity to speak to you, and I offer my best wishes and encouragement to the security forces in the region – best of luck to all of you in confronting the threats of the region.

About this Transcript:
Assertions and opinions in this Transcript are solely those of the above-mentioned author(s) and do not necessarily reflect the views of the Middle East Institute, which expressly does not take positions on Middle East policy.