Our society faces challenges today that are in many ways unparalleled. As global travel has increased, so too has the risk of terrorist and criminal threats. Roughly four billion people travel every day, yet global capacity and resources to combat terrorist and other threats to travelers remain limited. As new and advanced technologies evolve, our choices and our approaches must change. Managers and leaders in this field require a broad perspective and a comprehensive worldview. Indeed, both terrorist and transnational criminal organizations are adaptive, elusive, and determined.
In the past, public-sector organizations primarily drove our approaches to these threats. New technologies such as artificial intelligence (AI) and biometrics, however, may suggest a role for the private sector in addressing new and more complex threats. As new technological solutions emerge, governments may be able to expand their own capabilities by leveraging experience from industry partners to stay in front of the risks and threats that mount with increased trade and travel. For these reasons, McKinsey recently sought out the views of an executive with deep experience in the management of risk across intermodal domains, the Honorable Patricia F. S. Cogswell, a senior member of the leadership team at the US Department of Homeland Security (DHS) and current deputy administrator of the Transportation Security Administration (TSA). The following is an edited transcript of the conversation.
McKinsey: We are here, in July 2019, at the Aspen Security Forum to discuss new approaches to emerging and evolving threats in both new and legacy theaters. How has TSA adapted in the last five or ten years to a constantly changing landscape?
Patricia Cogswell: We’ve come a long way since 9/11. It’s quite impressive to see how many threats we’ve reacted to over time. If you look at what the original kinds of threats looked like after 9/11, the terrorists were focused on long lead times, big targets, and a very specific profile.
Immediately after 9/11, we put in place a series of measures in terms of both the physical screening and the information screening to be able to react immediately. Over time, that became more comprehensive, with greater ability to effectively use the known or suspected terrorist watch list. That accelerated after the attempted bombing on Christmas Day 2009, because we were seeing new methods from determined adversaries, which required us to push out our borders as far as possible through prescreening.
At the time, the number and types of threats that we were seeing people try to activate were increasing rapidly, and that meant we needed new ways of looking at the indicators that helped us identify who needed additional screening. We realized we had to adjust accordingly.
We learned that terrorists adapt quickly, and we had to stay out in front of them. As a result, we have continually shifted our programs, evolving and adjusting our risk profile based on what we’re seeing. That has also meant paying attention to evolving technology and the kinds of screening and monitoring that those technologies empower us to do.
McKinsey: What are some of the biggest and most important innovations TSA has made to adapt to emerging threats over the last decade?
Patricia Cogswell: I’ll talk about two important technologies that we are currently adopting at TSA. The first is computed tomography [CT], the machines we are acquiring to put in at airport checkpoints for carry-on bags. This is a level of technology that is similar to those used in a medical setting. The sheer amount of data the sensors are able to pick up will set a new standard for us that will let us continue to evolve as threats change.
Right now, we’re reaching the end of what we can do with traditional X-ray machines. The sensors just don’t provide enough data for what we’re trying to accomplish given where we see the threat going right now. These new CT machines are really going to help us set the stage for the future.
Similarly, another innovative technology that we are looking at is credential authentication technology (CAT). The most important aspect of the CAT machines is the ability to rapidly take your identification, pull off your name, bounce it against our system—so that we have an immediate response that says the last action on your updated screening information is X—and make sure that the officer at the checkpoint can appropriately route you for the right type of screening. This helps us not only to have confidence in the identity of the passenger but also to have up-to-date screening information—information that is not solely reliant on the boarding pass.
These changes in technology give us enormous flexibility as we move into the future because we’re not just tied into the fixed infrastructure associated with the boarding pass. This also sets the stage for us to be able to use biometrics in a different way—to use your facial image to match to and retrieve information from our systems so you proceed directly on your way, providing a truly seamless travel experience.
McKinsey: Do you see biometrics as a big part of future solutions?
Patricia Cogswell: I think the interest in biometrics is only growing. I’ve been in and around this field for a very long time. I have been talking about biometrics since before day one of DHS. In terms of what is available, the biometric space has never been better than it is right now, with the different options for use, the acceptance factor by the majority of the population, who see it as a way to facilitate their travel.
McKinsey: We spent some time here in Aspen talking about public–private partnerships and the role that the private sector will play in creating the innovation you need for the future. What are your thoughts on that?
Patricia Cogswell: We are at a time in the transportation sector where there’s a lot of interest in investing and innovating. We must get better at describing what our problem sets are and look to find ways to engage with new and different parts of industry, as well as to think about problems a little bit differently. The number of people moving—the amount of cargo moving—is only increasing, and that sets the stage for investment in infrastructure. And that will likely require a combination of public and private investment.
For example, we need to focus on surface-transportation hubs, but we don’t expect large budget increases at either the federal or state levels. However, we could look to better create conditions where a public–private model that could administer a different kind of security system, with small fees paid by the traveling public, or where the process or technology developed also solves a problem that’s valuable to other stakeholders who are willing to invest. That kind of model would help us expand our budgets in the future.
McKinsey: There’s a lot of buzz around AI and machine learning and robotic process automation now. What role do you see AI playing?
Patricia Cogswell: We need to get into a place where, as threats continue to evolve, technology can help learn and expedite our evolution. For example, we need to change our perspective from “Is there a gun in your bag?” to “Are there four pieces of a gun in your bag?,” because you can assemble the gun after you get through the checkpoint. So we need a machine that can look at your bag, figure what the dimensionality of each object is, think about what else might look like that, and be able to predict whether or not that is a safe bag.
Machine learning can help us move into a really different way of thinking about objects—a different way to come up with the full characterization of a material and its potential uses—based on weight and dimensions.
McKinsey: What do you need to do to get that right?
Patricia Cogswell: So for us, there’s a couple different pieces. One seems so basic, but it’s critically important. If you think about how our infrastructure for all our machines is set up at 440-plus airports, those machines aren’t currently tied together, so all the data is on disparate platforms. In order for that kind of analytic innovation, that kind of AI review, we need a way to be able to have much faster up and down of the information in the system—so that as the machine learns, it can push back and inform those operating the checkpoints that much faster.
So how do we get the right connectivity of all of that data in a cybersecure way that we can then run that kind of learning off of? That’s kind of number one for us.
The second piece is understanding enough about how our machine-learning system thinks to make sure that we’re providing the right questions.
McKinsey: Not just what it thinks, but how it thinks.
Patricia Cogswell: Yes, we want to make sure that we can have a predictable evolutionary path for how we’re training it, so it’s learning the most important things.
McKinsey: Let’s pivot from TSA into your personal experience as a leader. You’ve had so many different jobs since DHS was established, right up to the highest levels of the White House. When you look back across those nine jobs, what are the things you’re most proud of since DHS has been established?
Patricia Cogswell: While I was at the National Security Council, one of the things I liked best about that job was that there was a group of impressive, smart, hardworking, caring people coming together around an agreed problem set and an outcome. The power of what a group like that can come up with is way better than any one, two, or five people could ever come up with on their own. And when you have that kind of environment—where you have leaders who are both subject-matter knowledgeable but also well enough positioned and high enough positioned in their organizations that they can commit resources, time, and attention to things—you can make real progress by that merging of forces. So when I see that come together, you know that’s a special moment in time.
McKinsey: When you look forward, based on your experience, what are some of the biggest challenges you think we’ll face in the national security community?
Patricia Cogswell: First and foremost, it is wrapping our heads around, what is the role of government? What role do we want the best-intentioned, most thoroughly equipped government to perform, and how do we effectively give government the tools, the authorities, to execute on that?
What I’ve seen is, over the last number of years, as the role of government has become more concentrated and we’ve pulled back in a number of areas, there’s a large interest in seeing what industry can pick up and do. But at the end of the day, the goal of industry is to make a profit. And so, having to wrestle with “What’s my security responsibility? What’s the risk I’m running if I don’t perform this function that government historically performed and wait to see if government will resume performing it? How much do I want to invest in this?” may mean a slower response to different types of security threats than I think all of us would actually like to see.
Government has to pick and choose what we’re going to do. We’ve got to figure out who our partners are to work with, and then we have to agree on what the outcome is and who’s got what role in it.
McKinsey: What’s your advice to emerging public-sector leaders globally on how they should think about their careers today and into the future?
Patricia Cogswell: The biggest thing from my perspective is, Don’t be afraid to try new things. Don’t be afraid to move around, be that in organizations or geography. Any time you get to learn, and if you enjoy that learning, that is critically important to building your capability and capacity for the next level of leadership.
The first thing I usually ask people is what motivates and interests them. Some people really want to be a subject-matter expert. They love their topic. If they worked on that for 25 years, that is what makes them happy. And if you tell them to move topic areas six times, that is not what’s going to make them happy. Other people, if they work on something for more than three years, they get bored. So my rule of thumb is, try to understand what your personality set is, what makes you excited and enthusiastic. This is a space where you devote a lot of your time and attention, so make sure it is something that matters to you and that you feel like you are positioned to really advance the work in a meaningful way.
McKinsey: When you think about university students, do you think they should try to really be focused on exactly what they want to do? Or should they just take that first opportunity and run with it?
Patricia Cogswell: I have changed what I thought my career was going to be probably seven times; every time, I’ve enjoyed it. I believe, in high school, I was going to be a research chemist, and I’m about as far away from that as I can be. But now, looking back, I would have missed out on the opportunity to do so many different things that I have really enjoyed if I had been solely fixated on what I originally thought I was going to do.
McKinsey: We covered a lot of ground, but what did we miss? Anything we should add?
Patricia Cogswell: I think the most important perspective for me is that national security—homeland security—needs to be a full-team sport. At the end of the day, we all need to think about our role and how our actions or activities can help advance the cause because this matters to all. And also, we need to appreciate those on the front lines. Every day, I have somebody telling me a story about some interaction they had at an airport or behind the scenes, and it makes me so proud to have that kind of response and reaction. So I will say to anybody out there who thinks about whether you should say “hi” or “thanks” to somebody who’s working at a checkpoint, please say, “Thank you for your service.” They love it, and it matters a lot to them.