From Catching Counterfeiters to Critical Infrastructure Protection: An Interview with Mark Camillo

Draft Cover

Draft Cover

I am currently writing a textbook on homeland security (due out from Elsevier next spring 2015).  Unique to this text are interviews with renowned experts in the fields of homeland security and national security.  Mr. Mark Camillo is one such expert.  A former Deputy Assistant Director at the Secret Service, Mr. Camillo's work has seen him transition from teaching to securing the 2002 Salt Lake City Winter Olympics to now working to protect critical infrastructure throughout the country.  An excerpt of his interview appears below. Read the rest when it publishes spring 2015


Mark Camillo is internationally recognized as a law enforcement and security professional, with exceptional expertise in the area of emergency preparedness operations. He currently serves as the Senior Vice President for Strategic Planning at Contemporary Services Corporation, and was recently named chair of the Public Assembly Facility Subsector Council. Camillo began his career as a Special Agent in the U.S. Secret Service, completing a distinguished 21-year career that included assignments at the White House, and advancing to the position of Deputy Assistant Director. Most notably he was appointed the Olympic Coordinator for the 2002 Salt Lake Winter Olympics, directing the Secret Service to plan and implement the Federal operational security plan for the Games. Currently, Camillo is a member of several organizations including the American Society of Industrial Security's Global Terrorism/International Crime Council, the International Association of Chiefs of Police, and Chair of the Board of Trustees for the Academy for Venue Safety & Security. He also serves as a senior fellow at the George Mason University Center for Infrastructure Protection.

What advice would you give students who would like to work in the homeland security field, particularly those who would like to work for the Secret Service?
MC: I would advise students to pay attention to their behavior before they even apply for any position. Prudent lifestyle choices are important when working in this field. If your lifestyle, and this includes run-ins with law enforcement, drug abuse or other outrageous behavior, serves as a distraction - then it will be difficult for you to obtain and maintain employment in homeland security-related positions. These kinds of behavior can make you vulnerable to blackmail and extortion or jeopardize an important case in the future. Identify role models who hold jobs you would one day like, watch how they behave and try to emulate their good habits. Both before and after your employment in the homeland security field - when in doubt about whether you should engage in a certain kind of behavior, err on the side of caution. In today's social-media driven world, your actions can easily be taken out of context.

Speaking of social media, what effects has the rise of social media had in the homeland security field?
MC: As internet usage has continued to grow, discretion in communication has declined. People don't realize that emails, often written in haste and thought of as impermanent, can backfire - especially for defendants in criminal cases where email correspondence is increasingly used as evidence. Likewise, the instantaneous availability of information led to an explosion of information, but you have to be careful that the information out there is accurate.

Is the rise of the information economy and the internet helpful or a hindrance to someone in your position?
MC: It is tremendously helpful as long as you remain vigilant about vetting the information. In the intelligence community, you never know if the information you are considering in a case, for instance, has been deliberately released to mislead you. Social media and the internet provide great tools for law enforcement work, but also considerable risk.

What led you to your career in the Secret Service and beyond?
MC: Actually, my background is in teaching. I taught school for six years at an institute where I worked with hearing-impaired children. Learning American Sign Language helped me see the importance of breaking down perceived barriers in communication. Law enforcement organizations today cannot do their job effectively without maintaining an internal collaborative environment. There is more cross-communication than ever in law enforcement agencies today due to electronic mail and interdepartmental working groups.

The Secret Service has a statutory responsibility to investigate and suppress US counterfeit currency. My technical background in graphic arts and photography caught the attention of the Secret Service and I began my career working in the Philadelphia Field Office. I started as a an entry-level Special Agent advancing to the Senior Executive Service position of Olympic Coordinator, where I was responsible for overseeing the federal security operations at the 2002 Salt Lake City Winter Olympics. Soon after, I was reassigned as the deputy special agent-in-charge of the Presidential Protective Division responsible for security operations at the White House complex where I remained until being reassigned to assist in the development and establishment of DHS. I finished my career as a Deputy Assistant Director, overseeing the Secret Service technology divisions. Though I am not an engineer, I understood the mission well enough to ensure that procuring technologies was done in and efficient and effective manner, and remained mission critical.

What are the challenges you faced securing different facilities and structures?
MC: Security and law enforcement are not synonymous. Law enforcement is responsive - when you have an incident or crisis, law enforcement personnel are first responders at the scene. On the other hand, security is mostly preventative. Good security operations are designed to detect, deny and disrupt threats before they occur. At particularly high profile events, such as the Olympics or important public buildings, such as the White House, the federal government often serves as the security lead. The Secret Service is responsible for designing, planning and implementing the security operation in these locations. But they aren't the only agency working on security. Other federal agencies, such as DHS' Federal Protective Service as well as state and local organizations work in concert to secure these locations, whether they are a building or an event. The process is collaborative. We have a name for these kinds of security operations when applied to an event of national significance: in 1998 the federal government began calling them National Special Security Events (NSSE). Usually, the Secretary of Homeland Security in conjunction with the Attorney General designates an event as an NSSE and when they do so, the Secret Service, FBI, and FEMA begin working immediately with the event hosts and local public safety organizations and other stakeholders on a plan to secure the event. There have been over forty NSSE's since 1998, the largest of these was the Salt Lake City Winter Olympics. Since Salt Lake, all other NSSE's have essentially utilized the same security model.

How does DHS determine whether an event will be classified as an NSSE?
MC: The Department of Justice employs a special event readiness level (SERL) test when considering how many resources to bring towards securing an event. Historically, the Boston Marathon or the Super Bowl, with the exception of the 2002 game, had not met the criteria to be classified as an NSSE. However, as an event satisfies more of the determining risk factors, it can be elevated all the way up to a SERL 1, which is classified as a NSSE. There are multiple elements that are weighed against an event to determine the degree of support it should receive from the federal government. Iconic events with a history of threats coupled with worldwide media attention will always be carefully considered for a NSSE designation. Strong local resources and capabilities may reduce the designation to a lower SERL rating.

DOJ classifies all events on a scale from 1 to 4. The classification level determines how many resources are provided by the federal government in order to secure the event and how many Federal government entities will be involved. It is important that any security plan emphasize both the prevention and crisis response aspects of security. Of course, the risk level determines the intensity of both the prevention and crisis response plans. And “risk” itself is determined by identifying in advance the vulnerabilities and threats present at each event.

What organization comes up with best practices for securing an event?
MC: For a sporting event, it is often the sporting league, such as the National Hockey League (NHL) or the National Basketball Association (NBA). In other cases it may be trade groups such as the International Association of Venue Managers and the Stadium Managers Association. DHS' Office of Infrastructure Protection shares best practices on securing critical infrastructure with these groups.

How does one go about encouraging implementation of best practices?
MC: First, venues should have facility managers that are skilled, open-minded and willing to implement security practices. Second, security and facility professionals need to constantly look for ways to increase their understanding of current threats. They have to be willing to argue with decision-makers about the need for updates and upgrades in the security infrastructure. Having an emergency management plan is a best practice in an of itself and such a plan should be part of every facility's toolkit. (One, venues should have facility managers that are skilled, open-minded and willing to implement security practices. Second, security and facility professionals need to constantly look for ways to increase their understanding of current threats. They have to be willing to argue with decisionmakers when there should be upgrades and advancements made. Today's threat is not necessarily tomorrow's threat. It is not a matter of if, but when. An emergency management plan should be part of every facility's toolkit, however the plan doesn't have much value if it isn't exercised.)

How did you make the transition from the Secret Service to critical infrastructure protection?
MC: I went from the public sector (Secret Service) to the private sector (security industry). There are a lot of similarities and differences between the two and a lot of overlap. Remember that government agencies such as DHS aren't the only ones responsible for securing critical infrastructure. The venue, whether it be a stadium or a convention center, has the authority to decide how they would like threats to their facility to be addressed. Speaking broadly about my work on critical infrastructure: we try to use an all-hazards approach. Since I can't tell my clients when an attack might occur, I have to rely on informing my clients about how they can reduce the risk of an attack occurring. For instance, severe weather events cause a lot more damage to critical infrastructure than any other kind of threat - and prevention practices borne from an all-hazards approach are a lot more useful in preventing damage from severe weather events.

Can you speak further on weather and its impact on critical infrastructure?
MC: Studies have concluded that most fatalities at sporting events occurs as a result of weather related events or other non-terrorist acts, such as structural collapse or fires. Though we are seeing a recent rise in active shooters and targeted violence in the country, weather-related events still cause by far the most damage. Casualties from single assailants in public places are not new - but as humans we tend to focus on them rather than on natural hazards such as hurricanes.

Where do you think security is headed in the future? Where do you think it should be headed?
MC: Security is headed to a kind of convergence - a blend of proven technologies, trained personnel and proven best practices all coming together to secure a space - including cyberspace. Another upcoming trend is to protect associated venues that provide critical resources. For example, if someone can't enter your venue then maybe they can get to the venue's power source, water source or transportation infrastructure. With cyber-driven attacks, securing a venue is becoming increasingly complicated and planners have to think outside the box.