Al Qaeda is said to be patiently planning an attack on the U.S. with a weapon of mass destruction (WMD), with anthrax being its most likely modality.

A former CIA official has published a report on al Qaeda’s interest in WMDs The report, by  Rolf Mowatt-Larssen, a senior fellow at Harvard’s Belfer Center for Science and International Affairs, is likely to required reading for security officials. After September 11, says the report’s preface, Mowatt-Larssen “led the U.S. government’s efforts to determine whether al Qaeda had WMD and to prevent a nuclear terrorist attack on the United States.”

The really unnerving aspect of al Qaeda’s approach, and they no doubt intend it to be this way, is that they are willing to wait years developing plans for whatever sort of attack seems likely to be feasible and do the most damage. That’s why disrupting terrorist capacities, wherever they become manifest, is such a continuing priority.

CNN: U.S. intelligence chiefs say another terrorist attack on the U.S. in coming months is “certain”.

Al  Qaeda is said to be concentrating on making its modalities harder to detect.

USA TODAY recently interviewed top U.S. security officials to get their sense of what the next decade might hold in terms of terrorist threats or attacks. The last decade, of course, included 9/11.

We won’t attempt to summarize the responses here, but the interviews are worth the attention of security managers everywhere. Those interviewed are: James Jones, White House national security adviser; Raymond Kelly, New York City police commissioner; Dianne Feinstein, Senate Intelligence Committee chair; Phil Mudd, FBI senior intelligence adviser; Janet Napolitano, secretary of Homeland Security, and Michael Hayden, former CIA and NSA director.

The Q&A transcripts and a video of the interview with General Jones, are here.

Ray Bernard writes about “layers of security” in January’s Security Technology Executive and the concept remains a good one. There’s the:

• Outer Protective Layer – natural or man-made barriers at the property line. (What PRO Barrier knows most about.)

• Middle Protective Layer – exterior of a building

• Inner Protective Layer – doors within a building

Ray notes that these three elements are long-standing – they preceded a more recent level of security – IT or computer network security.

And here’s the point: “…today’s technology gains provide opportunities to significantly improve the security layers of our facilities, and so nearly all security technology plans deserve a good review from this perspective. Given today’s economy, many trade journal and security conference discussions revolve around upgrading or enhancing technology rather than replacing it. Most of these discussions are based on technology perspectives. Unless technology perspectives are coupled with a security applications perspective, there is low assurance of receiving the security benefit that could and should result from security technology planning. Layered Security is one of the valuable application perspectives.”

Which is the point we’ve long been making – security begins at the perimeter – the front gate (or back gate, too).

Next month’s Olympic games in Vancouver, B.C., require state-of-the art, coordinated security on both sides of the border, and they’re getting it.

On the U.S. side, in Bellingham,  Wa., the  U.S. Olympics Security Committee has provided a high tech security center that will be manned 24 hours a day with two 12-hour shifts. It’s equipped with nine work pods with 54 workstations, each with high-speed data and voice connections, and has the Whatcom County Sheriff’s Office to the FBI, “all in the same room.”

The U.S. center is 20 miles south of the border with Canada and can coordinate with Canadian security, including the Royal Canadian Mounted Police. It will handle any problems from traffic jams to major security incidents – hopefully, there won’t be any.

Coordination is a hallmark of effective security. The athletes and crowds attending the games will be in an international security zone with the border crossings protected, for example, by the Washington State Transportation Department along with the National Geospatial Intelligence Agency.

Let the events begin, safely.

A cogent post on the Homeland Security Watch blog advises of the difference between readiness for an emergency and response to a disaster. The latter, as we are seeing in Haiti, is far more challenging.

Security planners will appreciate the differences in blogger Mark Chubb’s listing of the contrasting (though certainly related) skill sets for emergencies and disasters. Emergencies (or merely challenging operations generally) require, Chubb writes, Command, Control, Communication, Cybersystems and Intelligence (emphasizing analysis).

In disasters like Haiti these elements remain, but a more challenging paradigm applies: Clarification, Creativity, Collaboration, Commitment and Intelligence (emphasizing synthesis).

Chubb’s piece makes a great tutorial for planners who want to be prepared both for the not so bad and the worst.

Here’s a grisly “trend” story we’d prefer not to have to pass on, but it’s out there and a sign of our continually threatening  times:

In “Predicting the Next Bomb Plot,” James Carafano of the Heritage Foundation writes that a near-miss attack on a Saudi prince last summer illustrated three aspects of al-Qaida tactics.

1. They rely on familiar tactics.

2. They introduce a new wrinkle or two to improve the tactics and keep them “fresh”.

3. They’re patient, wait and attack again.

For example, the Taliban attack that killed seven seven CIA agents in Afghanistan recently was an updated “rerun” of the unsuccessful Saudi attempt last summer.  Accordingly, we can expect more of what’s already been tried, in commercial aviation and other settings.

Al-Qaida, says Carafano, is also expected to “keep trying to improve the three types of bombs they’ve used so far. They will continue to refine some type of ‘binary’ explosive — one that uses two or more ingredients, (is) apt to elude airport security checks, may be brought separately onto planes and then combined into a bomb.

“The fact that they have tried liquid explosives at least twice shows they think it’s a tactic still worth pursuing. Likewise, the Saudi strike shows that al-Qaida retains an unhealthy fascination with body bombs.

“And don’t rule out another 9/11. We have to assume that al-Qaida has not given up on hijacking planes.”

In short, there’s plenty of reason to remain continually alert, for tried or untried tactics.

Security pros can’t ever quit considering what sort of threats their organizations may be exposed to. Bruce Schneier makes that point while noting that a robber bored a hole through the wall of a jewelry shop in Tokyo’s Ginza district and got away with 200 luxury watches worth 300 million yen ($3.2 million).

From his book Secrets and Lies, Schneier recaps:

“Threat modeling is, for the most part, ad hoc. You think about the threats until you can’t think of any more, then you stop. And then you’re annoyed and surprised when some attacker thinks of an attack you didn’t. My favorite example is a band of California art thieves that would break into people’s houses by cutting a hole in their walls with a chainsaw. The attacker completely bypassed the threat model of the defender. The countermeasures that the homeowner put in place were door and window alarms; they didn’t make a difference to this attack.”

So keep thinking, imagining the worst. And figure out how to avoid it if possible.

A newly developed body scanner might provide an ultimate level of confidence at airport and building security checkpoints. As announced by Nesch, LLC, based at the Purdue Technology Center incubator, the new scanner will be capable of detecting powdery substances on or inside the human body – like those a Nigerian man assertedly had with him on Christmas Day to blow up a passenger jet.

The device is called Diffraction-Enhanced X-ray Imaging, or DEXI. A normal X-ray uses three sources – light absorption, refraction and scattering – to produce an image. But they sometimes don’t blend well, causing a blurry image.

The Nesch machine creates a separate image from each of the sources, allowing clearer pictures and views of softer material. Nesch plans to accept orders for the new scanner by the end of March this year.

Time is running out on the U.S. Coast Guard’s “Best Video of the Year Contest.” But even if you’re not interested in voting on the 11 rescue videos the Coast Guard has posted on You Tube, simply watching them can provide helpful pointers on rescue and security techniques.

The Coast Guard has been running its rescue video contest for the past several years, aimed at recognizing the most intrepid rescue teams of the year. There’s gripping video here – like a flood rescue recorded from a helicopter.

Only two days remain – until January 8 – actually to vote on the videos. But they, or others like them, will probably remain on You Tube and can be helpful for training purposes.