With Security & Counter Terror Expo 2016 just around the corner, MOD DCB features writer Paul Elliott caught up with Thomas A Wuchte, Head of Anti-Terrorism at OSCE, ahead of his appearance at the event to find out more about the organisation and how it is helping the fight against terrorism.

The Organization for Security and Co-operation in Europe (OSCE) is the largest regional security organisation in the world, with 57 participating states across three continents covering territory from Vancouver to Vladivostok. The most recent country to join was Mongolia, which significantly helped OSCE broaden its eastern reach. The organisation also has 11 partners states, including Japan and South Korea. It has a strong working relationship with the United Kingdom.

High on OSCE’s agenda is counter-terrorism. Thomas A Wuchte took over as Head on Anti-Terrorism Issues in March 2012. His team, the Action against Terrorism Unit (ATU), is part of the OSCE Transnational Threats Department. It works on many programmatic activities to support the fight against terrorism.

ATU’s mission is to help empower OSCE participating states in implementing comprehensive approaches by coordinating and facilitating OSCE counter-terrorism activities with effective resources. It is a political organisation with some very unique assets.

Mr Wuchte explained: “We take the broad policy and work streams of the international community, starting at the level of the UN – there’s a huge UN counter-terrorism strategy and we’re a regional implementer of plans and activities to help the countries in our organisation to develop programmes, policies, action plans and trainings that address many of the issues that are quite topical now in global counter-terrorism.

“We do work across the following major streams – counter-terrorism, use of the internet, the legal basis, how to develop the appropriate laws in the fight against terrorism, and also how to prosecute and properly investigate.”

OSCE also has a very large programme in travel document security where it is working with the International Civil Aviation Organisation (ICAO) to develop e-passports and help states develop solutions to properly conduct checks at their borders.

An essential component of OSCE’s counter-terrorism work is developing public-private partnerships. For Mr Wuchte public-private partnerships embrace working with the whole gamut of civil society, including think tanks, NGOs working at the local level implementing programmes, the business sector and academia. The protection of national critical infrastructure from terrorist attack, particularly cyber attack, is something OSCE’s participating states have shown a high degree of interest in.

In 2010 OSCE held a large regional conference, titled OSCE-wide Public-Private Expert Workshop on Protecting Non-Nuclear Critical Energy Infrastructure from Terrorist Attacks, to look at the protection of non-nuclear critical energy infrastructure. It was a productive engagement for the organisation which led to the Good Practices Guide on Non-Nuclear Critical Energy Infrastructure Protection (NNCEIP) from Terrorist Attacks Focusing on Threats Emanating from Cyberspace guidebook being published in 2013.

Mr Wuchte commented: “We looked at non-nuclear forms of infrastructure – gas, electricity, oil etc. It turned out to be a useful exercise to bring together stakeholders. We asked our 57 participating states, and a group of private sector businesses interested in the issue of critical infrastructure, to take part and developed the Good Practices Guide.

“We recognised that to strengthen the protection of critical infrastructure from terrorist attacks, we had to understand that more and more control systems are handled remotely and are connected to the internet or a closed network. We wanted to disseminate knowledge of how to work with that through a guidebook on the issues.”

The guidebook is a public document, available on the OSCE website. It is an important resource which has been contributed to by many experts in the field, by both the interior and defence ministeries of a number of nations, and by business thought-leaders. Beside looking at critical national infrastructure and how to protect it, it highlights some of the hypothetical scenarios should that infrastructure be the target of a terrorist cyber attack. Mr Wuchte is keen, however, to stress that the OSCE has taken the message of the guidebook and turned it into a practical exercise where scenario-based cyber intrusions through networks challenge how people react.

Mr Wuchte continued: “A guidebook in itself is good but we didn’t stop there. We’ve just finished working in Spain where we developed a tabletop exercise that gives hands-on experience of the possible consequences and vulnerabilities of terrorist attacks.

“We used the recommendations and lessons-learned within the guidebook to have a better awareness of the risks, and a better understanding of cyber security vulnerabilities and the possible consequences of cyber attacks for entire infrastructure and society as a whole. It was very well received by our Spanish colleagues and we also had a couple of countries attend as observers. We intend to offer this type of tabletop exercise for other countries at the national level.”

The beauty of this type of exercise is that it forces participants to consider who within an organisation needs to be reacting should such an event occur, and who needs to be notified. These are all critical questions that need to be examined – not just by governments, but by private sector businesses as well. We all have a role to play in such a discussion.

It’s all about preparation, and having the right people together to discuss the potential reaction to an attack helps you to be prepared if something does happen. When a cyber attack occurs, three questions are usually asked – what did you know?; what was your plan?; and what are you going to do in response? If you haven’t gone through a scenario-based exercise beforehand, these three questions are very difficult to answer. Mr Wuchte is confident OSCE is on the right track to meet this type of challenge.

Collaboration is a word you often hear mentioned in reference to counter-terrorism. According to Mr Wuchte collaboration is vital. He says business plays an ever more important role in fighting terror, especially where commercial infrastructure is targeted or exploited to carry out terrorist attacks. Central to this collaboration is public-private partnerships.

Mr Wuchte explained: “Fighting against terror should involve voluntary, reciprocal and trust-based collaboration between organisations. The more government stakeholders in civil society and businesses are working together the more effective we can be. I think from my perspective we recognise now that it’s not just government that must do something as complex as tackle these issues on terrorism.

“Businesses recognise they’re better off working collaboratively on this and I think that’s a very good message to have. We just couldn’t have written the Good Practices Guide without business. Business representatives actively contributed to the discussion and made it easier for us to draw the lessons that we’re now doing in our tabletop exercises.”

Collaboration in the war on terror – supporting interaction in and among states and between the public and the private sector, as well as involving international and regional organisations – is vitally important. The more we can strengthen the sharing of these best practices the more we will be able to effectively counter the security and cyber terrorist threat.

Mr Wuchte will be speaking at the upcoming Security & Counter Terror Expo event at London Olympia on 19-20 April alongside the likes of Sir Malcolm Rifkind, former Foreign Secretary, and representatives of both NATO and Europol.

For more information, visit: www.osce.org or www.counterterrorexpo.com