EXECUTIVE SUMMARY

—  Unisys' responses are made from the perspective of Industry's involvement in the CONTEST process.

—  The Home Office does not have access to a range of System Integrators, as were created and supported by the Ministry of Defence during the IRA's mainland bombing campaign.

—  Such integrators are needed to utilise and adapt the existing industrial base to meet the particular needs of Counter-Terrorism, a task that cannot be achieved through the Home Office's existing procurement process.

—  The defence industrial base is not entirely suited to meet the requirements of Counter-Terrorism, which cannot be met simply by "dumbing down" defence solutions.

—  The Home Office should establish a Strategic Supplier Group specifically for CONTEST, "owned" by the OSCT.

—  OSCT's recent designation of a full-time Industry Liaison Officer is welcome, but progress to date has been slow.

—  The pace at which Industry manages and changes the Critical National infrastructure is a challenge to Government efforts to protect it. Government has to be able to move as fast. This requires a more intimate relationship with Industry, which must embrace the Government's own R&D base.

—  Industry is in a position to tackle vulnerabilities in the fields of, especially, Transportation and Crowded Places, but Government needs to make it clear whether the approach is to be Threat-driven, Capability-driven or Evidence-based.

—  It would be a worthwhile contingency for the Government to invest a modest amount through a Strategic Supplier Group on demonstrating solutions to such problems.

PREPARE: THE WORKING OF THE OFFICE FOR SECURITY AND COUNTER-TERRORISM

  1.  Industry is a crucial stakeholder in supporting and providing the Critical National Infrastructure, very little of which is now directly owned by Government.

  2.  This fragility has been understood by Government since the early 1990s and the IRA's mainland bombing campaign when the Ministry of Defence was the focus for most of the industry response to countering terrorism.

  3.  Rightly, since 9/11 and, more importantly, the launch of CONTEST, the Home Office and, specifically OSCT, have taken the lead. The difference between the MoD and Home Office leading is quite stark, but the main and obvious difference is that the Home Office-industry linkage for providing support and assistance for national and critical responses to events is weak in comparison to 10 years ago.

  4.  The MoD were fortunate in that they could utilise an existing industrial base and adapt it to the asymmetry of Counter-Terrorism. As such they created and supported a small number of System Integrators—not too large that the UK Government were just another client; not too small that the System Integrator could not cope with the risk of short notice readiness—who were capable, accredited and responsive to UK Government requirements. These companies do not exist now.

  5.  Expecting traditional industries to support CONTEST and Counter-Terrorism efforts would be wrong. Most of these suppliers are large and come from the Defence Industrial base. Counter-Terrorism is conducted under the rule of law. Solutions for it need also to be based within a rule of law context—apprehend and bring to justice—rather than a defence basis—locate and kill. Dumbing down defence solutions will not necessarily meet the requirement or provide good value for money.

  6.  The Home Office approach to procurement is different to that of the MoD. The MoD had a well oiled machine for Urgent Operational Requirement procurement and Operational Emergency procurement, born out of necessity in-theatre, and they still do. The Home Office has the restricted procurement process through OJEU but little else. It also has a "gene pool" of suppliers for Counter-Terrorism, but these are mostly small to medium sized enterprises. Very few of these suppliers are System Integrators with the breadth to take on sophisticated Counter-Terrorism systems. There is a Strategic Supplier Relationship Group but this is mostly equipped to provide IT, not to respond to the specific needs of Counter-Terrorism.

  7.  OSCT has laudably initiated an engagement with industry through RISC (Security and Resilience Industry Suppliers Council) within which INTELLECT, the ICT trade body, has been most active. However little of practical value is yet to be achieved by RISC although INTELLECT has provided some very useful information through its Resilience and Security website.

  8.  Unisys suggests a similar such body to the Strategic Supplier Relationship Group be created by the Home Office specifically for CONTEST and "owned" by OSCT. This small group of System Integrators would be established through, say, a Framework Agreement, and kept current and responsive by providing the Home Office with Technology Demonstrators of solutions to various challenges. The checks and balances of ensuring the "gene pool" is also engaged is straight forward. The NIS Strategic Supplier Group Framework is a good example of how to set this up.

  9.  OSCT has also recently designated a full-time Industry Liaison Officer to improve dialogue with Industry. Unisys applauds this but is concerned at the time it took to take this step after the publication of the Science and Technology Strategy. The tempo of progress reinforces the view that, unless industry has been prepared to respond, it will not be able to in the time frames desired.

  10.  This greater "connection" with Industry must also include the Government R&D base, in this case DSTL, the Counter-Terrorism Centre and Home Office Scientific Development Branch. Efforts are made by them all in the course of normal business but the processes are either traditional (through the CATALIST procurement mechanism) or ad hoc. It was hoped that the Science and Technology Strategy for Counter-Terrorism would sort this out, but so far it has not.

PROTECT: PREPARATION OF THE UK'S INFRASTRUCTURE AGAINST TERRORIST ATTACK, IN PARTICULAR, TRANSPORT SYSTEMS AND CROWDED AND VULNERABLE PLACES

  11.  Industry has an intimate and important role in supporting the Preparation of the UK within CONTEST.

  12.  Industry owns much of the Critical National infrastructure which may be targeted by terrorists and need to be part of the exercise process.

  13.  Industry processes are more nimble and flexible to changes in society and the markets than Government. This means that the way they manage the Critical National Infrastructure changes rapidly too. It will be too late to find out that fundamental processes have changed at the time of an event—the September 2000 fuel protest is a good example of a non-terrorist catastrophic event. The floods of 2007 would be another.

  14.  The Industry Panel announced under the National Security Strategy that exhibited a desire to involve industry more was a good step, but little has happened.

  15.  Industry has a number of solutions to addressing the vulnerabilities in Transportation and Crowded Places, two of the most recent areas of greatest concern, current still with London 2012 looming. Unisys believes that these challenges require Government to go back to the fundamentals of requirement definition: is the approach to be Threat-driven, Evidence-based or Capability-driven?

  16.  Threat-driven is where we are now in engagement-with-Industry terms—waiting for something to happen and then trying to respond in the shortest possible time with a solution that solves the immediate problem. It is the most costly approach.

  17.  CONTEST, by contrast, is very much Capability-driven: this is what we can do, so create a system that brings coherence to all the many efforts so that we have only one system to address the myriad of threats. It is the least costly approach but looks expensive to set up. However CONTEST does not extend to Industry engagement for procurement.

  18.  Evidence-based is a compromise, used when funds are short: we know we may have a threat (against Crowded Places for instance) but where is the evidence to say this has ever happened before? Hence how can you justify what may turn out to be an expensive nugatory expenditure of funds on something that evidence supports may never happen?

  19.  Creating a Strategic Suppliers Group of System Integrators and providing them a small amount of work to demonstrate solutions to these problems is a worthwhile contingency that invests in solutions, improves knowledge of what is possible between lab demonstrations in R&D and what Industry can practically roll out and by when and acts to both PROTECT and PREPARE in terms of CONTEST and Industry.

PURSUE: THE EFFECTIVENESS OF INTELLIGENCE FUSION CENTRES OUTSIDE LONDON

  20.  Unisys has no evidence to submit on this.

  As a System Integrator, Unisys has had an intimate involvement with the UK Critical Infrastructure for some time. As well as providing every police force in the UK with an investigative case management application (HOLMES) for managing major crime, it supports the Metropolitan Police command and control system (999) and other applications. Unisys has, over the years, had involvement with a number of UK Government Departments and underpins many of the UK's financial management systems. In the United States, Unisys has been the major System Integrator to the Department of Homeland Security and the Transport Security Agency. Globally we provide the application for the aviation supply chain and the US Department of Defense with a global tracking system for their container freight.

January 2009