ArticlePDF Available

Comprehensive Security and Some Implemental Limits

  • University of Ljubljana - Faculty of Social Sciences
© ProCon Ltd., This article cannot be reprinted, published on-line or sold without written permission by ProCon.
Information & Security: An International Journal
Iztok Prezelj, vol.33:1, 2015, 13-34
Abstract: The changing security environment has led to the development of com-
prehensive security approaches, strategies and policies. The ‘Holistic approach has
become an academic and practical mantra. This paper argues, however, that com-
prehensive security approaches face serious obstacles to their practical implemen-
tation. The critical evaluation of several examples confirms that the implementation
phase is a weakness of comprehensive approaches and that a truly comprehensive
and holistic approach seems to be beyond the implemental capacities of our security
systems. Multi-sectoral and multi-level comprehensive approaches become less
comprehensive when implemented in practice or even cannot be implemented due
to existing narrow perceptions of security or narrow and short-term interests. The
trans-sectoral second-, third- and fourth-order effects of proposed security measures
are hardly considered or not considered at all. There is no consensus on what ex-
actly comprehensive means, while prioritisation of some areas in the national secu-
rity policy leads to de-prioritisation of other areas and new vulnerabilities, inter-or-
ganisational and cross-sectoral cooperation faces serious limits, threat, risk and vul-
nerability assessments are not really comprehensive, etc. This paper finishes with
recommendations on what to do about these serious limits on the implementation of
comprehensive security.
Keywords: Comprehensive security, multidimensional security, cross-sectoral ap-
proach, threat assessment, risk assessment, inter-organisational cooperation, critical
infrastructure, asymmetric threats, counter-terrorism.
The end of the Cold War enabled the academic community and policymakers to redi-
rect attention from typically military threats and problems to a much broader set of
security issues. A comprehensive or holistic approach to security has since become a
mantra in the field. Academic books, articles and studies have argued for a non-mili-
tary and broader notion of security, while states and international organisations have
created more comprehensive strategies and policies that lead to smarter and longer-
term security. Progress in this direction has clearly been made, but we should also
analyse this progress more critically to improve the academic understanding of ex-
isting weaknesses of comprehensive approaches. From this perspective, it seems that
Comprehensive Security and Some Implemental Limits
many smart comprehensive approaches have faced serious difficulties in the imple-
mentation phase. Arguably, a true comprehensive approach lies beyond humankind’s
implemental capacities at this stage of development.
I argue in this paper that comprehensive security approaches encounter serious obsta-
cles to their implementation in practice. I should stress that I am a strong proponent
of a comprehensive security approach (as confirmed by my research record), but my
practical experience in the national security system with implementing broad and
comprehensive security solutions led me to seriously consider implementation prob-
lems. The goal of this paper is to identify some typical difficulties of implementing
comprehensive security approaches in practice and explain the reasons for them.
Such work is relevant because it will create knowledge on the typical obstacles to
implementing comprehensive security approaches and give ideas on how to over-
come them.
Comprehensive Approaches to Security
The neorealist focus on states and military security seems to fit the Cold War era per-
fectly, but the security environment has been changing continuously since then. Se-
curity concepts have reflected the changing threat perceptions. According to Wil-
liams and Moskos,
the key perceived threats were: a conventional military attack be-
fore the Cold War, a non-conventional military attack during the Cold War, and a
broad spectrum of non-military threats after the Cold War (such as drug trafficking,
uncontrolled migrations, economic stagnation, environmental degradation, etc.). The
prevalent schools of security thought in the Cold War (realism and liberalism)
ally narrowed the problem of security to power (realism) and peace (liberalism), and
security was thus mainly perceived as a politico-military problem. The nuclear threat
was simply so great that such a confined understanding then seemed appropriate.
After the 1980s, new security approaches (concepts and policies) gradually started to
emerge. The old security concept proved to be too limited and unsuitable for the in-
creasingly vibrant security environment. In this respect, the narrow security and
strategic studies evolved towards much broader security studies, encompassing many
non-military aspects of security. The prominent journals International Security and
Foreign Affairs published two theoretically relevant articles both entitled Redefining
Security.” Published in 1983 by Ullman, the first article substantiated the broadening
of security to economic and developmental issues. He questioned the utility of fo-
cusing on military security since it conveyed a profoundly false image of reality and
made states concentrate on military threats and ignore other and perhaps even more
harmful dangers. He thought that such an approach actually reduces our overall secu-
The second article was published in 1989 by Mathews, justifying a broadening
towards environmental, resource and demographic issues.
Even the journal Survival,
Iztok Prezelj
known for its neorealist approach, published an article in 1989 on non-military as-
pects of security. Perhaps the most comprehensive approach to security following the
Cold War was substantiated by the “Copenhagen School” led by Barry Buzan, Ole
Waever, Jaap de Wilde and others. In their key publications, such as People, States
and Fear, An Agenda for International Security Studies in the Post-Cold War Era,
The European Security Order Recast: Scenarios for the Post-Cold War Era,and
Security: A New Framework for Analysis,
they defined security as an inherently
multi-sectoral phenomenon consisting of:
military sector (military threats and the means to contain them);
environmental sector (e.g. environmental disasters);
economic sector (e.g. economic recession, poverty);
political sector (e.g. level of democracy); and
societal sectors (e.g. cultural relations and identity).
The Copenhagen School was very important because it pragmatically combined tra-
ditional and emerging approaches in a new and more holistic approach to security
studies. A positive aspect is that this school integrated the military dimension as it
existed in the new broader context. Many other comprehensive approaches followed
this multi-sectoral understanding of security.
At the policy level, several broader security concepts were also introduced. The most
notable examples were expressed in reports by the Palme Commission, Brandt
Commission, and the United Nations Development Programme. The Palme Commis-
sion Report from 1982 represented a consensus of NATO, Warsaw Pact and neutral
countries that no country can win in the case of a full-scale nuclear war. This report
politically opened space for broader thinking on other potential security dimensions,
such as economic security. In this respect, the Brandt Commission report from 1983
introduced economic security as a basis for achieving political security within coun-
tries and at the global level. More importantly, the UNDP developed and introduced
the “people-centred” “all-encompassing concept of human security” in its annual re-
port from 1994.
UNDP employed bottom-up logic and tied the concept of security to
the individual and his day-to-day life, including the most pressing daily threats. The
concept referred to these dimensions of security: economic, food, health, environ-
mental, personal, community and political. A comparison of human security concepts
regarding the perceived and identified threats to individuals shows a great variety of
potential threats. All approaches stress mostly non-traditional threats; yet traditional
ones are also mentioned and stressed by some. The threat spectrum encompasses the
following threats: economic, food, health, environmental, personal, community, po-
litical, demographic, as well as crime in all forms, including terrorism, natural disas-
ters, violent conflicts and wars, genocide, anti-personnel mines, SALW, etc. The hu-
Comprehensive Security and Some Implemental Limits
man security concept refocused attention in security studies on the vulnerability of
individuals rather than on governments and territories. Individuals are the most vul-
nerable referent objects of security.
UNDP also equated human development, peace
and well-being. This all reflects the fact that broader security concepts were
grounded in the intellectual drive of the Cold War era aimed at shifting the focus of
national security from the state-centred approach to security for society, communities
and individuals.
After 9/11, the concept of asymmetric threats also became increasingly recognised
and used by the scientific community worldwide. This concept appeared in the USA
in the late 1990s. It was quickly exported to other countries and represents one of the
key ways of understanding threats in the 21st century. Asymmetry here refers to the
disproportionality between the threatening subject and the threatened subject, which
mainly refers to terrorists on the offensive side, and the state and society on the de-
fensive side.
What actually happened with security at the conceptual and policy level after the
Cold War ended is a simultaneous horizontal and vertical broadening of the term.
Horizontal broadening refers to incorporating ‘new’ non-military aspects of security
such as environmental, economic, demographic, criminal, terrorist, health, infor-
mation, immigration and other aspects (or sectors and dimensions as some call them),
while vertical broadening refers to the incorporation of other non-state referent ob-
jects like individuals, local communities, groups of people by common ethnic, reli-
gious or ideological characteristics, the global community, etc. This combination of
non-military security dimensions and non-state referent objects represents the basis
of today’s comprehensive understanding of security.
The EU and its member states have also adopted a comprehensive approach to secu-
rity. WEU security functions were transferred to the EU at the start of this millen-
nium, and the EU further developed its civil and military crisis management func-
tions, including counter-terrorism, critical infrastructure protection, etc. Two very
important documents should be mentioned here because they underpin the EU’s com-
prehensive approach to the field of security. The European Security Strategy set the
foundations for the comprehensive approach to external security by identifying a
comprehensive spectrum of security threats (terrorism, proliferation of WMD, re-
gional conflicts, state failure, organised crime, etc.) and stressing a more coherent
approach and coordination among various EU policies (especially external action and
Justice and Home Affairs policies), the external activities of individual member
states and also regionally.
The Internal Security Strategy later comprehensively
defined the common internal security strategy and the model of European security.
The document called for integrating existing strategies and exploiting potential
Iztok Prezelj
synergies that exist in the inseparable areas of law-enforcement cooperation, inte-
grated border management, and criminal justice systems. The purpose of this docu-
ment was to ensure that these areas complement and reinforce one another.
The EU
has also pursued a comprehensive approach in other policies, such as “comprehen-
sive and geographically balanced EU external migration policy”
or the comprehen-
sive implementation of peace agreements.
At the level of EU member states, nu-
merous examples of a comprehensive approach to security can be identified. For in-
stance, countries follow a model of comprehensive and interconnected use of the
whole spectrum of political, military and civil mechanisms for managing the inter-
connected problems of peace, security, development and human rights. Interagency
cooperative processes among ministries of foreign, defence and internal affairs have
been established.
In the case of complex security issues, a concern has been raised about who actually
owns them. The answer is everybody and nobody. ‘Everybody’ refers to all
relevant stakeholders, governmental, non-governmental and supra-governmental,
while ‘nobody’ refers to the fact that none of them can claim complete ownership of
the problem due to their own, individual inability to solve it. From this perspective,
in the future comprehensive security policy decision-making will be challenged by
many problems and face significant uncertainties. According to Kugler, best policies
will be formulated when competing views or camps can be synthesised by combining
them in a sensible whole. However, he also stressed that the adopted policy options
need to be implemented, which sometimes turns into a lengthy and complicated
The application of different decision-making models to the security field
has shown the existence of many reasons why decision-making in complex situations
can fail. To take a few examples,
the cybernetic theory has shown that decision-
makers have limited capabilities for rational decision-making. The prospect theory
demonstrates that decision-makers will think not only about solving the problems,
but also about their personal and political gains and losses. The groupthink model has
stressed the importance of loyalty to real or perceived group norms that could take
over the rational decision-making. The bureaucratic politics model has suggested that
the decision-making process is also a consequence of competition among the actors.
The term “whole-of-government” approach has also been used to reflect the need for
comprehensive decision-making far beyond the sectoral and governmental inter-
agency approach. In the field of emergency preparedness, Perry and Lindell defined
“community emergency preparedness” as a comprehensive process in which all rele-
vant organisations need to be involved as part of effective inter-organisational coor-
Comprehensive decision-making in the internal security field, as defined
by the EU Internal Security Strategy, contains a horizontal and a vertical dimension.
The former involves law-enforcement and border-management authorities, with the
Comprehensive Security and Some Implemental Limits
support of judicial cooperation, civil protection agencies and also of political, eco-
nomic, financial, social and private sectors, including non-governmental organisa-
tions. In contrast, the vertical dimension includes international cooperation, EU-level
security policies and initiatives, along with regional cooperation between member
states’ own national, regional and local policies.
In the case of complex security
questions related to critical infrastructure, the approach based on Public-Private Part-
nerships (PPP) has been extensively used in practice. Without such a wide approach,
critical infrastructures cannot be secured against a broad range of contemporary
Some Difficulties of Implementing Comprehensive Security Approaches
In this section, certain key topics have been selected to show the limits of compre-
hensive security approaches in practice. Some practical limits are a direct conse-
quence of the theoretical challenges.
Multidimensional Security is Not New and is More Complex than Expected
We should remember the “new threats to security” rhetoric used by many scientists
and professionals after the Cold War ended. They claimed that after the end of the
Cold War there are actually new threats to security such as crime, environmental
threats, economic threats, immigration threats etc. Many policy strategies and docu-
ments reiterated this view. For example, the European Security Strategy stressed that
Europe faces “new” security threats which are more diverse, less visible and less pre-
dictable than the threat of a large-scale aggression.
However, most of the mentioned
threats and security dimensions already existed during the Cold War. They were just
not prioritised in the academic literature or in the security discourse. This brings us to
the constructivist view that security is what we think or say it is, and that our under-
standing of security is actually a social construction. The problem is that it was not
understood that it is more about the reprioritisation of security policy than a change
in reality. There was only one sector which was truly new in terms of security and
non-existent during the Cold War: the information sector with cyber threats to secu-
rity. This means that the birth of comprehensive multi-sectoral security was accom-
panied by a false perception of novelty, while in reality only our focus has changed.
The practical consequence of this has been great fascination and expectation about
the benefits of securitising the environment, the economy, immigration, health etc. In
reality, these fields have only been partially securitised. National security policies in-
clude them in the security framework, but mostly as secondary sectors compared to
more traditional ones. Broader security frameworks automatically triggered the
problem of inter-sectoral competition, which will be addressed later.
At this point, we can offer an example of the prioritisation with serious conse-
quences. One state with the most developed security in the world, the USA, priori-
Iztok Prezelj
tised the terrorism issue after 9/11 and deprioritised emergency management in the
case of disasters. Hurricane Katrina would not have had such drastic consequences in
New Orleans if the levees had been properly maintained. Today, we know that a
multi-sectoral approach to security is the right approach, but in practice we do not
sufficiently understand the second-, third- and fourth-order links among security
sectors. For example, do we in 2015 understand how the use of the military to protect
EU borders from immigrants in order to reduce the inflow will also affect crime in
the countries of origin and in the target countries, how it will affect the ongoing con-
flicts in the countries of origin, how it will affect the level of democracy and human
rights, whether by closing our borders we can actually increase the probability of
democratic changes or prospects for revolution or new conflicts. These are all trans-
sectoral complex questions that are mostly not dealt with when addressing specific
problems. The second example is Afghanistan. How is it that NATO countries have
been unable to eradicate the poppy fields in Afghanistan (this would be part of mili-
tary action) while at the same time our national police services and EUROPOL have
assessed that the main inflow of heroin still comes from Afghanistan. Well, if NATO
forces were to do this then the main Afghani economic branch (agriculture) would
collapse and the entire stabilisation and peacebuilding process would be endangered.
In this case, the political inconveniencies of a truly broad approach to security have
in fact prevented the broad approach being implemented. And the third example of
the inability to understand the multidimensional approach comes from the counter-
terrorism field. The policies of targeted killings of terrorist and extremist leaders ap-
plied by some states (e.g. the USA and Israel) turned out to only be effective in the
short term and only when viewed from the narrow perspective. This approach has ef-
fectively eliminated some very important terrorist leaders, but the problem of the ter-
rorist threat will still remain because they are unable to win the hearts and minds of
the population nor do they know how to integrate a human security approach into
their national security and counter-terrorism policy. In fact, the big collateral damage
from such policies has increased the motivation for terrorism against such states and
their apparent allies, thus indicating a failure to understand the complexities of con-
temporary terrorism. Security reactive measures have obviously not been adequately
connected to long-term preventive measures.
Another bit of proof on this point: the
most ‘successful’ countries in counter-terrorism (with known successful operations,
well-trained special forces, etc.) have always been the most threatened countries.
How Comprehensive is ‘Comprehensive’ Remains Unclear
One would expect some kind of consensus in the security literature on what a com-
prehensive approach means, what it includes, etc. The broad approaches to security
elaborated above are not entirely comprehensive and occasionally overlook some di-
mensions or sectors mentioned by other authors. For example, the Copenhagen
Comprehensive Security and Some Implemental Limits
School, promoting probably the most comprehensive academic approach to security
in the post-Cold War era, has completely neglected the cyber dimension. Its propo-
nents have also deprioritised the dimension of crime and terrorism. The main prob-
lem is that comprehensive includes all aspects of security, but nobody actually has
the power to implement all aspects of security. Authors have warned that we would
face the inflation of the concept of security were we to include all disintegrative
events in the security framework
and that concept’s coherence would then be
threatened. Walt defined several risks and challenges of broadening the term secu-
rity after the end of the Cold War and warned that security studies need to reflect on
the ongoing changes.
Prins, Terriff and colleagues categorically concluded that
security studies have changed from being a sub-discipline of International Relations
to a fragmented approach with many different perspectives that are not necessarily in
constructive dialogue (e.g. realism, liberalism, feminism, peace studies, strategic
studies, etc.). These theoretical approaches talk past each other despite them having
the same focus security.
These and similar conclusions have led some authors to
stress that a reduction of the concept of security is necessary in practice
and that an
environment of endless threats and limited security means that some security aspects
need to be extracted and further focused on.
Something similar has been found for
the greatly promising human security concept. This concept also includes almost all
aspects of security at the conceptual level, which has led to the problem of focus and
implementation in practice. While the human security concept is theoretically well
substantiated, attractive and modern, it embraces almost everything, making it diffi-
cult to put it into practice.
The practical consequence of this is the conscious or un-
conscious move from theoretically and logically comprehensive approaches to com-
prehensive approaches implementable in practice.
One very dramatic example can be given here. The concept of the Revolution in Mil-
itary Affairs was developed in the 1990s to steer a comprehensive military reform
process. The concept encompassed all aspects of military change: organisational, op-
erational, financial, technical and doctrinal. A comparative study of 33 countries in
the period 19922010 showed that in practice there was no comprehensive revolution
in military affairs. In fact, in practice contemporary armed forces predominantly
faced an incremental evolution with very rare major (revolutionary) shifts.
Asymmetric Threats Are Not New; Prioritising Asymmetric Threats Is Risky
As mentioned, the concept of asymmetric threats has become increasingly recognised
and used by the scientific community worldwide and most modern states in their na-
tional security policies. Contemporary states now supposedly face very smart and
dangerous threats in the form of terrorist groups and cells, ethnic groups, individuals,
etc., who use innovative means to attack the weaknesses and undermine the strengths
of stronger opponents. Asymmetry refers to the disproportionality in capacities and
Iztok Prezelj
size between the threatening subject and the threatened subject.
In my view, the
problem with overemphasising the asymmetric character of contemporary threats
comes from a lack of awareness of the history of security threats. From the histori-
cally holistic perspective, we can see that asymmetric threats have existed for a very
long time in human history. Even Sun Tzu, in one of the oldest existing sources on
strategy, argued for asymmetric approaches. For example, he advised finding the op-
ponent’s vulnerable spots where victory will be easily achieved, to attack only what
is vincible and where no defence exists, to attack when the opponent is not expecting
an attack, he also argued that winning without a fight and only with a strategy is best,
This means that asymmetric threats are not new in the contemporary security
If countries focus their national security on particular asymmetric threats (e.g. terror-
ism) they will simultaneously deprioritise other threats (e.g. when the USA depriori-
tised disaster management after 9/11 and Hurricane Katrina created unimaginable
damage). The current prioritisation of non-military threats in national security poli-
cies may seem logical because there has been no clear and present military threat to
European countries. But if we look at the situation from the historically holistic per-
spective, we can assume that this policy makes Europe militarily vulnerable and
brings new risks. The military threat by other states will in one way or another be
present in our security environment and we should not forget this. Let me give a cur-
rent example. The potential outbreak of a major international war in Ukraine with
NATO countries on one side and Russia on the other finds several NATO countries
quite unprepared. One may question how well the forces of some NATO countries
would be able to fight other military forces in a military conflict and what level of
public support they would have.
The Limits of Interdisciplinary and Inter-organisational Cooperation
The lesson arising from the terrorist attack on the World Trade Center (WTC) and
the Pentagon in 2001 concerns the need for greater inter-organisational cooperation
in providing security. The global security environment is perceived as complex due
to the many potential threats. Comprehensive solutions have been defined as multi-
disciplinary at the conceptual level and multi-organisational at the practical level.
Yet, the ‘multi’ approaches are insufficient; academic disciplines need the ability to
interact interdisciplinary and security organisations (governmental, international or-
ganisations and NGOs) inter-organisationally. Such horizontal cooperation has be-
come a mantra in security studies, but the practical problem of implementation
emerges again. It seems that the national security policies of modern states are gener-
ally able to only implement moderate interdisciplinary and inter-organisational ap-
proaches. Let us consider the case of counter-terrorism.
Comprehensive Security and Some Implemental Limits
The terrorist attack on the WTC and the Pentagon in 2001 was made possible by the
low inter-organisational cooperation within the US national security system. The
9/11 Commission Report called for “greater unity of effort” in sharing information.
The Bush Administration established various interagency bodies (the Terrorist Threat
Integration Center, The National Counterterrorism Center, The Homeland Security
Council, The National Intelligence Director, intelligence fusion centres, etc.) to im-
prove horizontal cooperation among the decentralised agencies.
Other governments
and ministries around the world have expanded their horizontal communications and
established coordination bodies.
The EU also identified the same lesson due to terrorist attacks on its own ground, and
carried out an EU-wide peer evaluation of national counter-terrorist arrangements
that resulted in recommendations to all member states to enhance the interagency ex-
change of information at the national level, increase the interagency transparency of
various governmental databases, and set up a national coordination body responsible
for the daily exchange of information.
A subsequent comparative analysis of na-
tional counter-terrorism practices showed that by 2005 14 out of 27 EU countries had
already instituted their respective inter-agency counter-terrorism body, whereas only
two had existed before 9/11.
An additional stimulus for improving counter-terrorist
activities at the EU level came from the lessons of the attacks in London in 2005. In
the aftermath of this attack, the EU adopted its counter-terrorism strategy, which
comprehensively defines the EU’s counter-terrorism activities in four strands or pil-
lars: prevention, protection, pursuing and response. The Strategy also requires some
kind of proportionate comprehensiveness, expressed by the following strategic com-
mitment: To combat terrorism globally while respecting human rights, and make
Europe safer, allowing its citizens to live in an area of freedom, security and jus-
The Strategy requires work at national, European and international levels to
reduce the threat from terrorism and vulnerability to attack. In 2015, EU counter-ter-
rorism is based on close coordination between internal and external action on one
hand and between relevant EU actors and EU member states on the other.
counter-terrorism has been increasingly integrated primarily with the external secu-
rity dimension.
Moreover, many professionals and academics started repeating the mantra of hori-
zontal inter-organisational cooperation and coordination in the fight against terror-
ism. For example, it was stressed that the “counterterrorism organizational land-
should embrace a “full range of means”
such as intelligence services,
emergency services,
and the related coordi-
nation bodies. It was recognised that the terrorist threat cuts across the political, legal
and institutional jurisdictions of these actors and that the old vertical approach could
no longer work without being reconceptualised. There were also calls to create new
Iztok Prezelj
response networks,
partnerships among the traditional bodies of national security,
and a truly integrated and multifaceted approach that combines all counter-terrorism
Hoffmann also argued that a critical step in efficiently addressing con-
temporary terrorism would come from a multi-dimensional policy and strategy able
to build bridges within one’s own governmental structure, untangle lines of authority,
de-conflict overlapping responsibilities, and synchronise inter-agency operations. He
proposed the creation of a counter-terrorism strategy based on the integration of a
military kinetic force and the non-kinetic contribution of national power.
Several general and also practical assessments of the achieved level of inter-organi-
sational cooperation in counter-terrorism reflected serious limitations of the compre-
hensive approach. For example, it was found that organisational confusion remains a
perennial problem in counter-terrorism networks,
that these networks are still not
fully understood entrepreneurial or experimental entities in comparison to the preva-
lent hierarchical organisations,
and that the integration of counter-terrorism tools is
still in an extremely primitive phase despite the investment of great efforts in hori-
zontal, inter-organisational and network counter-terrorism.
Kramer even metaphori-
cally labelled counter-terrorism networks as the tragedy of information communities,
due to their inherent inability to resolve related coordination and cooperation prob-
In 2007, the EU Counter-Terrorism Coordinator reported on the persisting
and insurmountable cooperation and coordination problems in Europe’s national
counter-terrorism communities, and many authors reported similar difficulties from
the USA. It was also made clear that the complex organisational structure of the EU
continues to hinder the coordination of international counter-terrorism activities
within the EU. The mechanisms of cross-pillar or cross-dimensional cooperation
have been created, but their coordination has not been optimal. This problem has to
some extent also been a consequence of insufficient interministerial or interagency
cooperation in the member states.
A SWOT assessment of the effectiveness of inter-organisational cooperation in
counter-terrorism after 9/11, based on the opinion of 100 counter-terrorism experts
from many states, showed that there has been significant progress in this field, but at
the same time inter-organisational cooperation suffers from serious weaknesses.
Sharing information in the counter-terrorism community and mutual trust were iden-
tified as simultaneous strengths and weaknesses. This suggests that the counter-ter-
rorism community is effective and ineffective with regard to the same points: infor-
mation is exchanged, but not sufficiently, organisations trust each other, but not re-
ally. This indicates that the uncooperative symptoms that led to 9/11 continue to
remain hidden under the surface of cooperation, and that a new 9/11 could happen
again. It also means that the terrorist threat itself has united the responsible actors,
but only to some extent. From this perspective, truly effective inter-organisational
Comprehensive Security and Some Implemental Limits
cooperation seems like the holy grail of modern counter-terrorism: ever sought, but
never really found.
The Limits of a Comprehensive Approach to Critical Infrastructure Protection
The contemporary holistic understanding of security also entails critical infrastruc-
tures which consist of basic socio-technical systems, organisations and networks that
vitally support a large spectrum of human activities. They include transport (road,
rail, air, sea) infrastructures, telecommunication systems, information systems (e.g.
the Internet), energy (electricity, gas, oil) systems, financial and bank systems, food
supply chains, water supply systems etc. These infrastructures are so vital that their
breakdown or partial or complete failure would pose a serious threat to society and a
major crisis at the national and even international level. This is why all modern states
have developed a critical infrastructure protection policy to prevent and respond to
accidents, attacks and failures that could take place in any sector of critical infra-
Further, the European Commission has developed a policy for the protec-
tion of European Critical Infrastructures.
Typical threats considered in relation to
critical infrastructures are intentional attacks (e.g. terrorism, information attacks,
crime etc.), serious technical faults or malfunctions in systems, and accidents or dis-
The problem concerning a comprehensive approach in this field arises from the infra-
structural complexity and unpredictable cross-sectoral interaction of infrastructural
malfunctions. On several occasions, it was suggested to shape a comprehensive criti-
cal infrastructure protection policy and cross-sectoral approach based on an integral
and interconnected preparedness,
a network approach,
a “system of systems” ap-
and an integral approach based on cross-sectoral similarities.
considerable policy fragmentation has been observed in this field due to the large in-
stitutional fragmentation and lack of multidisciplinary integrated analysis at the na-
tional and international levels.
Countries have established governmental inter-
agency bodies for critical infrastructure protection, but the regulation and manage-
ment of all these infrastructures remains in the hands of ministries or even private
actors. This explains why cross-sectoral similarities have not been taken into consid-
eration to a large extent when implementing integral policy.
Many studies on infrastructural interdependencies have been commissioned by Euro-
pean governments and the EU and our understanding of cross-sectoral effects after
infrastructural malfunctions has been improved, but the implementation of interde-
pendency-based critical infrastructure protection policy still suffers from the lack of
interdependency elements, such as identification of multi-critical infrastructural ob-
jects and links, cross-sectoral intersections, the cross-border cross-sectoral transfer of
malfunctions, etc. The latter means that international critical infrastructure protection
Iztok Prezelj
policy should also focus on intersectoral cross-border cooperation (e.g. between
managers of ICT from one state and of electricity from another), and not just on in-
ternational cooperation within the same subsector.
The European Commission’s attempt to create a comprehensive European approach
was also blocked by the member states due to their national interests. The Commis-
sion initially proposed the identification of European critical infrastructures in many
infrastructural sectors, as shown in Table 1 below.
It was not possible to ratify the Directive with all these sectors and sub-sectors due to
a number reservations expressed by some European states. In the discussion on the
criteria for determining European critical infrastructure (in which the author’s re-
search group also participated), it was obvious that, in comparison with smaller
states, some bigger states were not interested in having many critical assets. They as-
sumed this would mean additional costs and problems. Consequently, the determined
thresholds were very high and the directive that was adopted on European critical in-
frastructure from 2008 only included the sectors of transport and energy (with the
promise that ICT would be included in the future). This is how the comprehensive
multi-sectoral approach to protect European critical infrastructure failed.
Limits of Comprehensive Threat, Risk and Vulnerability Assessment Tools
In all security fields, academics and stakeholders assess and discuss threats, risks and
vulnerabilities. For example, what threat does Iran with nuclear weapons represent to
the West, what are the risks of letting Iran retain its military nuclear programme and
which vulnerabilities of the West could be targeted by a nuclear Iran. Understanding
threats, risks and vulnerabilities is the cornerstone of a comprehensive security as-
sessment and the basis for smart decision-making at national or international level
(e.g. by international organisations). Assessment of these categories has been fre-
quently carried out in a very simple way and without any methodological considera-
tions. On the other hand, some stakeholders use very sophisticated methodologies to
form a comprehensive understanding of what is going on. From this perspective,
threat assessment typically includes evaluating the malicious intentions or motiva-
tions of actors and their capabilities to carry through on them. Threat assessment can
be applied in all of the security dimensions or sectors mentioned above (provided we
have a human-based threat). Risk assessment typically refers to the likelihood that a
threat will escalate and create impacts. Vulnerability assessment focuses on suscepti-
bilities to injury or attack, flaws or weakness in system security procedures, design,
implementation or internal controls that could be accidentally triggered or intention-
ally exploited. Vulnerability is from this perspective a characteristic of the threatened
object (state, system etc.) that renders it susceptible to destruction or incapacitation
by a threat.
Comprehensive Security and Some Implemental Limits
Table 1: Proposed sectors and sub-sectors of European critical infrastructure as part
of a potential comprehensive European approach.
Product or service
I Energy
1 Oil and gas production, refining, treatment and storage including
2 Electricity generation
3 Transmission of electricity, gas and oil
4 Distribution of electricity, gas and oil
II Information,
5 Information system and network protection
6 Instrumentation automation and control systems (SCADA etc.)
7 Internet
8 Provision of fixed telecommunications
9 Provision of mobile telecommunications
10 Radio communication and navigation
11 Satellite communication
12 Broadcasting
III Water
13 Provision of drinking water
14 Control of water quality
15 Stemming and control of water quantity
IV Food
16 Provision of food and safeguarding food safety and security
V Health
17 Medical and hospital care
18 Medicines, serums, vaccines and pharmaceuticals
19 Bio-laboratories and bio-agents
VI Financial
20 Payment services/payment structures (private)
21 Government financial assignment
VII Public & Legal
Order and Safety
22 Maintaining public & legal order, safety and security
23 Administration of justice and detention
VIII Civil administra-
24 Government functions
25 Armed forces
26 Civil administration services
27 Emergency services
28 Postal and courier services
IX Transport
29 Road transport
30 Rail transport
31 Air traffic
32 Inland waterways transport
33 Ocean and short-sea shipping
X Chemical and
nuclear industry
34 Production and storage/processing of chemical and nuclear sub-
35 Pipelines of dangerous goods (chemical substances)
XI Space and
36 Space
37 Research
Iztok Prezelj
The problem with the above assessments is that there is no unified methodology for a
threat, risk and vulnerability assessment. For example, while there is an EU
comprehensive risk assessment procedure (actually, an ISO standard) applied in all
member states in the field of civil protection,
it only represents one of the
methodologies used in practice. The difficulty is that a broad spectrum of applied
assessment methods leads to a broad spectrum of not necessarily similar results. Any
such comprehensive threat, risk or vulnerability assessments will therefore suffer
from the non-comprehensive character of the method used. Consequently, the
validity of any comprehensive security assessment can be easily disputed simply by
using another equally appropriate method that leads to somewhat different results.
Another question is the maturity of our national security systems to implement
comprehensive threat, risk and vulnerability assessments. Here we can mention an
example from Slovenia, where a research project on comprehensive threat
assessment in 2006–2007. It was in Slovenia’s interest to develop a procedure or
system for comprehensive, permanent and complex threat assessment in several
security dimensions (a multidimensional approach). The author of this paper led a
multidisciplinary research group with security experts from different dimensions
(military, crime, terrorism, natural disasters, economy, immigration, health)
supported by mathematicians and information specialists. This group identified threat
indicators in cooperation with 30 institutions from the broader Slovenian national
security system. A prototype of the computer program INTEGRO was written and
presented to the national security community. The program was based on the
following functions:
inserting several hundred threat indicators by operatives from different
national security institutions (multidimensional input) at any time and based
on individual passwords;
analysing individual indicators in time and more complex correlational and
interdimensional assessments (e.g. does the number of foreign fighters in
the terrorist dimension correlate with economic indicators or immigration
indicators); and
displaying these indicators in various graphical forms to the country’s top
The validity of this comprehensive threat assessment approach stemmed from the
SMART indicators (Specific, Measurable, Agreed, Realistic and Timely). The
purpose of having such a complex and comprehensive threat assessment system was
to enable the most senior state leadership to monitor the security situation in real time
by simply clicking on indicators in all relevant security dimensions.
This sounds
like almost a perfect solution for a complex need, but neither at the right time nor the
Comprehensive Security and Some Implemental Limits
right place. Since the project ended, the high officials from the national security
system and key politicians have not recognised the usability of such a tool. For some
individuals coming from various subsystems and having adopted a narrow and
interest-based understanding of security (in which protecting their turf is one of the
most important things) such an out-of-the-box solution seems like unnecessary and
even unfriendly theoretical idea. One of them said at the presentation meeting that
the INTEGRO program created uncomfortable feelings that his institution would
give some sensitive security information away to the government. In his view, this
could be even illegal (if personal information were included in the threat indicators,
but this was not the case). The implementation of this idea for a comprehensive threat
assessment in the national security system of SloveniaEU and NATO member
statewas halted due to sectoral views of security, narrow institutional interests and
perhaps also due to an incapacity to understand security in truly broad terms.
Here another question emerges as to whether our societies and governments really
want to have and see comprehensive threat, risk and vulnerability assessments. What
if an uncomfortable number of threats is to some extent paradoxically created by our
national (security) policies. In such a case, threats strike like a cross-sectoral
boomerang. For example, a state had a colony in the past, created the basis of the
colonial domestic political system with all its present deficiencies, exploited the
country and carried out some crimes and now it faces an uncontrollable flow of
illegal immigrants from that country. Or, an example of a country which has assertive
national interests all over the world creates injustices there (actual or perceived) and
then faces a terrorist response and becomes one of the most threatened countries in
the world. An interest-based view of security can never entirely be a comprehensive
view of security.
Conclusion and Some Ideas for How to Overcome the Limits to
Comprehensive Security
This paper tested the argument that comprehensive security approaches face serious
implementation obstacles in practice. This argument can be confirmed based on the
analysed examples. The critical evaluation of several comprehensive approaches and
concepts shows that a true comprehensive and holistic approach in practice lies be-
yond the implemental capacities of our security systems. This means that multi-sec-
toral and multi-level comprehensive approaches become somewhat less comprehen-
sive when implemented in practice or even cannot be implemented due to existing
narrow perceptions of security. The paper has shown that comprehensive approaches
can sometimes be too complex to implement. The trans-sectoral second-, third- and
fourth-order effects of proposed security measures are hardly considered or even not
Iztok Prezelj
considered at all. There is no consensus on what exactly comprehensive means and
how comprehensive is comprehensive.
A broad approach to security has resulted in a wide array of approaches talking past
each other and also leads to the lack of focus. The so-called new approaches (new
threats to security, asymmetric threats) are actually not new. They are predominantly
a result of changed perceptions and not so much of a changed reality. Prioritisation in
national security policy seems a logical approach to meet the security challenges, but
it simultaneously means deprioritisation of some other approaches that are still rele-
vant in the long term. While prioritisation brings efficiency, deprioritisation brings
new vulnerabilities that will re-emerge and challenge our security systems in a few
years. The so strongly advocated solution to complex threats in the form of inter-or-
ganisational and cross-sectoral cooperation (including by the author of this paper) has
led to improvements, but the effects of this idea have been simultaneously limited by
our mental, legal and bureaucratic concepts. Although we teach specialised sectoral
thinking in schools at all levels, our security officials are mostly trained in a sectoral
manner (to achieve sectoral goals), they defend their turf and sometimes compete
with other sectors for prestige, power and budgets. All of these factors limit the suc-
cess of the mantra of inter-organisational cooperation.
Critical infrastructure protection policy and related integral network approaches suf-
fer from organisational and technical complexity. Progress towards a truly compre-
hensive approach will be slow in this field. And last but not least, a comprehensive
threat, risk and vulnerability assessment seems like a good theoretical idea. In prac-
tice, many assessment methods exist and lead to somewhat different assessments,
they sometimes even compete and undermine each other’s comprehensive character.
The question is also whether our societies and policymakers really want to have re-
alistic and comprehensive threat, risk and vulnerability assessments on the table. In
the case of threats, risks and vulnerabilities directly created by following own na-
tional interests, such holistic assessments would be a disturbing factor limiting the ef-
fectiveness of the pursuit of these interests. Several examples in this paper have
shown that an interest-based view of security cannot entirely make up a comprehen-
sive view of security. In other words, it seems that all comprehensive policy ap-
proaches cannot be comprehensive because they likely do not serve a comprehensive
policy interest. From this perspective, a truly comprehensive approach in security
studies seems like the holy grail: ever sought, but never really found.
This paper used only a few examples to improve our awareness of the limits of com-
prehensive security approaches. Several others could be included, such as the limited
national capacities to create comprehensive national crisis management systems,
limited practical ability of the European national security systems to strike a balance
Comprehensive Security and Some Implemental Limits
between security and human rights or to provide maximum security with minimal or
zero violations of human rights. The limited value of comprehensive planning for
complex crises and emergencies could also be highlighted. However, adding such
cases would have considerably extended the paper’s length.
The final question is: what shall we do about the realistic conclusion on the serious
limits to implementing comprehensive security? The reality is that there is no alter-
native to comprehensive security approaches. We need to improve these concepts
and try to implement them. A smart comprehensive security approach seems to be
one that also includes a comprehensive implementation plan. In the implementation
phase, we need to monitor the progress critically and reflect all the problems. Such
reflections need to explain the reasons for failures and difficulties. We need to edu-
cate students and policymakers on the need for a comprehensive approach, the nega-
tive consequences of sectoral approaches to complex issues, on the value and pitfalls
of inter-organisational cooperation, as well as the positive and negative effects of
prioritisation in security policies. In addition, considerable attention should be de-
voted to developing methodologies for identifying and assessing the cross-sectoral
second-, third- and fourth-order effects of potential security measures. In this way,
smarter and longer-term security can be achieved in the future.
John Allen Williams and Charles Moskos, Civil-Military Relations after the Cold War, in
Civil-Military Relations in Post-Communist States: Central and Eastern Europe in
Transition, ed. Anton Bebler (London: Praeger, 1997).
Terry Terriff, Stuart Croft, Lucy James and Partick Morgan, Security Studies Today
(Cambridge: Polity Press, 1999).
Richard Ullman, “Redefining Security,” International Security 8, no. 1 (1983): 129-53.
Jessica Mathews Tuchman, “Redefining Security,” Foreign Affairs 68 (1989): 162-77.
Barry Buzan, Ole Waever and Jaap de Wilde, Security: A New Framework for Analysis
(London: Lynne Rienner Publishers, 1998); Barry Buzan, People, States and Fear, An
Agenda for International Security Studies in the Post-Cold War Era (London: Harvester
Wheatsheaf, 1991); Barry Buzan, Morten Kelstrup, Pierre Lemaitre, Elizabeta Tromer and
Ole, Waever, The European Security Order Recast: Scenarios for the Post-Cold War Era
(London: Pinter Publishers, 1990). Also see Hakan Wiberg, Security Problems of Small
Nations, in Small States and the Security in the New Europe, ed. Werner Bauwens, Armand
Clesse and Olav Knudsen (London: Brassey’s, 1996).
For a good elaboration on security schools, see Steve Smith, “The Increasing Insecurity of
Security Studies: Conceptualizing Security in the Last Twenty Years,” in Critical
Reflections on Security and Change, ed. Stuart Croft and Terry Terrif (London: Frank Cass,
London, 2000).
UNDP, Human Development Report (New York: Oxford University Press, 1994), 24.
Iztok Prezelj, “Challenges in Conceptualizing and Providing Human Security,” HUMSEC
Journal 1, no. 2 (2008), accessed on 3 December 2010, available at
Iztok Prezelj
Astri Suhrke, “Human Security and the Interests of States,” Security Dialogue 30, no. 3
(1999), 265-76.
Council of the EU, European Security Strategy, 12 December 2003, available at
Justice and Home Affairs Council, Internal Security Strategy for the European Union:
Towards a European Security Model, March 2010, available at
Council of the EU, Council Conclusions on Migration, Press Release 606/15, 20 July 2015,
available at
For the case of the conflict in Ukraine, see Council of the EU, Statement of the Heads of
State or Government, Press Release 25/15, 27 January 2015, available at
See Strategija sodelovanja RS v mednarodnih operacijah in misijah, Uradni list RS no.
19/2010, 12 March 2010, available at
Richard L. Kugler, Policy Analysis in National Security Affairs (Washington D.C.: National
Defense University Press, 2006), xv, 14.
Steven B. Redd and Alex Mintz, Policy Perspectives on National Security and Foreign
Policy Decision Making,Policy Studies Journal 41, no. 1 (2013): 11-37, DOI: 10.1111/psj.
Ronald W. Perry and Michael K Lindell “Preparedness for Emergency Response: Guide-
lines for the Emergency Planning Process,” Disasters 27:4 (2003), 336-50, DOI: 10.1111/
Justice and Home Affairs Council, Internal Security Strategy for the European Union.
Council of the EU, European Security Strategy.
For more on the broad approach in counter-terrorism, see Iztok, Prezelj, “Smart Coun-
terterrorism: Incorporating the N-order Effects and Adopting a Human Security Perspec-
tive,” The Polish Quarterly of International Affairs 22, no. 1 (2013), accessed on 22 August
Alessandro Politi, European Security: The New Transnational Risks,” Chaillot Papers 29
(1997), available at
Stephen M. Walt, “The Renaissance of Security Studies,” International Studies Quarterly
35, no. 2 (June 1991), 211-39, DOI: 10.2307/2600471.
Gwyn Prins, “The Four-Stroke Cycle in Security Studies,” International Affairs 74, no. 4
(1998), 788; Terriff, Croft, James and Morgan, Security Studies Today.
Sam Sarkesian, US National Security: Policy Makers, Processes and Politics (London:
Lynne Reinner Publishers, 1995), 5.
Buzan, People, States and Fear.
Prezelj, “Challenges in Conceptualizing and Providing Human Security.”
Iztok Prezelj, Erik Kopač, Aleš Žiberna, Anja Kolak, and Anton Grizold, Evolutionary
Reality of the Policy of Revolution in Military Affairs: Results of a Comparative Study,”
unpublished paper, Research Project Transforming Defence Policies in Contemporary
Security Environment (Ljubljana: University of Ljubljana, 2015).
Comprehensive Security and Some Implemental Limits
See Timothy Thomas, “Deciphering Asymmetry’s Word Game,” Military Review 81, no. 4
(July-August 2001): 32-37; Robert Worley, Asymmetry and Adaptive Command,” Military
Review 81, no. 4 (July-August 2001): 38-44; Steven Metz, Strategic Asymmetry,” Military
Review 81, no. 4 (July-August 2001): 23-31.
Sun Tzu, The Art of War (Norwalk: The Puppet Press, 1910).
National Commission on Terrorist Attacks Upon the United States, 9/11 Commission Re-
port: The Full Final Report of the National Commission on Terrorist Attacks upon the Unit-
ed States (Washington D.C., 2004), 399-428, available at
See Raphael Perl, Terrorism and National Security: Issues and Trends (Washington D.C.:
Congressional Research Service, 2006), 15; Richard S. Conley, “Reform, Reorganization,
and the Renaissance of the Managerial Presidency: The Impact of 9/11 on the Executive
Establishment,” Politics & Policy 34, no. 2 (2006): 324; Erik Brattberg, “Coordinating for
Contingencies: Taking Stock of Post-9-11 Homeland Security Reforms,” Journal of
Contingencies and Crisis Management 20, no. 2 (2012): 86; Thomas H. Hammond, “Why is
the Intelligence Community So Difficult to Redesign? Smart Practices, Conflicting Goals,
and the Creation of Purpose-Based Organizations,” Governance: An International Journal
of Policy, Administration, and Institutions 20, no. 3 (2007): 421.
Council of the EU, Interim Report on the Evaluation of National Anti-Terrorist Arrange-
ments, 23 November 2004, available at
Daniel Nohrstedt and Dan Hansen, “Converging Under Pressure? Counterterrorism Policy
Developments in the European Union Member States,” Public Administration 88, no. 1
(2010): 190-210, DOI: 10.1111/j.1467-9299.2009.01795.x.
Council of the EU, The European Union Counter-Terrorism Strategy, 30 November 2005,
available at
Council of the EU, Council Conclusions on Counter-terrorism, Press Release 43/15, 9
February 2015, available at
Alan, Doig, “Joining Up a Response to Terrorism,” Crime, Law & Social Change 44 (2005):
436, DOI:10.1007/s10611-006-9025-5.
Bruce Hoffman, “Rethinking Terrorism and Counterterrorism Since 9/11,” Studies in
Conflict & Terrorism 25, no. 5 (2002): 314, DOI:10.1080/105761002901223.
Rohan Gunaratna and Peter Chalk, Counter-Terrorism (Coulsdon: Jane’s Information
Group, 2002), 99; Paul R. Pillar, “Intelligence,” in Attacking Terrorism: Elements of a
Grand Strategy, ed. Audrey Kurth Cronin and James M. Ludes (Washington D.C.:
Georgetown University Press, 2004), 115-39.
Lindsay Cutterbuck, “Law Enforcement,” in Attacking Terrorism: Elements of a Grand
Strategy, ed. Audrey Kurth Cronin and James M. Ludes (Washington D.C.: Georgetown
University Press, 2004), 140-61.
Michael Sheehan, “Diplomacy,” in Attacking Terrorism: Elements of a Grand Strategy, ed.
Audrey Kurth Cronin and James M. Ludes (Washington D.C.: Georgetown University
Press, 2004), 97-114.
Timothy D. Hoyt, “Military Force,” in Attacking Terrorism: Elements of a Grand Strategy,
ed. Audrey Kurth Cronin and James M. Ludes (Washington D.C.: Georgetown University
Press, 2004), 162-85.
Iztok Prezelj
William L. Waugh, “Terrorism, Homeland Security and the National Emergency Manage-
ment Network,” Public Organization Review 3, no. 4 (2003): 373-85, DOI: 10.1023/B:PO
Robert Bunker, “Introduction and Overview: Why Response Networks?” in Networks,
Terrorism and Global Insurgency, ed. Robert Bunker (London, Routledge, 2005), 1-7; DOI:
John P. Sullivan, “Networked All-Source Fusion for Intelligence and Law Enforcement
Counter-terrorism Response” (paper presented at the ISA Annual Convention in Montreal,
Canada, 2004), 1-11; John P. Sullivan and Robert Bunker, “Multilateral Counter-Insurgency
Networks,” in Networks, Terrorism and Global Insurgency, ed. Robert Bunker (London,
Routledge, 2005), 184, DOI: 10.1080/0966284042000279081.
Audrey Kurth Cronin, “Conclusion: Toward an Effective Grand Strategy,” in Attacking
Terrorism: Elements of a Grand Strategy, ed. Audrey Kurth Cronin and James M. Ludes
(Washington D.C.: Georgetown University Press, 2004), 293.
Bruce Hoffman, “A Counterterrorism Strategy for the Obama Administration,” Terrorism
and Political Violence 21 (2009), 369-70, DOI: 10.1080/09546550902950316.
Erik Brattberg, “Coordinating for Contingencies: Taking Stock of Post-9-11 Homeland Se-
curity Reforms,” Journal of Contingencies and Crisis Management 20, no. 2 (2012): 86,
DOI: 10.1111/j.1468-5973.2012.00662.x.
Sullivan and Bunker, “Multilateral Counter-Insurgency Networks,” 189.
Kurth Cronin, “Conclusion: Toward an Effective Grand Strategy,” 293.
Roderick M. Kramer, A Failure to Communicate: 9/11 and the Tragedy of the Informa-
tional Commons,” International Public Management Journal 8:3 (2005), 408-409, DOI:
Iztok Prezelj. “Role of the European Union in the Fight against International Terrorism,” in
The Fight Against Terrorism and Crisis Management in the Western Balkans, ed. Iztok
Prezelj (Amsterdam: IOS Press, 2008), 16-34.
Iztok Prezelj, Improving Interorganisational Cooperation in Counterterrorism Based on a
Quantitative SWOT Assessment,” Public Management Review, 17, no. 1-2 (2015): 209-35,
DOI: 10.1080/14719037.2013.792384.
Myriam Dunn and Isabelle Wiegert, International CIIP Handbook 2006: An Inventory of 20
National and 6 International Critical Information Infrastructure Protection Policies, Vol-
ume 1 (Zurich: ETH Swiss Federal Institute of Technology, 2006), accessed on 3 June
See Council of the EU, Council Directive on the Identification and Designation of European
Critical infrastructures and the Assessment of the Need to Improve their Protection, 23
December 2008, available at
Gwendal Le Grand, Franck Springinsfeld and Michel Riguidel, Policy Based Management
for Critical Infrastructure Protection, ACIP Project funded by the European Commission;
Carmelo Di Mauro, Sara Bouchon, Christiaan Logtmeijer, Russell Pride, Thomas Hartung
and Jean-Pierre Nordvik, A Structured Approach to Identifying European Critical
Infrastructures,” International Journal of Critical Infrastructures 6, no. 3 (2010), DOI:
Erwann Michel-Kerjan, “New Challenges in Critical Infrastructures: A US Perspective,”
Journal of Contingencies and Crisis Management 11, no. 3 (2003): 132-41, DOI: 10.1111/
1468-5973.1103008; Philip Auerswald, Lewis Branscomb, Todd La Porte and Erwann
Comprehensive Security and Some Implemental Limits
Michel-Kerjan, “The Challenge of Protecting Critical Infrastructure,” Issues in Science and
Technology Fall (2005), accessed on 8 June 2006,
Ted Lewis, Critical Infrastructure Protection in Homeland Security: Defending a
Networked Nation (New Jersey: Wiley Interscience, 2006).
James Peerenboom, Infrastructure Interdependencies: Overview of Concepts and Terminol-
ogy. Infrastructure Assurance Center, Argonne National Laboratory (Argonne: Wiley
Interscience, 2001); Le Grand and Riguidel, Policy Based Management for Critical
Infrastructure Protection; Thomas Hellstrom, “Critical Infrastructure and Systemic
Vulnerability: Towards a Planning Framework,” Safety Science 45, no. 3 (2007): 415-30,
DOI: 10.1016/j.ssci.2006.07.007.
Iztok Prezelj, Erik Kopač, Uroš Svete and Aleš Žiberna, “Cross-sectoral Scanning of
Critical Infrastructures: From Functional Differences to Policy-relevant Similarities,”
Journal of Homeland Security and Emergency Management 9:1 (2012), accessed on 11
March 2013, DOI: 10.1515/1547-7355.1901.
Richard Kugler, Policy Analysis in National Security Affairs: New Methods for a New Era
(Washington, D.C., National Defense University Press, 2006); Mark de Bruijne,
“Networked Reliability: Institutional Fragmentation and Critical Infrastructure Protection,”
Paper presented at the Conference on Future Challenges for Crisis Management in Europe,
Stockholm, 4-5 May 2006; Mark Rhinard and Arjen Boin, “European Homeland Security:
Bureaucratic Politics and Policymaking in the EU,” Journal of Homeland Security and
Emergency Management 6, no. 1 (2009); DOI: 10.2202/1547-7355.1480.
See Myriam Dunn, Analysis of Methods and Models for CII Assessment,” in International
CIIP Handbook 2004, ed. Myriam Dunn and Isabelle Wiegert (Zurich: ETH, 2004), 250-
277, available at;
Yacov Y. Haimes, On the Complex Definition of Risk: A Systems-Based Approach,” Risk
Analysis 29, no. 12 (2009), 1647-54, DOI: 10.1111/j.1539-6924.2009.01310.x.
European Commission, Green Paper on a European Programme for Critical Infrastructure
Protection, EC COM(2005)576, 17 November 2005, available at
legal-content/EN/TXT/?uri=celex:52005DC0576; The Council of the EU, Proposal for a
Directive of the Council on the Identification and Designation of European Critical
Infrastructures, 16933/06, 12 December 2006,
See European Parliament and Council of the EU, Decision of the European Parliament and
of the Council on a Union Civil Protection Mechanism, Official Journal of the EU, 20
December 2013, available at
Iztok Prezelj, “Matematično-statistični integralni model za ocenjevanje ogroženosti
nacionalne varnosti in računalniški program INTEGRO,” in Model celovitega ocenjevanja
ogrožanja nacionalne varnosti Republike Slovenije, ed. Iztok Prezelj (Ljubljana: Ministrstvo
za obrambo, 2007), 209-28.
Iztok PREZELJ is Associate Professor and Head of the Department of Defence Stud-
ies at the Faculty of Social Sciences, University of Ljubljana, Slovenia.
... The critical evaluation of several examples confirmed that the implementation phase is a weakness of comprehensive approaches and that a truly comprehensive and holistic approach seems to be beyond the implemental capacities of our security systems. 23 Such conclusions on the difficulties on the one hand and the need for interorganizational cooperation on the other represent a huge motivation for further work in this field and also a motivation for working on this special journal issue. ...
... Increasing levels of cooperation and collaboration are key for addressing the threat of hybrid warfare comprehensively and effectively. There are numerous challenges of implementing the concept of comprehensiveness [13]. And yet, a number of tools can be used to support increased C3: ...
Hybrid Warfare is not a new phenomenon, but the use of the term is recent , and the concept came to the attention of European scholars, experts and policy makers with the start of the conflict in Crimea. At the high end of the spectrum of hybrid warfare tools is the military force. Hence, one rightfully expects to see a commensurate military measures, reflected in national and allied defence policies. This chapter therefore takes a look first at the types of military capabilities and level of readiness necessary to counter hybrid warfare. It emphasises the requirements for relatively light, highly manoeuvrable forces, capable to operate in urban environment and work with local communities, along with a capacity to achieve and maintain information and knowledge superiority and to repel an assault from the air or the sea. Then it calls for enhanced cooperation, coordination, and collaboration (C3) among multiple stakeholders that cover a spectrum well beyond the traditional remits of the security sector. Towards the provision of adequate capabilities and effective C3, the author emphasises organisational agility and adap-tiveness. The final section discusses the need to strengthen the integrity of defence organisations, thus limiting opponents' opportunities to influence the behaviour of decision-makers and other defence personnel.
Revolution in Military Affairs has been one of the driving concepts for creating modern armed forces capable of coping with the challenges of a contemporary security environment. Revolutionary change in Military Affairs has been interpreted as discontinuous, radical, non-incremental, and even disruptive change. Evolutionists, however, oppose this view and stress that past military transformations were actually more evolutionary, continuous, incremental, piecemeal, and slow. The third view tried to integrate both views by stressing the patterns of interchange of the periods of evolution and the turbulent periods of revolution. This article explores the revolution-evolution dilemma quantitatively by setting three logical revolution criteria/thresholds and discovers the number of changes in military affairs on a sample of 33 countries that were actually revolutionary in the period 1992-2010. The article confirms the argument that Revolution in Military Affairs has been in practice predominantly an incremental evolution in several military dimensions, with rare major (revolutionary) shifts. The statistical results show that only from 2 to 4% of possible revolutionary situations (periods in our measurement) were Revolution in Military Affairs. Only nine countries occasionally reached the revolution threshold of 30% change in one year, 10 countries reached the threshold of 50% change in three years, and only six countries reached the threshold of 70% change in five years. These findings suggest that Revolution in Military Affairs was used more as a promotional slogan, and perhaps even a motivational tool in military affairs.
Government strategies to reduce the vulnerability of privately owned and corporate assets depend primarily on private sector knowledge and action. The intensification of economical, technological and social processes of globalization adds the risk to critical infrastructure industries, that are becoming more interdependent. The threat of catastrophic terrorism has created a new relationship between national security and routine business decisions in private firms providing infrastructure services. Extraordinary levels of coordination is required between organizations, public and private to secure any improved level of prevention, response and recovery.
Inter-organizational cooperation within national counterterrorism communities has improved since 9/11, yet some disturbing difficulties have also been reported. This article explores the strengths and weaknesses of inter-organizational cooperation, the potential opportunities for improvement and the threats in the case of weak cooperation using a sample of 100 counterterrorism experts. The results of a quantitative SWOT analysis reflect a deep division between the strengths and weaknesses of inter-organizational cooperation that strongly affects the extent to which emerging opportunities to improve it are being undertaken. The paper proposes a three-dimensional strategy to improve cooperation that focuses on interactive, procedural and analytical measures.
This article examines the evolution of security studies, focusing on recent developments in the field. It provides a survey of the field, a guide to the current research agenda, and some practical lessons for managing the field in the years ahead. Security studies remains an interdisciplinary enterprise, but its earlier preoccupation with nuclear issues has broadened to include topics such as grand strategy, conventional warfare, and the domestic sources of international conflict, among others. Work in the field is increasingly rigorous and theoretically inclined, which reflects the marriage between security studies and social science and its improved standing within the academic world. Because national security will remain a problem for states and because an independent scholarly community contributes to effective public policy in this area, the renaissance of security studies is an important positive development for the field of international relations.
Defining Critical InfrastructureThe Importance of StrategyHomeland Security and Critical InfrastructureFive Strategic Principles of Critical Infrastructure ProtectionAnalysisExercises
In today's globalizing world of accelerating change and mounting complexity, the United States is compelled to think and react faster than ever before. As a result, the need for sophisticated policy analysis in national security affairs is growing, yet awareness of how to practice this demanding art and science at high levels of government and for big-time policies is not widespread. This book is written in the hope of helping improve upon today's situation and filling a cavernous gap in the professional literature. It provides an appraisal of three categories of methods that can be employed to analyze issues ranging from the lofty abstractions of national security policy to the concrete specifics of plans, programs, and budgets. Public reporting burden for the collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden, to Washington Headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington VA 22202-4302. Respondents should be aware that notwithstanding any other provision of law, no person shall be subject to a penalty for failing to comply with a collection of information if it does not display a currently valid OMB control number.
This article reviews major decision-making models with an emphasis on basic theoretical perspectives as well as on how these models explain foreign policy decision making and national and international security decisions. Furthermore, we examine how these models have been utilized in explanations of various international crises. Specifically, for each model, we present examples drawn from the literature on applications of the respective model to foreign policy and national security decisions. The theories we have reviewed are as follows: rational choice, cybernetic model, prospect theory, poliheuristic theory, organizational and bureaucratic politics, groupthink and polythink, and analogical reasoning. We also review the Applied Decision Analysis method, and the concept of biases in decision making.