Agnes M Shanley

Pharmaceutical Manufacturing Magazine

You can't put a dome over a chemical plant, but you can take reasonable steps to keep it safe

Security consultant Richard Sem

Since September 11, and the discovery of Al Qaeda's experiments with chemical weapons, the chemical industry has made tremendous strides in improving the security of its facilities, infrastructure, and IT. Chemical production plants pose a potentially huge security risk. According to the U.S. EPA, acts of terror at any one of 123 plants nationwide could threaten over 1 million people; at each of 700 facilities, a terror strike would risk 100,000 human lives; and at each of 3000 facilities, at least 10,000 lives could be affected.

At the point this was written in 2004, there are no national security regulations (Box 3.2), although a change in Administrations could alter this picture. Nevertheless, members of the American Chemistry Council and the Synthetic Organic Chemicals Manufacturing Association have completed site vulnerability assessments, and are implementing security improvements at their plants. This year, the industry has worked to synchronize efforts in facility and IT security, and to take

19A previous version of this article appeared in Chemical Processing Magazine, February 2004.

action to assure that process-control and IT departments are on the same page when it comes to security (Box 3.3).

Currently, however, only a fraction of the chemical processing and storage facilities in the United States are members of the trade groups spearheading these efforts. "At this point, it's safe to say that most chemical plants haven't even done site vulnerability assessments. They're behind the curve," says Richard Sem, a 34-year security veteran and former senior Pinkerton executive who now runs his own consulting firm in Plainfield, IL. Atlanta-based consultant Sal De Pasquale, who helped develop one of the most widely used site vulnerability assessment methods, puts it bluntly: "At most chemical plants handling hazardous materials today, existing security simply could not stand up to a guy with a six shooter and a bomb."

For some companies, the problem may not be assessment, but the next, and most difficult step: implementation. Some plants are dragging their feet, due to budgetary and political issues, Sem says. An average sized chemical plant can easily spend from hundreds of thousands to millions of dollars for site security - then, some plants have fence lines over a mile long, he adds. "Right now, many companies know they should do more but can't see the forest for the trees." Generally, the most critical business processes should determine how to prioritize the intensity and focus of security efforts," says Troy Smith, senior vice president and practice leader for IT Security with the risk-assessment specialists, Marsh Inc. (New York City).

Environmental groups are skeptical that enough chemical companies are taking sufficient steps. Greenpeace first raised this issue in 1992, pointing out surprising gaps in security when its members gained access to sensitive process-control equipment and restricted areas at a number of facilities. Problems persisted at some facilities. "At one large chlorine storage facility in Jersey City, the only thing the company did was to take its sign down and put up a 'no trespassing' sign," says Rick Hind, spokesman for Greenpeace USA.

Journalists have also "visited" facilities after hours, raising public awareness. As late as November 2003, a report by the television news magazine, 60 Minutes, found significant security loopholes at chemical plants near New York, Los Angeles, Chicago, and Houston. At one facility outside of Pittsburgh, PA, owned by the Neville Chemical Co., reporters found an open gate near an anhydrous ammonia facility and no additional protection for a boron trifluoride storage unit. More disturbing, perhaps, was the fact that, until someone at the plant called the police, who arrested the reporters on trespassing charges, some employees initially acknowledged their presence without taking any steps to remove them from the premises.

Neville was in a situation that many companies may find themselves in today. It had completed a site vulnerability assessment that found weaknesses in perimeter security, with unlocked gates in need of repair along the rail line that runs through the plant site.

The company had already taken concrete steps to improve security and had an employee training program in place, says Jack Ferguson, vice president of manufacturing and plant manager. After September 11, Neville had decreased the maximum

0 0

Post a comment