WASHINGTON, DC – Many things will no doubt be learned from the UK’s and US’s ability to foil the planned attack on US airliners crossing the Pond — one thing for sure is a reminder of the importance of the threat vector. One of the very good shifts in US homeland security policy has been Secretary Chertoff’s emphasis on risk management — and running the calculus of vulnerability, threat and consequence. All too often, particularly in the past, many people seemed to predominately focus on the vulnerabilities and consequences, and underweight the focus on the threat. This led to a ‘secure everything’ view of the world — one that would be nirvana for sure — but in reality, nearly impossible, and with real direct and indirect costs. Perhaps this sub optimal alignment of focus is easy to understand — the threat is the thing that is more fully outside of our control — and harder to have visibility into, understand, and affect — particularly overseas. But the Brits’ reported ability to gain and use information about the plot — the imminent threat — and seemingly extinguish the threat — was the operative vector here. Of course vulnerabilities and consequences remain important, but one lesson re-learned is the critical nature of discovering and reducing the threat. This principle is applicable in may security circumstances, including network security, critical infrastructure protection, and fraud and crime committed over the net. As technology innovation continues to advance in defending networks and people, so too must continued advances be made in discovering and reducing the threat. There have been good steps forward in critical infrastructure protection in the US and elsewhere through increased intelligence capabilities and information sharing, and in the crime prevention area through increased prosecution of individuals and groups responsible for crime and fraud committed over the net. The foiling of this plot reminds us of how much more can and should be done. It also reminds us of the importance of maintaining flexibility and innovation in security defense. The UK plotters adjusted their weapons to circumvent the aviation defenses previously put in place — moving from knives to liquid bombs chosen no doubt to avoid x-ray and magnetic detection. They also reportedly had an insider, a technique centuries old. The ability to constantly adjust defenses, react to a new risk management calculus, and detect anomalies is crucial — another good reason why sound public policy dictates that the governments not mandate or set in stone the use of particular security technologies — they may be outdated or or provide a roadmap for circumvention the minute the cement is dry. In a security game of cat and mouse, innovation and flexibility — and the proper attention to the threat — enhance security.