How Drones Are Reshaping Aviation Security and Critical Infrastructure Protection

A commercial airliner descending through 3,000 feet should represent one of the most predictable and controlled phases of aviation.

The aircraft is established on final approach, pilots are focused on landing safely, and air traffic controllers are managing a highly coordinated environment. Yet increasingly, that same airspace is becoming a place of uncertainty.  Recent drone encounters involving commercial aircraft near major U.S. airports demonstrate a growing security challenge that extends far beyond aviation. A United Airlines crew approaching San Diego International Airport reported a possible encounter with a drone during descent, highlighting the vulnerability of aircraft operating in low-altitude airspace. Shortly afterward, a JetBlue Airbus approaching New York’s John F. Kennedy International Airport reported a possible drone strike during final approach, while other aircraft operating in the region reported close encounters with unauthorized unmanned aircraft. Both incidents were reported at an altitude of 3,000 feet, well above limits set by the FAA for drone operations, especially near an active airport. 

These incidents are not isolated aviation anomalies. They are early indicators that America’s physical security model remains largely two-dimensional while the threat environment has become decisively three-dimensional. The technology curve is accelerating faster than policy, security architecture, and authorities. Whether every reported object is ultimately confirmed as a drone or whether investigators determine a different cause, the strategic concern remains unchanged. Commercial aviation, critical infrastructure, and public venues are operating in an increasingly complex environment where small unmanned aircraft can appear rapidly, operate unpredictably, and create immediate safety and security concerns.  The question is no longer whether drones represent a potential threat, but the more important question is whether our security architecture has evolved quickly enough to understand what is happening above us, determine whether it represents a threat, and provide decision makers with the information and authority required to act before an incident occurs. This is the essence of the 3,000-foot problem that is beginning to show a pattern near major air transportation hubs, and the question begs: who owns the airspace between ground security and FAA-controlled aviation? 

For decades, security professionals have protected the physical environment primarily through a two-dimensional mindset. We built fences to control access, cameras to monitor activity, barriers to delay adversaries, and security forces to respond to threats approaching from the ground. These measures remain essential, but the operating environment has changed.  The next generation of security is not only about protecting what surrounds a facility.  It is about protecting what exists above it.  This is the foundation of 3D Physical Security, which rests on four mutually supporting pillars: 

  • Physical security  
  • Cyber and digital resilience  
  • Low-altitude airspace awareness  
  • Decision Advantage enabled by integrated intelligence and command 

This is the next and most needed evolution of a new security environment that must represent security program development and reshape current operational environments.  The drone challenge did not emerge overnight. The 2018 disruption at Gatwick Airport in the United Kingdom was a defining moment that demonstrated the disruptive potential of small unmanned aircraft near commercial aviation. The event resulted in the cancellation of hundreds of flights and affected thousands of travelers. It forced security professionals around the world to recognize that low-cost commercial technology could create consequences once associated only with sophisticated military capabilities. Since then, the technology has advanced at an extraordinary pace, and airport events continue to move in the wrong direction, increasing over time and demonstrating that detection is not enough, decision advantage is challenged, and security professionals do not have the tools and authority to act when necessary.  Airports and commercial flight are not an area that can be open to indecision when it comes to small drones.  We must do better. 

Over a remarkably short period of technological advancement, drones have become smaller, faster, more autonomous, and more accessible. They can operate at greater distances, carry increasingly sophisticated payloads, and utilize technologies designed to complicate detection. Some systems can reduce or eliminate traditional radio-frequency signatures. Others can leverage autonomous navigation, artificial intelligence, or alternative control methods that challenge traditional counter-drone approaches. At the same time, drones have become valuable tools across society. They support emergency response, infrastructure inspection, agriculture, logistics, public safety, and countless commercial applications. This dual-use nature creates a unique security challenge. The same technology that provides enormous societal benefits can also be misused by careless, untrained, or unauthorized operators or exploited by individuals, criminal organizations, or hostile actors seeking to disrupt operations or create harm. The threat is no longer limited to military battlefields or isolated incidents. It is now part of everyday life. 

Airports, stadiums, energy facilities, ports, government buildings, military installations, and other sensitive locations all share a common vulnerability: they exist beneath a rapidly evolving low-altitude airspace that traditional physical security programs were never designed to monitor. Detection is not the same as security, and one of the greatest misconceptions surrounding drone security is that the problem can be solved simply by purchasing an array of detection sensors.  Organizations continue purchasing individual drone detection technologies hoping each new sensor will solve the problem. Instead, they are creating isolated data streams that increase complexity rather than reducing uncertainty. Detection is important, and the first phase of decision advantage in an operational decision chain, but detection alone does not create security. Small unmanned aircraft are difficult targets, and the sensors designed for this role have their limitations, but as the problem grows and the sophistication of the operator matures, there are essential tools that must be included in the sensor stack.

Radar is one of those tools, as are evolving acoustic systems.  However, all sensors have their limitations, and these may struggle with small objects operating at low altitudes in environments filled with clutter. Additionally, radio-frequency detection is valuable but dependent upon emissions and identifiable signatures. Optical systems are limited by weather, lighting, and line-of-sight conditions, and acoustic systems can be affected by the noise and complexity of urban environments. Every technology provides a piece of the puzzle. None provides the complete answer, and the future of security will not be defined by a single sensor It will be defined by the ability to fuse information from multiple sources into a trusted operational picture that allows leaders to understand what is occurring and make timely decisions. This is where many organizations face their greatest challenge. They may have information, alerts, and technology, but do they have understanding and authority? The difference between information and understanding is the difference between awareness and decision advantage. The decision advantage imperative is that the modern security challenge is not simply identifying a drone; it is a security system that detects a drone but cannot provide context, creating uncertainty rather than reducing it. Decision advantage is achieved when leaders possess accurate, timely, and actionable information that enables them to make decisions faster than the threat can evolve.  

Detection without understanding creates alerts. Understanding without authority creates paralysis. Decision advantage combines both into action. 

So how is this done?  This operation requires a common operating picture that integrates sensors, intelligence, operational information, emergency response capabilities, and command authorities into a single understanding of the environment. The concept is not new, and the military has long recognized the importance of intelligence superiority and shared awareness on the battlefield. The same principle must now extend into the civilian security environment. An airport executive responsible for passenger safety, a utility operator protecting critical infrastructure, and a government official responsible for public safety all face the same fundamental problem. Decision advantage begins with understanding, not simply detection. Leaders must know what is happening before they can decide what to do, and they must have both the delegated authority and organizational trust to act with confidence based on timely, accurate information from a layered sensor ecosystem. This all goes back to trust that is established by a trained, certified, and exercised decision cycle that allows the security professionals to address the new third dimension of their already complex mission. 

In this case, the authority gap remains the single most important issue when it comes to protecting the critical infrastructure of this country in a holistic, comprehensive, and layered approach. Many airports, critical infrastructure owners, and public venues do not possess independent authority to employ many counter-unmanned aircraft mitigation capabilities. Federal restrictions exist for legitimate reasons, particularly because mitigation actions can affect aviation safety, communications networks, and public infrastructure. However, this creates a difficult operational reality, and there are ways to mitigate that limit and decrease the risk. A facility may detect a drone, and it may have determined the risk, but it may not have the legal authority or capability to immediately mitigate the threat. This gap between detection, decision, and action represents one of the greatest vulnerabilities in today’s security environment.

Large-scale events such as the FIFA World Cup demonstrate what is possible when extraordinary federal resources, authorities, and coordination mechanisms are applied to protect specific locations, but this is equivalent to a military unit staying at the highest readiness condition for extended periods of time, which is not sustainable. These events have provided valuable lessons and demonstrate the importance of integrated planning, technology, and interagency cooperation, but they also brought to the forefront the sheer volume of drones that exist in the airspace and raise the most important question. 

What happens when the event ends? America does not only face drone threats during international sporting events, political conventions, or national celebrations. The threat exists every day at airports, hospitals, power plants, ports, military bases, government facilities, and public gatherings across the country. The mission cannot depend solely on temporary deployments and special authorities. It must become an enduring security capability and acknowledge who owns the mission every day. The future of low-altitude airspace security requires a new approach to responsibility and partnership. The question is not whether one organization should own the entire mission. The complexity of the environment makes that impossible. Instead, the solution requires a coordinated security ecosystem where federal agencies, state and local governments, tribal authorities, private-sector operators, and security professionals share information, responsibilities, and capabilities. Critical infrastructure owners must have greater awareness of the environment around and above their facilities.

Public safety organizations must understand how drones affect emergency response and community safety. Government agencies must continue developing policy, authorities, and frameworks that enable effective action while protecting civil liberties and aviation safety, and most importantly, organizations must move beyond thinking of drones as an isolated technology problem. They are a symptom of a larger transformation in the security environment. The airspace above our facilities has become part of the operational battlefield. The third dimension has arrived, and the future of physical security is at an inflection point. 

The future of security will not be defined solely by stronger fences, more cameras, or additional personnel. Those capabilities remain important, but they are no longer sufficient by themselves. The future requires a comprehensive approach that integrates physical security, cyber awareness, intelligence, technology, emergency preparedness, and decision-making into one unified framework. That is what 3D Physical Security represents. It recognizes that security professionals must protect not only the ground beneath us but also the digital systems that support operations and the airspace above us. It creates the foundation for understanding threats faster, coordinating responses better, and making decisions with confidence. 

The 3,000-foot problem is not simply an aviation problem, although it clearly does bring major concern for air travel. It is a national security, public safety, and critical infrastructure challenge. The drones operating above our airports today represent a broader question about whether our security models are prepared for the world we now inhabit. For decades, we secured the perimeter. The next generation of security will be defined by how well we protect the air above it while trusting the delegation of authority to act at the operational level of the decision chain.  The 3,000-foot problem is only beginning to show its importance. The question facing security leaders is no longer whether drones represent a threat. It is whether our organizations are prepared to understand, decide, and act before that threat reaches the point where options disappear. The third dimension is no longer emerging—it is operational. Organizations that continue securing only the ground will increasingly find themselves defending yesterday’s perimeter against tomorrow’s threat. The future belongs to those who can integrate intelligence, technology, authority, and decision advantage into a true three-dimensional security architecture. 

Bill Edwards is a retired U.S. Army Colonel with more than 35 years of experience in operational and technical security, counterterrorism, counterintelligence, surveillance and counter-surveillance, and emergency preparedness across government and private‑sector environments.

During his military career, Bill served as Director of Intelligence for Theater Special Operations Command–North (USSOCOM), a role requiring close coordination across the U.S. Department of Defense, federal law enforcement, and interagency partners. In this capacity, he designed and implemented a cohesive counterterrorism information‑sharing architecture—known as the “Blue Network”—integrating domestic and international partners to support U.S. homeland security and defense missions.

Bill deployed multiple times to Iraq, operating and commanding large bases in Al Anbar, Dhi Qar, and Basra Provinces, where he was responsible for operations, force protection, and infrastructure security. His work included the planning, design, and execution of layered security systems to counter evolving threats in complex operational environments.

After retiring from military service in 2018, Bill founded Phoenix 6 Consulting, a customized security services firm focused on risk-informed security design, emerging threat mitigation, and operational resilience. He currently serves as a Director of C-UAS Operations and Training at ENSCO. He previously served as Principal, leading Thornton Tomasetti’s Security Consulting Group from 2018 to 2022. More recently, Bill served as President, Federal and Public Safety for Building Intelligence, where he led federal engagement and market adoption of trusted access management software.

An accomplished author and educator, Bill co-authored Inside Abu Ghraib: Memoirs of Two U.S. Military Intelligence Officers, which examines leadership under extreme adversity and the impact of deployments on military families. He has published more than 124 articles on security-related topics, with a particular focus on the evolution of small unmanned aircraft systems (sUAS) and their implications for public safety and societal security. He teaches leadership, strategic communications, and negotiations to senior Air Force officers at the Air Force War College and instructs students at The Citadel, Columbia Southern, and Towson Universities on the operational and security impacts of drone technology.

Bill is widely recognized as a transformational leader with a proven ability to build and motivate teams, align diverse stakeholders, and deliver results in high-risk, high-consequence environments. His private‑sector experience spans critical infrastructure, professional sports, transportation, commercial real estate, healthcare, cultural and religious institutions, and city, county, state, and federal government projects.

Bill holds ASIS International board certifications as a Certified Protection Professional (CPP), Physical Security Professional (PSP), Certified Counter UAS Security Professional (CCUSP), and Professional Certified Investigator (PCI). He is a FEMA Level I Continuity Planner, a licensed FAA Part 107 Remote Pilot, and the developer of sUAS training courses currently offered through ENSCO.

Related Articles

- Advertisement -

Latest Articles