Expecting the exceptional in the everyday: Policing global transportation hubs

There has been considerable scholarly interest regarding the notion of exceptionality, i.e. how and under what conditions extraordinary powers and measures are justified in the name of security. Exceptional threats are now omnipresent in the security discourse of the aviation and maritime industries, and this influences the everyday working environment. Taking Norwegian airport and port security as its point of departure, this article analyzes how security and policing agencies perceive, experience, and respond to the exceptional as part of their everyday practice. Drawing on extensive interview material with security agencies, it reveals how agencies construct strategies to cope with the consequences of exceptionality that arise from heightened (in)security and vulnerability. This article demonstrates that instrumental logic in risk management is one crucial strategy, but evidence also reveals the importance of the human dimension in security practices, as the emotional aspect of security consciousness is a part of the everyday life of security agencies. Closely associated with this is the emergence of mechanisms of active resistance that provide excitement and alleviate boredom.


Introduction
In recent decades, it has become fashionable in the security and policing literature to examine security projects to assess how measures are implemented and justified in the name of security. There is now voluminous literature addressing aspects of the processes of 'governing through security' (Abrahamsen and Williams, 2009;Krahmann, 2003;Valverde, 2001;Wood and Shearing, 2007). Justification in the name of security often entails giving 'license to exceptional measures that might otherwise appear indefensible' (Zedner, 2003: 158) -measures which might conflict with democratic values. This resembles the works of Schmitt ([1922] 2005) and, more recently, Agamben (2005) on states of exception, where the rule of law is suspended to make way for extraordinary measures. There has been lively discussion on the notion of exception in the field of international studies (Hanrieder and Kreuder-Sonnen, 2014;Huysmans, 2008). Critical security studies have explored how certain issues depart from 'normal politics'. Theorists of the Copenhagen School generally conceptualize this trend as a process of securitization whereby ever more issues are framed as 'security', thus legitimizing the use of extraordinary or exceptional measures (Buzan et al., 1998).
However, arguments have developed for moving attention away from 'spectacular' and 'exceptional' events to the mundane, everyday nature of security (Bigo, 2006b;Crawford and Hutchinson, 2016), i.e. individuals' and groups' lived experience of security projects and the quotidian actions involved in providing security. As elaborated in the next section, the everyday and the vernacular have increasingly been embraced in the international field (Croft and Vaughan-Williams, 2017;Guillaume and Huysmans, 2019) to obtain a conceptual and analytical focus on the constructions and experiences of international politics and (in)security beyond those of elites (Huysmans, 2009).
The present article seeks to engage with the debates on exceptionality and the everyday by drawing attention to organizations' (lived) experience of security projects within aviation and maritime security. Under the influence of 'war on terror' discourse, the contemporary security landscape of airports and ports seems to be operating under constant threat of an exceptional nature with a minimal margin for error, because the potential consequences are so significant. The sectors are thus affected by emotional responses, such as uncertainty, fear, and anxiety, felt by passengers, customers, and employees. It has been noted that the security discourse of exceptional threats post-9/11 continues to influence agencies' working environments. This is particularly evident in their stringent regulations, risk management systems, enhanced security checks and controls, surveillance technologies, recruiting and training procedures, and international auditing systems to ensure compliance, which numerous observers have previously examined (Brewer, 2014;Eski, 2016a;Jore and Njå, 2012;Pettersen and Bjørnskau, 2015;Salter, 2007Salter, , 2008b. This line of inquiry also underlines how security agencies may sometimes feel security regimes to be meaningless (Eski, 2016b;Olsvik, 2015). There is now some understanding of how agencies respond to feelings of meaninglessness (e.g. with frustration or risk management), but how they cope with the consequences of exceptionality in their everyday working life is still underdeveloped, both empirically and conceptually.
This article, therefore, takes the case of Norwegian airport and port security to investigate how agencies experience the exceptional in their everyday security practice; the aim is to shed light on how they feel about it, interpret it, and respond to it. Building upon the literature at the intersection of the exceptional and the everyday, the article suggests that 'everyday security consciousness' can help unpack how agencies construct strategies to cope with the consequences of exceptionality and reduce the level of uncertainty. While an instrumental logic emphasizing risk management and the tangible has been deemed indispensable to mitigating risk (Eski and Carpenter, 2013;Salter, 2007), the human aspect of security practices -where emotional dimensions of security consciousness and the performance of security are crucial parts of everyday life -signify a shift in attention to '"the subjectivity of the state being" -the embodied experiences' (Schoch-Spana, 2004: 8) of security agencies. As emotions play an important role in how we experience and respond to security measures (Crawford and Hutchinson, 2016), paying attention to everyday security consciousness is crucial, as this provides detailed empirical descriptions of the micro-practices or micro-politics of (in)security, which tend to receive little scholarly attention (Bigo, 2006b;Crawford and Hutchinson, 2016). Thus, the article's salience lies in its development of our understanding of security governance and risk management at transportation hubs, providing particular insight into the embodied and emotional experience of security and risk in face of exceptionality that agencies respond to and develop strategies to cope with in their everyday practice.

Thinking of the everyday in exceptional times
The connection between the everyday and the international has been attracting ever more scholarly interest in the field of international relations. As argued by Guillaume and Huysmans (2019), to claim a revival of interest in the everyday would overstate the case, as antecedents can be traced back to feminist contributions in international relations and security studies, which have long 'stressed the importance of the mundane, routine and quotidian aspects of daily life' (Croft and Vaughan-Williams, 2017: 22). Nonetheless, the everyday as a category of analysis has gained traction, alongside vernacular security studies. What defines the everyday, as Crane-Seeber (2011: 450) suggests, 'is the extent to which it is unremarkable, taken-for-granted, or ostensibly natural'. The everyday and vernacular dimension of security is seemingly connected with understanding the provision, experience, and articulation of (in)security by particular (ordinary) individuals and groups (Vaughan-Williams and Stevens, 2016). The ontologies of security can thus be understood differently by different people and change across time and place (Bubandt, 2005;Floyd, 2007).
The analytical lens of the everyday has opened the way to exploring new areas of the international and made possible new interpretations of central ideas and phenomena. The everyday thus serves as 'an important tool to understand the international as a practice and a process' (Guillaume, 2011a: 446) and helps in 'navigating security from the bottom up' (Eschle, 2018: 290). Although focusing on everyday activities breaks with traditional imageries of the international as the 'realm of exceptional events' (Guillaume, 2011b: 459), it is possible to identify instances in which the exceptional becomes routine -an everyday occurrence (Crane-Seeber, 2011). Increasing numbers of studies highlight how the exceptional may become normalized and permanent (Salter, 2008c;Van Munster, 2004), thus potentially influencing the everyday, as seems to be the case in aviation and maritime security. The normalization of exceptional measures affects ever more areas of society and the everyday practice of people and agencies, for example with regard to the border (Amante, 2019; Salter, 2008c), technology and surveillance (Douglas, 2009), and counterterrorism (Bogain, 2017).
These studies have significantly deepened our understanding of the processes of exceptionality and the everyday, and have sparked conceptual discussion and exploration of the relationships between exceptionalism, sovereignty, and security (see e.g. Aradau and Van Munster, 2009;Burles, 2016;Murphy, 2019). In securitization theory, studies underscore 'the importance of the audience in the construction of shared security values and its active engagement in securitization processes' (Côté, 2016: 554). Similarly, focusing on individuals' or groups' provision and experience of (in)security in the everyday seems particularly productive when examining security practices. This article suggests that exploring the mundane daily routines of security agencies against a background of exceptionality can provide insight into security governance and risk management at transportation hubs, even though these organizations are made up of 'those in power or those who represent power' (Sausdal, 2017: 228).

Contextualizing and researching Norwegian aviation and maritime security
The heightened (in)security facing contemporary global transportation hubs makes airports and maritime ports ideal sites for investigating how security agencies experience and cope with exceptionality in everyday working life. The exceptionality of airport and port security does not necessarily involve an Agambenian suspension of the law, but rather implies the constant presence of serious threats to such critical infrastructures, which has led to the implementation of comprehensive and stringent security measures. Airports and ports in Norway, as elsewhere, are subject to intensified policing and regulation and are entangled in a complex web of international treaties and national and local regulation (Lindøe and Kringen, 2015;Olsvik, 2015;Salter, 2008b).
Although risk has long been associated with the aviation and maritime industries (Brewer, 2014), the events of 9/11 are generally considered the crucial turning point for security practice. In a sense, regulatory frameworks seem to foster exceptionality in that regulation is considered 'archetypal War on Terror legislation' (Eski, 2016b) and protection against terrorism the primary concern (Pettersen and Bjørnskau, 2015). Terrorism risk discourse changed Norwegian aviation security from a national concern to a supranational issue (Jore and Njå, 2012). Moreover, responses to the attacks have had a major impact on the working environments of aviation and maritime actors and governmental agencies. Airports and ports are therefore often considered test beds for new security measures and technologies. It has been observed that security regulations introduced after 9/11 in fact hampered communication and information sharing between Norwegian civil aviation actors (Pettersen and Bjørnskau, 2015). It has also been shown that both management and frontline workers in Norwegian airports experienced a significant degree of constraint because of security regulations. In particular, as highlighted by Olsvik (2015), aviation actors' room for maneuver was greatly limited by the rigorousness of EU regulation, which increased standardization and the level of detail prescribed for procedures and was therefore perceived as inappropriate for local contexts. This meant the regulation and practices were considered by employees to be illogical and unreasonable, and sometimes made them feel their work was pointless (Jore and Njå, 2012;Olsvik, 2015;Pettersen and Bjørnskau, 2015). In Norwegian maritime security governance, too, there seems to be a similar level of standardization and rigor (Ørbeck, 2009) causing similar frustrations, as studies of Norwegian maritime safety culture suggest that increased maritime security and safety regulation may arouse opposition and resentment of the additional paperwork (Oltedal, 2011).
Building on the abovementioned literature, whose empirical and conceptual approaches are very similar (particular Olsvik), the present study seeks to shed more light on how security agencies experience and respond to exceptionality in everyday practice. Its empirical materials are drawn from qualitative in-depth interviews with key representatives of organizations involved in security at Oslo Airport, the Port of Stavanger, and the Port of Kristiansand. Interviewees represent the full spectrum of security agencies, including the police, governmental organizations (e.g. the Ministry of Transport and Communications), regulatory authorities (e.g. the Norwegian Coastal Administration), customs, publicly-owned companies, private security companies, and business or industry stakeholders (e.g. airlines, shipping companies). Some agencies, such as the police, regard security as their primary responsibility, while for others (e.g. customs, industry stakeholders) it is one concern among others. All agencies, however, were considered to possess experience and knowledge relevant to the research question. Interviewees included management and frontline workers, which enabled a thorough mapping of various agencies' experience and practice of everyday security in Norwegian ports and airports. Seventy-six interviews were carried out between 2015 and 2017.
In the semi-structured interviews, participants were asked to describe their experience of working with the production and delivery of security. They were asked about activities such as exercises and drills, risk assessments, patrols, and inspections, the impact of the regulatory framework, and their experience of collaboration and involvement in security networks. The open-ended nature of the interviews enabled the interviewees to go into detail about events they considered significant. Interviewees frequently made reference to security, risk, exceptional threats, and mundane events to describe their work.
Interviews generally lasted between one and two hours and were recorded and transcribed. To ensure accuracy and that no sensitive information was released, interviewees were given the opportunity to read and approve the transcripts. To facilitate analysis, the principles of thematic analysis were used (Braun and Clarke, 2006;Nowell et al., 2017). The first step was to get familiar with the data by reading and re-reading transcripts and developing initial codes. Analytical categories and themes were then identified inductively from the data. However, the codes were undoubtedly influenced by my familiarity with security and policing literature. The themes identified were therefore revised in light of the conceptual framework set out above. The analysis aimed to identify overarching themes pertaining to agencies' experiences of security practices and to provide rich descriptions of how they construct and make sense of security in their everyday work. The quotations used have been selected for their informative value and the analysis was facilitated by the qualitative data analysis software NVivo 11.
Analysis of the empirical materials identified four overarching themes, addressed below: (1) risk and instrumental logic, (2) militarization, (3) the human factor, and (4) the performance of security. By examining how actors construct, think about, and make sense of security practices, the aim is to gain a better understanding of how agencies construct strategies to cope with the consequences of exceptionality.

Instrumental logic and the embodied experience of risk and uncertainty
As noted, airports and ports can face threats with potentially devastating consequences and this is a cause of uncertainty, fear, and anxiety. However, it is not only passengers who suffer from feelings of uncertainty. Several interviewees describe how employees experience unease and anxiety when working in places where serious threats are part of everyday life. One airline security manager says that many frontline employees feel insecure and anxious, especially at times of heightened (in)security or changes in the risk landscape: What we want from the police, and this is something we mention if the security level has been raised and they've been here fully armed. . . I wish they could say something, not necessarily in advance, but when you have 50 employees in the terminal, frightened and wondering what's going on. I do, of course, understand that they can't tell me what 'object' they're looking for. But if they could just give us notice, then we could mitigate the situation, tell them it's safe and it's not dangerous. (Interview 8) Airport customs officers express similar feelings, mentioning that uncertainty has resulted in a requirement for all uniformed personnel moving outside security restricted areas to wear bulletproof or stab vests. One official notes: 'When you are in uniform, it is visible to the whole world that you're a Norwegian public servant, and this can represent a risk' (Interview 1). The terrorist attacks that struck European cities and transportation hubs in 2015 and 2016 may be seen as catalysts for the heightened security measures described here and contributors to the feelings of uncertainty. However, aviation and maritime security procedures have always been reactive in that they respond to previous attacks (Olsvik, 2015). This suggests that the reported embodiment of uncertainties is a prominent aspect of the interviewees' everyday security practice that this also informs the strong 'war on terror' discourse of the regulatory framework.
Given that policing and security agencies at airports and ports face risks, uncertainties, and (in)securities, they need to develop strategies to cope with them in their everyday lives. As one port facility security officer (PFSO) puts it: You have to be cynical in a way, it's impossible to have complete control and be absolutely certain in the current environment and definitely not sustainable in the long run. You can't do it! So, what you've got to do, then, is to just accept a certain level of uncertainty and figure out how to work around it. (Interview 9) Previous studies have pointed to the proliferation of risk-based strategies in aviation and maritime security, particularly in the post-9/11 security regulatory environment (Eski and Carpenter, 2013;Salter, 2007Salter, , 2008a. One interviewee from the aviation regulatory authority says: 'Security legislation is risk management. It is not about eliminating risk but managing risk to an acceptable political standard' (Interview 24). Thus, one salient aspect of the agencies' approach to the consequences of exceptionality is closely bound up with the notion of risk -they seek to manage the embodied experience of uncertainty and risk by relying on what can be characterized as instrumental logic. Central to this is the view that risk and uncertainty should be met by 'formalized and objective' responses or attitudes to make the situation more tangible and less unpredictable. The focus is on future-oriented strategies based on a sequence of risk, anticipation, and prevention -strategies that are generally reliant upon instrumental calculations and techniques intended to prevent or reduce crime, danger, and risk (McCulloch and Wilson, 2016).
In line with this, several interviewees describe the importance of utilizing risk assessment techniques to deal with security threats. The use of the notions of risk and risk management are portrayed as new ways of thinking of security, as one airport employee notes: This is a somewhat new regime that breaks with how we used to work in the past. Previously you could say 'We're doing this or that' but it was just based on our gut feeling. Now there are requirements to produce risk assessments to highlight what the actual risk is to us, to show what threat we are going to fight, and what the probabilities are that something will go wrong if we decide to do nothing. Instead of adding layer upon layer in the regulations, we can now focus our attention. So, to avoid spending time and money on obsolete issues, we actively use analysis to improve our work. (Interview 19) The quote recognizes a break with the past through more standardized procedures and also indicates that risk analysis is thought to help give direction to agencies' everyday security practice and provide a more rational foundation for decisionmaking. It has been suggested that risk management 'renders the imaginary as real' (Salter, 2008a: 244), as future threats are generally unknown and difficult to calculate (Pettersen and Bjørnskau, 2015) and exist in the imaginations of management and security experts. This process has been described as 'ghost hunting' in a post-9/11 security environment (Eski, 2016b). It can be difficult to cope with the unease caused by (imagined) threats, and agencies strive to reduce it. Agencies clearly believe in the effectiveness of the riskbased approach, as this interviewee makes clear: 'I have heard of risk-based audit (RBA) since I started working here. And everyone was like "when we get RBA in place, it will solve everything"' (Interview 25).
Frequent references to risk and risk assessment by interviewees indicates another aspect of instrumental logic. That is, the uncertainties and risks of the exceptional nature of aviation and maritime security are transformed into something considered manageable and measurable by being made part of a balancing game in which the most objectively 'correct' measures can be implemented. The words of a PFSO vividly illustrate this: Yes, we conduct risk and cost-benefit security analyses. We are very committed to doing analyses of almost everything we do. And it is clear. . . well, when you do an analysis you have to clarify what you are going to secure against, you need to have a stated objective and know the risks you are facing. For instance, do you need a vehicle barrier or to implement some other measure? Then you need to analyze the situation and calculate and weigh the risk against the threat that you may be exposed to. (Interview 9) The notion of balancing suggests that risk calculation may become an important tool in the management of security. In the security literature there are debates on the use of probability judgments in risk assessments (Amundrud et al., 2017;Askeland et al., 2017;Aven, 2013), particularly those expressed in quantitative terms. Some agencies do indeed use language indicating a degree of quantification. Thus, one customs manager says: 'We need to build a good knowledge base, and to do this we rely on various risk analyses. We can then create a top ten list. There are, of course, more than ten items. But what you make is a system for ranking risk and objects' (Interview 1). Even so, these judgments of risk seem to rely upon qualitative approaches, which others have called knowledge-based probabilities (Aven, 2013). The Norwegian police increasingly rely on intelligence-led policing strategies, as can be seen in its implementation of the 2014 intelligence doctrine (National Police Directorate, 2014), in which preemptive and future-oriented strategies are considered vital for identifying and predicting changes in crime challenges. As this police officer describes: One saw the need for increased intelligence, the ability to predict events based on information. . . . The tools provided by intelligence-led policing have given us an advantage, we can now observe changes in trends, or discover new developments. Let's say we observe a change in passenger flow, more flights from 'high-risk' countries for drug smuggling or illegal migration, we can then capture and predict these trends much faster and change our routines and prevent crime. (Interview 2) Inherent in this approach to predicting the future is the assumption that the use of intelligence will lead to better targeted responses, which will enable the police to prevent or reduce crime and reduce uncertainty in decisionmaking. Both public and private agencies say they are interested in police intelligence, which interviewees think can improve risk analysis products and security responses. Such intelligence and strategic information, however, are known to be hard to obtain due to sectoral allegiance in information exchanges (Nøkleberg, 2019).
Consequently, although they do not rely on the frequentist understanding of probability, agencies assess the likelihood of events in their risk analyses. As Askeland et al. (2017: 202) point out, subjective interpretation of probabilities can be useful: one is 'not searching for the "correct" or "true" probabilities but us[ing] probability to express uncertainties and degrees of belief'. The results of risk analysis cannot 'be considered a "truth product", but rather the best assessment at the time' (Gundhus and Jansen, 2019: 95). Using likelihood and subjective probabilities is assumed to enable agencies to rank targets, threats, and security measures in terms of seriousness, giving them a rational foundation for decisionmaking and resource allocation.
Instrumental logic has various consequences. Exceptionality, perhaps surprisingly, leads to bureaucratization. Jore (2019) notes that bureaucratization and standardization have become features of security, as confirmed by interviewees who say that the demand for documentation -part of the stringent post-9/11 security regulations -has increased significantly in agencies' everyday work, particularly in regard to the drafting of risk analyses. An interviewee working in airport security notes: 'There are now stricter requirements for documentation, and with that goes a need to consider and explain how certain risks influence us. One has to consider and explain why we do things the way we do' (Interview 21).
Growing bureaucratization may be seen in various sectors (Olsen, 2008), but is particularly apparent in aviation and shipping, which are preoccupied with security and risk. Instrumental logic increasingly demands that agencies document how they handle security (Jore, 2019), which means they spend more time producing and preparing plans, procedures, and reports on security matters. Bureaucratization can also become a strategy for coping with the uncertainty associated with exceptionality, as formalized documents provide guidance in emergencies. It also means uncertainty can be made into something more tangible and manageable. Some agencies, however, raise questions about the difference between theory and practice, as this interviewee makes clear: We often discuss the ISPS [International Ship and Port Facilities Security Code], the management level does too. And we write a lot of plans and stuff like that, but I would say that everyday life remains more or less the same. You don't see that many changes in our work. So, yes, it looks much better on paper than it really is. (Interview 4) This is particularly apparent in the role of documentation in the interface between operators and the regulatory authorities. Faced with increasing demands, agencies may find themselves overwhelmed by a mass of paperwork, as reported by Eski and Carpenter (2013). Bureaucratization becomes seen as a 'box-ticking exercise' (Interview 13). If a security incident occurs, an agency can provide documentation that everything was done according to the regulations. Some interviewees point out that problems with the amount of paperwork can arise if an event takes place. One interviewee sums up the situation as follows: 'So many documents have been written, and I must say, I think hardly anyone knows them by heart. You simply can't, there's too much' (Interview 4). Bureaucratization may therefore cause considerable frustration and tension within and between agencies; it has been shown that collaborative processes in plural policing may involve conflict (Crawford, 1997;Nøkleberg, 2019). The increasing demand for documentation of work behavior can be a major source of structural conflict.

Militarization and the objectification of security
The relation between risk and security creates a peculiar outcome, as noted by Salter (2008a: 252), with the language of risk being used to justify the expansion of security rather than resolve or reduce risk. Considerable resources are devoted not to circumventing risk, but to framing ever more practices or activities as matters of security. At Oslo Airport, for instance, numerous interviewees describe the significant effort that is put into building physical barriers to secure critical objects close to the terminal building and within the terminal itself. Similarly, following the introduction of the International Ship and Port Facilities Security Code (ISPS Code) in 2004, ports are now closed environments with perimeter fencing. The focus on barriers indicates that for many port and airport policing agencies, managing risk and uncertainty is all about physical security, as one interviewee makes clear: 'For us, security is about physical barriers, that is what is talked about in the Security Act and Regulation' (Interview 17). Physical security measures are designed to protect people and assets, deny unauthorized access, and slow down adversaries. However, given the nature of exceptionality, the attention given to the physical dimension has a further explanation. When facing unknown, unpredictable threats, policing agencies direct their attention to visible, tangible, and measurable phenomena in an attempt to manage uncertainty.
Many interviewees describe the tangible nature of their everyday security practices. Focusing on physical security, they give detailed, highly technical descriptions of what are considered threats or vulnerabilities and how these can be mitigated. There is a strong tendency to adopt militarized language. Thus, in interview 19 (quoted above) there is the phrase: 'to show what threat we are going to fight'. Two other interviewees speak in similar terms: 'There are stricter requirements concerning timely detection and implementing countermeasures, so one must have adequate solid barriers; it is about target hardening' (Interview 20) and 'You need proper assessments, and then to take action to eliminate or fight the risk' (Interview 10). As threats become increasingly transnational, a growing body of literature detects a blurring of the internal and external domains of security, whereby policing tasks are militarized (Bigo, 2006a;Eriksson and Rhinard, 2009;Loader and Percy, 2012;Schroeder, 2011;Weiss, 2011). The aviation and maritime industries have seen the proliferation of complex challenges, such as transnational organized crime, irregular migration, and global terrorism. In the 'war on terror', the practices and regulatory regime of aviation and maritime security are affected by transboundary threats. Technical and militarized language is employed to manage the uncertainty agencies may be experiencing and to provide a 'cloak of objectivity' (Salter, 2008a: 254) in the discussion and implementation of security practices.
It is not only in language that tendencies toward militarization can be seen. In the aviation and maritime industries, drills and exercises are viewed as important security practices. They have been made mandatory by national and international regulation, and many interviewees describe them as necessary and helpful for acquiring new skills, knowledge, and experience. Drills and exercises are designed to test measures and frameworks that have been implemented, including security plans and procedures, and to scrutinize organizational performance (e.g. communication and collaboration). In the words of one waterfront PFSO: '[They are] about preparing us for reality' (Interview 11). However, although drills are considered valuable, many still question their usefulness in their current form. This seems to be largely because of the constant call to prepare for exceptional threats and events, often in terms of a 'war on terror' metaphor. Thus, one interviewee says: When I think about the last large-scale exercise and its scope, then it is obvious it wasn't relevant to us, and maybe not that relevant to anyone really. The exercise was complete overkill, it wasn't realistic at all. Because events were happening all over the place, basically it became a military attack. What I mean is that. . . if we had been even close to something like that, then the port would have been shut down long before. So you can certainly question the point of it, like why make it so 'spectacular ' and unrealistic. (Interview 12) Others argue that once the police and military are involved, one is already deeply involved in a scenario, and 'by that time, it is a bit too late, as a lot has already happened' (Interview 18). These respondents share reservations about the 'war on terror' discourse now prevalent in airports and ports. Although learning and awareness are viewed as valuable outcomes, the militarized focus on terrorism may reduce interest in participating in drills and exercises and the general understanding of why security is important because the focus is not on what the agencies perceive as the real problems -things which others have framed as decontextualized and inappropriate threat scenarios (Olsvik, 2015). There is, of course, agreement that the threat of terrorism is real and should be given priority, but mundane problems (e.g. stowaways, theft, disorder) that agencies face in their everyday lives are displaced by the spectacular and the exceptional.

The human factor: Security consciousness and resources
Although the instrumental logic of (in)security is prominent in Norwegian airports and ports, agencies recognize that more is needed than risk analyses and tangible and measurable procedures to cope with embodied uncertainty. The views of two interviewees are telling: 'The ISPS fence is no Berlin wall' (Interview 3) and 'You can invest in the fanciest security measures there are, but unless you get your employees with you and they understand, you might as well leave the gates open' (Interview 14). There is consensus about the importance of the human factor because the role individuals play in ensuring security is critical. Certain human characteristics are crucial to coping with the consequences of exceptionality in the contemporary risk landscape of airports and ports. Analysis suggests that the most important of these are security consciousness and individuals' roles as resources. Although the two overlap and are interdependent, it makes sense to treat them separately.
When dealing with the exceptional character of everyday practice, a key strategy is to develop security consciousness -making organizations and their employees understand why the adopted security practices are important, as pointed out in the above quote. The analysis also shows that good security practices are dependent on creating this consciousness, as without it there would be no point in adopting any of the tangible security measures. This accords with previous studies on the interaction between security technologies and human capacity (Schwaninger, 2006) which show that technology is only as good as the individuals operating it. Security consciousness may mean individuals have more knowledge and competence and will accept measures which help reduce feelings of uncertainty.
Given the perceived importance of security awareness, it is important to know how security agencies can stimulate interest in it. The regulators of aviation and maritime security set forth influential guidelines in legislation, but strategies for developing awareness are also presented by experts at annual workshops and in newsletters and reports. It is clear that interviewees find these useful. However, agencies emphasize that security consciousness is not something one gains mainly through documents -it has to be learned through practical experience, as one interviewee articulates: It is basically that everyone must think about the security culture, that it is in their blood. This is not something you can accumulate or learn by reading. No, what you need is the right attitude, established and shaped through experience. (Interview 11) The narrative offered by the interviewees also shows that developing security consciousness to help cope with the consequences of exceptionality is not solely the responsibility of agencies directly involved in security (e.g. security managers, police), but also encompasses more peripheral agencies and individuals (in airports it can include the areas of handling, catering, or fuel). Security consciousness thus seems to relate to the Foucauldian-inspired concept of responsibilization developed in the governmentality literature on risk and terrorism (Aradau and Van Munster, 2007;Garland, 2001;Mythen and Walklate, 2008), whereby individuals are made responsible for tasks formerly carried out by state institutions. This interviewee gives a clear description: You need to explain why we work in security, what all the fuss is about, what we are protecting, and most importantly, make clear how you can and must be part of it yourself. So, we strive to make our employees aware and observant, keeping their eyes and ears open, in a sense. As security is not solely the responsibility of the [private security company], we are all part of it, and we need to make sure we play our part. (Interview 15) However, this way of doing and thinking security may also relate to the total defense approach that characterized the Scandinavian countries during the Cold War (Larsson, 2020;Morsut, 2020), so this may not be a new way of viewing security. The total defense had two pillars -military defense and civilian preparedness -to be mobilized in a crisis (Morsut, 2020). It seems, therefore, more appropriate to consider responsibilization in aviation and maritime security as a modern version of an already established approach.
Agencies need to play their part in establishing security consciousness, with the second key contribution being to view individuals as significant resources for dealing with the exceptional as a part of everyday life. The phrase 'eyes and ears' suggests the potential for collaborative effort in plural policing and security settings (Ericson and Haggerty, 1997;Nøkleberg, 2016). The efficiency of the security governance system can be improved by increasing the number of people thinking and acting in accordance with a proper security consciousness, as more information can be collected and more incidents reported.
Viewing individuals as resources involves more than just increasing the number of people in the field: This is related to culture, right. That is why the most important barrier one can have is one's own employees, because they are the first to notice if there is anything unusual. People working down at the dock are much quicker to spot someone or something than those sitting inside with cameras and such. And you know, this tangible security we are talking about. . . it's one thing to be met by signs saying 'restricted area', gates and fences with barbed wire, and guards. But I mean, when you're inside the port and you meet someone saying: 'hey, where is your ID, have I seen you before, where are you going?'. That's way more effective at preventing and securing. (Interview 14) This clearly shows that security personnel are considered significant resources. The mundane activity of asking questions can have considerable security impact. Despite the instrumental focus on the tangible and measurable, contemporary security practices may obviously entail several things and vary according to the situation (Bubandt, 2005). The view quoted above, echoed by several other interviewees, is that viewing individuals as a resource may be more effective than approaches based on the instrumental perspective. A private security guard working at the airport agrees: 'For me, it is not the equipment, it is the people. So we call it "security delivered by people". That's what it is about, clearly. So you need to develop your consciousness, to get a good security culture' (Interview 16).
There is a strong feeling that the human factor is in many ways more important than instrumental logic. This is particularly evident in the way observing the unusual is spoken about -exemplified by this security airport operator: 'For us this means that you're thinking while you're examining your surroundings. That you look for the abnormal' (Interview 22). Employees agree that it is individuals who possess the ability and knowledge to identify it. Most importantly, as interviewees say, individuals need to be focused and alert, with an ability to assess what they see and decide if something is out of the ordinary. One can see here the interdependence between perceiving individuals as resources and security consciousness, as developing the latter can foster individual skills.
The perceived importance of establishing everyday security consciousness for governance systems contrasts with the responses of security personnel to the meaninglessness described by Olsvik (2015), one of which is to stop thinking, reflecting, or evaluating. Even so, a few interviewees echo attitudes found in Olsvik's study: Let us say that this scenario was not described in our security plan. What do you do? 'Well, if it is not described, then I do not need to report the incident.' Okay? This is, of course, not how we want it. I mean, this takes away their capacity to think for themselves, and you end up doing nothing. That is the downside if the regulation gets too detailed, you deprive people of the opportunity to think. I would not necessarily call it overkill, but maybe the regulation should not be so detailed in certain areas. (Interview 9) This quote identifies a crucial issue concerning the human aspect of coping with exceptionality: the ability of individuals to think and make judgments is considered a decisive factor in the efficiency and success of security governance. Bureaucratization resulting from instrumental logic may in fact be an impediment to security agencies. Since many regard the human factor as more important than the instrumental perspective, it results in frustration and strain, as the instrumental approach is widespread in airport and maritime security.
It is not surprising that instrumental logic predominates, given how the regulatory regimes of aviation and maritime security are structured. These frameworks enable logic to flourish as a response to exceptionality when 'war on terror' discourse is prevalent. Security expert panels (Salter, 2008a) seem to favor the visible and measurable, and direct attention to them. There is a perceptible difference of interest between the organizational level, where management and regulators emphasize tangible measures, and frontline (security) personnel, who value the potential of human beings. Excessive focus on the instrumental causes frustration (Pettersen and Bjørnskau, 2015), as reported by the interviewees, and may result in what has been called 'the war on meaninglessness' (Eski, 2016b). In response to this, security agencies have developed various strategies to counter the sense of meaninglessness and frustration, and these will be explored in the next section.

The performance of security: Ridicule and lack of interest
In the previous sections, the instrumental perspective was shown to be central to governing risk and uncertainty in the face of exceptionality in everyday practice. As there are differences between organizational levels, respondents stress that in order to fulfill their role in the security governance system, frontline workers need to satisfy the desire of management and the regulator for the instrumental. It therefore seems that workers often put on a performance of security to fulfill this requirement. This is how one interviewee perceives the situation: Since management both say this is so important and act as if it is, then it seems like we must believe it too. But we do not always see the point of all the fuss that is made. Of course, we know the threat of terrorism should be in our minds. But if there is too much focus on the visible, then we feel we lose sight of other important things. (Interview 23) This quote shows that individuals may experience contradictory impulses regarding their interpretation and delivery of security, which can affect interaction both internally, between organizational levels, and with external agencies. Because of the perceived need to perform security and live up to expectations concerning the exceptional, 'war on terror' discourse is often applied to events, irrespective of how serious they are. This may increase the importance of exceptionality, as one PFSO says: The reporting of incidents varies, what I mean is that it varies according to when the incident takes place. Let us say, and this has happened, we have an incident when there isn't that much going on, when we are not busy. Someone finds a hole in the fence, and then a big deal is made of it, the police are notified. In fact, it has happened that they have come here to help us see what may have caused it. (Interview 4) This suggests that agencies seek to create excitement to alleviate their occupational boredom and to kill time in the absence of 'real' threats (Eski, 2016b). In the context of the exceptional nature of airport and maritime security, this approach to performing security seems to be connected to pressure to live up to the expectations of others.
The performance of security is not only observed through the way in which frontline workers seek to satisfy the desire of the management level to fulfill the instrumental perspective. Several interviewees also report that technical and militarized language, which is characteristic of the instrumental perspective, is not always considered appropriate. They feel the language used needs to be more 'balanced as part of an educational approach' (Interview 6), as one interviewee puts it. This implies that site-specific issues (e.g. theft, stowaways, unruly passengers) should also be considered important. Although a balanced approach is considered crucial to stimulate interest and security consciousness, agencies' performance of security often seems to emphasize the exceptional rather than more common everyday scenarios. An interviewee's description of a security exercise is telling: Some of our employees were very keen, so they were allowed to pretend to be terrorists and were sent to one of the facilities. They caused utter mayhem with smoke bombs on one side and then they jumped the fence. We totally fooled them! Oh, it was so much fun, you should have seen it, all the chaos. (Interview 5) Again, this suggests that agencies, when coping with the exceptional nature of their work, understand the need to meet the demand for the instrumental by utilizing a 'war on terror' rhetoric. It points to the issue of how promoting meaningful work can be balanced with maintaining a level of realism in the governance of security. Lack of realism seems to have fostered the development of mechanisms of resistance in the performance of security. One interviewee describes the lack of interest of some agencies that do not take security work seriously: We placed five items and said this was a security incident and you need to find them. Although they were hidden, it was not that difficult to find them. But only two out of the five were retrieved, so one might ask why weren't they all found? It turned out that one of the agencies wasn't very committed. In fact, nobody from it was even out looking. (Interview 6) This lack of interest relates to the roles and responsibilities agencies have -some are more driven by commercial and business imperatives than by security per se. This means active resistance develops and instrumental measures are ridiculed, as described by one PFSO: Of course, having exercises is probably a pain in the ass for some actors, particularly to those focusing on effectiveness and with commercial interests. So, we had one experience where an organization fucked with us. Ha, ha, yes it was hell! So basically, it became an exercise within an exercise, since one guy wrote 'bomb' on a package and placed it somewhere in the facility. I was in a meeting with the regulatory authority and we had to cancel the whole exercise, since this wasn't part of the script. Oh fuck, what a circus it was. We got to test our emergency responses, and we drove down immediately and evacuated the area. That was just crazy. (Interview 7) Such lack of interest and ridiculing of security practices strongly suggest that airport and port policing and security agencies often face serious frustrations in the performance of security. The theatrical elements in the interviewees' stories may be understood as exasperation in response to the excessive focus on instrumental logic adopted by many agencies.

Conclusion
Drawing attention to recent theoretical perspectives at the intersection of the exceptional and the everyday, this article offers empirical insights into how Norwegian aviation and maritime security agencies perceive and experience the exceptional as part of their everyday practice of security. It shows how, in the face of heightened (in)security, agencies seek to construct strategies to cope with the consequences of exceptionality. While instrumental logic continues to play a crucial role, the analysis also points toward the recognition of the human dimension characterized by instinctive everyday security consciousness.
The empirical assessment documents the impact of the exceptional through the embodied experiences of living with seemingly constant risk and uncertainty. In regard to the sense of uneasiness that has become part of everyday life, it is shown that individuals and agencies actively seek to compensate for it by relying on instrumental governing logic and techniques. The findings demonstrate the use of risk management and analysis to render uncertainties manageable and tangible (Aradau and Van Munster, 2007). By focusing on 'the life of apparatuses of security' (Adey and Anderson, 2012, original emphasis), the article provides insights into the impact of seemingly mundane and quotidian activities. It shows that documents can play a central role in security governance processes and that documentation can both offer reassurance and cause frustration in situations of risk and vulnerability. In parallel with this, there is a tendency toward militarization, particularly in agencies' security exercises. The exercises are influenced by the 'war on terror' discourse prevalent in this field.
However, emphasis on the tangible nature of everyday security is only one aspect, albeit a crucial one, of the coping strategies developed by the security agencies. The evidence presented here shows the importance of what is characterized as the human dimension of security practices. This means that the value of human qualities is recognized when confronting the consequences of exceptionality in the contemporary security landscape. In particular, the study demonstrates how the notion of everyday security consciousness figures in the life of security agencies. Apparently mundane actions, such as asking simple questions to determine or identify risks, can be a decisive factor in the efficacy of governing security. The human factor in coping with exceptionality can therefore be related to governmentality and responsibilization (Mythen and Walklate, 2008), where individuals are viewed as self-governing subjects facing the embodied experiences of risk and uncertainty.
Although considered valuable, elements of the human dimension may be placed under strain and lead to conflict, as some agencies tend to overemphasize the tangible nature of security practices. In this respect, the findings point to the emergence of mechanisms of resistance to such overemphasis. As part of their emotional response, those delivering security find ways to ridicule and challenge its instrumental governing logic in their performance of security. This article suggests that although the performance of security serves to provide excitement and alleviate boredom, there is also pressure to go along with the vision of exceptional conditions intrinsic to 'war on terror' discourse.
This study was conducted at a time of heightened (in)security when Europe was experiencing numerous terror attacks, some of which targeted transportation hubs. This may have contributed to an increased focus on security, risk, and preparedness by agencies and may therefore have affected the findings presented above and raise questions concerning their generalizability. However, the empirical context under scrutiny in this article is governed by comprehensive international regulatory regimes, which are designed to promote harmonized responses across countries (Eski, 2016a;Olsvik, 2015). More importantly, the regulations seek to respond to emerging risk and have over recent years become accustomed to the terrorism risk discourse (Eski, 2016b).
While not undermining the growing scholarly interest in everyday (in)security (Vaughan-Williams and Stevens, 2016), this article suggests that more critical engagement is needed to refine the theorization of everyday security practices in international spaces. By considering embodied experiences of living with risk examined through the prism of everyday security consciousness, one can provide another layer of analysis which stands in contrast to the more traditional legaltheoretical considerations of Schmittian and Agambenian frameworks of exceptionality. Thus, this article shows that exceptionality is not encountered only by elites or within 'the formal world of political discourses' (Crawford andHutchinson, 2016: 1192); it can also be found by paying attention to everyday realities and 'those mundane relations that are constitutive of society at large' (Acuto, 2014: 347). The analytical lens of everyday (in)security could thus guide further empirical research in other contexts, enable new aspects of the experience of everyday security practices to be uncovered, and generate a more detailed understanding of the dynamics of governing logic that are practiced and negotiated. Given the desire to achieve international harmonization and standardization in the regulation of aviation and maritime security, similar dynamics of everyday security consciousness can be assumed to be present elsewhere, which suggests the value of comparative studies, but this is an empirical question that remains to be addressed.