I was reading a paper by my colleague Nick Catrantzos yesterday when I came across this sentence:
“…infrastructure defense is assumed to fall primarily into the hands of the private sector, which operates 85% of critical infrastructure.”
I ranted a year ago about the 85% number in a post that appeared on this blog.
The Number simply won’t die. It lives beyond truth or lie. Its reality is independent of time and space.
So I wrote back to Nick summarizing what I believe is the problem with The Number.
Nick — who loves the English language as a gardener treasures orchids — once presented me with a knit picker. So he is aware of my tendency to occasionally pole vault over mouse turds.
Nick also has spent time in the same Circus and has been known to pick a nit or two, so he responded back with some evidence about the 85% number. I pushed back. He returned fire. As did I.
Then he wrote something that shined a light on a bias I did not see I had.
A year ago, I wrote:
…the 85% figure has been used to justify a laissez fair critical infrastructure strategy. Private sector “ownership and control” has been interpreted to mean government frequently has to ask politely before it tries to do anything to improve safety and security.
If the 85% figure is wrong — or at least unsupported by any empirical basis — maybe the policies derived from that belief are also wrong.
Basically, I thought the 85% number was used to justify the government not pushing the private sector hard enough when it comes to protecting critical infrastructure.
Nick — who is a security manager and former security consultant for public and private organizations — described how this “who owns what” issue looks from the private sector.
My dilemma, perhaps a distant cousin to your own, has been in encountering an obdurate, logic-proof insistence by cops, fire fighters, emergency managers, fusion center staff, and DHS minions to define my employer and all critical infrastructure stewards as private sector entities.
It does not matter how much we demonstrate that we are a public agency and a regional extension of government. As far as these people are concerned, we are private, hence unworthy of sensitive information (even if we were the ones to originate it) and inherently suspect of being profit driven (no matter how many wasteful, feel-good programs we underwrite for some avowed public good). Even being part of the same retirement system and driving vehicles with tax-exempt license plates — two surefire convincers everywhere else — have no impact in shaking the conviction that we are infrastructure stewards, hence private sector mercenaries.
My unproven suspicion is that much of what is at the bottom of this categorization is a sort of tribal urge to satisfy two unstated objectives:
1. Limit the in-group to an established comfort zone and organizationally and traditionally familiar faces.
2. Assure that the existing in-group gains and keeps primacy at the trough of grants and other funding destined for public sector actors who are new both to homeland security and critical infrastructure protection.
If there are points to this fugue that resonate with me as an infrastructure steward, they are these:
A. Critical infrastructure is definitely in both public and private hands. Given the types of infrastructure that exist, it is reasonable and credible to accept that they are mainly privately owned and operated.
B. Whether that percentage figure of 85% is anything more than an approximation or an archly crafted statistic meant to advance an ulterior agenda is mildly interesting to an infrastructure steward. At the end of the day, the hand on the wrench or on the SCADA system comes from the same gene pool, skill set, and population.
C. Even a critical infrastructure operation that is entirely managed by a public agency is going to have some private sector involvement and exposure. Construction comes to mind. We are always building or modifying facilities and upgrading systems. Contrary to popular belief, even the wealthiest of public agencies cannot hire everyone they meet. Contractors and subcontractors are as ubiquitous as they are indispensable.
D. The original point of emphasizing private ownership and operation, to the extent I absorbed one, seemed to be as a means of emphasizing that protecting critical infrastructure is a shared responsibility and one that would be imperiled by ignoring private sector stakeholders. That point still makes sense to me.