Homeland Security Watch

News and analysis of critical issues in homeland security

February 3, 2012

Risk is often in the eye of the beholder

Filed under: Catastrophes,Infrastructure Protection,Port and Maritime Security,Strategy — by Philip J. Palin on February 3, 2012

Although we can say with near certainty that new outbreaks of disease and catastrophic natural disasters will occur during the next several years, we cannot predict their timing, locations, causes, or severity.  We assess the international community needs to improve surveillance, early warning, and response capabilities for these events, and, by doing so, will enhance its ability to respond to manmade disasters.

James R. Clapper
Director National Intelligence
Testimony, January 31, 2012

The intelligence chief’s comments regarding the Iranian threat were considerably more circumspect, “We assess Iran is keeping open the option to develop nuclear weapons, in part by developing various nuclear capabilities that better position it to produce such weapons, should it choose to do so.  We do not know, however, if Iran will eventually decide to build nuclear weapons.”

Yet Senators, the media, and perhaps General Clapper himself gave much more attention to the possible Iranian threat than the probable threat of natural catastrophe and pandemic.  The front page headline in the Washington Post was “U.S. spy agencies see new Iran risk.”

The same day the DNI was testifying on Capitol Hill, Mike Dunaway was making a presentation to a FEMA-hosted audience in Harrisburg, Pennsylvania.   In late 2008 and early 2009 a reasonable sample of  respondents answered a series of questions regarding their perceptions of relative threats to continuity of private sector operations, profitability or survival.

A couple of the survey findings stood out for me: Among 19 threats identified, the lowest perceived threat was “geologic disaster (earthquake, mudslide, volcanic action)”.  The survey was conducted prior to the earthquake-and-tsunami in Japan and none of the respondents were in California.   Perceptions will vary by time and place.

Also low on the list of threats was “interruption in supply or delivery chain.”   Several firms reeling from the loss of Japanese and Thai suppliers might answer differently.  But I don’t doubt the survey findings reflect general attitudes.  (Dr. Dunaway’s dissertation is chock-full of interesting findings.)

As addressed in two posts last Thursday and Friday, the President has signed-out a National Strategy for Global Supply Chain Security.  I appreciate Alan Wolfe and Bill Cumming commenting here on the posts.  Most friends, colleagues, and perhaps an adversary or two, decided to communicate more privately.  Below are a sample of the comments received.

“Just words on paper, very unlikely to really influence supply chain policy.”

“Despite a bow to resilience, this is a security strategy.”

“Lots of cargo and logistics talk, not much recognition of how the supply chain is really something new and different.”

“Though better than the earlier draft, it still seems to be mostly focused on security and less on resilience. However, I know from direct experience it is not easy to write about resiliency, and perhaps being secure is one of the first parts of being resilient.”

“Stalking horse for new (costly) regulations.”

“While it is a national strategy, it feels quite federal/global to me. I’m not sure if many state and/or local folks could conceive how they could contribute to helping realize the goals outlined. It is my belief that a resilient supply chain, like many things, starts and ends in localities around the world.

“C-suites will ignore and deploy their minions to be sure “efficiency” always trumps “resilience,” no matter how inefficient it may be to have a catastrophic collapse of supply chains.”

“The private sector is paramount. It seems to me that much, though certainly not all, of the role of government will be to encourage, support, oversee and in some instances force the private sector to do things. Left to themselves, I think other forces will drive the private sector to not do some of what has to be done to reduce risk and enhance resiliency.”

“To give this the status of a presidential strategy is sort of amazing. It’s made me stop to think. But I feel a bit like a Catholic must feel when it’s announced the Pope has convened a major meeting on an aspect of doctrine I had really never thought of before.”

“What am I supposed to do? I don’t know enough about supply chains to even start a conversation with private sector peers. Besides which private sector peers? These are not the security and EM guys I usually work with.”

“(The strategy is) better than I would have bet. But while behind closed-doors the operators agree it is a real issue, how do you convince CEOs, CFOs, and Boards of Directors? Japan didn’t persuade. Thailand didn’t persuade. White House stationary is easy to ignore. The only things these masters-of-the-universe understand is a swift kick in you know where… and by then it will be too late.”

Perceptions will vary by time and place.  But there is a strong tendency to give more attention to external threats than internal vulnerabilities.  There is more concern regarding possible evil intent elsewhere than accident, neglect, and denial close at hand. We see the splinter in the eye of the other much more quickly than we recognize the log in our own eye.

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print
  • LinkedIn


Comment by William R. Cumming

February 3, 2012 @ 1:01 am

speaking of critical supply chain, the FDA has again fined the American Red Cross for dangers in the blood supply! $47M this time around.

As often stated, American is losing it in the basics. Great leaps forwards may be leaping into disasters.

Comment by mcb

February 3, 2012 @ 1:26 pm

We’ve been told that cyberwar is the newest terror technology, that the Iranians are even more Iranian than previously thought, that our consumer society’s supply chain has weaknesses the federal government can fix, and while we cannot hope to predict the “timing, locations, causes, or severity” of disease outbreaks and natural disasters they will almost certainly occur in the future.

Sounds like the alphabet agencies are playing job security bingo.

Comment by Philip J. Palin

February 3, 2012 @ 1:41 pm

MCB: Self-justifying predictions are certainly on the list of logs-in- the-eye to which we should be attentive. I know this is a problem for me.

Your comment caused me to quickly review the six page National Strategy for Global Supply Chain Security and recognize something new.

I’ve been on the (far) periphery of the strategy’s development and am sure the federal government cannot fix extant and emerging supply chain weaknesses. I read the strategy as acknowledging this reality and inviting — almost begging — the private sector to engage the issue.

But with your comment in mind, I can absolutely see where a reasonable reader might draw the conclusion you state. There is a patina of political confidence in the rhetoric that obscures the more important call for collaboration in addressing a complex problem.

Comment by Michael Brady

February 3, 2012 @ 2:41 pm

Hi Philip,

“There is a patina of political confidence in the rhetoric that obscures the more important call for collaboration in addressing a complex problem.”

Private industry can be counted on to work on these threats in the interest of protecting and promoting their business interests. No threat, no action. New threat, new responses.

Federal bureaucracies, on the other hand, move in, set up shop, dig in like ticks, and never leave. The Global War on Terror has joined the ranks of the War on Drugs, the War on Poverty, and the Cold War, conflicts none of the alphabet agencies involved have any interest in winning.

Our economy groans under a national defense infrastructure committed to a state of permanent emergency.

That is some patina.


Comment by Philip J. Palin

February 4, 2012 @ 4:50 am


Many of the quotes in my front-page post originate with the private sector. Among some (majority or minority?) supply chain professionals there is deep concern regarding increasing systemic vulnerability. There is also concern that short-term choices are accelerating the problem.

In my own private sector work I have been surprised by the reluctance to adopt lessons-learned from recent supply chain failures related to Japan, Thailand, and elsewhere.

Many of these same private sector folks agree with your third paragraph and worry the help they want and need will come at a price they are unwilling to pay.

The National Strategy for Global Supply Chain Security sets out a process that the private sector can, if they choose, largely shape and direct, using it to protect and promote authentic economic efficiency, security, and resilience.

If the present opportunity is not productively engaged — and there is a serious collapse of a key supply chain or the supply chain, whether caused naturally, accidentally, or intentionally — then I would expect the after-the-fact legislation and regulation to be much more invasive.

Risk mitigation does involve costs. These costs are almost always much less than those suffered once threat and vulnerability shake hands.

Comment by Fiscal Hawk

February 5, 2012 @ 8:28 am

Any single private company can’t place itself at a short-term economic disadvantage in relation to its competitors (for any issue, including a more resilient supply chain). It is easier (and more acceptable, to them and their stockholders) for the companies to all go down together in the event of a large impact to the supply chain. It’s the “tragedy of the commons,” and therefore the role of government to sort through the complexities, bring the parties to the table, develop, and yes, regulate a solution. To be sure, the government is a blunt instrument, but without its playing a proactive role, no progress will be made. Private industry is incapable of reguating itself, without at least the implied threat of the government stepping in and regulating a burdensome, sub-optimal solution.

Comment by Michael Brady

February 10, 2012 @ 11:03 am

“Risk mitigation does involve costs. These costs are almost always much less than those suffered once threat and vulnerability shake hands.”

And when we successfully mitigate a risk the cost is always more expensive than the harm which then does not come to pass. While we who championed the mitigation are justifiably pleased, the bean counters wonder aloud if we didn’t misjudge the risk all along. Oh well, we can’t help but try…

RSS feed for comments on this post. TrackBack URI

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>