Homeland Security Watch

News and analysis of critical issues in homeland security

July 29, 2014

“Reflections on the Tenth Anniversary of the 9/11 Commission Report” – a disappointing sequel

Filed under: General Homeland Security — by Christopher Bellavita on July 29, 2014

“Nobody pays any attention to these reports. But you still keep printing them.”

The quote is from a prominent (former) intelligence official. He was talking about the Quadrennial Homeland Security Review. But he could have been referring to the “Reflections on the Tenth Anniversary of the 9/11 Commission Report” released last week (available at this link: http://bipartisanpolicy.org/library/report/rising-terrorist-threat-9-11-commission)

One wishes to be fair to the people who wrote the Reflections. No doubt it was as well intentioned as any sequel. But in my opinion it doesn’t come anywhere close to being a worthwhile read. The assertions and arguments in Reflections are as fatigued as the authors claim the America people are.

And that’s unfortunate.

The Commission missed an opportunity to help reinvigorate the homeland security project they were instrumental in shaping.


The 9/11 Commission Report (available here: http://www.9-11commission.gov/report/) starts with the most memorable sentence of any government report I’ve ever read:

“Tuesday, September 11, 2001, dawned temperate and nearly cloudless in the Eastern United States.”

Here’s the opening sentence in Reflections:

“With temperatures in the low 50s, April 15, 2013, promised to be an almost ideal day for the 23,000 runners competing in the 117th Boston Marathon.”

This artless effort to draw a parallel between the Boston Marathon and the September 11 2001 attacks comes off sounding, at best, tone deaf. At worse, offensive.

But it’s only the start.

Instead of the thoughtfulness, balance, and bipartisanship of the original 9/11 Commission Report, we get a repetitive rehash of banal assertions: The terrorists are coming and they are really dangerous. Cyber threats are growing and they also are really dangerous. Congress is dangerous too. Their refusal to reduce the number of homeland security oversight committees is making the country less safe.

And by the way, the Director of National Intelligence (not dangerous) should control the budget of the Intelligence Community.


Unlike the hundreds of thorough and informative endnotes supporting the claims in the 9/11 Commission Report, Reflections backs up its assertions with a handful of anecdotes, a few charts, some quotes from unnamed experts and eight seemingly haphazardous endnotes.

The 9/11 Commission Report did not shy away from discussing at length alternative interpretations of “facts” they uncovered. See, for example, the extensive discussion of the intelligence wall.

That balance and realism is missing in Reflections on every significant issue discussed.

Is there no credible argument that the nation continues to overblow the terrorist threat? How about this one: http://www.amazon.com/Terror-Security-Money-Balancing-Benefits/dp/0199795762

Assuming the nation will not take the cyber threat seriously until we have a cyber version of the 9/11/01 attack, what can we do now to mitigate that attack?

Is there a case for having 92 congressional committees looking at homeland security issues? Are all those committees unnecessary?  Did Reflections speak with anyone who defends the current congressional oversight structure? Could it be an example of the messiness that is republican democracy? Is DoD really the efficiency model to be emulated by homeland security?  Are there no substantial downsides to having only a handful of committees looking at Defense matters?


I appreciate this was not supposed to be another 9/11 Commission Report. But I’m guessing – hoping? – it was supposed to be a serious analysis.

The commission members were “struck by how dramatically the world has changed” in a decade.

Struck? When was the last time a decade went by without dramatic world changes?

What about the current terrorist threat? It’s evolving, says Reflections.

“The forces of Islamist extremism in the Middle East are stronger than in the last decade…. The absence of another 9/11-style attack does not mean the threat is gone: As 9/11 showed, a period of quiet can be shattered in a moment by a devastating attack.”

Reflections continues to press the importance of connecting dots, even if one has to wait years. They ask,

Is the April 2013 rifle attack on an electrical substation in Metcalf, California, a harbinger of a more concerted assault on the national electrical grid or another component of critical infrastructure? What might we be missing today that, three years from now, will prove to have been a signal, a piece of a larger mosaic?

What if it’s not? Or is this report only reflecting things to be afraid of?


If you stop reading after the first two dozen pages of Reflections you’d think the nation is hanging by an existential thread, worse off now then it was ten years ago.

You have to get to page 25 of the 44 page report before learning:

There is no doubt that the country is better equipped to prevent and respond to terrorist attacks than in 2001. …The mass-casualty attacks many feared in the wake of 9/11 did not materialize. Today, in large part because of … many [security-related] reforms, the United States is a much harder target.

Senior leaders agree that America’s layered approach to homeland defense, which recognizes that no single security measure is foolproof, has improved our security….  At its best, a layered system integrates the capabilities of federal, state, and local government agencies. America’s resilience has improved as well. Federal, state, and local authorities have absorbed and applied the lessons of 9/11 over the last decade…. The country must continue to prepare for the unforeseen, but it appears to be moving in the right direction….

I think that’s called “burying the lede.”


There is a consensus among the senior officials with whom we spoke that information-sharing has improved significantly since 9/11.

And right before Reflections concludes (page 37):

As we reflect on the last ten years, we believe the government’s record in counterterrorism is good. Our capabilities are much improved, while institutional vigilance and imagination are both far better than before 9/11. Good people in government have absorbed the lessons of the 9/11 attacks, are tracking the evolving threat, and are thinking one step ahead in order to prevent the next attack.

Lest one think that gives us permission to be complacent, Reflections ends with this less-than-upbeat anecdote:

One former senior national security leader told us recently that he expects that his children and grandchildren will be carrying on this fight.

I wonder if there is another former senior national security leader, somewhere, who thinks about his children and grandchildren the way John Adams did:

I must study … war, that our sons may have liberty to study mathematics and philosophy. Our sons ought to study mathematics and philosophy, geography, natural history and naval architecture, navigation, commerce and agriculture in order to give their children a right to study painting, poetry, music, architecture, statuary, tapestry and porcelain.”

If there are any such national security leaders, they were not interviewed for Reflections.

Young Americans need to know that terrorism is not going away. And they need to know that many of our military personnel, intelligence officers, and diplomats on the front lines in the most dangerous parts of the world are like them—young people with dreams of bright futures.


In addition to the full court press strategy (that includes a congratulations-9/11-Commission youtube video from tired-looking President Obama: https://www.youtube.com/watch?v=zIA2iiWkvKY), how are young Americans and the rest of the nation to learn “how dramatically the word has changed?”

It’s simple, says Reflections.

Senior leaders, including the President, have to make the case about terrorism and cyber threats and all the myriad things that go (or might go) bump in the night “in specific terms, not generalities.”  

One hoped Reflections would model some of the transparent specificity they want others to provide. Instead, what we get are statements like this one:

“If the American people hear what we have heard in recent months, about the urgent [cyber] threat and the ways in which data collection is used to counter it, we believe that they will be supportive.”


Don Marquis wrote that “a sequel is an admission that you’ve been reduced to imitating yourself.”

I found Reflections to be a disappointing sequel.

July 25, 2014

Friday Free Forum

Filed under: General Homeland Security — by Philip J. Palin on July 25, 2014

Since we opened the Friday Free Forum it has been my practice to tee-up the discussion with brief historical references to natural, accidental, and intentional events that happened on the same date.  The cumulative effect on me has been reassuring.  Bad — very bad — stuff happens, always has.  Despite my cognitive inclination to catastrophize the present, it is not necessarily worse than it has ever been.

This week my scan for July 25 has not quickly turned up the typical collection of calamities. (Deeper digging might find them.)  But right now we are dealing with:

A deadly intersection of drought and wildfire across the Western United States.

The unfolding consequences — human, political, and much more — of the downing of MH17. Beyond the debris field in Ukraine it has been a very bad week for commercial aviation.

Serious challenges to several nation-states by non-state and pseudo-state actors and the sustained use of state violence against several civilian populations, religious communities, and targeted ethnic groups.  A spillover to the US domestic context is already happening and is likely to increase over-time.

What’s on your mind related to homeland security?

July 23, 2014

See something say something goes awry?

Filed under: General Homeland Security,Infrastructure Protection — by Arnold Bogis on July 23, 2014


["Boston gas tank" by Lasart75 - Own work. Licensed under Creative Commons Attribution 3.0 via Wikimedia Commons - http://commons.wikimedia.org/wiki/File:Boston_gas_tank.JPG#mediaviewer/File:Boston_gas_tank.JPG]

It’s rare that a big, albeit colorful, gas tank becomes a local landmark. But that is the case in Boston, where the tank pictured above sits just off of Interstate 93 on the southern approach to the city. Lots of people take lots of photos of this particular piece of critical infrastructure.  Apparently, one got in a lot of trouble for it. Boston.com reporter Roberto Scalese has the story:

We’re not sure what professional photographer James Prigoff called the tank in 2004, when he decided to photograph it from public property. In a post on the ACLU’s website, Prigoff recalled the security guards who demanded he stop taking the photos, saying the tank was on private property. After that encounter, he went home to California and found a Joint Terrorism Task Force agent’s business card on his front door.

There is some simple beauty to the “see something, say something” message, however there are inadvertent negative consequences as well. What some may deem suspicious, the photographing of critical infrastructure for example, others deem art.  In fact, I would argue that for every terrorist plot alleged to have been uncovered since 9/11, I could find you two artists within the Greater Boston area alone who photograph, draw, paint, sketch, or otherwise utilize images of what is considered critical infrastructure in their work. Should they all be registered with the government?

If this was simply the case of some over zealous security officers, I could understand.  But according to the ACLU, this type of thing stays on your permanent record:

SARs can haunt people for decades, as they remain in federal databases for up to 30 years. An individual who is the subject of a SAR is automatically subjected to law enforcement scrutiny.

Somewhat disturbing, right?

July 22, 2014

“Terrorism has entered a new and dangerous phase,” says the 9/11 Commission

Filed under: General Homeland Security — by Christopher Bellavita on July 22, 2014

From their press release:

This morning, the members of the 9/11 Commission, led by Chairman Tom Kean and Vice Chairman Lee Hamilton, released a new report reflecting the evolving and dangerous terrorist threat facing the nation. Ten years after the release of the commission’s original report, with mounting threats from the resurgence and transformation of al Qaeda, the situation in Syria and a rapidly changing cyber landscape, the commission’s new report calls for a vigorous and proactive counterterrorism effort. The report comes from the Bipartisan Policy Center and the Annenberg Public Policy Center of the University of Pennsylvania, which reconvened the 9/11 Commissioners to develop their updated recommendations.

A copy of the report is here:  http://bipartisanpolicy.org/sites/default/files/%20BPC%209-11%20Commission.pdf


July 18, 2014

Friday Free Forum

Filed under: General Homeland Security — by Philip J. Palin on July 18, 2014

On this day in 1995 the Soufrière Hills volcano on the island of Montserrat erupted.  It has continued volcanic activity ever since leaving more than half of Montserrat uninhabitable, destroying the capital city, and causing about two thirds of the population to evacuate the Caribbean island.

On this day in 1945 the Bedford Magazine fire and explosions began causing widespread damage in the Nova Scotia communities of Bedford, Halifax, and Dartmouth.

On this day in 1994 the Argentine Jewish Community Center in Buenos Aires was bombed killing 85 and injuring 300.

What’s on your mind related to homeland security?


July 15, 2014

Why DHS is cleaner than DoD

Filed under: General Homeland Security — by Christopher Bellavita on July 15, 2014

I think I understood most of the 2014 QHSR.  But there’s one piece I did not get.

Today’s post is about my effort to discover what a “clean audit opinion” means.  In 2013, DHS received a clean audit.  The Department of Defense has never had a clean audit.  Never.  But I believe it hopes to have a clean audit in 2017, when it turns 70 years old.

That’s basically what I have to say today.  The details follow.


“It is also worth noting that, in late 2013, DHS received its first unqualified or ‘clean’ audit opinion; this occurred just 10 years after the Department’s formation, which was the largest realignment and consolidation of Federal Government agencies and functions since the creation of the Department of Defense in 1947.”

This 49 word sentence appears twice in the 2014 QHSR.

It sounded like accounting language. I had no idea what it meant. But it seemed like a big deal. So I tried to find out.

The QHSR says DHS got the clean opinion in late 2013. I searched and found a GAO report published on November 15, 2013. That counts as “late 2013″ to me.

The report did not appear to confirm the “DHS is Clean” claim: [my emphasis]

GAO reported that the Department of Homeland Security (DHS) had made considerable progress toward obtaining a clean opinion on its financial statements…. DHS has a goal of achieving a clean opinion for fiscal year 2013. However, the DHS auditors’ report for fiscal year 2012, the most recently completed audit, indicated that DHS continues to rely on compensating controls and complex manual work-arounds to support its financial reporting, rather than sound internal control and effective financial management systems.

…GAO also reported that DHS had made limited progress in establishing effective controls to obtain a clean opinion on its internal control over financial reporting.

…DHS has plans to resolve the remaining five material internal control weaknesses, with a goal of achieving a clean opinion on internal control over financial reporting for fiscal year 2016. DHS will continue to face challenges in attaining a clean opinion on its internal control over financial reporting, as well as obtaining and sustaining a clean opinion on its financial statements, until serious internal control and financial management systems deficiencies are resolved.

The GAO report seemed so antithetical to the DHS is Clean assertion that I had to be missing something.

I kept searching and found a DHS press release  that proclaimed “DHS Financial Statements Earn a Clean Audit.”

The release was dated December 12, 2013. You could not get much deeper into “late 2013″ than that. So this is probably what the QHSR statement meant.

The press release said [my emphasis]:

This year, the Department of Homeland Security reached a major goal by achieving a clean audit opinion of the Department’s financial statements by an independent auditor. Simply put, the clean audit is in line with our ultimate goal to increase transparency and accountability for the taxpayer resources entrusted to the Department. …

In order to achieve a clean audit opinion, DHS worked across the entire Department to complete a comprehensive inventory process of its property for the financial statements…. This enterprise-wide approach made it possible for the Department to account for an additional $8 billion in property, which was the last factor we needed to earn a clean audit.

In less than a month, DHS apparently went from not having a chance of getting clean “until serious internal control and financial management systems deficiencies are resolved” to receiving “a clean audit opinion of the Department’s financial statements.”

That is a remarkable achievement.

So remarkable that I must still be seriously not understanding what any of this means.

I located a December 11, 2013 DHS Office of Inspector General report that contained the “independent audit” referred to in the DHS press release.

The IG document did confirm the cleanliness of the audit.

Sort of.

The Department continued to improve financial management in FY 2013 and has achieved a significant milestone. This is the first year the Department has received an unmodified (clean) opinion on all financial statements.

OK, so “unmodified” is a synonym for “clean.” It was starting to become clear to me. I continued reading the IG summary: [my emphasis again]

 However, KPMG [the independent auditor] issued an adverse opinion on DHS’ internal control over financial reporting of the FY 2013 financial statements. Further, as stated in the Secretary’s Assurance Statement, the Department has material weaknesses in internal control over financial reporting. In order to sustain the unmodified opinion, the Department must continue remediating the remaining control deficiencies. 

More accounting speak, I assume. Unmodified means clean. And while phrases like “adverse opinion on DHS’ internal control over financial reporting,” and “material weaknesses in internal control” may appear to my untrained eye to modify “unmodified opinion,” they apparently don’t.

So it’s all still clean. I guess.  And probably transparent. And definitely accountable.

Here’s more confusion on my part: I don’t quite get the “independent auditor” business.

The November 2013 report came from GAO.  Does that mean GAO is not independent because it is an arm of Congress?

Why are we supposed to believe the firm that conducted the audit reported in December 2013 is independent? Because it doesn’t report to Congress?

Who does it report to?

The company, KPMG, received its auditing contract from the DHS.

That’s what the DHS Office of Inspector General wrote when the auditor’s  report was released in December 2013: “We contracted with the independent public accounting firm KPMG LLP (KPMG) to perform the integrated audit.” 

The KPMG tagline is “cutting through complexity.”  Maybe creating unmodified opinions that are modified by other opinions is one way of cutting through complexity.

I know these are all cheap shots on my part. My confusion is undoubtably caused by not speaking Accountantese.

I found a source that did speak like an accountant, or an accountant who was good at translating accounting speak into English. I conducted what in this context might be called an “unmodified interview” [the unmodified emphasis is mine]:

Q: First, what’s an “unmodified opinion?”

A: An unmodified auditor’s report effectively states the auditor believes the financial statements present a true and fair view, and are in accordance with accounting standards and relevant legislation. This is sometimes also called an “unqualified” or a “clean” audit opinion.

Q: Great. Does a clean auditor’s report mean a clean bill of health…?

A: Auditor’s reports are intended to increase the degree of confidence users have in the information in financial statements – not about the state of the [organization] itself …. An unmodified auditor’s report means … stakeholders can make an assessment of the [organization] based on its financial statements, with a higher degree of confidence that the information is materially correct and unbiased.

If I’m understanding this correctly, then, a “clean opinion” does not say anything about efficiency, effectiveness, or  other significant output or outcome measures. It basically means what you see in the financial statements accurately represents financial reality.  [Correction, suggested by Phil Palin: "It basically means what you see in the financial statements is coherent and consistent with widely accepted standards of accounting."

[Where does one go to find these widely accepted standards of accounting? "The most authoritative source of generally accepted accounting principles (GAAP) developed by FASAB {Federal Accounting Standards Advisory Board} for federal entities is contained in The FASAB Handbook of Accounting Standards and Other Pronouncements, As Amended...."  Here's a link to that Handbook:  http://www.fasab.gov/pdffiles/2013_fasab_handbook.pdf.  It is 2,129 pages. The phrase "clean opinion" appears once, describing how to issue a clean opinion even if there are problems.  I am way out of my depth here.]

The 2014 QHSR believes it is worth noting that for the first time in DHS history, its books are in order.

Is that really a big deal?

Senate Homeland Security and Governmental Affairs Committee Chairman, Tom Carper, thinks it is a big deal.

“Given the size of the Department, the fact that it encompasses 22 separate agencies, and the scope and importance of its mission, producing a clean financial audit is no small task. I credit the Department’s past and current leadership for making financial management a priority and taking the steps necessary to realize this important goal.”

So – returning to the title of this post – how does all this circuitousness make DHS cleaner than DoD?

Senator Carper again [with my emphasis],

“By earning this clean bill of health from an independent auditor, DHS is now in compliance with this law and is on track to continue to do so. The Department of Defense is now the only large federal department that is unable to conduct a financial audit.”

It only took 10 years for DHS to figure out what’s on its books. The Department of Defense has been around for close to 70 years and it still can’t figure out what is on its books.

Maybe DoD can learn something from DHS for a change.

July 11, 2014

Friday Free Forum

Filed under: General Homeland Security — by Philip J. Palin on July 11, 2014

Today Typhoon Neoguri is expected to continue on a northeasterly path following the Japanese coast.  It is no longer a so-called “super typhoon”, but heavy rains are forecast.

On this day in 1978 a truck carrying liquid gas crashes and explodes in Tarragona, Spain killing more than 200.

On this day in 2006 more than 200 are killed in the Mumbai training bombings.

What’s on your mind related to homeland security?

July 10, 2014

Dismiss, distort, destroy: Adventures in self-delusion

Filed under: General Homeland Security — by Philip J. Palin on July 10, 2014

The 9/11 Commission famously found a “failure of imagination” among the principal vulnerabilities that facilitated the terrorist threat.

We had accurately observed the predicates — USS Cole breaching, East African embassy bombings, vicious sermons, declarations of war, and more — that put a few on high alert.

After the attack other clues were nearly as obvious, tantalizing offers of operational warning and even tactical preemption. But we were mostly distracted and failed to imagine the possibilities that were percolating.

So on September 11, 2001 most of us were surprised and, it has seemed to me, many over-reacted. Both at home and overseas — especially in regard to Iraq — we unintentionally delivered strategic advantages to our adversaries.

In our response to 9/11 we hurt ourselves much worse than the initial horrific blow.  We also planted seeds of further vulnerability and, even perhaps, self-destruction.

These are claims that over the years I have referenced here.  I will understand if you insist I defend them again today, but my present purpose is prospective rather than retrospective.

I am concerned we’re doing it again:  Being distracted and self-indulgent and dismissive of others and distorting unwelcome truths.

Some of this is innate to our human condition.  As both a species and as individuals we are limited.  We are especially constrained by the story-engine in our brains. Too often trapped in the same old story, indignant if any one seeks to shift our recurring narrative.

But reality is seldom satisfied with mere repetition, despite how much we prefer a familiar rhythm.

If there remains any “we” worth the term, we have mostly dismissed the suffering of tens-of-thousands in Syria.  Public opinion surveys, political non-action, media reporting, and more all supply evidence that we have usually averted our eyes when confronted with the reality on the ground.  It has been an especially messy and brutal reality.  Confusion, hesitation, mistakes are entirely justifiable.  But neglect and denial are not.  We ought not have been so surprised by what has spilled-over from Syria into Iraq.

Our surprise is evidence of a failure to accurately observe and reasonably imagine.

I have been complicit in this dismissal of reality; more accurately, distorting of reality. After a few attempts to call-attention to the Syrian implications for homeland security, I retreated into the boundaries of a primarily domestic discipline.  Yet this week we are attempting to address a Syrian-based strategic threat with TSA tactics and urging Norwegians to spy more on each other. Looking for symptoms, ignoring their source?

The same tactical myopia afflicts our surprised response to the Children’s Crusade marching toward and across our southern border.  Both the anti-illegal right and the anti-xenophobic left are mostly preoccupied with what they perceive as urgent.  Meanwhile the source of our problem is a cauldron of cartels and coyotaje combined with chronic poverty and violence that requires a long-term strategy creatively and cogently applied.

Whatever else, we face a reality where thousands of children are taking an extraordinary risk to come to us. I understand we ought not encourage such risk-taking.  But dare we ignore the compelling threats that have driven these children into taking this risk?  Do we seek to “secure the border” so that we can pretend these other threats do not exist?  What are we prepared to do to address source as well as symptom?

Then Tuesday Chris Bellavita reported on the dismissive comments of some regarding the QHSR. This is a much smaller matter.  But it is another example of the same intellectual reflexes: dismiss, distort, destroy.  It is as if the — sometimes heated — discussions begun in late 18th Century Philadelphia have devolved into something much more similar to a junior varsity debating club.  We self-validate by running up the score with reckless accusations, banal set-phrases, and an abject refusal to listen.

Ignore and ignorance share the same source.  Imagination is spurred by authentic encounter with the unknown.

July 8, 2014

The Schneierites on the 2014 QHSR

Filed under: General Homeland Security — by Christopher Bellavita on July 8, 2014

Bruce Schneier writes what I consider one of best security-related blogs on the web, “Schneier on Security.”

Over the years, I’ve found most of the people who comment on his blog are serious, generally knowledgeable, and suspicious of unsupported assertions.

A few weeks ago, Schneier told his readers

“The second Quadrennial Homeland Security Review has been published by the Department of Homeland Security. At 100+ pages, I’m not going to be reading it, but I am curious if there’s anything interesting in it.

I’ve been gushing about the QHSR for the last few weeks.  Schneier’s readers are significantly less impressed. Here are some of their comments (italics are intended only to separate the comments):

  • “We have reviewed ourselves and found ourselves to be in compliance.”
  • Nothing of value in most sections I read. It reads like an incredibly long Homeland Security brochure you pick up in their lobby.
  • It says nothing. It reads like an annual report for the Girl Scouts. “We are protecting you… all 1000 federal agencies.” But I especially liked the part about the commitment to human rights… even as the administration justifies drone attacks on civilians.
  • I don’t think I’ll bother trying to read it. Internal reviews are always going to try and put the agency in a positive light, since if they say “This agency is completely useless” then they are all out of a job. Half of their job seems to be to recommend products that various lobbyists promote, the other half is to give an appearance of “We are doing something to combat terrorism” – in reality, I think all we have managed to do is label more and more of the population as potential terrorists, probably making it even more difficult to track real threats.
  • Maybe what’s left out is most interesting. Only a single mention of the “Constitution of the U.S.”
  • Tried to read it, but got bored very quickly. Maybe that’s part of the strategy! Reminds me of a quote from Wittgenstein:”If a lion were able to speak, we would not understand him.”
  • I know that ‘boring your enemy’ is a legitimate tactic. Hell, lawyers have been doing this by handing over large amounts of irrelevant material for the other side to trawl through.
  • They might as well use one of those automatic paper generators (like mathgen [http://thatsmathematics.com/mathgen/] or scigen [http://pdos.csail.mit.edu/scigen/]). [One] wouldn’t be able to tell the difference.

I tried the automatic paper generator suggestion in the last comment.  The results were disappointing. One can easily tell the difference between the automatically generated essay and the 2014 QHSR.  There were fewer pictures.

I tried a different generator, found here.  That program produced a 530 word report, also without pictures, but disturbingly connected – in more than a few instances — to homeland security.  Here is a link to that randomly generated homeland security report.

But don’t waste your time.  It’s nowhere near as interesting as the 2014 QHSR.

I’m going back to my echo chamber now.

July 4, 2014

The music of Independence: six short videos for July 4th

Filed under: General Homeland Security — by Christopher Bellavita on July 4, 2014

Friday Free Forum

Filed under: General Homeland Security — by Philip J. Palin on July 4, 2014

On this day in 1776 fifty-six insurgents meeting in Philadelphia declare rebellion against their lawfully established government.

What’s on your mind related to homeland security?

July 2, 2014

QHSR: tension between HS and hs

Filed under: Congress and HLS,General Homeland Security,Strategy — by Arnold Bogis on July 2, 2014

I’m a week late to the QHSR discussion and while I don’t have any big thoughts, I do have a few small ones.

- – - – - – - -

There are some problems at the foundation of the QHSR. Issues that point to underlying confusion of what homeland security is, or at least an unclear characterization of what it should be, at the federal level. However, this isn’t the fault of the DHS staff who put together the review, but rather the direction of Congress. As readers are reminded of in the report itself, the scope of the QHSR is:

Each quadrennial homeland security review shall be a comprehensive examination of the homeland security strategy of the Nation, including recommendations regarding the long-term strategy and priorities of the Nation for homeland security and guidance on the programs, assets, capabilities,budget, policies and authorities of the Department.

Soooooo…the Department of Homeland Security (let’s call it capital HS) is mandated by Congress to review the current Administration’s homeland security strategy that includes the work of other agencies (counter-intuitively, I’m going to refer to the whole enchilada encompassing what anyone might wish to include in homeland security as lowercase hs), while at the same time providing DHS-specific recommendations on force structure, authorities, budget, etc. I haven’t checked the authorizing language, but on a quick review of the last DOD QDR (which is supposedly the model for the QHSR) , it pretty much focused entirely on the last half of that charge.  There was little to no language that pointed to the concerns of their national security “partners” or the military’s analysis of the National Security Strategy. Instead it focused on questions of force structure and the impact of sequestration on the military.

In this matter, the important difference between DOD and DHS is that DOD has a long tradition, and specifically, a mature relationship with Congress.  DHS, on the other hand, seems to be generally regarded by many (if not most) lawmakers as the sole actor in the hs sphere.  The consequence being that anything that is considered a hs issue by Congress often becomes a HS issue by default.  A dumping agency.  Even if it is a topic long worked by experienced professionals elsewhere in the government.

- – - – - – - – - -

Contrasting examples of this can be seen in the chapters on bio and nuclear threats. At it’s creation, I do not believe any of the agencies or offices brought to DHS a primary role in either arena (outside of FEMA’s responsibility post nuclear attack).  But in the wisdom of a few, since that time the agency has grown both an Office of Health Affairs (OHA) and the Domestic Nuclear Detection Office (DNDO).

I can see the utility of a health office for the protection of the DHS workforce, not unlike the equivalent in DOD.  Perhaps over time they develop particular expertise to contribute to the larger efforts of the government as a whole.  Instead, projects such as the never-quite-right Biowatch placed them in a bureaucratic competition with agencies with long-standing expertise in public health, such as the CDC (the center of biosurveillance), and those newer offices with a concentration of expertise and responsibility, like ASPR (ESF-8 lead, partner in the National Disaster Medical System, and the government developers of new medical countermeasures through BARDA). The QHSR seems to acknowledge this, as it stresses a whole of government approach to public health and bioterrorist threats. DHS went hs rather than HS in addressing biological threats.

The reverse is true for nuclear terrorism. After identifying the issue and stressing the importance due to the possible consequence of such an attack (if this is so important to HS you’d think FEMA would have gotten it’s act together by now regarding planning for such an event…but I digress), the QHSR takes an entirely parochial view of the subject.

We prioritize a sustained, long-term focus on preventing nuclear terrorism through two foundational capabilities: (1) nuclear detection and (2) nuclear forensics. These capabilities are aimed at preventing our adversaries from developing, possessing, importing, storing, transporting, or using nuclear materials.

In stark contrast to bio-events, nuclear terrorism can and must be prevented.  And that prevention is likely not to occur along the pathways of the “Global Nuclear Detection Architecture” or due to forensic capabilities. It happens because while large, the amount of special materials required for a nuclear terrorist attack are finite, thus possible to secure or eliminate at the source.  Hoping that THE major plank in preventing such an attack is detection of very hard to detect materials with the cooperation of others sitting along a spectrum of competence, corruption, and cooperation would be unwise.

I am not suggesting detection and forensics are unimportant, only that they are secondary to securing and eliminating fissile material.  Yet the QHSR focuses on these capabilities because that is what the DNDO does.  So DHS went HS for addressing the nuclear terrorism threat.

- – - – - – - – - – - – -

One last small quibble with the Review: why did they have to include a “Black Swans” section?  I don’t mean addressing potential future events that could have a significant impact on homeland security.  Rather, why did they have to attempt to co-opt the term itself?  Hasn’t the mess everyone has made with “resilience” taught us anything?

Nassim Nicholas Taleb, author of the book “The Black Swan” that popularized the term, summarizes the attributes of these events: “rarity, extreme impact, and retrospective (though not prospective) predictability.” The QHSR has already violated the third attribute, and their list of four potential Swans have been previously suggested and analyzed elsewhere.  They are neither unforeseen or unexpected.

Personally, I’d prefer to think of Natalie Portman when considering Black Swans.

July 1, 2014

A Collage of QHSR 2014 numbers

Filed under: General Homeland Security — by Christopher Bellavita on July 1, 2014

I’ve read the QHSR three times since last week. I continue to think it’s an almost ideal marker for what homeland security (as opposed to the Department of Homeland Security) attends to.

Like “A Perfect Day for Banana Fish,” every time I read the QHSR I see something new.

This week I want to focus on the QHSR as a numerical collage. I offer the numbers — all taken from the QHSR — without context,  with a minimum of comment, and with an appreciation for the information patterns they represent and ignore.

  1. According to Section 707 of the Homeland Security Act of 2002, the number of national homeland security strategies the QHSR is supposed to “delineate and update”: 1              (I don’t believe we’ve had a formal national homeland security strategy since President Bush left office; I think we now have a national security strategy, with homeland security strategy sprinkled inside).
  2. Number of times the National Security Strategy is mentioned in the QHSR report: 2
  3. The number of enduring national interests of the United States: 4
  4. Number of homeland security visions in the QHSR: 1
  5. Number of basic and enduring homeland security missions: 5 (all of which advance each of the 4 enduring national interests)
  6. Number of trends driving change in homeland security’s strategic environment: 6       
  7. Number of challenges posing the most strategically significant risks through 2019: also 6
  8. The not exhaustive number of potential black swan events that could fundamentally alter the the homeland security strategic environment described in the QHSR: 4
  9. Based on the drivers and challenges, the number of strategic priorities that affect the five homeland security missions:  5
  10. Number of areas of ongoing strategic priority and emphasis (beyond the other five strategic priorities): 3
  11. Number of principles that should guide efforts to address the strategic challenges to a secure homeland: 6  —————————————————————————————————————————————-
  12. Estimated number of people killed by Hurricane Sandy: 117
  13. Number of people Sandy left without power: more than 8,500,000
  14. Number of combined gallons of sewer overflows caused by Sandy in eight northeast states and the District of Columbia: 11,000,000,000
  15. Damage Sandy caused: tens of billions of dollars (I think that means somewhere between $10,000,000,000 and $99,000,000,000)    —————————————————————————————————————————————-
  16. Estimated number of major roads in the United States in poor or mediocre condition: 1 out of every 3 major roads
  17. Number of the nation’s bridges that are either structurally deficient or functionally obsolete: 1 out of every 4
  18. Increase in blackouts and other electrical disturbances since 2007: 140%
  19. Estimated “funding gap” for electric infrastructure costs between now and 2020: more than $100,000,000,000
  20. Estimated costs of wastewater and drinking water infrastructure improvements needed over the next 20 years: $682,000,000,000    —————————————————————————————————————————————-
  21. Increase in the value of U.S. exports between 2005 and 2012: 72%
  22. Increase in the value of goods imported to the United States between 2005 and 2012: 36%
  23. Increase in lawful travel to the United States between 2005 and 2012: 36% 
  24. Expected increase in lawful travel to the U.S. 2012 and 2018: 25%
  25. Increase (measured in “folds”) of rail intermodal traffic  - transporting shipping containers and truck trailers on railroad flat cars - between 1980 and 2012: nearly 4 (as in “fourfold”)    ———————————————————————————————————————————————————————-
  26. Number of the nation’s 30 largest metro regions whose municipal government revenues have not returned to pre-recession levels: 20
  27. As of 2011, the number of the nation’s 30 largest metro regions who reduced public safety spending: 20   —————————————————————————————————————————————-
  28. The estimated number of people in the world who have at least 12 billion computers and other internet devices: 2,000,000,000 (or about 30% of everyone in the world)
  29. Desired change in the speed of providing information to machines to help block cyber threats: milliseconds (one thousandth of a second) instead of hours or days      —————————————————————————————————————————————-
  30. Number of priority biological threats and hazards: 4
  31. Number of goals in the homeland security strategy for managing biological risk: 6      —————————————————————————————————————————————-
  32. Estimated number of undocumented immigrants in the nation: 11,500,000 (many of whom have been here more than 10 years and came here as children)
  33. Number of “deferred action” requests for undocumented childhood arrival processed by DHS in less than a year: more than 500,000
  34. Increase in the number of Border Patrol agents from 2004 to 2014: From 10,000 agents in 2004, 21,370 in 2014
  35. Number of employers and worksites, respectively, enrolled in the E-Verify program: 520,000 employers, representing 1,400,000 worksites
  36. Number of core objectives for strengthening the US immigration system: 4       —————————————————————————————————————————————-
  37. Number of distinct but interrelated types of flows of people and goods based on an in-depth look at legal and illegal flows: 3
  38. Number of partnership archetypes that encompass the types of relationships government shares with the private sector: 5     —————————————————————————————————————————————-
  39. Minimum number of elements in the National Preparedness System: 4
  40. Number of key elements in the Campaign to Build and Sustain Preparedness: 4
  41. The number of core principles in the Whole Community approach to preparedness: 3  —————————————————————————————————————————————-
  42. Estimated number of people responsible for carrying out the missions described in the QHSR: “hundreds of thousands of people from across the Federal Government; state, local, tribal, and territorial governments; the private sector; and other nongovernmental organizations are responsible for executing these missions.”
  43. Number of individuals, agencies and other entities who have key roles and responsibilities in homeland security: 32 (according to Appendix A)
  44. Number of phases in the development of the 2014 QHSR: 4
  45. Number of people asked by the QHSR development group to contribute to the report: Hundreds of key organizations; tens of thousands of practitioners, hundreds of federal advisory committee act committee members, several international partners, and a few other organizations and individuals.
  46. Number of unique stakeholders who a) registered for IdeaScale and Communities of Practice, b) number of comments they provided, c) number of source documents used, and d) number of votes: a) more than 2,000, b) thousands, c) more than 100, and d) more than 10,000
  47. Number of sources provided for the numbers cited in the QHSR: 0      (but I’m sure they exist somewhere among the literature, academic work and experts consulted in the making of this QHSR)  —————————————————————————————————————————————-
  48. The number missing from the QHSR that I miss the most: 85%

Instead of prolonging the myth that 85% of critical infrastructure is owned by the private sector, the QHSR authors simply wrote:  ”The majority of the Nation’s infrastructure is owned and operated by private sector entities.”  

Thank you to whomever insisted on that language.  It still might not even be “the majority.”  I mean, what’s the evidence?  But — like the rest of the homeland security enterprise characterized in the QHSR — small improvements may be the right path for now.  It’s a big nation.  Small improvements everywhere start to add up after awhile.

June 24, 2014

2014 Quadrennial Homeland Security Review – a dialogue worthy report

Filed under: General Homeland Security — by Christopher Bellavita on June 24, 2014

It’s only 103 pages.  Plus it’s a government report with a lot of pictures.   And there’s probably not much in it that’s new.

How long can it take to read something like that?

Turns out, longer than I expected.

After about 3 hours, I’m on page 68.  It’s not that I’m an especially slow reader.  I think it’s because the 2014 QHSR is an important and an exceptional document.

In my still forming opinion, this QHSR invites a move into Homeland Security 3.0.  It offers a strategic intent  – and the evidence to support it — that is compelling and, in a 21st century way, visionary.  It provides people who think and care about the entire enterprise subtle, refined ways to think about homeland security.  I expect that some of those ideas are already familiar to people who work with them daily.  But I have not seen them all in one place. Not before the 2014 QHSR.

I’m trying to think of an analogy to capture the feeling tone of the report.

To me it’s like the difference between someone talking about marriage while on his honeymoon, compared with someone else describing what a moderately successful marriage is like as it heads resolutely into its second decade.   Same institution, infused with time and experience.  The honeymoon is exciting and boundless.  A committed marriage takes work and a maturity that can embrace — not always willingly — ideals and reality.

That’s the sense I’m getting so far from the QHSR.

I know those are imprecise generalizations.  But it’s Tuesday, my day to post, and the other homeland security watch writers would like this week to be about the QHSR. Rightly so.

(Did you ever have one of those weeks — even on a Tuesday — when there were a dozen important things to do, but you couldn’t clone yourself because your 3-D printer was out of PolyJet photopolymers? Well, it’s something like that.)

The second QHSR took two years to put together.  And it shows.  In a good way.

I was prepared initially to dismiss the report as another check the box exercise.  But — even after only 68 pages — I can’t. It’s worth a deliberate read.

I do have to dismiss any temptation to comment before I’ve finished reading the entire document. (OK, Islam and Muslim are not mentioned, but terrorism shows up over 4 dozen times)

Thoughtful reflections will have to wait on such QHSR topics as:

  • Lone offenders
  • Drivers: of change, of challenges, of risk, of budgets, of markets
  • Cyber law enforcement incident response
  • The lack of public confidence in the government’s ability to function
  • Exchanging information at machine speed
  • Whether there is a national homeland security strategy, and if there isn’t so what?
  • Growth in domestic energy supplies
  • Universal values, enduring missions, enduring national interests
  • Risk segmentation
  • A “clean” audit opinion (apparently a good thing)
  • Nuclear terrorism and bioterrorism
  • Three dimensional printing (and supplies, of course)
  • Expansion of electronic payment systems
  • Pandemics
  • Climate change
  • Disaster driven migration
  • Cyber-physical convergence
  • Eroded public health capacity
  • Seriously deteriorated (past tense) infrastructure
  • Panama Canal expansion
  • Four (potential) black swans
  • Economic security
  • Priority biological incidents
  • Networked communities
  • National risk management
  • Rapid escalation of biological events
  • Faint signals
  • Risk informed
  • Information-driven community oriented policing
  • Publicly communicate tailored descriptions of homeland security capabilities
  • Emphasize strategic communications that project the effectiveness of homeland security capabilities
  • Weather maps for cyberspace
  • Ensuring a healthy cyber ecosystem
  • Self-mitigating, self-healing cyber systems
  • Mid-range incidents and levels of risk
  • Improving the confidence of our partners
  • Five (public-private) partnership archetypes for homeland security
  • Flexible models
  • “Immigration will always be, first and foremost, and opportunity for our country.”

And lots more to discuss, disagree with, and argue about.

Or maybe a better word is “dialogue.”

In a 1996 essay called “On Dialogue,” David Bohm distinguishes between discussion and dialogue.

Discussion is almost like a ping-pong game, where people are batting the ideas back and forth and the object of the game is to win or to get points for yourself.  Possibly you will take up somebody else’s ideas to back up your own – you may agree with some and disagree with others – but the basic point is to win the game. That’s frequently the case in a discussion.

“In a dialogue, however, nobody is trying to win. Everybody wins if anybody wins. There is a different sort of spirit to it.  In a dialogue, there is no attempt to gain points, or to make your particular view prevail. Rather, whenever any mistake is discovered on the part of anybody, everybody gains. It’s a situation called win – win, whereas the other game is win – lose.  If I win, you lose. But a dialogue is something more of a common participation, in which we are not playing a game against each other, but with each other. In a dialogue, everybody wins.”

The 2014 Quadrennial Homeland Security Report is worthy of much dialogue.



June 21, 2014

QHSR Context

Filed under: General Homeland Security — by Philip J. Palin on June 21, 2014

In the Homeland Security Act of 2002 the Department of Homeland Security is required to undertake what is clearly intended as a thoughtful reconsideration and anticipation of reality.  According to the law:

Each quadrennial homeland security review shall be a comprehensive examination of the homeland security strategy of the Nation, including recommendations regarding the long- term strategy and priorities of the Nation for homeland security and guidance on the programs, assets, capabilities, budget, policies, and authorities of the Department. 

The entire legislative mandate is provided in the new QHSR.

Congress was inspired by the preexisting Quadrennial Defense Review.  You can find the QDR here.  Despite a similar purpose, the QHSR and QDR are apples and oranges in terms of resources inputted and product outputted.   But precisely because of their differences, comparisons and contrasts between the two documents can point to potential “creative tensions” between Homeland Defense and Homeland Security.

Probably worth at least scanning the first QHSR released in February 2010.

While you’re at it scan the National Security Strategy, also from 2010.  Are the Quadrennials coherent with it? Consistent?  Where do you perceive one or both of the Quadrennials suggesting something different?  Very different or just a nuance?  Significant nuance or just a gloss?  A new NSS is in draft… will be interesting to compare the new with the current.

Where you agree with the QHSR but perceive a problem with implementation, how would you better ensure effectively advancing the effort?

Where you disagree with the QHSR, please explain what you perceive is wrong in the underlying analysis and/or outline your alternative.

Chris, Arnold and I have exchanged notes and hope to give most of the first week of summer to the QHSR (pending of course personal or planetary explosions). Given the emails I have received from many of you since Thursday there seems to be a lot to say.  I hope you will say it here.

Feedback — especially thoughtfully (concisely) argued — can have an impact.  Positive or negative and I urge you not to forget the positive.  Do not underestimate how difficult the fight may have been to get into the QHSR something that seems to you self-evident.

Full Disclosure: I was involved in preparing the QHSR, at least enough to receive a thank you email.  I also received a modest honorarium for a specific engagement with prior drafts.   My work focused almost entirely on private-public relationships.  I tried to have influence on supply chains and catastrophe preparedness but totally failed.  Even on private-public — where I was given considerable time and opportunity — I cannot find where the QHSR reflects any specific recommendation that I made.  So no pride-of-authorship.

But I did come to respect — and appreciate — the process and people doing their best to fulfill the mandate and serve the nation.  At least some of them are as frustrated as some of you seem to be, so don’t over-do an inclination to question intent or effort.  It is much more constructive to focus on the meaning or implications of what is actually in the document.  As you will see on Thursday, while they may not have listened to me, I perceive there is much to commend in how the QHSR anticipates the challenges ahead.

June 20, 2014

Friday Free Forum

Filed under: General Homeland Security — by Philip J. Palin on June 20, 2014

On this day last year the Canadian province of Alberta experienced the start of a period of sustained flooding that displaced more than 100,000 and caused damage exceeding $5 billion.

On this day, also last year, the Colorado Black Forest Fire was declared 100 percent contained after burning more than 14,000 acres, destroying 486 homes, and resulting in two deaths.

Symantec, the computer security firm, has released a warning related to cyberattacks planned for today.  According to the warning the target will be the global energy industry.

What’s on your mind related to homeland security?


« Previous PageNext Page »