Homeland Security Watch

News and analysis of critical issues in homeland security

November 4, 2012

The new normal: watching gas, coffee and intense storms

Filed under: Intelligence and Info-Sharing — by Christopher Bellavita on November 4, 2012

Watchline is a weekly information sharing newsletter produced by the Fire Department of New York (FDNY). It primarily covers homeland security topics related to emergency response. The Watchline reaches more than 100 agencies from all levels of government and more than 1000 direct subscribers outside the FDNY. Here’s a copy of  Watchline’s “Hurrican Sandy Special Edition.” (You can see an easier to read version here.)



October 3, 2012

Committee duel over fusion center report

Filed under: Intelligence and Info-Sharing,Privacy and Security — by Philip J. Palin on October 3, 2012

As noted in several media, the Permanent Subcommittee on Investigations of the Senate Committee on Homeland Security and Governmental Affairs has released a report highly critical of state fusion centers.  (Access has been a bit difficult on Wednesday.) Here are a few paragraphs from the Subcommittee’s news release:

A two-year bipartisan investigation by the U. S. Senate Permanent Subcommittee on Investigations has found that Department of Homeland Security efforts to engage state and local intelligence “fusion centers” has not yielded significant useful information to support federal counterterrorism intelligence efforts.

“It’s troubling that the very ‘fusion’ centers that were designed to share information in a post-9/11 world have become part of the problem. Instead of strengthening our counterterrorism efforts, they have too often wasted money and stepped on Americans’ civil liberties,” said Senator Tom Coburn, the Subcommittee’s ranking member who initiated the investigation.

The investigation determined that senior DHS officials were aware of the problems hampering effective counterterrorism work with the fusion centers, but did not always inform Congress of the issues, nor ensure the problems were fixed in a timely manner. MORE

Chairman of the full-committee Joe Lieberman has taken exception to the subcommittee report.  From a Wednesday statement:

“I strongly disagree with the report’s core assertion that ‘fusion centers have been unable to meaningfully contribute to federal counterterrorism efforts,’” Lieberman said. “This statement is not supported by the examples presented in the report and is contrary to the public record, which shows fusion centers have played a significant role in many recent terrorism cases and have helped generate hundreds of tips and leads that have led to current FBI investigations.

“The report does include valuable findings in some areas. It cites examples of inappropriate use of homeland security grant funds and accurately notes that FEMA has struggled to account for how homeland security grant funds are allocated and used, a longstanding concern of mine.

“But the report also contradicts public statements by the Director of National Intelligence and the Director of the FBI, who have acknowledged the value fusion centers provide to the intelligence community. MORE

This is a case when I expect the same data could support two very different understandings of reality.

August 10, 2012

Brennan defines “bad guys” (NYPD looks for bad guys)

Wednesday, John Brennan, the Assistant to the President for Homeland Security and Counterterrorism, spoke to the  Council on Foreign Relations.  His remarks focus on US operations in Yemen including the use of drones.  This is the latest in a series of extended statements by Mr. Brennan designed to explain and defend US policy regarding the lethal use of drone technology beyond Afghanistan.

Ritika Singh at LAWFARE has posted the first transcript I could find.

There is a Question and Answer session with Mr. Brennan that is considerably longer than his prepared remarks.  During this element of the program he engaged a range of issues, including Syria and cybersecurity… and bad guys.

While looking for the transcript, I stumbled across a very helpful consideration of the NYPD’s new “Domain Awareness System” at the Council on Foreign Relations website.  (If CFR can headline attention to NYPD technology projects,  I think HLSWatch can clearly address Yemen.)  Please see the CFR briefing by Matthew Waxman.

March 23, 2012

New NCTC guidelines for non-terrorism information


You can access the unclassified (thank goodness) document at the link embedded in the title.

The details deserve much more attention than I will have time to give until the weekend.  But previous limitations (see here and here) have clearly been softened.  The following paragraph from page 4 seemed to leap from the page:

These Guidelines permit NCTC to access and acquire United States person information for the purpose of determining whether the information is reasonably believed to constitute terrorism information and thus may be permanently retained, used, and disseminated. Any United States person information acquired must be reviewed for such purpose in accordance with the procedures below. Information is ’1″easonably believed to constitute terrorism information” if, based on the knowledge and experience ofcounterterrorism analysts as well as the factual and practical considerations of everyday life on which reasonable and prudent persons act, there are facts giving rise to a reasonable, articulable suspicion that the information is terrorism information.”

For your reading pleasure.

March 2, 2012

366 Homeland Security Words

Filed under: Intelligence and Info-Sharing — by Christopher Bellavita on March 2, 2012

The Electronic Privacy Information Center posted a copy of a document titled “Department of Homeland Security, National Operations Center, Media Monitoring Capablity, Desktop Reference  Binder” (or MMCDRB for short).

The headline of the EPIC story: EPIC Obtains New Documents on DHS Media Monitoring, Urges Congress to Suspend Program

The reaction to the “desktop reference binder”  included such monochromatic headlines as:

Words to get your website on a government watch list – Social media monitoring!

Homeland Security has its eye on your Metro tweets, D.C. riders

The Department of Homeland Security Is Spying On Your Social Media Updates

Why is the government monitoring social media networks?

The DHS surveillance of OccupyWallStreet (Ok, different, but related.)

DHS Monitoring Of Social Media Under Scrutiny By Lawmakers

The Department Of Homeland Security Is Searching Your Facebook And Twitter For These Words

There is a lot that can be written about this manual and the complex issues illustrated by almost every section of the 40 page document.  But that’s not what I want to write about. I want to write briefly about the search terms in the manual.


One can always get a good 50 minute discussion going in a graduate seminar by asking “What is Homeland Security?”

The question can be addressed through a variety of inquiring systems (meaning ways of gathering and processing information about a question):

- Deductively –  by starting from general principles

- Dialectically — focusing on the conflicts  in homeland security

- Abductively — basically hunches and guesses

- Idealistically – Including ideas from as many perspectives as possible

- Pragmatically — an open systems, do-whatever-works approach

- or Detour and Access — beating around the bush, gaining access to homeland security by detouring around messy issues

No doubt there are other inquiring systems.  Let me mention one more.

One unintended, albeit minor, consequence of the MMCDRB is to assist with an inductive answer to the what is homeland security question.


Induction is about generating abstractions by aggregating specific instances.  If deductive inquiry starts with principles and moves to data. Inductive inquiry starts with data and moves to principles, or at least propositions.

Without getting into the many (serious) problems of inductive inquiry, one can take the current list of “key words and search terms” in the MMCDRB, mix up the pieces — in this case alphabetically — and get a snapshot of how broad homeland security has become in the last decade.

Try it for yourself. There’s a story, a controversy, a fear, a mission or a budget in every word.

Key Words and Search Terms

1.         2600
2.         Abu Sayyaf
3.         Afghanistan
4.         Agent
5.         Agriculture
6.         Agro
7.         Agro Terror
8.         Aid
9.         Air Marshal
10.       Airplane (and derivatives)
11.       Airport
12.       Al Queda (all spellings)
13.       Al-Shabaab
14.       Alcohol Tobacco and Firearms (ATF)
15.       Ammonium nitrate
16.       AMTRAK
17.       Anthrax
18.       Antiviral
19.       AQAP (Al Qaeda Arabian Peninsula)
20.       AQIM (Al Qaeda in the Islamic Maghreb)
21.       Arellano-Felix
22.       Artistics Assassins
23.       Assassination
24.       Attack
25.       Authorities
26.       Avalanche
27.       Avian
28.       Bacteria
29.       Barrio Azteca
30.       BART
31.       Basque Separatists
32.       Beltran-Leyva
33.       Biological
34.       Biological infection (or event)
35.       Biological weapon
36.       Black out
37.       Blister agent
38.       Blizzard
39.       Body scanner
40.       Bomb (squad or threat)
41.       Border
42.       Border Patrol
43.       Botnet
44.       Breach
45.       Bridge
46.       Brown out
47.       Brush fire
48.       Brute forcing
49.       Burn
50.       Burst
51.       Bust
52.       Cain and abel
53.       Calderon
54.       Canceled
55.       Car bomb
56.       Cartel
57.       Cartel de Golfo
58.       Center for Disease Control (CDC)
59.       Central Intelligence Agency (CIA)
60.       Chemical
61.       Chemical burn
62.       Chemical fire
63.       Chemical Spill
64.       Chemical weapon
65.       China
66.       CIKR (Critical Infrastructure & Key Resources)
67.       Ciudad Juarez
68.       Closure
69.       Cloud
70.       Coast Guard (USCG)
71.       Cocaine
72.       Collapse
73.       Colombia
74.       Communications infrastructure
75.       Computer infrastructure
76.       Conficker
77.       Consular
78.       Contamination
79.       Conventional weapon
80.       Cops
81.       Crash
82.       Crest
83.       Critical infrastructure
84.       Customs and Border Protection (CBP)
85.       Cyber attack
86.       Cyber Command
87.       Cyber security
88.       Cyber terror
89.       DDOS (dedicated denial of service)
90.       Deaths
91.       Decapitated
92.       Delays
93.       Denial of service
94.       Department of Homeland Security (DHS)
95.       Dirty bomb
96.       Disaster
97.       Disaster assistance
98.       Disaster management
99.       Disaster medical assistance team (DMAT)
100.    DNDO (Domestic Nuclear Detection Office)
101.    Dock
102.    Domestic nuclear detection
103.    Domestic security
104.    Drill
105.    Drug
106.    Drug Administration (FDA)
107.    Drug cartel
108.    Drug Enforcement Agency (DEA)
109.    Drug trade
110.    Drug war
111.    E. Coli
112.    Earthquake
113.    Ebola
114.    Eco terrorism
115.    El Paso
116.    Electric
117.    Emergency
118.    Emergency Broadcast System
119.    Emergency Landing
120.    Emergency management
121.    Emergency response
122.    Enriched
123.    Environmental terrorist
124.    Epidemic
125.    Erosion
126.    ETA (Euskadi ta Askatasuna)
127.    Evacuation
128.    Execution
129.    Exercise
130.    Explosion (explosive)
131.    Exposure
132.    Extreme weather
133.    Extremism
134.    Facility
135.    Failure or outage
136.    FARC (Armed Revolutionary Forces Colombia)
137.    Federal Air Marshal Service (FAMS)
138.    Federal Aviation Administration (FAA)
139.    Federal Bureau of Investigation (FBI)
140.    Federal Emergency Management Agency (FEMA)
141.    First responder
142.    Flood
143.    Flu
144.    Food Poisoning
145.    Foot and Mouth (FMD)
146.    Forest fire
147.    Fort Hancock
148.    Fundamentalism
149.    Fusion Center
150.    Gang
151.    Gangs
152.    Gas
153.    Grid
154.    Gulf Cartel
155.    Gunfight
156.    Guzman
157.    H1N1
158.    H5N1
159.    Hacker
160.    Hail
161.    Hamas
162.    Hazardous
163.    Hazardous material incident
164.    Hazmat
165.    Help
166.    Heroin
167.    Hezbollah
168.    Home grown
169.    Homeland Defense
170.    Homeland security
171.    Hostage
172.    Human to ANIMAL
173.    Human to human
174.    Hurricane
175.    Ice
176.    IED (Improvised Explosive Device)
177.    Illegal immigrants
178.    Immigration Customs Enforcement (ICE)
179.    Improvised explosive device
180.    Incident
181.    Industrial spill
182.    Infection
183.    Influenza
184.    Infrastructure security
185.    Interstate
186.    IRA (Irish Republican Army)
187.    Iran
188.    Iraq
189.    Islamist
190.    Jihad
191.    Juarez
192.    Keylogger
193.    Kidnap
194.    La Familia
195.    Law enforcement
196.    Leak
197.    Lightening
198.    Listeria
199.    Lockdown
200.    Looting
201.    Los Zetas
202.    Magnitude
203.    Malware
204.    Mara salvatrucha
205.    Marijuana
206.    Maritime domain awareness (MDA)
207.    MARTA
208.    Matamoros
209.    Meth Lab
210.    Methamphetamine
211.    Metro
212.    Mexican army
213.    Mexicles
214.    Mexico
215.    Michoacana
216.    Militia
217.    Mitigation
218.    MS13 or MS-13
219.    Mud slide or Mudslide
220.    Mutation
221.    Mysql injection
222.    Narco banners (Spanish equivalents)
223.    Narcos
224.    Narcotics
225.    National Guard
226.    National infrastructure
227.    National laboratory
228.    National Operations Center (NOC)
229.    National preparedness
230.    National preparedness initiative
231.    National security
232.    Nationalist
233.    NBIC (National Biosurveillance Integration Center)
234.    Nerve agent
235.    New Federation
236.    Nigeria
237.    Nogales
238.    North Korea
239.    Norvo Virus
240.    Nuclear
241.    Nuclear facility
242.    Nuclear threat
243.    Nuevo Leon
244.    Organized crime
245.    Outbreak
246.    Pakistan
247.    Pandemic
248.    Phishing
249.    Phreaking
250.    Pipe bomb
251.    Pirates
252.    Plague
253.    PLF (Palestine Liberation Front)
254.    PLO (Palestine Libration Organization)
255.    Plot
256.    Plume
257.    Police
258.    Pork
259.    Port
260.    Port Authority
261.    Powder (white)
262.    Power
263.    Power lines
264.    Power outage
265.    Prevention
266.    Public Health
267.    Quarantine
268.    Radiation
269.    Radicals
270.    Radioactive
271.    Recall
272.    Recovery
273.    Recruitment
274.    Red Cross
275.    Relief
276.    Resistant
277.    Response
278.    Reynose
279.    Reyosa
280.    Ricin
281.    Riot
282.    Rootkit
283.    Salmonella
284.    San Diego
285.    Sarin
286.    Scammers
287.    Screening
288.    Secret Service (USSS)
289.    Secure Border Initiative (SBI)
290.    Security
291.    Service disruption
292.    Shelter-in-place
293.    Shootout
294.    Shots fired
295.    Sick
296.    Sinaloa
297.    Sleet
298.    Small Pox
299.    Smart
300.    Smuggling (smugglers)
301.    Snow
302.    Social media
303.    Somalia
304.    Sonora
305.    Southwest
306.    Spammer
307.    Spillover
308.    Standoff
309.    State of emergency
310.    Storm
311.    Strain
312.    Stranded/Stuck
313.    Subway
314.    Suicide attack
315.    Suicide bomber
316.    Suspicious package/device
317.    Suspicious substance
318.    SWAT
319.    Swine
320.    Symptoms
321.    Taliban
322.    Tamaulipas
323.    Tamiflu
324.    Tamil Tiger
325.    Target
326.    Task Force
327.    Telecommunications
328.    Temblor
329.    Terror
330.    Terrorism
331.    Threat
332.    Tijuana
333.    Tornado
334.    Torreon
335.    Toxic
336.    Trafficking
337.    Transportation security
338.    Transportation Security Administration (TSA)
339.    Tremor
340.    Trojan
341.    Tsunami
342.    Tsunami Warning Center
343.    TTP (Tehrik-i-Taliban Pakistan)
344.    Tuberculosis (TB)
345.    Tucson
346.    Twister
347.    Typhoon
348.    U.S. Citizenship and Immigration Services (CIS)
349.    U.S. Consulate
350.    United Nations (UN)
351.    Vaccine
352.    Violence
353.    Viral Hemorrhagic Fever
354.    Virus
355.    Warning
356.    Watch
357.    Water/air borne
358.    Wave
359.    Weapons cache
360.    Weapons grade
361.    Wildfire
362.    WMATA
363.    World Health Organization (WHO and components)
364.    Worm
365.    Yemen
366.    Yuma

The list is not final.  The manual notes, “As natural and manmade disasters occur, new search terms may be added.”


January 23, 2012

The problem with defining “something”

Filed under: General Homeland Security,Intelligence and Info-Sharing — by Arnold Bogis on January 23, 2012

In a post last week, Phil brought to our attention a White House meeting where local law enforcement officials were presented with a framework for identifying “Homegrown Violent Extremists” that included four major mobilizing patterns:

Contact with individuals tied to terrorist organizations

Indicators of ideological commitment

Travel or attempted travel in pursuit of a violent agenda

Seeking weapons or weapons related training

All very sensible, though perhaps seemingly so after the fact. Perhaps at the briefing methodology was shared for determining in advance when these or similar indicators might lead to violence.  Hopefully it was more than what Phil’s brief contained:

According to my sources the law enforcement officials were, “cautioned against adopting a checklist-like mentality incountering the HVE threat. Simplistically interpreting any single indicator as a confirmation of mobilization probably will lead to ineffective and counterproductive efforts to identify and defeat Homegrown Violent Extremists.”

That quote reminded me of the following quote from a not-so-recent blog post at Security Debrief:

Ask yourself, would an artist draw what you see them sketching? Are the photos a person is taking something you would place in your vacation or family photo album? Give yourself the “reasonableness” test. Is it reasonable that the activity is likely tourist or terrorist in nature? Trust your intuition.

The author is Erroll Southers, according to his Security Debrief Blog bio a former FBI Special Agent, President Barack Obama’s first nominee for Assistant Secretary of the Transportation Security Administration, and Assistant Chief of Homeland Security and Intelligence at the Los Angeles World Airports Police Department.

Reasonable advice from a homeland security professional, right?

Perhaps only after the fact.  Not to pick on Mr. Southers, but I’m guessing he rarely if ever visits small art galleries or has participated in “open studios” (these are usually weekends when a number of artists in particular neighborhoods open up their studios–often their homes–to the public to view and perhaps purchase their work) in any of the cities in which he has lived.  I enjoy these events and could not count on my hands the number of photographers I’ve encountered who take pictures of what is considered critical infrastructure.  Dams, electrical grids, nuclear power stations, public transportation, etc.  Not something you might place in your vacation (Hoover Dam anyone?) or family photo albums perhaps, but absolutely striking physical objects that can be rendered quite beautifully by any number of artists.

I have noticed this general extension of “see something, say something” in other venues, numerous papers, and by many a speaker. The unoriginal thinking and lack of imagination is disheartening.  How will the public become true partners in homeland security if the level of engagement largely remains at this level?  Does the whole of community only count those who have the same aesthetic views as homeland security professionals?  And will JIC (just in case) be the enduring legacy of 9/11?

Maybe not, at least if noted baseball writer George Will and others have anything to say about it:

Quentin, who finds aesthetic — and occasional monetary — value in photographs of industrial scenery at night, was equally persistent when deputies ordered him to stop taking pictures, lest they put his name on a troublesome FBI list. He was on a public sidewalk, using a large camera on a tripod, photographing an oil refinery at 1 a.m. He has a master’s degree in fine arts from the University of California at Irvine, so there.

January 19, 2012

Behavioral indicators of terrorism

Filed under: Intelligence and Info-Sharing,Radicalization,State and Local HLS,Terrorist Threats & Attacks — by Philip J. Palin on January 19, 2012

Wednesday the White House hosted a meeting of 46 senior federal, state and local law enforcement officials.

According to the Associated Press, “The Obama administration is providing senior state and local police officials with its analysis of homegrown terrorism incidents, including common signs law enforcement can use to identify violent extremists… The analysis was conducted by the Homeland Security Department, the FBI and the National Counterterrorism Center.”

I was not at the meeting.  But following is an overview of what I am told was briefed.

An interagency team and process examined several cases of Homegrown Violent Extremists (HVEs) that emerged between 2008-2010.  I was not given the precise number of cases, but I have seen reports of  sixty-two cases being considered.  Based on this sample four major “mobilizing patterns” were identified:

Contact with individuals tied to terrorist organizations is one of two indicators that appeared most often in the case studies. This finding is consistent with earlier assessments—based on past cases of domestic and transnational terrorism—that exposure to an extremist with established ties to a terrorist group can be a useful indicator of a radicalized person moving toward violence. More than 90 percent of the subjects examined either communicated directly or had some type of contact with connected extremists as part of their mobilization to violence.

Indicators of ideological commitment also appear frequently in HVE reporting. One of these behaviors—”watching or sharing jihadist videos”—was the second of the two most prevalent indicators noted in the study. Ideological commitment behaviors were observable but at times only in a virtual environment. More than 90 percent of the cases involved HVEs who either watched or shared extremist videos or other propaganda. Just under 90 percent involved HVEs pursuing religious instruction from a person or institution associated with extremist causes.Roughly 80 percent of the cases reflected an individual’s acceptance or approval of violence or martyrdom operations or an intent to engage in them.

Travel or attempted travel in pursuit of a violent agenda was a recurring factor in the HVE cases, also supporting earlier assessments of the importance of foreign travel for violent extremists. Almost 90 percent of  subjects traveled to places with a significant extremist population or to a foreign location explicitly to pursue violence.

Seeking weapons or weapons related training was a common behavior. This more tactically focused aspect of attack planning also entailed online research to acquire technical capabilities, select targets, and plan logistics. Almost 80 percent of subjects pursued weapons training, paramilitary exercises, or the acquisition of related equipment as partof their mobilization. More than half also conducted Internet research to plan their attacks.

According to my sources the law enforcement officials were, “cautioned against adopting a checklist-like mentality incountering the HVE threat. Simplistically interpreting any single indicator as a confirmation of mobilization probably will lead to ineffective and counterproductive efforts to identify and defeat Homegrown Violent Extremists.”

About 5PM Eastern on Wednesday Eileen Sullivan filed an AP story after talking with participants: SEE IT HERE.

While the law enforcement leaders were at the White House, a House Intelligence subcommittee was hearing testimony suggesting big changes in the purpose and role of the DHS intelligence function. According to prepared testimony to me delivered by Philip Mudd,

The growth of our expectations of domestic security, and the evolution of threats away from traditional state actors toward non-state entities — drug cartels, organized crime, and terrorism are prominent examples — suggest that the DHS intelligence mission should be threat agnostic. Though the impetus for creating this new agency, in the wake of the 9/11 attacks, was clearly terrorism based, the kinds of tools now deployed, from border security to cyber protection, are equally critical in fights against emerging adversaries. The DHS enterprise is more complex than other agencies responsible for America’s security, and itsintelligence mission is correspondingly multifaceted. Its intelligence missions range from providing homeland security-specific intelligence at the federal level; integrating intelligence vertically through DHS elements; and working with state/local/private sector partners to draw their intelligence capabilities into a national picture and provide them with information.

The testimony, based largely on a recently completed study and set of recommendations from the Aspen Homeland Security Group , especially emphasizes the DHS comparative advantage in working with state, local, and private sector entities in the non-classified domain.

In contrast to intelligence agencies that have responsibilities for more traditional areas of national security, DHS’s mandate should allow for collection, dissemination, and analytic work that is focused on more specific homeward-focused areas. First, the intelligence mission could be directed toward areas where DHS has inherent strengths and unique value (e.g., where its personnel and data are centered) that overlap with its legislative mandate. Second, this mission direction should emphasize areas that are not served by other agencies, particularly state/local partners whose needs are not a primary focus for any other federal agency. In all these domains, public and private, DHS customers will require information with limited classification; in contrast to most other federal intelligence entities, DHS should focus on products that start at lower classification levels, especially unclassified and FOUO, and that can be disseminated by means almost unknown in the federal intelligence community (phone trees, Blackberries, etc.).

There is an obvious tension between an intelligence function that is “threat-agnostic” and one that emerges from “where its personnel and data are centered.”  This could, however, be a very healthy tension if a threat-agnostic — capabilities-based — approach to engaging the risk environment can be effectively used to decide where personnel are focused and data is gathered.

December 28, 2011

Accountability in the Information Age

Filed under: Intelligence and Info-Sharing,Media,Technology for HLS — by Mark Chubb on December 28, 2011

Yesterday, our friends and fellow bloggers at Wired magazine’s Threat Level recapped the debate between New Yorker writer and prolific author Malcolm Gladwell and NYU academic and social media evangelist Clay Shirky regarding the role of social media in mobilizing and promoting street protests in support of democratic movements around the world. Shirky, predictably, suggests the movements would not have achieved critical mass without social media. Gladwell takes a far more skeptical view, preferring to see in these movements evidence of the democratic impulse as the message of freedom rather than just another medium for it.

Bill Wasik argues that both perspectives have considerable merit. It’s hard to argue that social media had no influence over the scope or scale of the protests, especially their rapid extension across international borders. At the same time, suggesting that social media should receive at least some of the credit for inspiring democratic uprisings overstates their capacity to encourage virtuous behavior. In the end, Wasik seems to side with Gladwell, arguing that social media enable rather than inspire mass movements.

Given the growing zeal among emergency managers to adopt social media this argument is worth noting. Social media have changed the way emergency managers do their jobs. But the way the public responds to disasters has not changed nearly as much despite social media’s widespread use.

Too many emergency managers think of the public as apathetic and uniformed about disasters. This assumption about the public extends to nearly every aspect of their behavior before, during and after disasters. Social media have helped put paid to such notions largely because they make much more readily apparent the actions of people before, during and after disasters.

For starters, social media have made it clear that people in general crave attention and attraction. We need to be known for what we know and what we can do, and we want to share our time and talents with others whose interests affirm or complement our own. We all possess an atavistic, if not innate, need to connect with others that only becomes more acute as the ways we define ourselves becomes ever more specialized and atomized.

Ambiguity makes us anxious. Seeking and sharing information even with those we do not know helps us alleviate stress. This is true even when such sharing does little to improve our circumstances or clarify a desired course of action.

In the absence of altruism, the introduction of social media into this mix should be expected to do little more than provide people with a platform for talking about disasters. But that’s not what we have seen happening. People inevitably do things when confronted with disaster. Being right takes a backseat to doing right.

Social media have changed the emergency management landscape in large part because they enable people far removed from the direct effects of the disaster to affect its outcome. They do this by giving people immersed in an event the instant ability to connect with the resources of a global audience and share more than just their stories.

Social media have made this process easier and faster. But they are not alone responsible for its emergence.

The one thing that may have changed most with the emergence of social media is the balance between the three competing priorities in emergency management: speed, relevance and accuracy.

In the past, emergency managers carefully parsed the flow of information out of fear that incorrect or conflicting information would undermine their credibility, which in turn would compromise efforts to advance response and recovery. Social media have made it much more apparent that people require very little direction from us when it comes to helping each other cope with the after-effects of disaster. Similarly, they are much more forgiving of errors and helpful about correcting them than we tend to imagine in advance.

People clearly see an important place for emergency managers and government officials as honest brokers, which demands of them an authentic voice characterized by empathy, ethics and equity. These three attributes define accountability in the Information Age, and highlight the importance of social media in emergency management.

Waiting to get the message right is no longer an option. Responding quickly is about riding the wave not generating its momentum. And errors of commission are less likely to be judged harshly than errors of omission, especially when they display relevance, which is to say they reflect a reasonable effort to mobilize or manage collective action to make things better.

Like the street protests and insurgent democracy movements around the world, the past year’s disasters and emergencies have demonstrated the important but not central role of social media in enabling humane action. This impulse arises not from the media but rather from the message. Any fears that social media would combine with Americans’ couch-potato culture to render public responses ever more passive have proven unfounded.

December 9, 2011

Summary of the Strategic National Risk Assessment

Filed under: Intelligence and Info-Sharing,Preparedness and Response — by Christopher Bellavita on December 9, 2011

The Strategic National Risk Assessment was written to support the National Preparedness Goal.  You can download an unclassified summary of the National Risk Assessment at this link. (Thank you to the person who sent me the link.)

The seven page summary includes these sections:

  1. Overview
  2. Strategic National Risk Assessment Scope
  3. Overarching Themes to an All-Hazards Approach
  4. Analytic Approach
  5. Limitations
  6. Impacts and Future Uses
  7. Conclusion

Here is an excerpt from the Overview:

The Strategic National Risk Assessment (SNRA) was executed in support of Presidential Policy Directive 8 (PPD-8), which calls for creation of a National Preparedness Goal, a National Preparedness System, and a National Preparedness Report.

Specifically, national preparedness is to be based on core capabilities that support “strengthening the security and resilience of the United States through systematic preparation for the threats that pose the greatest risk to the security of the Nation, including acts of terrorism, cyber attacks, pandemics, and catastrophic natural disasters.”

… The assessment was used:

  • To identify high risk factors that supported development of the core capabilities and capability targets in the National Preparedness Goal;
  • To support the development of collaborative thinking about strategic needs across prevention, protection, mitigation, response, and recovery requirements, and;
  • To promote the ability for all levels of Government to share common understanding and awareness of National threats and hazards and resulting risks so that they are ready to act and can do so independently but collaboratively.

The subsequent pages provide an overview of the unclassified findings and the analytic approach used to conduct the SNRA. It should be emphasized, however, that although the initial version of the SNRA is a significant step toward the establishment of a new homeland security risk baseline, it contains data limitations and assumptions that will require additional study, review, and revision as the National Preparedness System is developed. These limitations are discussed below, and future iterations of the assessment are expected to reflect an enhanced methodology and improved data sets.

Below is a chart (taken from the Assessment) that summarizes:

… a series of national-level events with the potential to test the Nation’s preparedness….

For the purposes of the assessment, DHS identified thresholds of consequence necessary to create a national-level event. These thresholds were informed by subject matter expertise and available data. For some events, economic consequences were used as thresholds, while for others, fatalities or injuries/illnesses were deemed more appropriate as the threshold to determine a national-level incident.  In no case, however, were economic and casualty thresholds treated as equivalent to one another (i.e., dollar values were not assigned to fatalities). Event descriptions in [the table below] that do not explicitly identify a threshold signify that no minimum consequence threshold was employed. This allows the assessment to include events for which the psychological impact of an event could cause it to become a national-level event even though it may result in a low number of casualties or a small economic loss. Only events that have a distinct beginning and end and those with an explicit nexus to homeland security missions were included.

This approach excluded:

  • Chronic societal concerns, such as immigration and border violations, and those that are generally not related to homeland security national preparedness, such as cancer or car accidents, and;
  • Political, economic, environmental, and societal trends that may contribute to a changing risk environment but are not explicitly homeland security national-level events (e.g., demographic shifts, economic trends).

These trends will be important to include in future iterations of a national risk assessment, however.

If you have questions or comments about this initial effort to share the results of the national risk assessments, please let me know (in the comments section of this post) and I will ask around for answers.

November 25, 2011

Never mind about that cyber attack….

Filed under: Cybersecurity,Intelligence and Info-Sharing — by Christopher Bellavita on November 25, 2011

Last Tuesday, Nick Catrantzos, suggested here that reports of the Springfield, Illinois “cyberattack” might have more to do with “Naïve or myopic cyber professionals whose over attention to expediency permits convenient remote access for their technical support colleagues with insufficient attention to the exposure that this condition creates,” than with an attack by foreigners.

He’s right, according to Friday’s Washington Post story by Ellen Nakashima:

A water-pump failure in Illinois that appeared to be the first foreign cyberattack on a public utility in the United States was in fact caused by a plant contractor traveling in Russia, according to a source familiar with a federal investigation of the incident….  The contractor, who had remote access to the computer system, was in Russia on personal business, the source added.

Score one point also for DHS officials who insisted on getting the facts correct before someone lobbies congress for a 350 trillion dollar Water Attack Security Target Enforcement program:

… officials at the Department of Homeland Security, which oversees industrial control system cybersecurity, cautioned from the outset that the report contained “no credible, corroborated data.”

The water pump in question had been experiencing problems, turning on and off and eventually failing, water district board members said. The pump has malfunctioned several times in recent years, a DHS official said.

The “international authority on cybersecurity” who (apparently) first made public the information in the Illinois State Terrorism and Intelligence Center (STIC) report responded to the new details about the attack by attacking:

This [the conflict between the STIC and DHS reports] begs the question why two government agencies disagree over whether a cyber event that damaged equipment had occurred at a water utility….

There are numerous critical infrastructure table-top exercises that assume that notifications such as the STIC report are sufficient to initiate the cyber attack response process. If DHS turns out to be correct in its assumptions, then anyone acting on the STIC warning would have been wasting precious resources addressing a problem that doesn’t exist. At issue is that we need to be quickly informed if an event has occurred so that others who have similar equipment or architectures can take steps to protect themselves in case the event spreads. However, this requires both timely notification and correct information. Right now, it seems that neither of these two conditions may exist in this case.

We now have to wait for DHS and the other government agencies to come to agreement and let us know what has happened. If the STIC report is correct, then we have wasted precious time and allowed many others in the infrastructure to remain potentially vulnerable while we wait to find out if we should do anything.

Perhaps that’s a restatement of the classic expectation of intelligence: “give us accurate, timely, and actionable information.”

Welcome to another dimension of the big data problem.

Or, as our buddy prOf might say, “Take the f*%#!&g SCADA off the internet.”




August 3, 2011

Useless or Faceless?

Filed under: Budgets and Spending,Intelligence and Info-Sharing,Technology for HLS — by Mark Chubb on August 3, 2011

John Quincy Adams is often quoted as having said, “One useless man is a shame, two is a law firm, and three or more is a Congress.” Another unnamed sage quipped, “Congress is continually appointing fact-finding committees, when what we really need are some fact-facing committees.” This past month’s acrimonious debt debates have done nothing to disprove either theorem despite their success in passing legislation to avert the nation’s first-ever default on its public debt.

It’s easy to see the tortured process of the past month and the polarized politics propelling the participants as a product of a deeply ambivalent body politic. But that would be too convenient and untrue to boot.

As Steven Kull, director of the University of Maryland’s Program for Public Consultation explained in a recent article, surveys indicate that the public at-large is much more reasonable and responsible than its representatives in Congress. Clear majorities of self-identified Republicans supported higher taxes and fewer spending cuts than those adopted yesterday. Likewise, a substantial proportion of self-identified Democrats were more than willing to amend entitlement eligibility criteria and make broader and deeper cuts to prevent default.

Politicians that pay too much attention to the polls are often derided by their rivals, who like to allege that this tendency suggests a lack of leadership ability closely akin to a moral failing. Direct democracy has its proponents, but few of even the most ardent advocates of participatory democracy would argue that it serves as either an efficient or effective way of making complex and critical decisions like those surrounding the federal budget and deficits. But how much messier would it really be than what we have all just witnessed?

The dynamics of group decision-making intrigue me. In his 2005 bestseller The Wisdom of Crowds, James Surowiecki, addressed the strengths and weaknesses of group decision-making to three particular kinds of problems:

  • Cognition problems, which require decision makers to infer unknowns from known conditions;
  • Coordination problems, which require decision-makers to achieve efficient outcomes under uncertain, competitive conditions; and
  • Cooperation problems, which involve getting “self-interested, distrustful people to work together, even when narrow self-interest would seem to dictate that no individual should take part.”

I think it’s self-explanatory which type of problem deficit-cutting most closely resembles. Surowiecki argued that effective group decision-making in all of these situations depends on three conditions: 1) diversity, 2) independence, and 3) (a particular kind of) decentralization. Congress fails on all three counts, and the process proposed in the legislation for goading our representatives into action does little if anything to improve this sorry situation.

Surowiecki notes that diversity and independence matter — particularly when solving cognition problems — “because the best collective decisions are the product of disagreement and contest, not consensus or compromise.” Decentralization on the other hand mediates the influence of disagreement and conflict because “Groups benefit from members talking to and learning from each other, but too much communication, paradoxically, can actually make the group as a whole less intelligent.”

Balancing the three decision-making prerequisites is clearly a challenging endeavor, and sometimes more difficult than the problem itself. As a result, some of the best decision-making methods use mechanisms like market-pricing and intelligent voting systems to aggregate individual judgments to produce more accurate representations of the collective mind than would otherwise emerge from direct communication among participants.

These observations may or may not suggest the need for Constitutional or procedural reforms to make Congress function more efficiently and effectively when dealing with such contentious issues. But they should inform our assessment of what it takes to improve the performance of programs and activities affected by the looming budget cuts resulting from yesterday’s Grand and Smelly Compromise.

How might we engage the wisdom of crowds to improve the performance of homeland security and domestic intelligence operations? What applications of these or related concepts are already bearing fruit?

May 7, 2011

Pakistan: complicit or incompetent or byzantine or bungling?

Filed under: Intelligence and Info-Sharing,International HLS,Terrorist Threats & Attacks — by Philip J. Palin on May 7, 2011

Watching Pakistan I have often been reminded of the anecdotes of Procopius regarding the late Roman-early Byzantine court of Justinian.  To share these impressions would, however, be even more pedantic than yesterday’s endorsement of Immanuel Kant.

I am glad that someone closer to Islamabad seems to see a similar pattern.   Following is an essay published earlier today by Irfan Husain in DAWN.  I have only excerpted a bit of the beginning.  The whole essay is worth your reading: A History of Bungling.


The space between an admission of gross incompetence or of complicity in a major crime is full of humiliation and pain.

This is the place Pakistan`s ISI finds itself in the wake of Osama bin Laden`s killing in Abbottabad.

The country`s premier intelligence agency is being accused by many of knowing where the Al Qaeda chief has been hiding for the last five years. His extended presence in Abbottabad, close to the country`s elite military academy, has raised troubling questions.

But when faced with a choice between official bungling and thuggery, I`d go for ineptitude every time. While looking at a crime, the first thing an investigator asks is: ` Cui bono ?`, or `Who benefits?”

In the case of Bin Laden`s long residence in Pakistan, the country`s security establishment clearly had nothing to gain by concealing his presence.

In the past, several major foreign Muslim terrorists have been captured in Pakistan with the ISI`s cooperation. The names of Aimal Kansi, Yusef Ramzi, Abu Zubaydah and Khalid Sheikh come to mind. Lesser figures have been fingered for drone strikes, deportation to Guantanamo Bay, or for interrogation by the Americans elsewhere.

It has long been Pakistan`s tacit policy that it would crack down on foreign fighters and terrorists, while maintaining an ambivalent attitude towards jihadi groups who might be of use in Afghanistan at a later date.

Bin Laden was clearly a distraction and an embarrassment. He was of no possible strategic value to Pakistan, now or later; 9/11 had made him a toxic liability, and he was too much of a hate figure around the world for the ISI to risk sheltering him. In addition, with a $25m reward on Bin Laden`s head, do we really think our spooks are so high-minded that they would resist the temptation to turn him in?

So me, I`d go for the bungling option rather than for any of the conspiracy theories doing the rounds in Washington and around the world…


May 4, 2011

Opening But Not Ending

I must admit that like most of you (I assume) the news that U.S. special forces had killed Osama bin Laden and recovered his body from a compound in Abbottabad, Pakistan came as a bit of a surprise. But my surprise at that fact pales in comparison to my impressions arising from the openness displayed by the administration in discussing details of the operation and its implications on future policy options.

Much of what needs to be said about the skill and courage of the President and those who conceived and carried out the mission has been said many times over in the past few days. How salient is it, however, that we can acknowledge and discuss the basis for our opinions about the performance of these individuals rather than relying solely on our predispositions to trust the opinions of others? In light of the consequences of public opinion on ongoing support for operations in Afghanistan, Iraq and elsewhere, it strikes me a particularly important that people not only can reach conclusions of their own about these actions, but also that they seem to be doing so without any particular help from the punditocracy. (This, of course, in no way deterred the talking heads from babbling, often incoherently, about the whole affair. Despite substantiation of leaks about the subject of the President’s remarks, their distracting dialectic diminished in quality as the interval between the scheduled start of President Obama’s address and his actual appearance became increasingly delayed.)

The policy environment surrounding national defense and homeland security are filled with discontinuities and uncertainty despite bin Laden’s demise. How will we end our involvement in Afghanistan? Will the government of Iraq to extend agreements for the U.S. military to continue advice and support arrangements? How will the administration and Congress resolve their pitched political differences over fiscal restraint and debt reduction without undermining our ability to meet commitments here and abroad?

Notwithstanding the release of some erroneous information that has required correction and elaboration today, the administration seems to have done itself (and us) a huge favor by making as clear as possible the basis of its assessment that al-Qaeda and its affiliates remain a threat to the U.S. and its interests. They have also made it clear that lessons about cooperation and information sharing have been learned. And perhaps most important of all, they have demonstrated the potency of patience, confidence, determination and resolve when exercised in the right proportions.

These lessons reinforce one last point: The success of this operation was not so much the product of superior technology or the investments of vast sums of money (although both undoubtedly helped ensure the careful and skillful execution of this mission), but rather the diligent and precise application of human and social skills in gathering, processing and acting on intelligence, which included precise and scrupulous attention to the most minute details.

Much more of this story remains yet to be told. But this should not hinder our understanding of the extraordinary efforts that led to this achievement nor discourage us from continuing the work required to protect our country and others affected by the threat of violent extremism.

February 12, 2011

Scanning the threat environment: Skipping along the cusp of chaos

Filed under: Intelligence and Info-Sharing,Risk Assessment — by Philip J. Palin on February 12, 2011

Thursday the nation’s intelligence chiefs appeared before the House Permanent Select Committee on Intelligence.  Below is the line-up of those testifying. As of February 12 only the DNI’s testimony is linked on the Committee’s website (and below).   I cannot — yet — find other prepared testimony.

Media and partisan attention has, as usual, focused less on the substance of the prepared remarks and much more on two spontaneous comments by Messrs. Clapper and Panetta.

Given the dramatic events unfolding in Egypt it was inevitable — and really entirely reasonable — that the live testimony would focus mostly on making sense of the immediate crisis.  This opportunity might have been embraced as an opportunity for intellectual humility and honest examination of the innate limitations of intelligence analysis and operations.  But humility does not often make an appearance inside the beltway; nor on rare appearance is humility usually rewarded, quite the contrary.

James R. Clapper, Director of National Intelligence

Click immediately above for full prepared testimony. Answering a question about the Muslim Brotherhood, he characterized it as, “a very heterogeneous group, largely secular, which has eschewed violence and has decried Al Qaeda as a perversion of Islam.”  See more from ABC News and The Telegraph.

Leon E. Panetta, Director of the Central Intelligence Agency

The CIA Director offered committee members, “I got the same information you did, that there is a strong likelihood that Mubarak may step down this evening.”  When a few hours later the Egyptian President decided to spend one more night in office, Panetta’s statement and judgment became a target.  See a thoughtful take by Jena McGregor in the Washington Post.

Michael E. Leiter, Director of the National Counterterrorism Center

I cannot find the February 10 testimony to the Intelligence Committee, but you can read the February 9 testimony to the House Homeland Security Committee: Understanding the Homeland Threat Landscape.

Lieutenant General Ronald L. Burgess, Director of the Defense Intelligence Agency, Department of Defense

Robert S. Mueller, III, Director of the Federal Bureau of Investigation

Back in September Director Mueller testified to the House Homeland Security Committee on Nine Years after 9/11 Confronting the Terrorist Threat to the United States.

Caryn A. Wagner, Under Secretary for Intelligence and Analysis, Department of Homeland Security

In late September 2010 Ms. Wagner testified before the House Committee on Homeland Security Subcommittee on Intelligence, Information Sharing, and Terrorism Risk Assessment.

Thomas A. Ferguson, Principal Deputy Under Secretary of Defense for Intelligence, Department of Defense

Philip S. Goldberg, Assistant Secretary of State, Bureau of Intelligence and Research, Department of State

If any HLSWatch readers find the missing prepared testimony — or especially good coverage of the hearing — please provide a link in the comments.  By “good coverage” I mean attention to the threat analysis, not just supposed gaffes in answering questions.  With thanks to Librarian Stephanie (see comments) you can also access video coverage of the live hearing from CSPAN.

Retrospectively, over the last year and more the best sustained intelligence and analysis on Egypt has probably been forthcoming from the Carnegie Endowment for International Peace and especially its Bipartisan Working Group on Egypt.  Carnegie products on Egypt and the Muslim Brotherhood — developed prior to the current crisis — are available from the Carnegie Guide to Egypt’s Election.  More current analysis is available from the Carnegie Endowment’s Middle East Program.

February 8, 2011

A chew-without-swallowing terrorism defense

Filed under: Intelligence and Info-Sharing,Investigation & Enforcement — by Christopher Bellavita on February 8, 2011

Today’s post was written by Nick Catrantzos.  Nick is the lead author of the All Secure blog and is the security director for a large public organization.


What’s in a lead about suspicious activity, and whence the gulf between how defenders and official lead processors react to it?

The answer says a great deal about how far our homeland security partners have advanced in gearing their efforts for preventing terrorist attacks instead of focusing top priority on prosecuting attackers. The way one answers also reveals instantly whether one is a defender or an official unburdened by direct responsibility for protecting a target of terrorist attack. Take this example and follow its course to appreciate the difference.

EVENT: A person drives up to a fenced facility whose purpose is to control electricity, water, or telecommunications serving millions of citizens. This person then takes several photographs of that facility and of the entrance to it before driving away. Staff or security cameras at the facility capture the photographer’s description and license plate number. An employee from that facility then reports these details through channels that ultimately reach the local fusion center. This center is where homeland security partners take in and presumably do something with all the information generated by their bosses’ “See something? Say something!” campaigns. What should happen next? It depends.


An analyst or duty officer calls up the license plate number and hands the details to a law enforcement officer on duty. This officer immediately calls the registered owner of the vehicle driven by the photographer, communicates official interest and concern over the actions of the photographer, and ascertains the photographer’s intent while clearly signaling that such activity is monitored, acted upon, and taken very seriously. Result? Deterrence. Even if the photographer’s actions trace to some innocent, plausible explanation, a clear message goes out that somebody is watching and that suspicious actions trigger real time response. If a terrorist was taking pictures as part of a target selection or pre-strike surveillance operation, the dividend is greater. The same message goes out disrupting the attack and in effect causing the would-be attacker to pick a softer target.

But there is an alternative reaction which misses this deterrent effect while consuming much more time and resources.


You see the situation differently. You see your job not as deterring attack but as launching investigations that take attackers down and put them behind bars. So, what happens? Well, you evaluate the lead. Let’s see, there’s not too much there to justify an investigation. There are more of these leads than investigators to handle them. Besides, you probably need a supervisor to authorize an investigation. This means more processing delay. Net result? Note and file. Thank the defender for the lead. Not enough to go on, though. Maybe next time …

What signal does the latter approach transmit? To the photographer — innocent or nefarious — it says no one will stop or question you or stand in your way. To the defender, it communicates indifference and bureaucracy that disincentivizes future participation in passive or one-sided homeland security “partnerships.”

To the public at large, the handling of such events reveals just how much our organs of homeland security have in reality taken to heart the message of the Attorney General in November 2001 when he announced that, henceforth the new priority would be prevention, not prosecution. If the second approach is crowding out the first, this is not necessarily the fault of fusion centers and lead processors. It is a failure of leadership to incentivize timely responsiveness for deterrence that is hard to measure over traditional investigative case handling that lends itself better to metrics but not to the object sought. And so we chew and chew on the very leads that a quick bite and swallow would handle better, leaving our vaunted partnerships infused with a bovine incapacity to deliver the value they were created to produce.

August 17, 2010

Homeland Security, Home Depot, Fusion Centers, and a Local Hardware Store

Filed under: General Homeland Security,Intelligence and Info-Sharing — by Christopher Bellavita on August 17, 2010

July’s Washington Post investigation of the national security and intelligence system continues to live —  least on the internet, its blogosphere suburbs, and (in October) on public television’s Frontline.

Jessica Herrera-Flanigan summarized the size of the intelligence enterprise in her July 19th post. :

  • 45 organizations (with 1,271 sub-units) engaged in top-secret work.
  • 1,931 companies engaged in top-secret work for the government.
  • 854,000 individuals  hold top-secret security clearances.
  • Over 50,000 intelligence reports published each year.
  • A $75 billion (public number) intelligence budget for 2009.

What does the nation get for those numbers?  What does it lose?

Today’s post is from a colleague who is a member of what might be called the pre-9/11 intelligence community. Her essay was written before the Washington Post investigation was published.

She writes specifically about the growth of fusion centers (there are now more than 70 of them).  But she makes a larger point that something important may have been lost amidst the growth of Top Secret America and homeland security.


Recently, the joys that accompany homeowner responsibility found me on my way to the local Home Depot to purchase the supplies necessary to fix a leaky kitchen faucet. I arrived at the store lacking any anxiety about the shopping trip.  After all, I was bound to easily locate my required plumbing supplies at the largest home-improvement retailer in the United States… or was I?

Two hours later, the same, but now greatly decreased, joys of home ownership found me at my local hardware store, where the anxiety created by my Home Depot visit was alleviated by the knowledge and helpfulness of the familiar owner.

As I made my way back home, finally armed with the correct supplies to complete my project, I thought about the reasons I had encountered such obstacles at Home Depot. I realized the big-box concept that initially gave Home Depot its innovative value had been overcome by inconvenience and a loss of trust due to unfamiliarity. The resulting experience was less efficient and more time-consuming, thereby negating any monetary savings.

Upon further reflection, I recognized many similarities between my Home Depot visit and the problems besetting homeland security in the United States. Since the events of 9/11, the number of individuals working in the homeland security field has greatly increased. New initiatives abound, most of which consist of adding people and resources as the solution to any and all problems.

But given the current issues within this field, including the struggle for success of fusion centers, mission creep between agencies, and vast duplication of responsibilities, are the solutions working? Or has the safety of our nation fallen victim to big-boxization?

People working counterterrorism matters prior to the terrorist attacks of 9/11 were part of a much smaller cadre of personnel focused on the security of our homeland. They operated through a voluntary collaborative effort on Joint Terrorism Task Forces (JTTFs), before the days when collaboration became a forced requirement. They worked as a team, before the days when that team became a behemoth. They knew the right people to contact for the right information, before the days when all of those people were required to sit in the same location.

Revisiting my Home Depot experience, I can draw many parallels with the current problems found in homeland security and, specifically, within the fusion centers that have been established allegedly to ensure information sharing between federal, state, and local stakeholders.

Similar to the various departments within a Home Depot store, the fusion centers are staffed by people representing various agencies, levels of government, and areas of expertise. But just as the salesperson assigned to the electrical department at Home Depot could not assist me when I couldn’t locate a plumbing representative, the physical co-location of personnel within a fusion center does not produce the ease of one-stop shopping.  Instead, issues of security clearances, proprietary information, and the lack of data interoperability cause the same refrains to be echoed throughout the fusion centers as I heard in Home Depot: “Sorry, ma’am, that’s not my department.”

My inconvenience at Home Depot was further exacerbated by the sales staff’s lack of familiarity with the local community. I live in a town home community built in the 1940s and, as is often the case, the historic nature of my neighborhood is accompanied by many quirks in construction and materials. The plumbing salesperson at Home Depot (who I finally located) did not know anything about my neighborhood and its quirks.  His penchant for guessing what supplies I needed did not increase my confidence or trust in his knowledge.

When I finally abandoned my attempts to succeed in Home Depot and went to my neighborhood hardware store, I was greeted by the long-time owner who was intimately familiar with the inner workings of the construction of my townhouse. Combined with his broad-based knowledge of every item on the shelves within his store, his familiarity immediately fostered my trust that I would walk out of that store with the correct supplies.

The large number of agencies and personnel being pushed into fusion centers risks creating the same lack of familiarity exhibited by the Home Depot salesperson. Only time will tell whether this familiarity, and corresponding trust, will be established. The common physical location of personnel may not be the answer to full collaboration because, as is seen in Home Depot, the issues of stovepiping and the lack of broad knowledge still remain, no matter how many people and resources are assigned to a single location.

I know for certain that I will not be visiting Home Depot the next time I need home improvement supplies. Instead, I will return to my neighborhood hardware store in which I have full confidence. Will I soon say the same about homeland security and avoid the fusion center, as I long for a return to the days of the “mom and pop” version of counterterrorism?

« Previous PageNext Page »