Homeland Security Watch

News and analysis of critical issues in homeland security

September 22, 2010

Underwater

Filed under: Budgets and Spending,Organizational Issues,State and Local HLS — by Mark Chubb on September 22, 2010

This week we learned that the longest recession since the end of the Second World War ended last December. I for one am glad somebody shared this fact, because it’s not so obvious from where I sit at the moment. Judging from the fiscal effects on the homeland security and emergency management employment markets, the housing market is not the only part of the economy underwater.

My personal employment situation is far from secure, as I have held a limited-term appointment for the last two years while a colleague served a three-year active duty assignment with the National Guard. With his separation from active service, he will resume his former position at the beginning of October, which leaves me about a month to find new employment while we work together on the transition.

As I have surveyed the homeland security and emergency management employment landscape, a couple of things have become all too readily apparent to me. First, the vast majority of positions on offer at any given time are with federal agencies or contractors. Second, most of these are located in the Washington, DC metro area or at least in the eastern half of the United States. And third, the pay afforded federal employees and many of their contractors is vastly superior to anything on offer at the state or local level, unless of course you work in a unionized police or fire department with tenure-based compensation.

Put simply, emergency management and emergency preparedness pays squat all and you will be hard-pressed to find employment in a federal agency without veterans preference credits, highly specialized skills, a top secret security clearance, a willingness to relocate and good connections. Professional homeland security and emergency management practitioners, especially those at the state and local level, are generally over-educated and under-compensated. Those without educational credentials are often far better paid than those with them, even when work experience is taken into consideration.

This is not the first time these observations have occurred to me. I married a city planner. We met while working for the same city back in the mid-1980s. She quickly made me aware of just how lucky I was to be working for the fire department, where my position afforded me a salary superior to hers despite no educational prerequisites and only comparable experience.

My wife was laid off 15 months ago despite 25 years of experience and a graduate education. She has had one interview for a position since then. Prospects for her re-employment as a city planner are bleak to non-existant. And no one seems willing to look beyond her previous job titles or the duration of her unemployment to see the skills she offers in terms of strategic thinking, public engagement, business process development and project management.

In light of current economic conditions, I am, of course, concerned that I may soon join my wife among the ranks of the long-term unemployed. But I am also concerned that the situation, if indeed we are in some sort of a long, slow recovery, has not been accompanied by the sort of strategic realignment necessary to improve efficiencies and accountability for outcomes in the future that should have become evident to all as a result of the collapse that precipitated it. And this should be a very real concern to anyone committed to the homeland security enterprise for many reasons.

Chief among these is the evidence that our so-called recovery will exacerbate social and economic tensions that pit the haves against the have-nots. Income inequality remains at unprecedented levels and is increasing even as the ranks of those in poverty increase. This creates ideal conditions for radicalization, which is already far too apparent in our domestic political discourse as well as our international relations and security situation.

The second problem this poses is the tendency to centralize expertise and capability for generating and implementing solutions far away from the sources of the problems. Failing to engage and develop local capability remains a significant vulnerability, especially since so many of the investments made in recent years have gone to already “fat” agencies and the production of paper plans that largely sit on shelves collecting dust. Efforts to slim these agencies down as the fiscal crisis dragged on have led to cuts of brain and muscle leaving the fat largely intact.

The strong tendency to preserve the status quo ante leaves many pressing problems unaddressed. Not the least of these is the need to diversify the ranks of our public safety forces so they can more effectively engage the communities they serve. (Why is it such a large percentage of the adverse impact employment discrimination cases reaching the U.S. Supreme Court in recent years originated in fire service agencies?)

I interviewed with a fire department just last week that serves a community where the Hispanic/Latino population is approaching 20 percent. Of their 400 or so uniformed staff, four are women and only one is Hispanic. In the city where I live and work, the vast majority of rank and file public safety staff in the police and fire departments live far outside the city they protect despite making a median salary more than twice the median wage. In other words, we are exporting our wealth and importing skills required to supply essential services.

These signs suggest that homeland security and emergency management are in retreat rather than advancing. Police and fire service agencies and their unions are setting the agenda at state and local levels while the federal agenda remains focused inside the Beltway and on staying off of the front pages of the few remaining national newspapers.

If making our country safe is about the decisions we make today to produce a better future for ourselves and others, we should think very seriously about the strategies informing this situation. Judging by the investments we are making (or not) in local expertise, capabilities and evaluation we may well have things back-to-front.

July 28, 2010

Competitive Analysis, Comparative Advantage

Filed under: Budgets and Spending,Intelligence and Info-Sharing,Organizational Issues — by Mark Chubb on July 28, 2010


People in the intelligence community deal in some of the most sensitive and cynical information about our government and its operations against our adversaries. It’s no wonder spies are not generally known for their senses of humor. That said, it’s a quality that really ought to be more highly prized. If the recent remarks of James Clapper, President Obama’s nominee to become the fourth director of national intelligence, are any indication, we might have a winner.

In last week’s Washington Post series on burgeoning intelligence community contracting, Clapper was quoted as having said to a reporter that the only entity in the universe with visibility into all special access programs is God. During his confirmation hearing, he was quoted as having observed in response to a question about the series, “One man’s duplication is another man’s competitive analysis.” Funny stuff, really. At least as far as I am concerned.

Characterizing the proliferation of overlapping jurisdictions and the growth in outsourcing of analysis and technical capabilities as competitive analysis is either euphemistic or optimistic. Either way its worth asking how we would know what this incredible investment of national wealth and talent is worth to our national security.

On one hand, we are regularly reassured that al Qa’ida and its affiliates have failed to launch a successful attack against the United States homeland since the 9/11 attacks. This argument asks us to accept facts not in evidence (at least publicly), as it depends on the presumption that our intelligence community operatives are routinely interdicting our adversaries before they can cause us harm.

Over the past two years, however, a new threat has emerged in the form of homegrown, lone wolf Muslim radicals. In each of the last three attacks — Ft. Hood, the Christmas Day underwear bomber, and the amateurish Times Square vehicle-borne improvised explosive device — the perpetrators gained training or encouragement from overseas operatives. That none of them succeeded on a scale comparable to previous attacks is not for lack of trying.

If we were to judge solely by the President’s reactions to these attacks, we should wonder what if anything we are getting for our increased investments in the intelligence community. The President himself has characterized these attacks as evidence of failure.

I understand the media interest in the intelligence community, but what really impresses me is how our fellow countrymen are responding since 9/11. People are far more aware of threats to our security and seem far more willing to become involved when they see something’s not right. In the absence of specific, direct investments in building the capacity of citizens to contribute to homeland defense and security and actively enlisting them in efforts to identify and assess threats, it seems safe to say that these actions on the part of the public have occurred in spite of, not because of, all the money we spent expanding intelligence community capabilities.

If we were to judge by results alone, the better investment is clearly an informed and engaged public. But that’s not currently on the table and no one is offering it despite evidence that the Washington Post series’ gravest potential impact is the further erosion of public trust and confidence in government administration and oversight of covert intelligence spending.

If General Clapper becomes the next director of national intelligence, which seems pretty certain at this point, we have little reason to believe that anything significant will change in our intelligence posture. This strikes me as a lost opportunity. The comparative advantages of engaging the public in the homeland security mission are much clearer than those associated with the competitive analysis of intelligence.

July 16, 2010

Bottom Up Review: Button Down and Focus

Filed under: General Homeland Security,Organizational Issues — by Jessica Herrera-Flanigan on July 16, 2010

Earlier this week, the Department of Homeland Security released its “Bottom Up Review (BUR),” which is intended to “align the Department’s programmatic activities and organizational structure with the mission sets and goals identified in the” Quadrennial Homeland Security Review (QHSR).

The review, which began in November 2009, focuses on three questions, according the agency:

  • How can we strengthen the Department’s performance in each of the five mission areas?
  • How should we improve Departmental operations and management?
  • How can we increase accountability for the resources entrusted to DHS?

The BUR is envisioned to be the second phase of a three-phase process, sandwiched between the QHSR and the Fiscal Year 2012 budget request and the DHS FY 2012-2016 Future Years Homeland Security Program to Congress, to be submitted next year.  DHS has made it clear that BUR is neither a strategic plan (which is probably good since there are too many plans gathering dust on the shelves of DHS) nor a budget request.

In a press roundtable this morning, Assistant Secretary of Policy David Heyman and Deputy Assistant Secretary Alan Cohn answered questions and spoke of how the BUR plays into efforts to improve the Department’s  performance.   They noted that this is the first time the Department has done such an exercise and, looking to the future, they hope to sharpen the process and focus for conducting such reviews so that the steps more fluidly provide for improving the Department’s missions and priorities.

The BUR was described as one that addresses themes, that is, the goals and objectives of what the agency should focus on to build a strong homeland security enterprise. Assistant Secretary Heyman noted that there was “not a lot of descriptions of strategic realignments” in the BUR, though there was “some discussion of managing portfolios” better.  He suggested that the report was not intended to  suggest that areas are “ripe for realignment,” but rather that there is a need for reviewing different elements distributed across the Department to determine where areas of better coordination are needed.  (Translation:  The Department, even if it is pondering realignment, cannot say so now as it has not been vetted through the Office of Management and Budget process or with Congress).

If the QHSR was designed to provide a strategic framework for the Department’s missions and goals, the BUR is intended to help provide us a roadmap on where the agency will focus its efforts going into the next fiscal year.  In short, the review is intended to tell us how the Department plans to button down and focus its many disparate efforts.  In answering the three questions above, the BUR emphasized three areas:

  1. The Department needs to grow up and get stronger so it can run itself and account for all of its programs and resources.
  2. Homeland security is not just about DHS or the federal government so the agency needs to really focus on strengthening its partner capacity and capability.
  3. It is not just about the U.S. – DHS needs to do better on the international front if it is going to succeed in its efforts.

A 70 page document, the BUR provides a number of specific areas in which the Department is/intends to focus its efforts. Here are a few that stand out:

  • Coordinator for Counterterrorism.   Expect this recently-created position to gain more stature and resources in FY2012.  The position was created to give someone the ability to coordinate all counterterrorism efforts across the Department, its directorates, components, and offices.  During the roundtable, Assistant Secretary Heyman specifically mentioned the report’s “notion of strengthening counterterrorism” across the Department as an example of how to better management portfolio.  The BUR itself discusses the evolving nature of this coordination and the need to consult with Congress on the effort.  This suggests some potential future request for realignment and resources (?) to make sure all the parts of DHS are on the same page on this effort. The big question, however, is what is meant by counterterrorism?  How will that term be defined?  Also, how will any mission re-focus or realignment (if any happens) affect those areas where an all-hazards approach is being promoted?

  • Create an integrated Departmental information sharing architecture. The description provided in the BUR is rather self-explanatory:

DHS will create an information sharing architecture to consolidate and streamline access to intelligence, law enforcement, screening, and other information across the Department. That architecture will include the capability for automated recurrent screening and vetting for individuals to whom DHS has provided a license, privilege, or status (including immigration status) so that, as new information becomes available, DHS can assess whether the individual is no longer eligible for the benefit or presents a threat. It will also include the capability to conduct scenario-based automated targeting of individuals and other entities using intelligence-driven criteria.

  • Focus on the security and resilience of global trade and travel systems. In the past, DHS has come under criticism for not paying attention to ICE’s non-detention missions.  Interestingly, the pendulum appears to have swung away from that approach, with the BUR stating that DHS will prioritize on the security of global trade and travel systems, including developing an investigative portfolio that includes “human smuggling and trafficking, child sex tourism, counter proliferation, financial, intellectual property, weapons trafficking, and narcotics investigations.”  In addition, the report says that DHS will continue to invest in “trusted traveler and trusted shipper” programs.
  • Comprehensive Immigration Reform. DHS continues to promote its efforts on comprehensive immigration reform, though the three-legged stool (enforcement, future flow, and pathway to citizenship) appears to have been expanded into a five-legged stool that now includes:  (1) border security and interior enforcement; (2) mandated employment verification program; (3) clearing up family and employment visa backlogs; (4) recast legal migration provisions to meet the needs of the twenty-first century for both high-skill and low-skill workers; and (5) pathway to citizenship that is tough but fair in which those here illegally will register, record biometrics, pass a criminal background check, pay back taxes, pay a fine,  and learn English.
  • Increase the focus and integration of DHS’s operational cybersecurity and infrastructure resilience activities. The BUR makes clear that DHS sees it responsibilities in this area broadly and that it has the lead on Federal civilian and private sector networks and plans to continue to lead in that area.  Interestingly enough, DHS excludes “civilian national security systems” as being within its jurisdiction in several places in the report.  In light of the reports that the NSA is potentially classifying the smart grid and critical infrastructure systems as national security systems,  see Cybercitizen?, we will have to see which agency’s definition of “civilian national security systems” prevails, assuming that they are different.  Also, how does this effect the efforts of the National Communications System, located within DHS and coupled with its cybersecurity efforts, which traditionally has taken on the mission of assuring communications support to critical Government functions during emergencies, especially relating to national security efforts?
  • Explore opportunities with the private sector to “design-in” greater resilience for critical infrastructure. The BUR refocuses the DHS’s efforts on setting infrastructure design standards for critical infrastructure resilience, in an expansion of the authorities given to it under the 9/11 Recommendations Act of 2007. In addition, there is some reference of building these standards into programs like the Safety Act.   The BUR also implies that we haven’t seen the last of an expansion of standards, similar to what is in place for the chemical industry, to other critical infrastructures.  It does not explicitly state this, of course, but does say it will “examine the need to set security requirements at high-risk assets and in high-risk areas as appropriate, and to set standards for security practices in critical infrastructure sectors as necessary.”  Such effort would require a lot of cooperation from Congress. 
  • Seek restoration of the Secretary’s reorganization authority for DHS headquarters. DHS wants to be able to reorganize without Congress looking over its shoulder.  This ability was given to the Department under Section 872 of the Homeland Security Act but has been chipped away over time so that the Secretary has little authority to undertake any reorganization efforts.  The BUR states that that the Department will ask for this trend to be reversed.   In addition, DHS wants to look at how to realign its component regional configurations into a single DHS regional structure and strengthen cross-Departmental management functions by creating a Headquarters Services Division within the Management Directorate.  DHS will continue to focus on the seven initiatives that make up the core of its “One DHS” efforts, including:
    1. Enterprise Governance
    2. Balanced Workforce Strategy
    3. Transformation and Systems Consolidation
    4. St Elizabeth’s/Headquarters Consolidation
    5. Human Resources Information Technology
    6. Data Center Migration
    7. HSPD 12 Implementation

The Department will also continue to try to elevate the Assistant Secretary of Policy position to an Undersecretary position, despite significant opposition from key lawmakers on the Hill.

  • Congressional Oversight.  We haven’t heard a lot on this front for awhile, but the BUR notes the need to still streamline Congressional oversight.  The report notes that DHS has testified 200 times and provided more than 5,227 briefings in the 111th Congress.  The good news in these numbers – it seems like that DHS will have testified less this Congress than in the 110th, in which its officials appeared 370 times.  The bad news – Congress still needs to streamline its Congressional oversight efforts, both to hold the Department accountable and to help it mature further.

Again, this is just a snapshot into the BUR and the Department’s priorities. The real meat of both the QHSR and BUR that will separate this three-part effort from past strategic plans, outlines of priorities, and mission statements will come in the new year with the FY2012 budget request and the DHS FY 2012-2016 Future Years Homeland Security Program to Congress.

July 3, 2010

Anchors away – or not – in the Gulf?

Filed under: Homeland Defense,Legal Issues,Organizational Issues — by Philip J. Palin on July 3, 2010

On the eve of Independence Day — on one of the most beautiful afternoons of the year so far — long-time contributor William R. Cumming has raised an intriguing issue regarding an instruction released by President Obama. 

The issue was a particular concern of the Founders and deserves our continued vigilence.  I happen to disagree with Bill’s interpretation, but I cannot claim the President’s language or intent is altogether clear.  So we begin with the President’s words and then continue to Bill’s and my own. 

The White House

 June 30, 2010

Memorandum from the President on the Long-Term Gulf Coast Restoration Support Plan

SUBJECT: Long-Term Gulf Coast Restoration Support Plan

The oil spill in the Gulf of Mexico is the worst environmental disaster America has ever faced. The oil spill represents just the latest blow to an area that has already suffered significant hardship. In addition to fighting the spill, conducting environmental cleanup, and ensuring such a crisis does not happen again, we must help the Gulf Coast and its people recover from this tragedy. A long-term plan to restore the unique beauty and bounty of this region is therefore necessary.

As I announced on June 15, 2010, and pursuant to the authority vested in me as President by the Constitution and the laws of the United States of America, I assign to the Secretary of the Navy (Secretary) the responsibility to lead the effort to create a plan of Federal support for the long-term economic and environmental restoration of the Gulf Coast region, in coordination with States, local communities, tribes, people whose livelihoods depend on the Gulf, businesses, conservationists, scientists, and other entities and persons as he deems necessary. In addition to working with these stakeholders, the Secretary shall coordinate, as appropriate, with the heads of executive departments and agencies, as well as offices within the Executive Office of the President (collectively, executive branch components).

Specifically, I direct the following:

Section 1. As soon as possible, the Secretary shall develop a Gulf Coast Restoration Support Plan (Plan), based on the following principles:

(a) The Plan shall provide a comprehensive assessment of post-spill needs, as well as a proposal for Federal assistance in the overall recovery of the region.

(b) The purpose of the Plan shall be to develop an approach that will ensure economic recovery, community planning, science-based restoration of the ecosystem and environment, public health and safety efforts, and support of individuals and businesses who suffered losses due to the spill.

(c) The Plan shall take into account resources already available to respond to the oil spill, and complement the on-going oil spill response efforts. The Secretary will also coordinate, as needed, with the State, Federal, and tribal trustees who have responsibility for directing the natural resource damage planning process under the Oil Pollution Act and other applicable law.

(d) The Plan shall identify long- and short-term objectives and, where applicable, how the achievement of these objectives will be measured.

Sec. 2. (a) This assignment is prescribed as an additional responsibility of the Secretary in accordance with section 5013 of title 10, United States Code. This additional responsibility may not be delegated under section 5013(f) of title 10, United States Code. (b) To assist in accomplishing the directive in section 1 of this memorandum, executive branch components shall make available information and other resources, including personnel, deemed by the Secretary to be necessary for development of the Plan.

Sec. 3. (a) Executive branch components shall carry out the provisions of this memorandum to the extent permitted by law, subject to the availability of appropriations, and consistent with their statutory and regulatory authorities and their enforcement mechanisms.

 (b) Nothing in this memorandum shall be construed to impair or otherwise affect: (i) authority granted by law to an executive department, agency, or the head thereof; or (ii) functions of the Director of the Office of Management and Budget relating to budgetary, administrative, or legislative proposals.

(c) This memorandum is not intended to, and does not, create any right or benefit, substantive or procedural, enforceable at law or in equity by any party against the United States, its departments, agencies, or entities, its officers, employees, or agents, or any other person. Nothing in this memorandum shall relieve or otherwise affect the obligations of any responsible party under the Oil Pollution Act or other applicable law.

Sec. 4. The Secretary is hereby authorized to publish this memorandum in the Federal Register.

Signed/ BARACK OBAMA

–+–

Commenting on a prior post Mr. Cumming wrote:

Yes and the oldest and richest democracy (Republic) has now celebrated July 4th by putting the US Navy in charge of long term recovery in the Gulf of Mexico. The militarization of US domestic policy continues apace just as in foreign policy and relations. Salute that flag!

To which I replied:

Bill, Where did you see the US Navy assignment? I know about Secretary Mabus’ assignment. But I have perceived that as separate from his SecNav role — and much more connected to his background as a former Governor of Mississippi. If that’s wrong, want to know more.

Mr. Cumming responded:

Presidential proclamation published in Tuesday’s Federal Register. Sent it to you and will send again. John Paul Jones to the rescue!

To which I responded:

Bill, thanks for resending the reference. For the benefit of other readers a web version is available at:
http://www.whitehouse.gov/the-press-office/memorandum-president-long-term-gulf-coast-restoration-support-plan

As you know, I share your concern regarding militarization of government operations. As such, it is certainly appropriate to raise the concern in this case.

I would offer, however, that based on the (little) I know and my own reading of the President’s memorandum, I understand that Secretary Mabus is, essentially, being seconded from his current role as SecNav to a leadership position for both the National Security Staff and Domestic Policy Staff.

This is my reading of the intent of the following:

In addition to working with these stakeholders, the Secretary shall coordinate, as appropriate, with the heads of executive departments and agencies, as well as offices within the Executive Office of the President(collectively,executive branch components).

The reference to Executive Office of the President includes both NSS and DPS, especially a well-established recovery working group spanning the two EOP functions.

I agree the situation is ambiguous. I bet there will be some SecNav staff involved. And this is another example of an increasing tendency for us to turn to military resources (active or retired) for commmand and operational competence. It is a worrisome trend.

Mr. Cumming respectfully disagreed:

Having read thousands of these memos it looks like a formal delegation of authority to me. See 3 USC Section 301. By passes SECDEF and others. But hey Phil you could be right and only a designation.

As always I could be wrong but a designation names a person while a delegation names a postion. Basic black letter ADMINISTRATIVE LAW.

I guess this WH knows the difference and did what they wanted to do (accomplish)! Even though Roy Mabus is former governor in a Gulf Coast state I could name perhaps a 100 others better qualified to save the states of Florida, Alabama, Mississippi, Louisiana and TEXAS. In fact why not George W. Bush, tan, rested and ready? Give him a chance to redeem his Katrina castrophic efforts! This is not a joke. At least he is not eligible for re-election [but of course Jeb is also tan, rested and waiting his turn)! Hey this is a bipartisan or non-partisan response effort correct?

To which I offered a sort of rebuttal:

I will further note that Title 10 USC, section 5013 (f) as referenced in the President’s memorandum reads:

The Secretary of the Navy may assign such of his functions, powers, and duties as he considers appropriate to the Under Secretary of the Navy and to the Assistant Secretaries of the Navy. Officers of the Navy and the Marine Corps shall, as directed by the Secretary, report on any matter to the Secretary, the Under Secretary, or any Assistant Secretary.

The President’s memorandum explicitly excludes delegation under paragraph 5013 (f), which — at least in my reading — is the White House effort to give the former Governor, who happens to be SecNav, an additional duty, but to avoid militarizing the additional duty.

I wonder if there might not have been a less ambiguous way of accomplishing the same thing, but there seems to me a pretty clear and appropriate effort to focus this additional role outside the Department of the Navy.

–+–

Before retirement Bill Cumming was a long-time lawyer with the US government.  I am neither a lawyer nor an experienced government official. If you have further insights — or suggestions — please add your comments.

June 20, 2010

Another small voice in a chorus of complaints

Filed under: Organizational Issues,Privacy and Security — by Philip J. Palin on June 20, 2010

Secretary Napolitano gave a speech on Friday.   According to Lolita Baldor with the Associated Press,

As terrorists increasingly recruit U.S. citizens, the government needs to constantly balance Americans’ civil rights and privacy with the need to keep people safe, said Homeland Security Secretary Janet Napolitano.

But finding that balance has become more complex as homegrown terrorists have used the Internet to reach out to extremists abroad for inspiration and training. Those contacts have spurred a recent rash of U.S.-based terror plots and incidents.

“The First Amendment protects radical opinions, but we need the legal tools to do things like monitor the recruitment of terrorists via the Internet,” Napolitano told a gathering of the American Constitution Society for Law and Policy.

The organization hosting the speech provides access to an audio and video recording of the Secretary’s remarks.  Thank you.

I have been unable to find a transcript of the speech.  April 19 is the last time a speech by the Secretary was uploaded to the DHS “speeches and statements” screen.    The most recent post to the Blog@DHS is ten days old.  There has not been a general press release since June 15.   

As some of you have complained, I hate to complain.  I suppose many staff have been redeployed to support public communications in the Gulf.  But unlike that wonderful Washington figure Chance “I like to watch” Gardner, I much prefer to read. It takes less time and allows for more detailed consideration of what is offered.

Friday, on another topic, I argued for the importance of listening.  When the Secretary of Homeland Security speaks on the topic of balancing security and liberty both she and we should exercise particular care.  I could be more careful in listening if I could read what she said.

June 4, 2010

A Review: Skating on Stilts: Why We Aren’t Stopping Tomorrow’s Terrorism

In 2005, Stewart Baker joined the Department of Homeland Security as Assistant Secretary of Policy for the entire Department of Homeland Security under Secretary Michael Chertoff. The position, which evolved from the Assistant Secretary for Border and Transportation Security Policy and Planning position, has the following responsibilities, according to the DHS website:

  • Leads coordination of Department-wide policies, programs, and planning, which will ensure consistency and integration of missions throughout the entire Department.
  • Provides a central office to develop and communicate policies across multiple components of the homeland security network and strengthens the Department’s ability to maintain policy and operational readiness needed to protect the homeland.
  • Provides the foundation and direction for Department-wide strategic planning and budget priorities.
  • Bridges multiple headquarters’ components and operating agencies to improve communication among departmental entities, eliminate duplication of effort, and translate policies into timely action.
  • Creates a single point of contact for internal and external stakeholders that will allow for streamlined policy management across the Department.

Baker would hold the position for the next four years, tackling a variety of issues from border and travel to cybersecurity and the Committee on Foreign Investment in the United States (CFIUS) to bioterrorism.  In his upcoming book, Skating on Stilts: Why We Aren’t Stopping Tomorrow’s Terrorism, Baker offers an intriguing view of our homeland security posture that ties back to the central theme that technology is both our savior and our enemy as it empowers not only us but our foes.  Coming from Baker, who has been described by the Washington Post as “one of the most techno-literate lawyers around,” the analysis of homeland security technology from a policy/legal prism is refreshing.  This is not a Luddite’s view of why technology harms, but an expert’s finely woven story of “how the technologies we love eventually find new ways to kill us, and how to stop them from doing that.”

A subtheme throughout the book is that information sharing, or lack thereof, has hindered our nation’s efforts to fight terrorism, especially when “privacy” has played a role.  In setting up a discussion of what led to his time at DHS, Baker recounts some of the failures leading up to 9/11, including the information sharing wall put up at the Department of Justice between intelligence and law enforcement elements of the agency, as well as challenges at the Foreign Intelligence Surveillance Court. His view is of someone who has spent time in the intelligence world as the General Counsel of the National Security Agency and as General Counsel of the Robb-Silberman Commission investigating intelligence failures before the Iraq War. The account dives into the intricacies of Justice and its overseers, as well as how bureaucracy and personalities can so easily define our government’s most sensitive policies.

The book then looks at his days at DHS and attempts to strengthen border and travel programs and policies for acronym-named programs, including Passenger Name Records (PNR), the Visa Waiver Program (VWP), Electronic System of Travel Authorization (ESTA), Western Hemisphere Travel Initiative (WHTI), and Computer Assisted Passenger Pre-Screening System II (CAPPS II),  among others.  If you have ever doubted Washington’s love of acronyms and initialisms, this read will certainly change your mind.

In evaluating efforts in the aviation space, Baker is critical of a number of groups that he deems to have stood in the way of the Department’s mission during his tenure, including the private sector, European governing bodies, bureaucrats, Congress, and privacy/civil liberties groups, all of whom he argues are all about the status quo and not open to change.  Some of his criticisms are valid while others seem to simplify the views of the various actors.  For example, in dismissing some of the tourism industry’s concerns related to travel policies, he argues that the industry did not want innovation in government security on the border. Having been in the trenches at the U.S. House Homeland Security Committee during many of these debates, I would argue that the balancing of the numerous parties’ interests and concerns was not always that simple or easy to discern, especially when assessing the right security path forward.  Some programs mentioned in the book, such as WHTI, succeeded, in part, because they were implemented once necessary infrastructure had been deployed.

His strongest concerns are reserved for privacy and civil rights advocates and the government policies they either tout or hate.  There is a great deal of skepticism for “hypothetical civil liberties” and “hypothetical privacy concerns,” without evidence of demonstrated abuses by the government. He cites numerous incidents, some of which certainly demonstrate the tension between privacy and security co-existing.  A few of the examples he uses have even been explored here at HLSWatch, including complaints about whole body imaging machines in airports.  See, e.g. The Right to Be Left Alone (October 27, 2009) and “Where are all the white guys?” (November 10, 2009). Reading the book, privacy and civil liberties supporters may find it hard to balance Baker’s call for imagination when tackling homeland security policy and decisionmaking without calling for a similar level of creative thinking when addressing how those policies and decisions will affect privacy and civil liberties.

The book goes on to describe how the Department and Administration tackled (or failed to tackle) cybersecurity and biosecurity and the differences between the approaches. In both sections, privacy and information sharing are undercurrents, though we also see some interesting discussions of such topics as patent protections, self-regulation, and the evolution of security in each of these areas.  The discussions are intriguing and provide both a history and analysis of why we are where we are on those issues.   The cybersecurity and related CFIUS discussion brought back some memories to this self-proclaimed cybergeek, including some of my first interactions with Baker when he was in private practice and I was at the Justice Department.

One last observation: while the focus on the book is obviously on the time that Baker served at the Department under Secretary Chertoff, it leaves much to the imagination of what work Secretary Ridge and his team- from their early days in the White House after 9/11 until the changing of the guard to Secretary Chertoff – undertook and how that may have contributed to some of Secretary Chertoff’s and Baker’s successes, challenges, and mindset.  In addition, despite the focus on privacy and civil liberties, there is little mention of the other DHS offices, including the Privacy, Civil Liberties, and General Counsel’s offices, who may have been engaged in many of the battles noted by Baker. The book is not lacking in detail or intrigue because of these exclusions, though I wonder how they affected the decisions of Baker and his policy team. Perhaps these items are the subject of another book for another time.

Stewart Baker provides insight into a D.C. perspective of homeland security and the struggle of a Department to tackle technology, privacy, and information sharing. The book provides some valuable lessons for those who are on the frontlines of homeland security policy as they attempt to tackle future threats. For an observer of homeland security development, Skating on Stilts: Why We Aren’t Stopping Tomorrow’s Terrorism is a must-read. The book will be released on June 15th and is available for pre-order on Amazon.com.  In the meanwhile, excerpts from the book and other missives from Baker can be found at a blog with the same name, http://www.skatingonstilts.com/.

April 22, 2010

No rush to judgment here

Filed under: Organizational Issues,Strategy — by Philip J. Palin on April 22, 2010

Late last week Secretary Napolitano was in the Boston area.  She announced a new grant for Logan airport, visited with the Boston police commissioner and Cambridge firefighters, officiated at the swearing-in of new citizens,  gave a speech at Harvard, and had a round-table discussion with nine college presidents.  (Do you occasionally worry our cabinet secretaries have been remade into little more than mouthpieces, kept busy doing testimony, media interviews, speeches, and announcements?)

In a read-out of the closed door session with higher education leaders DHS tells us, “During the meeting, Secretary Napolitano highlighted the Department’s strong partnerships with universities including support for training, coursework in homeland security-related fields and industries, and for research and development in science and technology, such as the DHS Centers of Excellence, which bring together multidisciplinary homeland security research and education assets of more than 200 institutions across the country.”

The Boston Globe reports, “she was in Cambridge meeting with college and university presidents to discuss new courses and majors aimed at preparing graduates to enter the field of cybersecurity.”  In remarks at Harvard’s Kennedy School of Government the Secretary noted, “Combating the cyber threat is going to require a partnership among government, academia, and the private sector as ambitious and sustained as any our nation has seen before. And I should say to the bright students here that DHS wants the best minds coming out of our universities to come join us in this effort.”

I have a second-hand report (good enough for a blog?) that the session with university presidents was mostly about science and technology research grants, not about homeland security education or professional development.  This is not a surprise and says much more about the role of modern universities and their presidents, than about homeland security or the Secretary. (And suggests homeland security officials are not the only ones with a serious grants habit, see Dan O’Connor’s Tuesday post.)

On the same day the Secretary of Homeland Security was meeting with higher education leaders in Boston, the Secretary of Education, Arne Duncan, was in Atlanta.  According to Georgia Public Broadcasting, “Duncan paid a visit telling students that America has to educate itself to a better economy by improving science, technology, engineering and math, or STEM subjects.”

The Quadrennial Homeland Security Review (QHSR) released in February emphasizes, “Maturing and strengthening the homeland security enterprise includes enhancing shared awareness of risks and threats, building capable communities, fostering unity of effort, and fostering innovative approaches and solutions through leading-edge science and technology.”

Am I working too hard to connect some dots (smudges?) or might there be a pattern here?

Science and technology – like mom and apple pie – attract widespread  support.  Investments in research and development for these hard-subjects (“hard” as in practical and difficult) are measurable and meaningful… for me too.

But read the QHSR’s paragraph again. What is the role of science and technology in shared awareness of risk and threats?  We have lots of technology to gather, sort and display information on risks and threats.  What we don’t have is a shared understanding of what is meaningful to gather, what is helpful to sort, and how to interpret the results.  That’s a judgment call.

How about building capable communities?  Science and technology certainly have a role in infrastructure development.  But given the QHSR’s attention to psychological and community resilience, I perceive its definition of “capable” goes well beyond the boundaries of science and technology.  How do we build a capable community?  It depends on the context of the particular community, doesn’t it?  It depends on the purposes we seek to advance, doesn’t it?  Capable of what?  It’s a judgment call.

Scan the QHSR table of contents and there are plenty of opportunities for science and technology to support good judgment.  But mostly we are given complex, constantly changing contexts beyond the capacity of precise prediction.

Once upon a time, we presumed to teach good judgment.  This was always a dicey business.  Since the 1960s - after what many saw as a series of profoundly bad judgments - the notion of good judgment has been widely discredited as self-serving fiction.

In this we have neglected to understand how and why well-intentioned men (mostly) made tragically flawed judgments.  We are increasingly inclined to ex post facto assessments of every judgment.  If we like the results, the judgment is good.  If the result is not satisfactory, there can now be a compulsion to uncover deceit and deception.  And in any case, the culture insists that threat, vulnerability and consequence should be predictable.

In this confidence regarding predictability we are, I perceive, indulging the fatal flaw at the heart of the worst kind of  judgment.  In those ancient days when we earnestly endeavored to teach good judgment, we learned that hubris – trying to control what is beyond our control – is the tripwire for tragedy.  Toward the end of his life Robert McNamara wrote, “…it’s beyond the ability of the human mind to comprehend.  Our judgment, our understanding, are not adequate.”  This is the beginning of wisdom.   McGeorge Bundy, another of the Sixties best and brightest, tells us, “There is no safety in unlimited technological hubris.”  Two of the tragedy’s main characters seemed to learned its lesson.  But those of us in the audience?

How do we choose well when we cannot – when no one can – be sure of the outcome?  How do we choose well when the risks of failure are real?  How do we choose well when threats are unpredictable, vulnerabilities are inherent to our liberty, and the consequences could be catastrophic?  It’s a judgment call.

Is it too late to retrieve – or create anew - the teaching and learning of good judgment?

For further consideration:

Nicomachean Ethics by Aristotle

Aristotle’s Ethics by Richard Kraut (Stanford Encyclopedia of Philosophy)

 
The Aims of Education by Alfred North Whitehead
 

Justice: A Journey in Moral Reasoning by Michael J. Sandel (video)

April 21, 2010

Volunteer Does Not Equal Free

Monday night, I fronted up to a meeting of my community’s Neighborhood Emergency Team (NET) volunteer leaders.  (NET is our local implementation of the Community Emergency Response Team concept promoted by FEMA through Citizen Corps). The session was a stark reminder just how far the local emergency management agenda has strayed from the community’s priorities because of federal grant requirements and the expectations of elected officials that we not only seek such grants but use them whenever possible rather than seeking additional support from general fund revenues.

As the senior civil servant in our emergency management agency, I oversee the NET program but sit a couple of levels above the actual program manager. As such, I have relatively little day-to-day contact with our volunteers, who now number more than 1,000 organized into roughly 30 teams spread across the city.

Each volunteer receives standard training consistent with the federal CERT curriculum delivered by a cadre of full-time emergency responders and seasoned volunteers. After that, each one is issued a fluorescent vest, hard hat, and ID card and send on her way.

Over the 15 or so years the program has been running, teams have largely been left to organize and administer themselves. Team leaders receive little additional training and no formal mentoring. Anyone who receives training is welcome to play or not play according to their individual willingness to do so. No one is excluded from training due to age, physical ability, prior criminal history, or other limitations or associations. As such, our volunteer corps, although quite diverse, is not necessarily representative of all segments of our community, nor organized to instill confidence in those who do not participate.

From the outset, program managers and volunteers alike have assumed that in the event of a serious emergency, such as a major earthquake, the teams would deploy themselves without need of instructions or assignments from a central command authority. Their training would dictate the priorities and rules of engagement as situations warranted: Assess damage, identify and isolate hazards, organize bystanders and others, render assistance when able, communicate conditions and resource requirements to the nearest fire station, and follow the instructions of emergency responders when they arrive.

Until recently, the system managed to get along in spite of itself. But recently, as the community responded to the H1N1 pandemic by establishing community vaccination clinics, it became evident that things were not working as well as some of us had assumed or perhaps simply hoped.

For starters, people were reluctant to step forward. This sort of mission was not what they had in mind when they signed up for training. Others expressed concern that they would be exposed to the disease and might become ill themselves or transmit the illness to someone in their household who was otherwise vulnerable. And still others found it difficult to accommodate the commitment in already busy schedules crowded with other obligations.

All of these explanations seemed reasonable enough and were little cause for concern. What we did not expect was a backlash from some quarters that suggested we were taking advantage of our volunteers to provide free labor for something that the government had not adequately prepared for and which they considered could hardly be called an emergency. Others complained that they were being asked to come to the aid of others besides their neighbors since most clinics were organized in poor communities with inadequate access to health care and a high number of uninsured residents. And still others questioned whether we knew what we were doing at all since no one had prepared them for such responsibilities much less organized them to respond to such situations beforehand.

The latter group of responses not only raised some eyebrows, but also, when contrasted with the first group of responses, suggested a very real gap had emerged between preparations and expectations. A lack of consistent communication between the agency and its volunteers as well as among the volunteers themselves had left people to make up their own explanations for what they saw heppening in the community.

Recently, evidence of this problem took on new urgency as rifts among volunteers and groups surfaced over even more mundane issues. Emails began flying back and forth among team leaders questioning one another’s motives and the city’s support for the program. In all of these communications, one thing became clear: People felt they had lost control of something valuable and wanted it back. Moreover, they were willing, if the need arose, to fight for it. Others suggested the fight had already begun, and were prepared to make that clear if anyone was in doubt.

Now, there are far worse positons to find oneself in than this. People who are passionate about something will sometimes express themselves about it in ways that others find unpleasant, antagonistic, or at least irritating. If you can get past that, though, something positive can happen.

When we got together last night about 50 team leaders assembled to tell us what was on their minds. Some had been building up a head of steam for awhile, others wondered what hit them, and still others simply ducked until the fur stopped flying. In the end, the sideshow issues about ID cards, t-shirts, advanced training opportunities, and other administrivia were pushed aside and people agreed that three things were important above all else:

  • The program is about preparedness not volunteerism.
  • Our volunteers play a vital role in communicating with our community about risk, readiness, and resilience.
  • And we need to show our volunteers that we value them by communicating consistently about issues of importance.

It will take a lot more than saying these things to make them happen though.

Our volunteers and staff both recognize that disaster survivors and neighbors are the real first-responders. They know that investments in preparedness pay big dividends when disaster strikes by minimizing demands on emergency services and expediting the transition to recovery. They understand implicitly that what we can do together makes a bigger difference than what we do alone, and they actively engage others in an ever expanding web of relationships that fosters resilience.

But they are also torn by what they must do. Our small agency has 15 full-time staff, but only one works directly with these volunteers. And even that position has responsibilities beyond training and supporting the NET volunteers. Ensuring the effectiveness of this program requires substantial investments in relationships with agencies and community partners who support the training our volunteers receive.

Volunteers too have competing demands on their time and attentions. Some would become full-time volunteers if we asked them. Others only want to get involved when the need is urgent. Most will do what they can when they can, often with a smile. But none of them will do any of this for long unless someone at least acknowledges what they are doing and encourages them to keep it up.

We know our NET program works. We can tell anytime our volunteers get together just by the passion they display and the skills they exhibit. But this program still receives less support than almost any other program we deliver. Aside from the funds allocated to developing the training materials themselves and running a few exercises, the cost of delivering the NET training and managing the teams receives no ongoing grant support. Investments made with grant funds in other projects may help leverage the support of our partners in the fire department and other agencies by freeing their resources to support our needs, but these scarce funds are drying up as the fiscal crisis persists. Besides, their support does translate into assistance with the day-to-day operation of the program.

So, what does this say about our priorities? I can only answer this question by looking at the gap between our assumptions and our expectations. Judging by that, we as a larger community of emergency management and homeland security professionals and policy-makers have assumed for far too long that volunteer means free. This can be taken one or both of two ways: 1) free as in without cost and 2) without responsibility or accountability. As it turns out, neither assumption is correct.

The opportunity cost of ignoring volunteers in exchange for making investments in hardware and software rears its ugly head sooner or later. Eventually, disgruntled if not disorganized volunteers will, as ours did Monday night, remind you that the liveware — the people and relationships that make up a community — are assets to be invested in not just protected or neglected.

December 16, 2009

Integrity, Validity or Security: Pick Any Two

Someone once said of the choice among quality, price, and timely delivery, “Pick any two.”  In recent years, Americans have operated under the illusion that such tradeoffs do not apply to us, at least with respect to information.  The pace of technological progress has fueled this illusion.

As individuals’ access to information has improved through the seemingly relentless convergence of information technologies, people have actually started wondering when, not if, a singularity will emerge.   Until this happens, we have to cope with the tradeoffs and their effects on democracy and trust.

As this blog’s other distinguished contributors and discussants has demonstrated on many occasions, homeland security professionals wrestle continuously with information management and technology policy issues that call upon us to balance information integrity, validity, and security.  Inevitably, these values find themselves expressed as tensions, and tradeoffs become inevitable as we seek to meet the expectations of politicians and citizens’ insatiable ‘needs to know.’

In addition to the need to know, we must now confront the ability to know.  Information and knowledge are not the same thing. Turning information into knowledge is a complex, time-consuming, and often costly process.  People in general have a poor capacity for interpreting large amounts of complex information and thus acquiring appreciable knowledge of risks, especially those far removed from their everyday experience.

This became abundantly clear to me recently, as the community where I work responded to a positive test for e. coli contamination in our drinking water supply.  Initial tests, like the one conducted here the day before Thanksgiving, had produced positive results on more than a dozen prior occasions without resulting in confirmation during subsequent testing.  This time was different though.

By the time the positive results were confirmed and the potential extent of contamination became clear, officials had to work out who needed to know what and then worried about the best way to communicate the information without provoking undue fear.  After all, they reckoned, the boil water notice issued in response to the finding in compliance with federal drinking water regulations was not itself a risk-free proposition: In other communities, more people suffered burns preparing water for consumption than suffered illness from the such contamination itself.

As word of the required actions and the city’s response to it was released to the news media and the public, feedback came in hot and fast.  Why had this notice not been issued sooner?  Why had officials relied so heavily on traditional media to get the word out?  Why had city officials not contacted water customers directly?

Those in the community asking these questions assumed they were the first to do so.  Moreover, they assumed that the answers were influenced primarily by money, technology, and administrative inertia, if not apathy or incompetence.  While cost, technical capability, and bureaucratic issues all play a role in delaying or preventing action, they are not the primary cause of officials’ concerns.  Those responsible for deciding when and how to act, including when and how to notify the public, tend to be consumed with concern for getting it right.  Herein lies the problem: A “right” response lies in the eyes of the beholder, and the public has taken a particularly jaundiced view of official actions to manage risks, especially those that involve an intersection between complex technologies and human health.

As I was digesting the very real implications of the dilemma occurring in my own community, I became aware of a report released at the beginning of October by the Knight Commission on the Information Needs of Communities in a Democracy.  The report prepared by a commission of policy and technology experts co-chaired by former United States Solicitor General Theodore Olson and Google vice president Marisa Mayer was presented to federal Chief Technology Officer Aneesh Chopra and Federal Communications Commission Chairman Julius Genachowski upon its release.

In short, the report warns of a growing information divide that threatens to undermine the foundations of American democracy. Addressing the divide, the report argues, will require coordinated effort on many fronts, and cannot be accomplished by either the government or the market acting alone.

Although improved access to technology, expanded transparency of government information, and increased commitment to engagement are all required, so too is increased literacy and numeracy – the capacity of people to appreciate information and turn it into useful knowledge.

So far, efforts to produce engagement even in some of the most creative, educated, and engaged communities through technology innovation have produced spotty results.  Open data and application development contests intended to engage private sector partners to leverage insights from public data have produced applications that do little to advance the public good.  In many cases, these applications simply make it easier for well-equipped citizens with smartphones to tell government officials they are doing a poor job responding to citizen concerns, while increasing the volume of complaints they have to deal with before they can get on with the work needed to remedy the underlying causes of what might otherwise be legitimate problems.

In other cases, applications that improve the efficiency of individual competition for consumption of public goods like parking spaces pass for innovation.  In still others, externalities clearly outweigh efficiencies by making undigested or unconfirmed information available in forms that further erode confidence in government.

In the early days of the republic, a learned man or woman of modest means could acquire a decent command of all available knowledge by applying him or herself with rigor and discipline.  Indeed, the signers of our own Declaration of Independence distinguished themselves as knowledgeable in a diverse array of subjects ranging from philosophy to law to agriculture to military strategy to engineering to commerce to religion.

Today, not one of us has any hope of achieving comparable mastery of extant knowledge.  The volume of information already in existence and the pace of new discoveries have simply become too vast, too specialized, too detailed, and too isolated from everyday experience for anyone to master regardless of mettle or means.  This does not seem to have lowered public expectations though.

In a world where people share information in real-time with one another over distances of thousands of miles and have instant access to hundreds of television channels, dozens of radio stations, and zettabytes (one zettabyte equals one billion terabytes) of data how do we overcome the illusion that information access equals knowledge?  With all of this information floating around us all the time, how do we decide what to tell people, when to tell them, and what method to use?

In the online discussion that emerged following the recent water contamination scare here, one participant in noted, “People do not trust institutions, they trust people.”  For him, at least, it was important not so much that someone had the answers to his questions, as it was that someone took responsibility for responding to his concerns.  In the absence of an official somebody, it seems anybody will do.  He, and many others, argued that the absence of official pronouncements only encouraged others to fill the void.

Not long ago, we relied upon media to do this for us.  That has changed, and media no longer have the capacity they once did to hold government accountable or to lower public expectations.  To the extent that media play an influential role in public debates these days, they are more likely to reinforce our biases than clarify positions or encourage dialogue.

It remains unclear whether social media or other technologies will bridge the gap between knowledge haves and have-nots.  If time is running out on our information illusions and our nation’s capacity to maintain trust in government and its democratic legitimacy are threatened by this growing divide, what will we make of the choice between integrity, validity, and security in the future and how will cost, quality, and timeliness influence our decisions?

October 17, 2009

PJB pushes RECCWGs to advance NECP

Filed under: Organizational Issues,Preparedness and Response,Technology for HLS — by Philip J. Palin on October 17, 2009

(Editorial note:  Yesterday Peter J. Brown posted the following as a comment to a post on the 2010 DHS Appropriations Conference report.  Without Peter’s permission, I am copying below the comment, in its entirety.  I have added a couple of  embedded online links.)

This is an appeal to all 10 FEMA regional coordinators to stand up and be counted.

While I agree that much time and energy has been devoted to standing up 4500 personnel under the current 3 CBRNE Consequence Management Response Forces (CCMRF), there is a valid need for a more agile and responsive force consisting of 10 smaller teams assigned to all 10 FEMA regions. In instances where a specific FEMA regional coordinator calls for additional support, any movement /mobilization of appropriate CBRNE response resources and manpower could accompany a broader EMAC activation in close coordination with HHS /CDC and other components.

However, beyond any CBRNE /CCMRF concerns, it might be a good idea for each of the Regional Emergency Communications Coordination Working Groups(RECCWGs) in each of the 10 FEMA regions to reflect upon the recommendations spelled out Page 61 of the GAO report last summer (see GAO-09-604 Emergency Communications).

Specifically, what is the status of the broad implementation of the National Emergency Communications Plan (NECP), and, if bottlenecks or significant glitches are apparent, what is the impact? A year after the release of the NECP, how relevant and how workable are the milestones, for example?

Whereas this GAO report suggests that each region might want an update from DHS on the status of the Emergency Communications Preparedness Center (ECPC), and how the progress to date and intended outcome of the ECPC project helps or hinders efforts to implement NECP, perhaps the ECPC concept needs further scrutiny in light of overall progress to date on the NECP.

As DHS and FCC attempt to craft a “common vision” and “better collaborate on each agency’s emergency communications efforts” what exactly are the priorities and how do these match priorities at the local and state level in terms of overall planning and coordination efforts — again something that is relevant to the RECCWGs.

Finally, where the GAO recommends –

To help ensure that federal agencies and their communications assets are well-positioned to support state and local first responders in catastrophic disasters, we recommend that the Secretary of Homeland Security provide guidance and technical assistance to federal agencies in developing formal emergency communications plans. These plans could include identifying how federal agencies’ communications resources and assets will support state and local first responders in a disaster. To help DHS and FCC enhance the value of stakeholder groups’ recommendations, we recommend that the Secretary of Homeland Security and the Chair of the Federal Communications Commission systematically track, assess, and respond to stakeholder groups’ recommendations, including identifying actions taken by the agencies in response to recommendations, whether recommendations are duplicative with past recommendations, and opportunities to work with other agencies, as appropriate, to advance recommendations.

Perhaps, given all the time spent on this and related topics to date, the time has come for the RECCWGs in the 10 regions to be empowered to act as one and emerge as a logical overseer of this process. In other words, rather than sitting on the receiving end of the outcome, the RECCWGs could speed the process by setting out what exactly is needed at this point, and set a realistic timetable as well. As end user representatives rather than providers, the RECCWGs are in a good position to take realistic look at where this is all leading, what has been accomplished to date, and how the vendor-driven and real world environment could benefit from the activities in question.

I do not want to sound as if I do not see the value of an NPD task force like the one described here, but at the same time simply from a confidence-building standpoint, I cringe when I hear that another task force of such an immense scope may be forming up to do nothing more than critique the entire national preparedness and response apparatus that has been taking shape during this decade. We should, at this point, be devoting time and energy to a more productive exercise.

September 3, 2009

“What is my place in homeland security, and the place of homeland security in my world?”

Filed under: General Homeland Security,Organizational Issues — by Christopher Bellavita on September 3, 2009

One of my colleagues asks his students to answer the question posed in the title of this post.  The assignment is difficult in at least two ways.  The question requires a reflection not typically encountered in their day to day homeland security work.  The students — experienced, erudite and articulate — are also asked to begin their response with a slide show.

Most of the students come from organizations caressed by the Angel of Death-By-PowerPoint.  So answering a profound question seriously, engagingly, and with a significant verbal constraint adds extra degrees of difficulty.

Mark is today’s guest blogger.  He works for the TSA.  [Update: "Mark" is Mark A. Holmstrup.  He is a Supervisory Field Attorney for TSA.]  Mark’s response to the question follows immediately after today’s public service message.

[Start Today's Public Service Message]
If you have not yet contributed to the second Quadrennial Homeland Security Review Dialogue, please consider doing so, and click on this link to get started.  The Dialogue will allow you to reflect on “your place in homeland security and the place of homeland security in your world.”  And you can use words. No powerpoint required.
[End Today's Public Service Message]

Now back to our regularly scheduled post.

slide01slide02slide03slide04slide05slide06slide07slide08slide09slide10slide11slide12slide13slide14slide15slide16slide17slide18slide19slide20slide21slide22slide23slide24slide25slide26slide27

August 26, 2009

Resilience Policy Directorate: 90 day review

Filed under: Organizational Issues,Strategy — by Philip J. Palin on August 26, 2009

On May 26 the President announced, “The full integration of White House staff supporting national security and homeland security.  The new ‘National Security Staff’ will support all White House policymaking activities related to international, transnational, and homeland security matters.”

I did not support this decision and, in fact, testified against it.  But I was encouraged by the recommendation to establish a new Resilience Policy Directorate within the expanded National Security Staff.  On June 2 this blog led with Resilience Policy Directorate: important, urgent, and open to definition

It has now been three months, what more do we know about the emerging definition of the RPD?  Not much, but following is what I have been able to piece together.

Richard A. Reed has been named Special Assistant to the President and Senior Director for Resilience.  Under his direction are two policy portfolios: 1) Preparedness and 2) Response.  The Preparedness portfolio is directed by Brian E. Kamoie.  The Response portfolio is directed by Elizabeth A. Farr.  (A principal recommendation of the report calling for the RPD was to relocate responsibility for long-term recovery issues to the Domestic Policy Council.)

The rumor mill suggests the Preparedness portfolio (and really the entire RPD staff) is deeply engaged in brokering the interagency process focused on resurgence of H1N1.   A four or five person team organized around “All-Hazards Medical Preparedness” is the current center of gravity. 

In contrast, one staffer is currently responsible for Community Preparedness and Population Resilience, National Preparedness, and National Planning. While this is a broad front for one guy to handle, it is worth noting that Community Preparedness and Population Resilience was not among the specific policy priorities called-out in the PSD-1 report.  This strikes me as an addition with great potential.

The current intense focus on inter-agency coordination for a specific threat will be a defining experience for the RPD.  It probably could not be — perhaps, shouldn’t be — any other way (see H1N1 post immediately below).  But it highlights the powerful claim of what is urgent.  It is tough to think through, craft, and cultivate support for long-term policy/strategy innovation when an unpredictable pandemic is breathing down your neck.  It’s tough enough to defuse turf fights between departments when the threat is known. 

There are still three or four staff vacancies to be filled.  Altogether the RPD will consist of about sixteen folks.   Right now the staff consists mostly of non-military federalistas.  I have not been able to gin up background on every staffer and am not even sure I have identified everyone currently in place.  But I have not yet found much state, local, or private sector experience.

The rumor mill (again) suggests that the RPD is charged mostly with riding herd on the federal interagency process.  The background of the staff in place so far tends to reflect that mission focus. 

The PSD-1 report — or at least the out-brief given at the Homeland Security Policy Institute – included as one of fifteen core recommendations, “Better integrate state/local/tribal, public and  private sector into the policy process.”  It is not yet clear how (even if)  the RPD is organized or aimed to advance this goal.

Three months is not much time to stand up anything new, especially in the pressure cooker of the White House.  To stand up this particular directorate in the midst of a pandemic adds to the complications.  But pandemic preparedness may also be a great way to establish “street cred” with the other toughs on the federal block.

In another 90 days we will be able to assess how effectively the RPD performed its first urgent mission.  It will also be time to determine how the new directorate is contributing to other less urgent, but equally important, mission areas.   Resilience is much more than the very best preparedness and response.

Back in May listening to the roll-out of the new function, I heard the RPD conceived as a policy shop through which local priorities, impediments, needs, and strengths can have direct and early influence on shaping and executing global security.

Maybe I was just hearing what I wanted to hear.  But I still think it is a good idea.

August 6, 2009

Locate, Target, and Destroy the Attackers: Filling the gap between NIMS/ICS and the law enforcement initial response in the age of urban paramilitary terrorism

Today’s guest blogger is T.J. Moody, the Assistant Sheriff for Law Enforcement Operations, with the Las Vegas Metropolitan Police Department.  He argues that homeland security needs more than the National Incident Management System (NIMS) and the Incident Command System (ICS) if we are to meet the threat of paramilitary terrorism.

The 1828 edition of Webster’s Revised Unabridged Dictionary defines “doctrine” as “whatever is laid down as true by an instructor or master.” The definition also notes “… a doctrine may be true or false; it may be a mere tenet or opinion.”

The National Incident Management System is unarguably a core part of Homeland Security’s (mostly uncollated ) doctrine.

As described by the NIMS Resource Center, NIMS :

… provides a systematic, proactive approach to guide departments and agencies at all levels … to work seamlessly to prevent, protect against, respond to, recover from, and mitigate the effects of incidents, regardless of cause, size, location, or complexity, in order to reduce the loss of life and property and harm to the environment.

NIMS was “laid down as true” in the early days of homeland security.  As doctrine, it grew out of the proven wildfire success of the incident command system.  NIMS is the public policy equivalent of being satisfied with any needle in a haystack, instead of continuing to look for the sharpest needle.

Few people routinely use the 1828 version of Webster’s dictionary.  As our understanding of language evolves, so too do our lexical tools.

NIMS as a practice also evolves.  I do not know any public safety professional with significant experience using incident command who believes NIMS provides a mechanical procedure for every operational situation.  It’s proponents present NIMS as a framework, a template; the basis for improvising intelligently around the details of a specific incident.  NIMS might not be perfect, they argue, but it gets better incrementally as we gain more experience using it.

Sometimes waiting for incrementalism to do its evolutionary work is the wrong approach.  Homeland security environments can change rapidly.  Structures and processes that worked in the past may be, as Lincoln wrote, “inadequate to the stormy present.”    When situations change, leadership may need to point to a new direction.  That is the subject of T.J. Moody’s post.
—————————
Recent developments in tactics used by terrorists in India and Pakistan demand an urgent re-examination of the urban policing model currently employed in the United States.  The National Incident Management System and the Incident Command System are tools which, in some circumstances, have an important role within law enforcement. However, these command and control structures may represent an anachronistic paradigm which could be inadequate to the evolving needs of law enforcement first-responders.  Dogmatic command and control paradigms that are heavily reliant on communications technology and centralized control often fail, and are likely to be of little value during the initial response phase to attacks such as those that occurred in Mumbai, India, and Lahore, Pakistan.

Without regard for the type of event involved, NIMS and ICS erroneously assume a consistent concentration of situational awareness at the top, and place ultimate authority in the hands of a few.   In light of recent international attacks, such assumptions may be dangerous and unreasonable.  They may lead law enforcement to train for unlikely scenarios, to the exclusion of more reality-based, practical training.

This fallacy of command and control continues to form the basis for most emergency management training in the U.S.  By consuming valuable time, resources, and attention, it may actually reduce the preparedness of law enforcement in case of an actual paramilitary terrorist event.

NIMS and ICS aspire to create a head, which, due to confusion, chaos, and unreasonable technological expectations, will be unlikely to function effectively during the initial law enforcement response to acts of paramilitary terrorism. A head is subject to decapitation in a worst case terrorism scenario, and may leave free lancing police tacticians highly vulnerable to the military style tactics and stout resistance increasingly demonstrated by Islamic terrorists.

Senior commanders armed with radios, cell phones, and the principals of ICS will be among those least likely to have good information about what is actually occurring in a worst-case scenario, and may be faced with significantly degraded communications capabilities. To train large police forces to remain dependent on hierarchical command and control paradigms to the exclusion of other alternatives is to train for failure.

Sullivan and Elkus, in their 2009 work “Preventing Another Mumbai: Building a Police Operational Art,” envision the need for an “operational—instead of purely tactical—response to paramilitary terrorism” within American policing.  Additionally, there is a need for a strategic response, one which de-emphasizes dogmatic, hierarchical models of command and control.

American urban policing must pursue a paradigm shift which envisions a radically decentralized, mission driven response model.  In the emerging paradigm, small teams will have advance mission knowledge and focus, and will be able to execute their missions in the absence of a highly centralized command authority.  Police officers and their field supervisors, if they are to survive, will need to understand and plan for their mission in advance, and will need to train and discipline themselves to respond as teams. All valuable time remaining before a future attack must be used to fully prepare our law enforcement first responders for the tactical shifts exhibited by terrorists that may represent a new “urban jihad.”

Urban police forces must train their patrol personnel—who comprise the most critical and vulnerable front line in a major incident—to recognize the signs of a terrorist attack, and to act immediately to deploy safely and effectively in small teams rather than as individuals.  Team leaders must fully grasp their role and mission, and must understand how their actions serve to support other elements of a self-executing all-agency plan, especially in the absence of effective communications.

Precinct and field level commanders must have intimate knowledge of the overall agency response plan, and must understand the role of their particular component in support of that plan.  These ad-hoc urban tactical teams will have a clear mission: locate, target, and destroy the attackers.  Centralized command and control, particularly during the first long hours of such an event, will likely have little to offer with respect to the effectiveness and survivability of the response teams.

Our collective mission will be to develop a domestic police force which can continue to perform its day-to-day duties in a way that is acceptable within a free society, but which can adapt quickly to an emerging new paradigm that assumes degraded communications, emphasizes small team leadership, and embraces decentralized command and control.

June 5, 2009

Resilience Policy Directorate: some further (not yet final) considerations

Filed under: Organizational Issues,Strategy — by Philip J. Palin on June 5, 2009

I received several private communications regarding yesterday’s “dinner” with Mr. Brennan.   The most critical comments assailed my attention to Mr. Sunstein rather than nominating State, local, tribal, or private sector professionals to the new Directorate.

Three reactions. 

First, the appointment of such individuals is nearly a foregone conclusion.  If Mr. Brennan asked for my nominations, I would be happy to provide some names. In fact, in the real world, I have been pushing one local leader.  Otherwise, if the sale has been made don’t waste time, move on.  How do you know what I might have said over dessert?

Second, putting the “right people” in place is never enough.  This is the most common error that managers and policymakers  make.  Someone I trust inside the process has said there is still the need for “policy direction.”  Right now the Resilience Policy Directorate is mostly a box in which to insert stakeholder — or functional – representatives.  There is a need to frame a reasonably clear “why and what” for the RPD.  I have argued — with others — that complex systems organize around meaning.  What is the meaning of resilience? 

Third, we have not answered the question of meaning.  I believe the Brits abetted by Cass Sunstein point us toward a helpful answer.  But as our discussion has exposed we are far from a meaningful consensus or even a simple modus operandi.

(Defensive interlude:  I, too, believe — profoundly — in emergence. But the reality of emergence should not be used as an excuse for intellectual laziness.  Our analyses will only be proximate and we should always recognize our limitations.  But we may speed and even shape emergence with the rigor of our analysis and the power of our creativity. We can contribute to helpful outcomes even when our specific input fails to fulfill our intent.)

Others have written they are preparing comments on resilience and/or the RPD.  Great.  If you are looking for an outcome beyond an interesting bloggy exchange, I suggest getting your comments into the conversation earlier instead of later.

I assume that when individuals write me privately, instead of making public comments,  they have ethical or political problems being identified with what they offer.  Yesterday someone I do not know sent along the following factual information.  The fact is helpful.  The contributor’s analysis is acute:

Avid reader of your blog. FYI, useful addition to the discussion is
that Resilience is defined in the DHS Lexicon as:

“Ability of systems, infrastructures, government, business, and
citizenry to resist, absorb, recover from, or adapt to an adverse
occurrence that may cause harm, destruction, or loss of national
significance .”

Link:http://www.dhs.gov/xlibrary/assets/dhs_risk_lexicon.pdf

Note, DHS continues to see resilience as subordinate to ‘risk’ and an
aspect of ‘vulnerability’, vice recognizing it as the super-ordinate
organizing philosophy laying above risk management. Still, a useful
working definition.

June 4, 2009

Mr. Brennan comes to dinner

Filed under: Humor,Organizational Issues,Strategy — by Philip J. Palin on June 4, 2009

dinner  Steve Flynn, Philip Palin, and John Brennan at Virtual Citronelle

As expected, Mr. Brennan was a bit late to arrive.  Steve Flynn joined me at the glittering, probably digitally enhanced, table.

“Your pitch has been vague Phil, what are you planning tonight?” Steve challenged.

“Whaddya  suggest?”

“Seems to me the context has seldom been better for American grit, volunteerism, and ingenuity in the face of adversity,” Flynn replied.

“And that’s not vague?” I asked smiling. “I’ve read your testimony and your books Steve, I expect Brennan has too, what’s new?  What’s the take-away?”

“Can I bring you a drink or an appetizer?” the waiter offered soothingly.  Flynn ordered a red wine.  I demurred wanting every synapse to fire as cleanly as possible.

Steve continued, “We have to gather and share as much threat, response, and recovery information as possible with private industry and state and local emergency responders. At the same time, it must place far greater emphasis on informing and engaging the American public. The key is to target the relevant audience with threat information that is matched with specific guidance on how to respond to the threat.”

“Psychological readiness is key,” I agreed nodding.  “The more we  think about a potential catastrophe, the less likely we will perceive the actual event as catastrophic.  The more we anticipate the worst, the more quickly and fully we bounce back.”

I’d lost him.  Steve was fixed on something over my left shoulder.  Virtual Citronelle is an immersive virtual space that mimics a real dining room. Sort of a flight simulator for policy wonks. 

“Hey Steve, good to see you,” Mr. Brennan reached out and they shook hands.  “So you’re Palin.  Ruchi says you’re not related to the Governor.”  Brennan’s digital handshake was more a quick grab than a welcome.

“Not in the last three generations,” I replied.  “I thought of Ruchi when I saw the proposal to spin-out long-term recovery.  Will that be her assignment?”

“Not my call.  I understand you think resilience is the solution to all my problems?”  His tone signaled impatience.

“Any chance of a dotted line between the Resilience Policy Directorate and OIRA (Office of Information and Regulatory Affairs)?” I asked. 

“No,” Brennan answered, looking slightly annoyed.

In my experience directly launching a policy pitch typically fails.  It sets up a kind of seller-buyer dynamic.  And most Washington policymakers use caveat emptor as their mantra, whether or not they practice yoga.  If there is some way to actually have a conversation substantive progress is much more likely.

“How much of the current thinking on resilience draws on the British model?” I asked.

“None, as far as I know.  If Randy and Michele looked across the pond they didn’t tell me.”

“It’s a good place to look,” Steve interjected. “Whitehall defines resilience as an integrated approach to anticipation, assessment, prevention, preparation, response and recovery. Those first three steps are too often left out of our approach. We talk about preparedness, but we’re usually just preparing to respond.  Resilience is also preventative.”

“Back in 04 parliament passed a Civil Contingencies Act that fundamentally reconceived and reorganized what we would call homeland security,” I added.  My voice goes a little high and fast when nervous. “Crucially, they reconceived and reorganized around resilience.  We’re not there yet.  But  the results of PSD-1 could push us that way.”

“The Brits are doing a good job on going public in a rigorous way with real risk assessment and the beginnings of serious risk-informed decision-making,” Steve said with the calm of a more experienced hand. “It’s not a panacea, John.  But it’s a practical model that is in place and from which we can learn alot.”

Brennan was sitting back, a little more relaxed.  My shoulders loosened.

“That’s why I asked about OIRA — or really about Cass Sunstein.  If Sunstein is too busy, we need to get one or two of his best acolytes assigned to the RPD,” my voice had returned to it’s typical baritone. “What Cass sets out in Worst Case Scenarios and in Nudge is the why and how of an American approach to resilience.”

“Are you ready to order?” the waiter asked.  We were not.  But Brennan picked up the menu.  Looks like he will continue the conversation.  A small victory.  Maybe I will have a drink.

(This is most definitely a fiction. Apologies may be in order to Steve Flynn, John Brennan, and — perhaps most of all — to Chef Michel Richard.  Please see many substantive comments by readers by scrolling below, but especially here and here and here.)

June 3, 2009

Resilience Policy Directorate continued

Filed under: General Homeland Security,Organizational Issues,State and Local HLS,Strategy — by Philip J. Palin on June 3, 2009

The Pleasure of Your Company

is Cordially Requested

to Dinner with the

Honorable John O. Brennan

on Wednesday the Third of June

at Virtual Citronelle

on the Browser of Your Choice

If tonight you were seated next to John Brennan at dinner, what would you ask or tell the the Special Assistant to the President for Homeland Security and Counterterrorism (aka Deputy National Security Advisor)?

Since May 26 we have been having a conversation among ourselves regarding the establishment of the new Resilience Policy Directorate of the National Security Staff.  Scroll below.

What if someone within the gray granite and marble wedding cake next to the White House is assigned to summarize for Mr. Brennan the “chatter” regarding this proposal.  What would you want the top bullet point to read? The final bullet point?

Steve Flynn, the Reform Institute, the National Homeland Security Consortium, the House and Senate Homeland Security committees, and many others have had their input.  What is yours?

Expert analysis is so common inside the beltway as to have modest value.  It is almost (not quite) taken for granted.  There are  good substantive reasons for the Resilience Policy Directorate.  These arguments have been heard and largely accepted.

Persuasive presentations of self-serving proposals are even more common.  There is some element of this in the Resilience Policy Directorate.  State, local, tribal, and private-sector “stakeholders” are being given a specific seat at the table. 

Informed and thoughtful and constructive and personally disinterested  comments on important topics of the day are, however, so atypical that they can command unusual attention.  Evidence that ten or twenty of you consider this important will have much more impact than anything I write.

Readership over the last two days has increased substantially.  Lots of folks are listening.  I wonder what you are thinking?  More importantly, others are wondering too.  Is resilience just a new name for an old bucket?  Or does it, can it, should it signal a different strategic approach to homeland security?

Last night I was at dinner with two admirals.  They discussed and described how one of the most important aspects of today’s Maritime Strategy emerged over a dinner conversation in 1999.  How would you handle a dinner conversation tonight with Mr. Brennan?

« Previous PageNext Page »