Homeland Security Watch

News and analysis of critical issues in homeland security

November 14, 2013

Healing our addiction to control

Filed under: Catastrophes,Preparedness and Response,Private Sector,Recovery,Resilience,Strategy — by Philip J. Palin on November 14, 2013

Logistics hubs

The area shown above is a roughly 50,000 square mile region featuring six major and many smaller islands.  The region’s total population is about 11.2 million.

The typhoon made landfall in eastern Samar province early Friday morning November 8. With sustained winds of 195 miles-per-hour and wind gusts of up to 235 mph, the cyclone tore west across the nation of islands for the next twelve hours.

There had been preparations and in many areas evacuations.  But given the cyclone’s reach and Philippine geography one might run but not hide from a storm this size.

The number of casualties is not yet clear. The fate of survivors is clear enough. Tomoo Hozumi, the Philippines’ UNICEF representative, told CNN food, shelter, clean water and basic sanitation are “in a severe shortage, the situation on the ground is hideous.”

The dead have not been buried. Toxic detritus has been splashed across the wrecked landscape. Human waste is accumulating. Simple cuts become life-threatening due to infection and lack of medicine.

More than 11 million people are affected. More than a half-million have been displaced. Up to 2.5 million are in imminent danger due to lack of human essentials.  “Maslow’s pyramid has collapsed,” one Filipino said.

Delivering supplies is the preeminent challenge. As it was in the 2004 Indian Ocean tsunami, 2010 Haitian earthquake, and 2011 Great Tohoku earthquake. We will see these challenges in the United States following a CAT-5 hurricane or 8-plus earthquake pummeling a dense urban area.

On Tuesday night, nearly five days after landfall, the Philippine national government outlined a “master plan” for supplying the expansive impact area roughly the size of Louisiana. Based on an interview with Cabinet Secretary Rene Almendras, here’s an overview from the Manila Bulletin:

“This will come out to be one of the largest logistic and relief operations that the Philippine government has ever done in history and the President wanted to make sure that we have aligned everything,” he added.

“There has never been anything at the magnitude of what we are trying to do now—not in size, not in volume, not in even the breadth of it,” he added.

Under the relief plan, Almendras said the government will set up a special processing center in Cebu that will integrate the flow of all relief assistance. From Cebu, the relief goods will be distributed to the typhoon-hit places.

He said the Department of Social Welfare and Development (DSWD) will also establish additional repacking centers of relief goods, including in Ormoc, Cagayan de Oro and Davao.

He said the government is moving the relief goods to Tacloban City by air, land, and sea transportation. C-130 planes are doing sunrise to sunset operations to bring relief goods to the disaster-hit areas.

He added that Transportation Secretary Joseph Emilio Abaya has been designated “transportation guru” to ensure relief goods are moved as fast as possible.

On questions why the goods are not reaching some victims, Almendra said: “That’s really a local issue that we are trying to address now.”

The last — unanswered — paragraph is the crucial concern.  Establishing logistical hubs is certainly a challenge. They may be needed, I don’t know the status of preexisting hubs.  But hubs exist to serve spokes and move energy to the treads. Spokes and treads are how commodities become supplies that survivors actually consume.

In its November 13 situation update the UN Office for the Coordination of Humanitarian Affairs (OCHA) emphasizes, “Trucks and fuel are urgently needed to deliver aid. Debris and logistics continue to severely constrain the delivery of humanitarian assistance.” In the same report OCHA estimates that to date about 250,000 survivors have received food assistance (of the 2.5 million noted above).

There have been some — surprising — lessons learned from prior catastrophes.  After the earthquake-tsunami-nuclear emergency Japanese Self Defense Forces spent at least five days trying to self-create sufficient capacity to serve hundreds-of-thousands of survivors. There was never close to enough. Only after the perimeters came down, fuel was available and commercial resources were reengaged did supplies begin to meet demand.   The convenience store sector in Japan became a major engine of localized response and recovery.

A friend who was on the ground soon after the 2010 earthquake in Haiti says, “Really effective distribution did not take hold until street vendors opened a so-called black market for relief supplies.  Our initial reaction was moral outrage. Our second and very quiet reaction was gratitude.  In a couple of days the street vendors achieved a level of distribution that was far beyond the capability of the international and NGO communities.”

Since their 2011 experience the Japanese have given unprecedented attention to pre-planning and collaboration with the private sector. (There is even a — controversial — proposal to use private sector transportation for  non-disaster-related military missions.)  The emergency-response strategy is now more focused on restoring instead of replacing private sector supply streams.

In both Japan and Haiti — and now the Philippines — the strategic issue might be framed as, “How do you make complexity your friend?”

Some partial, situation-specific answers:  Clear debris, open roadways, restore or replace bridges, do not divert fuel from the commercial economy, keep perimeters reasonably permeable, compensate the private sector (even black-marketeers) to distribute at no-charge what they had previously sold, cherish and support truckers and trucks (especially small trucks), provide security as needed with convoys or otherwise. As much as possible, use whatever relationships, networks, systems, capacities, and capabilities facilitated distribution prior to the crisis. Encourage creative local — even random — adaptation.

I don’t know the Philippines well-enough to be confident of the right answers there and now. I do recognize in the government’s “master plan” familiar strategies that have proven ineffective in previous catastrophic situations.

The front-page of the November 14 Manila Bulletin includes this headline: Despair, chaos grip Tacloban: Survivors Hope To Escape Apocalypse

–+–

The “serenity prayer” is, perhaps, most associated with Alcoholics Anonymous:

Give me grace to accept the
things that cannot be changed,
Courage to change the things
which should be changed,
and the Wisdom to distinguish
the one from the other.

We might adopt it for catastrophe preparedness, response and recovery.

November 12, 2013

How Australians are encouraged to learn first aid

Filed under: Education,Preparedness and Response — by Christopher Bellavita on November 12, 2013

How do you get people to pay attention to preparedness?

Here’s how the Australian Red Cross is trying to get people to learn first aid.

The first video is 1:27. The second one is 2:04. (You might not want to watch the second one if you’re eating.)

And yes, that’s really what Australians sound like.

 

November 9, 2013

Wednesday + Thursday = Saturday

Filed under: Catastrophes,Preparedness and Response,Risk Assessment,Strategy — by Philip J. Palin on November 9, 2013

Did anyone else notice the potential continuity between Chris Bellavita’s Wednesday post and my Thursday post?

It was entirely coincidental.

But — at least for me — my critique of catastrophe “plans” is creatively answered by Patrick Lagadec’s Navigating the Unknown (linked to by Chris)The strategic stance and organizational capacity advocated by Lagadec is a big part of what I perceive is most helpful in preparing for a catastrophe.

If you haven’t already, download and read and think about and talk about Lagadec’s free booklet. Writing about your impressions/reactions here might be an effective way to advance some shared thinking.

A couple of dozen readers, some I know well and some I have never met, have sent me private emails regarding my Thursday critique. Many seem to be in various states of distress.

I will not have the opportunity this weekend to respond personally to each of you.  In an attempt to be generically responsive: I am not trying to eliminate the planning profession in emergency management.   In specific regard to catastrophe planning, I hope you will read Lagadec, review your current plans and assess to what extent your current plans advance what Lagadec is advocating.

If not, why not?

November 7, 2013

Preparedness is different than planning

Filed under: Catastrophes,Preparedness and Response,Strategy — by Philip J. Palin on November 7, 2013

A rather small piece in the online version of The Atlantic flooded my in-box last week on the first anniversary of Sandy flooding coastal New Jersey, New York and Connecticut.

David Wachsmuth describes how existing response and recovery plans were ignored.  He writes:

… emergency managers from New York, New Jersey, Connecticut, and Pennsylvania created a Regional Catastrophic Planning Team for precisely this kind of emergency. But when the storm hit, the RCPT’s plans stayed on the shelf, particularly in New York City. As one NYC emergency manager described it to me, “The federal government spent millions of dollars on [the regional plan] and…we did not do anything. All the planning and all the dollars that were spent on regional planning [and] not once did we open the book to say, ‘Let’s do it this way.’”

Wachsmuth then explains why the book was left unopened.  He also points to other “books” he believes worth reading.  I agree with many of the symptoms Wachsmuth describes.  I doubt we share the same diagnosis (see below).

I especially disagree with the conclusion suggested by the title of his piece (How Local Governments Hinder Our Response to Natural Disasters).  I am too much a disciple of Elinor Ostrom to reduce such manifold problems to jurisdictional diversity.

Full disclosure:  For most of the last four years I have been involved in regional preparedness for catastrophe in the mid-Atlantic, funded by the same FEMA grant as the unopened book in metro New York.  As such I have met with, admired, even envied the NY-NJ-CT and one-county in PA RCPT.   In every interaction I have been impressed by the expertise and commitment of these planners.   The actual plans were (are) thoughtful and extremely detailed.  There was considerable effort to socialize — even evangelize — the planning process and ultimate plans.

I disagree with the strategic predispositions of some of their plans. But by exposing their assumptions planners make possible intelligent discussion, exploration, and evolution.  The RCPT planners have always been open to comments, critique, and improvement.  They have been consummate professionals.

But in my judgement we cannot plan for catastrophe.

–+–

plan  noun

1. a scheme or method of acting, doing, proceeding, making, etc., developed in advance:battle plans.
2. a design or scheme of arrangement: an elaborate plan for seating guests.
3. a specific project or definite purpose: plans for the future.

–+–

Wachsmuth writes that RCPT plans  were “quickly sidelined by the Mayor’s Office.”  This alone suggests that Sandy — as bad as she was — was not the cause of a local, much less, regional catastrophe.  The Mayor’s office still had sufficient command-and-control to assert authority.  One persuasive definition of catastrophe is the total collapse of local command-and-control capabilities. (I think this definition originated with a regular reader and I hope she might comment further.)

Plans typically — though not necessarily — depend on systematic implementation by an authority.  Most emergency-or-disaster-or-catastrophe plans authorize atypical exercise of command-and-control, going well beyond the ordinary.

Yet any thing qualifying as a potential catastrophe has, ipso facto, at least confused if not destroyed most sources of authority and means of coordination.  Catastrophes are not just complicated they are innately complex, easily becoming chaotic.  Indeed some argue that efforts to contain catastrophric complexity accelerate the emergence of chaos.

Please notice that in the prior full-disclosure paragraph my role is identified as being involved in regional preparedness for catastrophe.

–+–

prepare  verb

1. to make ready or suitable in advance for a particular purpose or for some use, event, etc: to prepare a meal ; to prepare to go
2. to put together using parts or ingredients; compose or construct
3. ( tr ) to equip or outfit, as for an expedition

–+–

Beware of nouns.  Embrace verbs.

There is, of course, a verb form of plan, but even this action is usually focused on developing a noun (the plan).  Preparedness is an awkward noun.  Much better to stay with verbs: prepare, train/educate, exercise, assess, analyze, plan,  implement, prepare, train/educate, exercise, assess, analyze, plan, implement, and again… and again.

Plan as a verb helps. Not as a noun.

You knew it was coming:  To plan was originally to plane.  Ancient armies would plane battlefields to create space to operate chariots or otherwise shape for strategic advantage.  To prepare is derived from the root meaning to parry another sword or spar with another boxer or separate from a source of vulnerability. (The prefix pre- signaling to be ready to do so by what is done in advance.)

I am not opposed to planning.  But to be ready for the truly catastrophic is less about choosing and shaping context to suit your preferences and much more about being ready — psychologically and operationally — to effectively engage the range of surprises a catastrophe will create.

September 29, 2013

ICS implications of Westgate attack

Filed under: Preparedness and Response,Terrorist Threats & Attacks — by Philip J. Palin on September 29, 2013

On this blog I have been an advocate for more thoughtful and strategic application of the Incident Command System.  I have also argued that ICS is not fully scalable to theater-size operations (hundreds of square miles).

But today let me highlight how ICS is a fundamental component of emergency operations by offering this excerpt from a long-piece in the Sunday Telegraph:

The first rescuers to respond were a small team of Kenyan-Indians from a local plain-clothes unit that acts as a kind of armed neighbourhood watch for the large local Asian community.

With a handful of armed Kenyan police, they helped hundreds of people escape before pushing the terrorists into a corner on the ground floor, near the supermarket.

“They were returning fire, heavily, but they weren’t moving out from where they were,” said one person involved. “We had them contained. Done properly, we could have ended that thing on Saturday.”

Instead, Kenya’s army, which had taken four hours to group and prepare their assault, crashed in through both the ground and top-floor entrances, without understanding that some men wearing holsters and body armour were not attackers.

No radio contacts were set up between the units. No overall command had been appointed, and different commanders squabbled. A senior policeman was shot dead in a friendly-fire incident. Chaotic gunfire streaked across the mall’s open spaces.

Within 30 minutes, late in the afternoon, both the initial responders and the army had pulled out, leaving the mall to the terrorists and hostages.

There have even been rumors that the “friendly-fire incident” referenced above was the result of an argument over command between two military officers.

So for those readers who have felt my attitude toward ICS has been overly dismissive, here’s your dramatic example of how an effective Incident Command System is essential.

Yarnell Fire Investigative Report

Filed under: Disaster,Preparedness and Response — by Philip J. Palin on September 29, 2013

On Saturday September 28 the Arizona State Forester released the Yarnell Hill Fire Serious Accident Investigation Report analyzing the circumstances leading to the June 30 entrapment and deaths of 19 firefighters of the Granite Mountain Interagency Hotshot Crew. The report and accompanying documents are available at:

https://sites.google.com/site/yarnellreport/.

September 19, 2013

Homeland security: Policy in Context

Filed under: Catastrophes,Preparedness and Response,Resilience,Risk Assessment — by Philip J. Palin on September 19, 2013

Recently I came into near simultaneous possession of two books.  If not for the coincidence of each being in my bag at the same time, the contrast between them would probably not have been noticed.

They are superficially similar.  Each has “Disaster” in the title.  Each measures  5 1/2 x 8 1/2.  One has 193 pages, the other 244 (with an appendix).  Both are particularly intended to inform and influence public administration of disasters.

But substantively they are profoundly different and, it occurs to me, reflect deep differences in homeland security (and probably beyond).

One is written by an individual, the other by a committee.  One draws heavily on history, as far back as Gilgamesh.  The second is aggressively contemporary, including a few statistics from the mid-20th Century but is otherwise very much a product of the last decade.  One is global in scope, the other almost entirely focused on the United States.

Given their public administration purposes it is not surprising that both give significant attention to institutional frameworks.

One book offers four key approaches: 1) enhancing institutional flexibility, 2) building an appreciation of risk, 3) understanding disasters and crises as part of our reality, and 4) identifying means to continually invest in infrastructure.

The other book sets out six more detailed — narrow, actionable, prescriptive, presumptuous, [insert your preference here] — recommendations:

  1. Federal agencies should incorporate national resilience as an organizing principle to inform and guide the mission and actions of the federal government and the programs it supports at all levels.
  2. The public and private sectors in each community should work cooperatively to encourage commitment to and investment in a risk management strategy that includes complementary structural and nonstructural risk-reduction and risk-spreading measures or tools.
  3. A national resource of disaster-related data should be established that documents injuries, loss of life, property loss, and impacts on economic activity.
  4. The Department of Homeland Security, in conjunction with other federal agencies, state and local partners, and professional groups, should develop a National Resilience Scorecard.
  5. Federal, state, and local governments should support the creation and maintenance of broad-based community resilience coalitions at the local and regional levels.
  6. All federal agencies should promote and coordinate national resilience in their programs and policies. A resilience policy review and self-assessment within agencies, and the establishment of a strong community among agencies, are keys to achieving this kind of coordination.

The contrasting proposals are good clues to the conceptual origins of each book.

It will not surprise any regular reader that I am more personally predisposed to the historically and globally framed text.  But even when I disagree, I admire the other effort to move from conceiving possibilities to actual action.

These two efforts could have been complementary.  One might have placed our contemporary challenges in context.  Serious engagement with deeper context would likely have produced action recommendations more likely to see action.  The tactical tendencies of the group-effort would have put more meat on the individual’s frame.

But my purpose is not to critique either book.  Each is informative and helpful on its own terms.

It is those terms of self-reference that, perhaps, concern me most.  One is mechanistic — at least Newtonian — in its expectations.  The other is philosophical.  (A colleague recently commented that a publication of mine was “very philosophical”.  He was not being complimentary.)

But whether we love wisdom or just lust after its consequence, we need — especially homeland security needs — to somehow better blend policy levers (mechanisms) with social insight (philosophy).  Yes, it is possible and often helpful to conceive of individuals and neighborhoods and diverse populations as mathematical objects.  But it can also be dangerously reductionist.

I am — perhaps fatally — biased toward the historical and philosophical because of the respect these disciplines have for human failure while (usually) avoiding cynicism regarding human potential.  So much of positivist policy development is either Pollyannish or despairing.  There is a middle way.

A former Speaker of the House once told me Washington DC is the last refuge of Medieval Nominalists; by which he meant it is a city preoccupied with finding precisely the right words to successfully legislate, regulate, adjudicate, and rule. Words matter.  But no set of words, alone, are ever sufficient. Relationships matter more. Working together toward a shared vision even more.

I commend both books to you:

Crisis, Disaster and Risk: Institutional Response and Emergence by Kyle Fambry

Disaster Resilience: A National Imperative by the Committee on Increasing National Resilience to Hazards and Disasters, National Academy of Sciences.

July 25, 2013

A missing link in strategy?

Earlier this week I was re-reading the DHS Strategic Plan (2012-2016).  I perceived something — actually its absence —  I had not noticed before.

Community involvement is, of course, a recurring mantra in the Strategic Plan and many other DHS policy, strategy, and operational documents. “Whole Community” is prominent in Mission 5: Ensuring Resilience to Disaster.  Other missions include similar language.  For example Mission 1: Preventing Terrorism and Enhancing Security has a goal to “Increase community participation in efforts to deter terrorists and other malicious actors and mitigate radicalization toward violence.”

A close reading of the Strategic Plan suggests the whole is made up of the following parts:

Individual
Family
Household
Neighborhood
Community
Private and Non-Profit Sectors
Faith Based organizations
Localities
States
Tribes
Federal Partners
Nation
All Segments of Society

Especially with those catch-all terms it’s not that my “absence” is excluded.  But it is not given explicit attention.  Certainly not priority.

What prominent place in the life of most Americans is not referenced?

The workplace.

Indirectly this is part of the private sector or non-profit-sector or local and state government or whatever other sector in which you work. But these “sectors” are abstractions. The workplace is a concrete — often literally glass, steel, and concrete — place. Yet the only time “workplace” is referenced in the Strategic Plan is with workplace standards for protecting intellectual property and “workplace wellness” programs for DHS employees.

According to the Bureau of Labor Statistics Americans age 25-to-54 spend an average of 8.8 hours per day at work. This is a larger block than any other activity, much larger than any other non-sleeping activity surveyed.

Yet the places where we work are not regularly conceived or engaged as venues where homeland security priorities can be pursued.

There are exceptions. I am aware of a few.  I welcome you highlighting successful exceptions in the comments.

The absence of the workplace from the DHS Strategy reveals a strategic perspective.  It is another example of the disconnect between private and public domains.  Clearly government is a place where homeland security is to be practiced.  There is considerable effort to engage neighborhoods and sometimes schools. These are real places too, but much more public than private in their character.

Is a “community” — whole or not — a real place?  It depends, in my experience, on the community and how an outsider approaches the putative community.

There are offices, distribution centers, power plants, factories and refineries, restaurants, hotels, retail stores and many more real places where each day the vast majority of Americans spend the majority of their waking hours.  Most of these places feature a task-oriented culture with management processes already in place.  Most of these places are self-interested in a reasonable level of safety, continuity, and resilience.

In my personal experience most of these places are wonderful contexts for the practical practice of homeland security.

There is a tendency for modern strategic thinking to be more comfortable with space than place.  See battlespace and cyberspace, even Space Command.  I am often an advocate for differentiating between Theater Command and Incident Command and perceive we give too little attention to the Big Picture.  But it is not, of course, one or the other: it is a continuum.

Real risks, threats, vulnerabilities and consequences usually unfold in real places where people come and go everyday.

Interesting what you can miss even when it’s right in front of you.  I’ve read that strategy a half-dozen times.  Wonder what else is hiding in plain sight?

July 10, 2013

Preparedness that worked

Filed under: Preparedness and Response — by Philip J. Palin on July 10, 2013

This morning the Senate Committee on Homeland Security and Governmental Affairs conducted a hearing on lessons learned from the Boston Marathon Bombings.  Media attention has focused instead on this afternoon’s arraignment of the accused surviving bomber.

Besides the morning session was mostly good news: planning and training helped, coordination and collaboration happened.  The horrific outcomes of a very bad day were mitigated by investments made over the last ten years.  The Boston Police Commissioner complained he didn’t know what the FBI knew about one of the accused bombers visiting Chechnya.  But he also admitted that knowing those details might not have changed anything.

Good news is usually not how the most advertising will be sold.  But it is worth recognizing what goes right, especially when so much seems to go wrong.  All of those testifying had good news to tell.  Here are just three paragraphs from prepared testimony by Boston native Richard Serino:

Since 2000, more than 5,500 Boston area responders have received training through FEMA partners including the National Domestic Preparedness Consortium (NDPC) and Continuing Training Grantees. During that same period, FEMA’s Center for Domestic Preparedness (CDP) has provided Chemical/Biological and mass casualty training to more than 500 Boston responders and providers.

FEMA has supported twelve exercises directly involving the City of Boston. These have included topics as diverse as chemical or biological attacks, hurricane preparedness, hazardous materials events, cyber and improvised explosive devices (IEDs). In 2011, DHS – in conjunction with the FBI and the National Counterterrorism Center – hosted a Joint Counterterrorism Awareness Workshop that focused on integrating response operations to a complex attack in the Boston metropolitan area. More than 200 participants from the local, state, and Federal community participated in the workshop.

As part of FEMA’s Regional Catastrophic Preparedness Grant Program, the Metro Boston Homeland Security Region (MBHSR) in 2012 exercised a Regional Catastrophic Coordination Plan designed to augment existing operations plans by facilitating communication, situational awareness, and functional area coordination across the region in a catastrophic event.

You can read more good news and watch/listen to a video of the testimony at the Committee’s website.

June 27, 2013

Private and Public Cultures: Action

Filed under: Preparedness and Response,Private Sector,Strategy — by Philip J. Palin on June 27, 2013

This is — depending on your responses — probably the last in a short series of posts on perceived tensions between private and public sectors in homeland security.  Prior posts have considered context, concepts, and communications.

–+–

In the June Harvard Business Review a three-piece collection focuses on “strategy for turbulent times”.  HBR authors aspire to be evidence-based and action-oriented.  This usually results in story-supported assertions with to-do or not-to-do lists.

In “Transient Advantage” Rita Gunther McGrath argues we now live “in a world where a competitive advantage often evaporates in less than a year [and] companies can’t afford spending months at a time crafting a single long-term strategy”.  After a couple of stories she lists seven dangerous misconceptions and offers paragraph-long explanations for “eight major shifts” in the ways companies need to operate.

If you are a public servant can you translate any four of these into near-term action in your agency… without risking jail-time or, at least, very stern comments by the Comptroller General?

1.  Think about arenas, not industries.  ”An arena is a combination of a customer segment, an offer, and place in which that offer is delivered.”

2. Set broad themes, and then let people experiment.  Is that what happened in the Cincinnati IRS office?

3.  Adopt metrics that support entrepreneurial growth.  The author quotes a business executive who advocates, “fall in love with the problem you are trying to solve.”  I have not seen that metric referenced in any GAO publication.

4.  Focus on experiences and solutions to problems.  Okay, that’s a gimme.

5.  Build strong relationships and networks.  Two gimmes.  But accepting is different than adopting which is entirely different from practicing.

6.  Avoid brutal restructuring: learn healthy disengagement.  And how do you explain this to the oversight committee(s)?

7.  Get systematic about early-stage innovation.   When Poindexter et al attempted to do this publicly with Total Information Awareness the NSA learned (see number 8) to do essentially the same thing behind closed doors.  See where that got us.

8. Experiment, iterate, learn.  What do you suppose TSA has learned from its experiment in changing the rules related to onboard knives and related?  It might have learned something about number 5.  But instead I expect it mostly learned that number 7 involves pain.

The private sector organizations I know have been talking about these shifts for the last quarter-century or more.  Some are making the shifts.  A few live in fifth-gear.  Almost everyone dreams of the two-door top-down wind-in-the-hair shift-into-fifth.

Most public sector organizations I have encountered dream about a Prius (or more politically-and-patriotically correct, a Ford Fusion Hybrid SE) or a very large truck of some sort. All go… but the destination, route, and experience tend to be dissimilar.

The private sector celebrates, mythologizes — essentially worships — action.  What can we do?  Now?  Just do it.  As is often the case believers fall short, sin, and are hypocritical.  But almost everyone can also tell a powerful story of redemption.

My private sector patron saint has been Peter Drucker who claimed innovation and sales are the only sources of value.  Everything else is a cost… and costs, like sin, are to be minimized.

Innovation and sales emerge from the crucible of creativity and customers.  The entrepreneur perceives a need that becomes an opportunity.  The entrepreneurial enterprise probes the desires and deficiencies of the market through which a compelling experience and a persuasive solution emerge (see number 4).  Rapid, continuing, and (if successful) increasingly crowded customer feedback informs creative adaptation and an idea becomes reality. Hallelujah.

I have known public sector enterprises that share similar beliefs and behavior.  Hospitals and water systems are among the most action-oriented.

There is also an — obvious — action-bias among police and firefighters.  But in my experience there is an important distinction with broad implications.

In the private sector, and a segment of the public sector, action is targeted to stimulate or facilitate specific actions by others.  Among enforcement agencies action is (mostly) aimed at stopping or controlling specific actions by others.   Many public sector agencies — especially homeland security agencies — are organized to stop undesirable behavior rather than start or serve desirable behavior.  Feedback comes much more slowly, more hierarchically, and is often reported as a reduction — as opposed to growth — in key indicators.

A stop-it culture is not much like a start-up culture.

I spent most of my career in a series of start-ups.  I soon learned to keep lawyers, accountants, and most academics away from the creative process until the enterprise was generating some sort of market-based results.  The critical-thinkers — as opposed to creative-thinkers — were important contributors to refining promising products; but they very seldom saw the need for anything beyond fourth gear and third was fine most of the time.  Government lawyers and accountants seem especially talented in this regard (apologies Bill).

None of this is meant to suggest one culture is innately superior to the other.  Personally I feel more comfortable in the private sector.  But that is an aesthetic rather than an ethical or existential judgment.  Each culture, at its best, is well-adapted to its particular context and purposes.  The two cultures need each other if those who depend on both are to be well-served and if each is to flourish.  In the homeland security domain both cultures are in any case persistently present.

If a stop-it guy and a start-up gal were tagged for a blind date would opposites attract or deflect?  It depends on the self-awareness and sense of humor of each.  If either or both tend toward self-righteousness, watch out for yelling or someone walking out in a huff or no real conversation and no second date.

But we often reserve our greatest affection for that which is mysterious to us (see number 3).  Engineers call this tension, poets may prefer frisson.  It keeps opposites positively engaged. Whatever we call it, homeland security needs to cultivate it in our private-public relationships.

June 20, 2013

Private and Public Cultures: Communicating

Filed under: Preparedness and Response,Private Sector,Strategy — by Philip J. Palin on June 20, 2013

Two weeks ago I started thinking-out loud regarding the sometime tension between public and private cultures, especially related to homeland security.  I suggested the two sectors are divided by contrasting perceptions of context.   Given the difference in context, it is not surprising two very different concepts of operations emerge. Last week I gave specific examples related to planning.

This week I look at communications.   The differences here are especially profound, but as far as I can determine have nothing to do with my context-and-concept framework.  Today no theoretical notions, just observational reports.  If you have a hypothesis that explains the differences, please let us know.

–+–

Scheduling, Size, and Agenda

If I am doing private sector meetings in New York, Chicago, or San Francisco I begin setting up the schedule four to six weeks before.  I can usually do three or four meetings a day. Typically I exchange notes on agenda and key questions or purposes about two weeks prior.    The most important meetings are usually a working lunch or dinner.  These are set aside for two-hours plus and are conceived as encouraging non-linear conversations.  The vast majority of meetings are one-on-one or, perhaps, four or five altogether.  Early in my private sector career I was instructed to seriously discount the potential of any meeting involving more than seven people (myself included).

If I am doing public sector meetings — especially in Washington DC — it is risky to set up more than one in the morning and another in the afternoon.  It is not unusual for me to make an appointment and have it shifted two or three times on the scheduled day.  It is typical to make a meeting with one person and for a team of twelve to show up.  Eating together is seldom involved, but it is a signal of unusual intimacy.   Most of the public sector meetings to which I am invited have also invited dozens of others, but often less than a dozen show up.  More –sometimes many more — are on the phone (teleconferences are less common, involve smaller numbers, and are generally less interactive in the private sector). I almost always have an agenda in my mind, but I have learned that being explicit is seldom helpful and often hurtful.  Many of my most productive public sector meetings are totally spontaneous pop-ups.

Participation and Purposes

A private sector meeting usually begins with either a problem or a purpose (hence the prior discussion of agenda).  Some sort of previously prepared product is presented that either defines the problem/purpose or purports to solve/advance the problem/purpose.  Questions are asked.  Criticisms are offered.  Answers and explanations are attempted.  There is a conversation, often facilitated by the most senior person or an outside consultant. Adjustments in the original product are made.  Action steps are assigned. Who is assigned what is especially important.  What is the A Team assigned?  What is given the soon-to-retire guy and why? This signals the real priority associated with the product.  Some sort of follow-on measure or meeting or such is targeted.   Someone almost always follows up immediately in writing with what the meeting covered and decided. Who sends the follow-up and the proportion of CYA to advance-the-plow is significant. Corrections or “clarifications” to the follow-up can become very complicated. The product may be badly conceived.  The conversation can be stilted and non-productive.  The action assigned may be anemic and have the half-life of a May Fly, but this is a regularly repeating pattern.

A public sector meeting usually begins late, almost always ten minutes late.  It is not unusual to have a significant number of participants showing up thirty minutes late.   The meeting is often designed to generate a big piece of a product and it may be designed and constructed in the open meeting.  Positions are staked out. Pennsylvania is interested in X. HHS is insistent on Y.  Red Cross won’t play unless ABC is assured.  The product is accordingly adjusted, sometimes on a big screen in front of everyone.   Questions may be asked.  I have seen effective questioners transform meetings and products.  But when questions are answered it is much more reminiscent of a thesis-defense than a dinner conversation. Another version of the product is distributed claiming to reflect the meeting outcomes.  Sometimes it does, often by padding the product and making it even more unwieldy and unreadable, occasionally in an integrative way.  But in any case, the authors can claim to have consulted key stakeholders and peers.

In the private sector “products” — as used above — are usually a collection of research, production, organizational, and/or marketing actions.   In the public sector products are as often written documents of some sort.

Rhetoric

Private sector meetings are more and more informal.  This trend has been especially pronounced over the last ten years.  Casual Fridays have overtaken the whole week.  The discussion ranges from family to a couple of cells on the spreadsheets to purposeful (very short) stories.  There is — in many, though not all, private sector settings — a deep bias toward “blending.”  Private and professional are blended.  Numbers and narrative are blended.  Everyone is expected to contribute to the conversation in a balanced happily blended way. Courtesy counts. Cool counts.  Generation Y has a serious claim on the culture.

There is — at least to my taste — a persistently paramilitary flavor to most  public sector meetings.  Many more ties are worn in the public sector.  Many more PowerPoints are shown.  There are many more formal presentations and “official” interventions.  The size difference between private and public meetings, noted above, probably has a considerable influence.  Command Presence counts. Baby boomers continue to define the culture.

When these two cultures come together the rhetorical results can be dramatic, especially when there is numerical parity.  Private sector conversations seem off-point or ill-informed or glib to many in the public sector.  Public sector interventions seem long, defensive, and bossy to many in the private sector.

At a private-public session a few months ago a senior government official attempted to direct the discussion by asserting his (and his organization’s) greater knowledge of the situation.  It was an extended comment punctuated with just a tad of table-pounding.  It was followed by uncomfortable silence.  I was trying to conceive a follow-on question that might open up some shared space.

A younger private sector guy broke the silence with, “I don’t believe you.  You may be absolutely right, but it doesn’t matter because I don’t believe you.”  The following is a paraphrase, “I don’t believe you because you are claiming more knowledge of your world than I have of my world.  You are claiming to have more control of the world than I believe is possible.  And you are speaking to me as if I was a child.”

I wish it was possible to report that this was an epiphany that unlocked greater understanding on both sides.  Instead it seemed to deepen the chasm.

June 18, 2013

How to be a disaster hero

Filed under: Disaster,Preparedness and Response — by Christopher Bellavita on June 18, 2013

Welcome to Disaster Hero.

That’s the title of an advertisement I saw in the June issue of the IAEM Bulletin. IAEM stands for the International Association of Emergency Managers.

Here’s a picture of the ad.

Disaster her add

You can play the game online, at no cost. Just click on this link. http://www.disasterhero.com/ (It took a while to load the first time, but subsequent runs don’t seem to take as long.)

Here’s what the FAQ file says about the game:

Disaster Hero is a free online game designed to teach children (grades 1 through 8), parents, and teachers/caregivers how to prepare for disasters. The overall goals are to ensure that players know what to do before, during, and after a disaster. Parents and teachers are included so that the family and school are familiar with the main concepts of disaster preparedness. Emphasis is placed on three steps – make a plan, get a kit, and be informed….

Disaster Hero covers four main topic areas: (1) basic preparedness steps – including get a kit, make a plan, and be informed – to be accomplished to protect the participant and family before, during, and immediately following a disaster or large-scale emergency event, (2) common disasters (earthquakes, floods, hurricanes, and tornadoes), their associated danger signals, typical effects, common injuries, and appropriate responses, (3) basic quick-care tips and techniques for specific common injuries, and (4) basic information about geographic-specific disasters.

A 12 year old boy lives in my house. He is an avid gamer, and by avid I mean to the point where his mother occasionally searches Google for the difference between avid and addiction.

I asked him to play the Disaster Hero game and tell me what he thought about it. He avidly agreed.

I gave him the url and let him explore. What follows are summaries of the field notes I took while he was playing. Words in quotation marks are his, generally directed at the screen, as if no other humans were in the room with him.

———-
There’s an option to register as a user, but he chose to play as a guest. That cuts the start time significantly.

Then you have to load the flash based game. It took about 5 minutes to load. Our broadband access is around 5 mbs; not especially fast. I wondered what the game demographic was. What kinds of kids have access to the internet at home and in school?

“This is taking forever. They really missed a marketing opportunity here. When Droid games load, they run crawlers that advertise other games you could buy. The people who put this game together could be telling people disaster facts while the game is loading. This is taking forever.”

The game opened to reveal a stage that looked like a mix of CNN, Fox News and the Price is Right.

“Oh God; it’s a game show.”

You select your age appropriate difficulty level: bronze, silver or gold. Then you pick a charter who will be your avatar, sort of like Skyrim and maybe tens of dozens of other games.

Next comes an overly long introductory narrative about a retired emergency manager who spent a lot of his career going from planet to planet helping out.

“I don’t care about all this talking. Let me play.”

The head hero (Dante) left the operational world to train the next generation of disaster heroes.

“This is so annoying.”

The action takes place on a planet that has lots of disasters caused by earth, wind, fire, and so on. But the primary theme, as the advertisement promised, is “make a plan, get a kit, be informed.”

There is a skip option, so you only have to listen to all the talking once. The rules are basic and simple.

“Oh my god. Just shut up.”

Next you pick someone to compete against: Techtonic, Tempest, Whirlwind and Dr. Deluge. Guess what disasters they represent.

Living in the northwest, subject to the whims of the Cascadia subduction zone, he selected Tectonic.

After more words from Dante, the first game starts. The player navigates on a jet pack through a worm hole to pick up disaster supplies (I think that’s what it was), competing against Techtonic to see who can score the most points.

Occasionally there are disaster related multiple choice questions: Such as “How can you tell when an earthquake will happen?” Eventually the player gets enough points to move on to the next stage.

Then more talk.

“This is so slow. I want to skip the talk, but I’m afraid if I do I’ll miss something important.”

The next part of the games consists of three rounds, based on Make a Plan, Get a Kit (the type face makes it seem like “Get A Hit”), and Be Informed.

The Make A Plan game starts with 16 sentences to read about how to make a plan and what to include in it. The words can also be read by the game.

“I’m not going to read all that.”

Once past the reading screen, you go to a picture of two rooms and you have to find the 10 differences between the rooms. Click on the missing item (like a telephone) and another lesson pops up — e.g., make a list of your contacts, and so on.

“This is tedious.”

After that game was over, he moved to the Get A Kit screen and found another long list of sentences, this time about the kit. Because of a Flash problem, the list included such items as “forget your pets,” “food when the electricity does not work,” and “medicine is lost.” But one could work through easily enough what the real list was.

Once that was done, the next game appeared. It consisted of 9 squares, each one containing an object that appeared for a few seconds then disappeared. Click, for example, on three decks of cards and you score points; plus you get a hint about keeping a deck of cards in your kit so you have something to do during disaster downtime.

Be Informed was the third game. After going through another list (“I’m not going to read that.”), there was a map of the United States, shovels, shields and red crosses, plus a news crawl at the top of the screen that said something about floods and earthquakes and other things. The player had to do something with the shovels and shields, but — without reading the directions — it was not clear what one was supposed to do. So Tectonic won that round.

Once that game was over, the player goes back to the Headquarters screen to receive congratulations and the news that there was another round coming up.

“I’m done.” he said, returning to his room. “I’m going back to Minecraft.”

A few hours later, before he went to bed, I asked him for his summary review of Disaster Hero. I asked him what score he would give the game if he were doing a review for something like IGN (a site that reviews games).

“I’d give it about a 6.5 on a scale of 10. Essentially it’s a bunch of moderately interesting mini games needlessly framed around how to prepare for a disaster. There are lots of mini games, but they are not especially interesting. The introductions to the sections are tedious. The sense of humor in the game is not amusing.”

I asked him what he learned about disasters from the game.

“Nothing that I can think of right now. I didn’t want to take the time to read all that stuff. I wanted to get right to the game. If I wanted to learn something about disaster preparedness I’d just search it online. I didn’t need to play a game to find out how to be prepared.”

Disaster hero color

June 11, 2013

Answers to 30 questions about the 2013 National Preparedness Report

Filed under: General Homeland Security,Preparedness and Response — by Christopher Bellavita on June 11, 2013

Here are the answers (and page citations) to the quiz I posted last week.  See the end of this post for instructions on grading yourself.

1. Why was the Report written?

  • The answer is f – All of the above: Required by PPD 8 (page 1); To provide a national perspective on preparedness trends; To inform program priorities; To help allocate resources; To communicate concerns to stakeholders (page 59).

2. How many core capabilities are identified in the National Preparedness Goal?

  • The answer is b – 31 (page 2).

And — for your skimming pleasure — here they are: 1) Planning, 2) Public Information and Warning, 3) Operational Coordination, 4) Forensics and Attribution, 5) Intelligence and Information Sharing, 6) Interdiction and Disruption, 7) Screening, Search, and Detection, 8) Access Control and Identity Verification, 9) Cybersecurity, 10) Physical Protective Measures, 11) Risk Management for Protection Programs and Activities, 12) Supply Chain Integrity and Security, 13) Community Resilience,  14) Long-term Vulnerability Reduction, 15) Risk and Disaster Resilience Assessment, 16) Threats and Hazard Identification, 17) Critical Transportation, 18) Environmental Response/Health and Safety, 19) Fatality Management Services, 20) Infrastructure Systems, 21) Mass Care Services, 22) Mass Search and Rescue Operations, 23) On-scene Security and Protection, 24) Operational Communications, 25) Public and Private Services and Resources, 26) Public Health and Medical Services, 27) Situational Assessment, 28) Economic Recovery, 29) Health and Social Services, 30) Housing, 31) Natural and Cultural Resources. 

3. Number of times the National Preparedness Goal is described specifically in the Report:

  • Answer is d – Zero.

The National Preparedness Goal is referred to in the 2013 Preparedness Report, but unless I missed it, the Goal is not described specifically in the Report.

I’m not even sure the Goal is clearly defined in the September 2011 document that introduced the Goal to the nation (available here). The closest I can get to identifying the Goal is this statement on page 1 of the 2011 document:

We define success as: “A secure and resilient Nation with the capabilities required across the whole community to prevent, protect against, mitigate, respond to, and recover from the threats and hazards that pose the greatest risk.” 

I contrast that statement with the National Preparedness Goal described on page 1 of the 2005 Draft Goal:

The National Preparedness Goal is: To achieve and sustain risk-based target levels of capability to prevent, protect against, respond to, and recover from major events, and to minimize their impact on lives, property, and the economy, through systematic and prioritized efforts by Federal, State, local and tribal entities, their private and non-governmental partners, and the general public.

4. The majority of state and local respondents in a preparedness survey expect the federal government to be largely responsible for all the below, except for:

  • The answer is f, Planning. (See the chart on page 10 of the 2013 Preparedness Report for details.)

The majority of state and local respondents expect the federal government to be “mostly” or “entirely” responsible for Economic recovery, Fatality management, Cybersecurity, Forensics, and Housing.

5. According to a 2012 survey of state Chief Information Security Officers, what percent were confident in their state’s ability to protect against external cyber threats?

  • The answer is b, 24% (page 25)

6. According to the Preparedness Report, what is the percentage of Americans who have “physical, sensory, intellectual, or cognitive disabilities”? 

  • Answer is a, 18%

Page 6 reports “Inclusive preparedness planning for the whole community requires integrating the needs of over 59 million Americans with physical, sensory, intellectual, or cognitive disabilities….”  There are approximately 316,000,000 people in the United States.

7. Which of the following is not among the 4 capabilities states rated as areas where they were the least prepared

  • The answer (again) is c, Planning (page 6).

“… states and territories continue to rate recovery capabilities among their least-prepared areas. Three of the four lowest-rated capabilities— Economic Recovery, Housing, and Natural and Cultural Resources—are in the Recovery mission area, mirroring [State Preparedness Report] results from the previous year. Fewer than half of states and territories identified these three capabilities as a high priority.

8. Which of the following are “newly identified national areas for improvement”? (select all that apply)

  • The answers are b and d (page 59): “Enhancing resilience of infrastructure systems,” and “Maturing the role of public private partnerships.”

9. According to the 2012 state assessment of current capability, which of the 31 capabilities received the highest average capability score?

  • The answer is d, “On scene security and protection” (page 8)

10. Which of the 31 capabilities received the lowest average score in the state assessment?

  • The answer is c, “Cybersecurity” (page 8)

As noted above, in questions 4 and 5, approximately three-fourths of the states are not confident in their ability to protect themselves against external cyber threats, and the majority of states expect the national government to have the primary responsibility for cybersecurity.  I wonder if the national government — whoever they are —  knows that.

11. As of 2012, agencies had to belong to the Emergency Management Assistance Compact if they wanted to receive a DHS preparedness grant

  • The answer is True (page 10)

“In FY 2012, DHS preparedness grants required grantees to belong to the Emergency Management Assistance Compact and to ensure that grant-funded capabilities are deployable outside of their community to support regional and national efforts.”

12. Applicants for Hospital Preparedness Program grants and Public Health Emergency Preparedness grants have to submit four separate grant applications to four different agencies before they are eligible to receive one of the grants.

  • The answer is False (page 11).

“In 2011 and 2012, the HHS ASPR and CDC led a collaborative initiative to define essential public health and healthcare preparedness capabilities and operationalize the public health and medical components of the core capabilities included in the Goal. Using these tailored capabilities, HPP and PHEP applicants were able to submit a single application for both cooperative agreements for the first time in May 2012.”

13. FEMA’s 2012 household preparedness survey found more people who believe that a natural disaster was likely to occur in their community. This awareness triggered a “substantial increase” in individual preparedness behaviors, such as building a disaster supply kit and making a household emergency plan.

  • The answer is b, The first statement is true; the second one is false. (page 31)

“In FEMA’s FY 2012 national survey, nearly half of respondents reported familiarity with local hazards and about half expected to experience a natural hazard, continuing a previous upward trend. However, the survey also showed no substantial change in the percentage of respondents reporting that they had made a household emergency plan (43 percent) or built a preparedness kit (52 percent).”

14. In 2012, federal agencies had to include climate change adaption plans in their sustainability plans.

  • The answer is True (page 13).

“In 2012, for the first time, Federal agencies included climate change adaptation plans in their sustainability plans for reducing greenhouse gas pollution, eliminating waste, and improving energy and water performance. These climate change plans outline initiatives to reduce the vulnerability of Federal programs, assets, and investments to the effects of climate change, including rising sea levels and extreme weather.”

15. Which of the following acronyms is not related to the public information and warning capability (select all that apply)

  • The answer is d,  BARDA – Biomedical Advanced Research and Development Authority (page 63).

Here’s what the others mean: IPAWS (Integrated Public Alert and Warning System), WEA (Wireless Emergency Alerts), EAS (Emergency Alert System), FCC (Federal Communications Commission)

16. Which of the following acronyms do not appear in the 2013 Preparedness Report (you may select more than one)

  • The answer is d,  LGBTQQIA – Lesbian Gay Bisexual Transgender Queer Questioning Intersex Ally

Here’s what the others mean: PHEMCE (Public Health Emergency Medical Countermeasures Enterprise), RRAP (Regional Resiliency Assessment Program), SLTTGCC (State, Local, Tribal, and Territorial Government Coordinating Council), EPCRA  (Emergency Planning and Community Right-to-Know Act), SLOSH (Sea, Lake, and Overland Surges from Hurricanes)

17. Which country was not involved (according to the Preparedness Report) with helping the US improve “operational coordination in law enforcement, cargo screening, and passenger screening”.

  • The answer is b, Mexico.

The other “operational coordination” countries are identified on pages 15 and 16 of the Report.  I wonder why Mexico was not mentioned.

18. Average time DHS said it took to conduct searches of biometric watch list data from US ports of entry and US consulates.

  • The answer is d, Less than a minute (page 17).

“The Federal Government is improving the ability of authorized users to access this data quickly. For example, DHS reported that the average time to conduct searches of biometric watch-list data from U.S. ports of entry and U.S. consulates was less than one minute.”  Given last week’s data collection and mining news, this National Preparedness Report finding approaches irony.

19. According to the Preparedness Report, the approximate number of terabytes of data processed by regional computer forensics laboratories in 2011 was:

  • The answer is c, 4000 terabytes (page 18)

“Computer Forensics Laboratories increased from 5,616 to 6,318; the number of terabytes processed nearly doubled from 2,334 to 4,263; and the number of digital forensics examinations rose from 6,016 to 7,629 (see Figure 7). Additionally, these resources have played key roles in recent counterterrorism investigations. For example, in 2011, the Kentucky Regional Computer Forensics Laboratory supported the investigation of two Iraqi nationals conspiring to purchase weapons and ship them to Al-Qaeda in Iraq.”  And yes, yottabyte is a real word, “a unit of information equal to 1000 zettabytes.”

20. DHS established a maturity model that identifies the four stages through which the national fusion center network will progress “as it moves toward full capability and operational integration as a unified system.” As of February 2013, the national network was at what stage of the maturity model:

  • The answer is b, Stage 2 – Emerging (page 19). “As of February 2013, the national network is in the second stage of the maturity model, with ongoing efforts to build and achieve full capacity.”

I wonder who decided to create a “national fusion center network”.  The idea of a system like that — combined with last week’s data monitoring news — recalls Erik Dahl’s observation two years ago (in an article titled “Domestic Intelligence Today: More Security but Less Liberty?”): 

“…even though we as a nation decided not to establish a domestic intelligence organization, we have in recent years done just that: we have created a vast domestic intelligence establishment, one which few Americans understand and which does not receive the oversight and scrutiny it deserves. There is good news here: this domestic intelligence system appears to have been successful in increasing security within the US, as demonstrated by numerous foiled terrorist plots and the lack of another major successful attack on American soil since 9/11. But there is also bad news: these gains are coming at the cost of increasing domestic surveillance and at the risk of civil liberties.”

21. As of 2011, approximately what percentage of the 1500 requests for financial transaction data from the Department of the Treasury’s Financial Crimes Enforcement Network [FinCEN] was “directly related to terrorism”?  

  • The answer is b, 25% (page 21).

“FinCEN also provides a mechanism for law enforcement agencies to communicate with financial institutions during investigations through the Secure Information Sharing System. As of 2011, law enforcement agencies and other FinCEN customers issued over 1,500 total requests for information on financial transactions, with 378 of these requests directly related to terrorism.

22. The State, Local, Tribal and Territorial Government Coordinating Council studied critical infrastructure programs in 31 states.  Approximately what percentage of the programs were able to measure the effectiveness of their critical infrastructure protection activities?

  • The answer is a, Zero (page 28).

“As part of its two-year reporting effort, the SLTTGCC conducted interviews with critical infrastructure protection officials in 31 states, and found different approaches in how states were implementing the NIPP’s six-step risk management process…. The SLTTGCC also found that none of the critical infrastructure protection programs it studied could measure the effectiveness of their activities. The group cited the uncertainty of future grant funding and the inherent complexities in assessing the effectiveness of risk mitigation efforts as potential reasons.”

23. Approximately how many Citizen Corps Councils are in the US?

  • The answer is c, 1200 (page 32)

“Councils now serve 63 percent of the U.S. population, an increase from 58 percent in September 2011.”

24. The most common natural disaster in the US is:

  • The answer is c, floods (page 32).

“Floods are the most common natural disaster in the United States and cause an average of $7.8 billion in damages and an average of 94 deaths each year.”

25. The method most frequently used by states and local jurisdictions to enforce mandatory evacuation orders is:

  • The answer is d, Mandatory evacuation orders are rarely enforced (page 36).

“The authority to order mandatory evacuations lies with different levels of government across the Nation, as outlined in Figure 13 [in the Report]. Figure 14 illustrates that states levy a variety of penalties to enforce evacuation orders.15 However, few states enforce these penalties in practice.”

26. Which of the following is not a part of the DoD CBRN response enterprise?

  • The answer is e, They are all a part of the DoD CBRN response enterprise (page 37).

“The DOD CBRN Response Enterprise includes the Defense CBRN Response Force (DCRF); two Command and Control CBRN Response Elements (C2CRE); 57 National Guard Weapons of Mass Destruction (WMD) Civil Support Teams; 17 National Guard CBRNE Enhanced Response Force Packages (CERFPs); and 10 newly established Homeland Response Forces (HRFs). Together, these units provide approximately 18,000 personnel capable of supporting and conducting operations in CBRN environments.”

27. According to the Preparedness Report, most counties in the United States have established capabilities to provide response-level interoperable communications within one hour of an incident.

  • The answer, according to the Report, is True (page 43).

“The National Emergency Communications Plan (NECP) establishes the Nation’s strategic approach to improve interoperability. As a result of NECP implementation, by 2011, 90 percent of more than 2,800 counties and county-level equivalents demonstrated response-level emergency communications (i.e., managing resources and making timely decisions without technical or procedural issues impeding communications) within one hour for routine events involving multiple jurisdictions and agencies.”  I thought this was one of the more surprising findings.

28. The federal highway administration estimate of the percentage of the nation’s bridges that are either structurally deficient or functionally obsolete is:

  • The answer is c, 25% (page 53).

“Based on current investment trends, the ASCE [American Society of Civil Engineers] estimated a $1.1 trillion funding gap by 2020 for the Nation’s water and wastewater treatment; surface transportation [including bridges]; airports; inland waterways and marine ports; and electricity infrastructures.”

29. According to the Preparedness Report, “Interstate mutual aid plays a limited role in augmenting the capabilities of states and territories.”

  • The answer (according to the Report) is True (page 59).

“States and territories continue to report the highest capability levels in those areas frequently cited as high priority. Interstate mutual aid plays a limited role in augmenting the capabilities of states and territories.”  I’m not sure I understand what this finding means. I think it mean states are not incorporating Emergency Management Assistance Compact agreements into their capability plans.

30. “Each year, the Nation makes additional advances toward realizing the National Preparedness Goal and implementing the National Preparedness System through improved guidance and new partnerships involving all levels of government; private and nonprofit sectors; faith-based organizations; communities; and individuals.”

  • This assertion appears in the Conclusions section of the report (page 59). The 2013 National Preparedness Report is offered in support of that assertion.

Here’s how to score yourself:

-       Fewer than 10 correct: Read the report

-       10 to 15 correct: Read the report again

-       16 to 20 correct: You know more about the preparedness report than most people

-       21 to 25 correct: You know a whole lot about the preparedness report

-       26 to 29 correct: You know a disturbing amount of information about the preparedness report

-       30 correct: I’m guessing you wrote the preparedness report

 

 

 

 

June 4, 2013

Thirty questions about the 2013 National Preparedness Report

Filed under: Preparedness and Response — by Christopher Bellavita on June 4, 2013

I read the 2013 National Preparedness Report on Monday.  If DHS is going to take the time to produce this second portrait of the Nation’s preparedness, the least one can do is read it.

The Report’s not bad. If nothing else, it reminds the reader about the megacomplexity of homeland security. There is information in the report about what myriad agencies are doing under myriad constraints to prepare for myriad threats.

The usual terrorism, cyber, “all hazards,” and resilience suspects appear frequently, but so too do active shooter incidents, drought, low crop yields, greenhouse gas pollution, improving energy use, saving water, rising sea levels, vulnerable populations, unity of military effort, biohazards, biosurveillance, big data, public health cutbacks, computer forensic demands, financial crimes, food and agriculture and animal safety, transportation security, housing, culture, cyber workforce, impact of extreme weather on deteriorating infrastructure, supply chains, citizen and private sector involvement, fatality management….

There really is a lot in this 60 page (plus or minus) document.

I wonder who will read the Report. Maybe some people in DHS. Maybe a few people on congressional staffs. Maybe homeland security students.

The Report’s analytical conclusions tend to follow this pattern: “Progress has been made. Challenges remain. The Report and the data it draws from will mature in future years as we get more experience assessing preparedness.”

I think those are fair claims.

I don’t think the report will satisfy people who look for unambiguous evidence about the impact, or lack of impact, from homeland security spending. I think the document is still mostly a synthesis of other reports, self-assessments, and anecdotes. The report’s authors call this quantitative and qualitative data.

But I don’t know a better, or more current, overview of what’s going on in homeland security with respect to preparing for just about everything one could anticipate. (I did not see mention of space weather, meteors or obesity; but I might have missed something.)

If you do care about homeland security, I think reading the report will be a good use of your time.

After you’ve read it, see if you can answer these questions.

The answers are in the Report but I will post them later in the week. (You can find acronym translations on pages 63 and 64 of the Report.)

1. Why was the Report written?

a. Required by PPD 8

b. To provide a national perspective on preparedness trends

c. To inform program priorities

d. To help allocate resources

e. To communicate concerns to stakeholders

f. All of the above

g. DHS budget will not be released until the annual preparedness report is completed

2. How many core capabilities are identified in the National Preparedness Goal

a. 15

b. 31

c. 51

d. 65

3. Number of times the National Preparedness Goal is described specifically in the Report

a. 5

b. 3

c. 1

d. 0

4. The majority of state and local respondents in a preparedness survey expect the federal government to be largely responsible for all the below, except for (select as many as you’d like):

a. Economic recovery,

b. Fatality management,

c. Cybersecurity,

d. Forensics,

e. Housing,

f. Planning

5. According to a 2012 survey of state Chief Information Security Officers, what percent were confident in their state’s ability to protect against external cyber threats?

a. 12%

b. 24%

c. 48%

d. 72%

6. According to the Preparedness Report, what is the percentage of Americans who have “physical, sensory, intellectual, or cognitive disabilities”?

a. 18%

b. 25%

c. 46%

d. Undetermined

7. Which of the following is not among the 4 capabilities states rated as areas where they were the least prepared

a. Economic recovery

b. Housing

c. Planning

d. Natural and cultural resources

8. Which of the following are “newly identified national areas for improvement”? (select all that apply)

a. Fatality management

b. Enhancing resilience of infrastructure systems

c. Forensics and attribution

d. Maturing the role of public private partnerships

e. Supply chain integrity and security

9. According to the 2012 state assessment of current capability, which of the 31 capabilities received the highest average capability score?

a. Public information and warning

b. Community resilience

c. Operational coordination

d. On scene security and protection

10. Which of the 31 capabilities received the lowest average score in the state assessment?

a. Interdiction and disruption

b. Mass care services

c. Cybersecurity

d. Critical transportation

11. As of 2012, agencies had to belong to the Emergency Management Assistance Compact if they wanted to receive a DHS preparedness grant

a. True

b. False

12. Applicants for Hospital Preparedness Program grants and Public Health Emergency Preparedness grants have to submit four separate grant applications to four different agencies before they are eligible to receive one of the grants.

a. True

b. False

13. FEMA’s 2012 household preparedness survey found an increase in the number of people who believe that a natural disaster was likely to occur in their community. That belief triggered a “substantial increase” in individual preparedness behaviors, such as building a disaster supply kit and making a household emergency plan.

a. Both statements are true.

b. The first statement is true; the second one is false.

c. The first statement is false; the second one is true.

d. Both statements are false.

14. In 2012, federal agencies had to include climate change adaption plans in their sustainability plans.

a. True

b. False

c. False; there is no such thing as a federal agency sustainment plan

15. Which of the following acronyms is not related to the public information and warning capability (select all that apply)

a. IPAWS,

b. WEA,

c. EAS,

d. BARDA,

e. FCC

16. Which of the following acronyms do not appear in the 2013 Preparedness Report (you may select more than one)

a. PHEMCE,

b. RRAP,

c. SLTTGCC,

d. LGBTQQIA,

e. EPCRA,

f. SLOSH

17. Which country was not involved (according to the Preparedness Report) with helping the US improve “operational coordination in law enforcement, cargo screening, and passenger screening”.

a. Australia

b. Mexico

c. South Korea

d. Canada

e. Switzerland

f. Republic of Congo

g. Indonesia

h. European Union (a country for the purposes of this question)

18. Average time DHS said it took to conduct searches of biometric watch list data from US ports of entry and US consulates

a. One week

b. One day

c. About three hours

d. Less than a minute

e. Under 10 seconds

19. According to the Preparedness Report, the approximate number of terabytes of data processed by regional computer forensics laboratories in 2011 was

a. 400 gigabytes, less than half a terabyte

b. 4 terabytes

c. 400 terabytes

d. 4000 terabytes

e. One yottabyte

20. DHS established a maturity model that identifies the four stages through which the national fusion center network will progress “as it moves toward full capability and operational integration as a unified system.” As of February 2013, the national network was at what stage of the maturity model:

a. Stage 1 – Fundamental

b. Stage 2 – Emerging

c. Stage 3 – Enhanced

d. Stage 4 – Mature

21. As of 2011, approximately what percentage of the 1500 requests for financial transaction data from the Department of the Treasury’s Financial Crimes Enforcement Network was “directly related to terrorism”?

a. Zero

b. 25%

c. 50%

d. 90%

22. The State, Local, Tribal and Territorial Government Coordinating Council studied critical infrastructure programs in 31 states. Approximately what percentage of the programs were able to measure the effectiveness of their critical infrastructure protection activities?

a. Zero

b. 25%

c. 50%

d. 90%

23. Approximately how many Citizen Corps Councils are in the US?

a. 56

b. 112

c. 1200

d. 2170

24. The most common natural disaster in the US is

a. Tornados

b. Wild land Fires

c. Floods

d. Crime

e. Earthquakes

25. The method most frequently used by states and local jurisdictions to enforce mandatory evacuation orders is:

a. Arrest

b. Fines

c. Removal by force

d. Mandatory evacuation orders are rarely enforced

26. Which of the following is not a part of the DoD CBRN response enterprise?

a. Command and control CBRN response elements

b. National Guard WMD civil support teams

c. National Guard CBRNE enhanced response force packages

d. Homeland response forces

e. They are all a part of the DoD CBRN response enterprise

f. There is no such thing as a DoD CBRN response enterprise

27. According to the Preparedness Report, most counties in the United States have established capabilities to provide response-level interoperable communications within one hour of an incident.

a. True

b. False

28. The Federal Highway Administration estimate of the percentage of the nation’s bridges that are either structurally deficient or functionally obsolete is

a. 1%

b. 15%

c. 25%

d. More than 50%

29. According to the Preparedness Report, “Interstate mutual aid plays a limited role in augmenting the capabilities of states and territories.”

a. True

b. False

30. Each year, the Nation makes additional advances toward realizing the National Preparedness Goal and implementing the National Preparedness System through improved guidance and new partnerships involving all levels of government; private and nonprofit sectors; faith-based organizations; communities; and individuals.

a. True

b. False

 

 

 

 

 

June 1, 2013

Unthinking habit is among our top threats

Filed under: Preparedness and Response,Risk Assessment — by Philip J. Palin on June 1, 2013

On Friday evening another series of tornadoes touched down near Oklahoma City.  They descended on the metropolitan area during the rush hour in the midst of heavy rains that complicated tornado identification and caused significant flooding.

The worst threat emerged between about 6:30 and 7:00PM Central Time.  According to CNN:

The Oklahoma Highway Patrol says a mother and child were killed as tornadoes moved through Oklahoma City. Highway Patrol Trooper Betsy Randolph says troopers found the bodies near a vehicle along Interstate 40 west of the city.
 
Parts of Interstates 35 and 40, which cut through Oklahoma City and Moore, were “a parking lot,” the weather service said, warning that those caught in the heavy rush hour traffic “are in danger.”

“We’ve got a nightmare situation going on right now,” Betsy Randolph, a state Highway Patrol spokeswoman, told CNN.

“They are essentially sitting ducks on the interstate.”

Overturned big rigs and cars littered portions of the roadway, and thousands more were believed to be stuck in the traffic.

“My biggest concern right now is the traffic that is out on the highway right now,” Oklahoma Gov. Mary Fallin said.

She said she has called out the National Guard, the Oklahoma Highway Patrol and the state Office of Emergency Management to “try to get the traffic moving” and get people to shelter.

As of Saturday morning I am mostly reading and hearing echoes of this Friday evening report.  More details are needed.  But there is a strong suggestion that even among the storm-sophisticated citizens of central Oklahoma there was a readiness to risk a “regular commute” in the midst of a tornado watch/warning and observable heavy rain.

The decision to stay or go is at the core of an effective emergency response.  For the vast majority of threats the better decision is to stay.  But a wide range of habits — from fire drills, to hurricane evacuations, to the daily commute — push us to go… sometimes directly into harms way.

LATE BREAKING: Please access the comments and many thanks to Mr. Rob Dale for very helpful additional information.

May 23, 2013

Synergistically Shifting the Resilience Paradigm

Filed under: Preparedness and Response,Strategy — by Philip J. Palin on May 23, 2013

The following post is by Andrew J. Phelps. I invited Mr. Phelps to “respond” to my post above which was a reaction to his comment last week. His response is considerably more than a response-to-a-response and deserves this separate posting. (Philip J. Palin)

–+–

I have no idea what the title of this post means. I don’t know if I could accurately define or describe “synergy”, “resilience”, or “paradigm”. I have ideas of what they may mean and I have used them all, probably incorrectly, in talks, presentations, and my writing. I have a problem, however, with the word resilience. So much so that I jumped at the opportunity to dig a little deeper into my derision for that word when asked by the folks at Homeland Security Watch.

The Rockefeller Foundation’s recently announced 100 Resilient Cities Centennial Challenge is aimed at creating 100 local CROs (Chief Resilience Officers) “to oversee the development of a resilience strategy for (their) city”. Reading about this well-intentioned initiative made me wonder if the concept of “resilience” is truly understood by the policy-makers asking communities to become more resilient. I do not believe it is. My two-part understanding of resilience in the context of disasters and catastrophes in a community is this:

  • One, the ability of a community to quickly begin recovering from a disaster and continue the provision of services;
  • and two, a community’s capacity to return to its pre-disaster “shape” (a rubber-band is resilient, in that as it is pulled and stretched, it always returns back to its original size and shape. Unless it breaks.  In which case, it is beyond repair and perhaps lacked sufficient “resiliency”).

My first understanding of resiliency speaks to two critical components of emergency planning: Recovery (both short and long-term) and Continuity of Operations/Government. My second understanding just sounds like a bad idea to me and one I would not be comfortable explaining it as an optional path following a disaster to my elected officials:

Governor: Our state has been devastated by XYZ disaster. We need to show we are resilient.

Emergency Manager: How would you like us to demonstrate that?

Governor: By returning everything to how it was before the disaster.

Emergency Manager: Okay. But doesn’t that mean we will remain vulnerable to this same disaster in the future? Apparently “normal” wasn’t doing the trick and we had this horrible disaster. Maybe “normal” isn’t where we want to be…

Governor: Good point. So… we need to show we are beyond resilient; that we are forward-thinking and vow to re-build stronger than before so we won’t have to go through this again. I shall convene a blue-ribbon panel of experts to devise a strategy that will allow-

Emergency Manager: Governor, if I may, we have already done that. It’s our Hazard Mitigation Plan, full of project ideas designed specifically for that purpose. Why don’t we look at some of those projects that will allow us to be “beyond resilient” and rebuild our community so there is less of an impact next time and we don’t need to do as much “bouncing back”?

I think the idea of a resilience officer duplicates the current efforts of emergency managers to build a collaborative space in which subject matter experts from government agencies across all levels of government, the private sector, non-profit organizations, and the community served by the emergency manager develop plans, strategies, training and exercise initiatives, and resource acquisitions to address what it sounds like the Rockefeller Foundation envisions being addressed by a Resilience Officer.

Here is what I believe:

Communities are inherently resilient.

Since Hurricane Katrina, New Orleans has been recovering, even in light of a national economic down turn and a second disaster, the Deepwater Horizon explosion and oil leak. I understand New Orleans has not fully recovered, however a study released in February, 2013 showed that between 2010 and 2011 it was the fastest growing city in the US and as of July, 2011 (5 years after the disaster) had 90% of its 2000 population. That same study showed the New Orleans metro area had a 0.6% increase in jobs while the rest of the country had a 3% decrease between 2007 and 2012. The referenced study does show some areas where New Orleans is not doing so well, especially in terms of violent crime and affordable housing, but it certainly is not allowing itself to wash away into the Mississippi delta. I imagine that New Orleans is not seeking to resiliently return to its pre-Katrina condition, but to recover to a state better than its pre-Katrina condition.

There is no community in the US that I can think of that has been impacted by a disaster in the last 100 years that has not recovered. After a disaster, our communities are not abandoned. They come back. Some quickly, some slowly, but they come back. West, Texas will come back. Moore, Oklahoma will come back. Who will be leading those comebacks? It won’t be a Chief Resilience Officer. It will be planners, SMEs from all corners of government, the private sector, non-profit organizations, and members of the community.

Resilience is the new All Hazards

Most every profession has a short-hand (even the NIMS-indoctrinated, plain-text homeland security crowd). As I began my pursuit of a career in Emergency Management everyone was talking about an All Hazards approach. Of course, it didn’t mean we were planning for every hazard under the sun; it is shorthand meaning that we were planning for all of the hazards that could impact our community. I recently mentioned the all-hazards planning approach while giving a talk to a community organization where I live and work in New Mexico. A puzzled audience member asked why we would be preparing for all hazards when things like tsunamis and hurricanes wouldn’t really impact us. It occurred to me that the words we use and concepts we understand are not necessarily understood by people outside of our field, though that does not prevent elected officials, policy makers, or philanthropists from using them, regardless of their own lack of understanding. The further we get from the meaning of our own shorthand, the more cloudy our mission becomes, both to us and our communities. Instead of throwing around a term like “resilience” or “all-hazards” and assuming people know what we are talking about, let us break those concepts down into its individual parts and really explain the role of hazard and risk identification and assessment, mitigation, recovery and operational continuity planning and its importance. People are smart and don’t need us to “Reader’s Digest” everything into small words. These are big and important ideas. Let’s not throw them away.

I do not know that a CRO is sustainable, but believe sustainability is critical to resiliency.

The Rockefeller Foundation wants to distribute $100 million among 100 cities with the goal of making communities more “resilient”. My math can be shaky, but since I have time to use a calculator I have figured out that this comes to $1 million per community. The idea is that this money will be used to fund a Chief Resilience Officer charged with overseeing resiliency initiatives like a resilience plan and improvements to infrastructure to increase their resilience. If the recent FEMA Community Resilience Innovation Challenge is any indication of what some of those projects may be, we will see the creation of mobile communication vehicles and the purchase of emergency generators, but likely with even less accountability than current homeland security grant programs that have already given hundreds of millions of dollars to projects just like those. And in the blink of an eye, the community has blown through their million dollars, has a new position they either need to pay for or get rid of, and another plan tucked onto its already-too-full shelf; a plan that is in all likelihood a mash-up of existing continuity of operations, hazard mitigation, recovery and emergency response plans. And Harold Hill has moved on to the next town.

I also question how a community could assess the return on investment of a CRO, but I suspect that it could be measured in much the same way the return on investment can be measured for emergency managers (grant funds brought in to a community, contact with citizens during preparedness presentations, more efficient response times, etc.), in which case, what would be done by a CRO that is not already being done by someone. We also need to be adaptable to a changing world and maintain our ability to improvise to dynamic situations like disasters, but I don’t think we need a Director of Adaptability or Improviser in Chief.

Blog posts are the new psychotherapy, a chance to work through demons. The difference is the opportunity for strangers to comment on how well, or how poorly, you’ve done. I am grateful to Philip Palin and the HLS Watch for providing me an opportunity to have worked through my deep-seated hatred for the word resilience. I look forward to a continued exchange of ideas. We emergency managers, mayors, governors, fire and police chiefs, urban planners, corporate executives, community organizers and concerned citizens need to incorporate the concepts that are commonly understood as contributing to a community’s resilience into our planning. This means looking at climate change as a hazard to be mitigated and above all else, ensuring our communities can continue to progress, not regress or remain static, following a devastating tornado, wildfire, or pandemic. Many communities already do this formally, I believe all do informally.

Resilience is not a bad word, and the Rockefeller’s Resilience Challenge is not a bad idea. It has perhaps given emergency management a hair cut, so now people will look at emergency management in another way and say “you look… different. Good, but different.” And emergency managers should say “thank you” and keep doing what we are doing, but perhaps with a little more money in our budgets and, even better from the perspective of my office chair, more understanding and support of what we are trying to accomplish.

« Previous PageNext Page »