Homeland Security Watch

http://www.kpho.com/story/22724064/19-firefighters-dead-in-yarnell-wildfire

Just in case you missed it, earlier this week a guilty plea by 18-year-old Justin Kaliebe was unsealed at the US Federal Court in Islip, New York.  Court documents detail how Mr. Kaliebe intended to join the forces of Al Qaeda in the Arabian Peninsula (AQAP).  Federal authorities found evidence that the high school student had been accessing online English-language resources from AQAP.  More information from the FBI.

What’s on your mind related to homeland security?

This is — depending on your responses — probably the last in a short series of posts on perceived tensions between private and public sectors in homeland security.  Prior posts have considered context, concepts, and communications.

–+–

In the June Harvard Business Review a three-piece collection focuses on “strategy for turbulent times”.  HBR authors aspire to be evidence-based and action-oriented.  This usually results in story-supported assertions with to-do or not-to-do lists.

In “Transient Advantage” Rita Gunther McGrath argues we now live “in a world where a competitive advantage often evaporates in less than a year [and] companies can’t afford spending months at a time crafting a single long-term strategy”.  After a couple of stories she lists seven dangerous misconceptions and offers paragraph-long explanations for “eight major shifts” in the ways companies need to operate.

If you are a public servant can you translate any four of these into near-term action in your agency… without risking jail-time or, at least, very stern comments by the Comptroller General?

1.  Think about arenas, not industries.  “An arena is a combination of a customer segment, an offer, and place in which that offer is delivered.”

2. Set broad themes, and then let people experiment.  Is that what happened in the Cincinnati IRS office?

3.  Adopt metrics that support entrepreneurial growth.  The author quotes a business executive who advocates, “fall in love with the problem you are trying to solve.”  I have not seen that metric referenced in any GAO publication.

4.  Focus on experiences and solutions to problems.  Okay, that’s a gimme.

5.  Build strong relationships and networks.  Two gimmes.  But accepting is different than adopting which is entirely different from practicing.

6.  Avoid brutal restructuring: learn healthy disengagement.  And how do you explain this to the oversight committee(s)?

7.  Get systematic about early-stage innovation.   When Poindexter et al attempted to do this publicly with Total Information Awareness the NSA learned (see number 8) to do essentially the same thing behind closed doors.  See where that got us.

8. Experiment, iterate, learn.  What do you suppose TSA has learned from its experiment in changing the rules related to onboard knives and related?  It might have learned something about number 5.  But instead I expect it mostly learned that number 7 involves pain.

The private sector organizations I know have been talking about these shifts for the last quarter-century or more.  Some are making the shifts.  A few live in fifth-gear.  Almost everyone dreams of the two-door top-down wind-in-the-hair shift-into-fifth.

Most public sector organizations I have encountered dream about a Prius (or more politically-and-patriotically correct, a Ford Fusion Hybrid SE) or a very large truck of some sort. All go… but the destination, route, and experience tend to be dissimilar.

The private sector celebrates, mythologizes — essentially worships — action.  What can we do?  Now?  Just do it.  As is often the case believers fall short, sin, and are hypocritical.  But almost everyone can also tell a powerful story of redemption.

My private sector patron saint has been Peter Drucker who claimed innovation and sales are the only sources of value.  Everything else is a cost… and costs, like sin, are to be minimized.

Innovation and sales emerge from the crucible of creativity and customers.  The entrepreneur perceives a need that becomes an opportunity.  The entrepreneurial enterprise probes the desires and deficiencies of the market through which a compelling experience and a persuasive solution emerge (see number 4).  Rapid, continuing, and (if successful) increasingly crowded customer feedback informs creative adaptation and an idea becomes reality. Hallelujah.

I have known public sector enterprises that share similar beliefs and behavior.  Hospitals and water systems are among the most action-oriented.

There is also an — obvious — action-bias among police and firefighters.  But in my experience there is an important distinction with broad implications.

In the private sector, and a segment of the public sector, action is targeted to stimulate or facilitate specific actions by others.  Among enforcement agencies action is (mostly) aimed at stopping or controlling specific actions by others.   Many public sector agencies — especially homeland security agencies — are organized to stop undesirable behavior rather than start or serve desirable behavior.  Feedback comes much more slowly, more hierarchically, and is often reported as a reduction — as opposed to growth — in key indicators.

A stop-it culture is not much like a start-up culture.

I spent most of my career in a series of start-ups.  I soon learned to keep lawyers, accountants, and most academics away from the creative process until the enterprise was generating some sort of market-based results.  The critical-thinkers — as opposed to creative-thinkers — were important contributors to refining promising products; but they very seldom saw the need for anything beyond fourth gear and third was fine most of the time.  Government lawyers and accountants seem especially talented in this regard (apologies Bill).

None of this is meant to suggest one culture is innately superior to the other.  Personally I feel more comfortable in the private sector.  But that is an aesthetic rather than an ethical or existential judgment.  Each culture, at its best, is well-adapted to its particular context and purposes.  The two cultures need each other if those who depend on both are to be well-served and if each is to flourish.  In the homeland security domain both cultures are in any case persistently present.

If a stop-it guy and a start-up gal were tagged for a blind date would opposites attract or deflect?  It depends on the self-awareness and sense of humor of each.  If either or both tend toward self-righteousness, watch out for yelling or someone walking out in a huff or no real conversation and no second date.

But we often reserve our greatest affection for that which is mysterious to us (see number 3).  Engineers call this tension, poets may prefer frisson.  It keeps opposites positively engaged. Whatever we call it, homeland security needs to cultivate it in our private-public relationships.

Continuing their coverage of the Biowatch program, the LA Times recently reported on a House oversight committee hearing on “Continuing Concerns Over BioWatch and the Surveillance of Bioterrorism.”  A surprising admission, at least to me, that emerged concerns the Department of Homeland Security’s change in their risk assessment of bioterrorism:

Although BioWatch was designed with the belief that hostile foreign governments could sponsor large-scale germ attacks on American cities, the Homeland Security planners said they no longer saw this as the primary threat. They instead believe that small-scale releases of anthrax or other pathogens are the most plausible type of attack — but that these events would be least likely to be detected by BioWatch. 

A couple of points here:

• Considering when the program was developed, the “hostile foreign governments” in question are likely Iraq, North Korea, and Iran.  We now know that no biological weapon program was found in Iraq.  And I have a hard time believing that North Korea and Iran wouldn’t be deterred by the threat of nuclear annihilation if they were found to have attacked the U.S. with biological weapons.

• However, I also remember that at the time there existed a high level of concern that terrorists could produce or obtain and disperse a biological agent over a city or in a large building.  This was in the aftermath of the anthrax letters.

• So what’s changed in the risk equation?  Perception or an updated assessment of a terrorist group’s potential operational capabilities?  Fears of Iraqi weapons proved unfounded and maybe analysts came to believe there is some level of protection from hostile states afforded by having thousands of nuclear missiles and a fearsome conventional military?  Is the degradation of “Al Qaeda Core” seen as removing the primary terrorist source of a large scale bio-attack? All along was the primary concern that terrorists could only get a lot of anthrax from a state sponsor, but this was kept secret to duck questions about deterrence? Or have they just stopped listening to Richard Danzig?

The technical problem:

Two Homeland Security scientists, Segaran Pillai and Douglas Drabkowski, have “cited a number of limitations” with BioWatch’s detection ability, called sensitivity, according to an investigative summary prepared by the Energy and Commerce Committee’s staff.

Pathogens released at low, yet infectious doses are “least likely” to be detected by BioWatch because of “the system’s lack of sensitivity,” the summary said.

One Congressman’s solution:

As for Generation 3, Murphy suggested that spending billions for it would be inconsistent with the Homeland Security Department’s revised assumptions regarding a large-scale bioattack. The assumptions are outlined in the department’s bioterrorism risk assessments, conducted every two years.

“This costly approach is unbalanced and misdirected,” Murphy said. “It makes no sense to expand outdoor monitoring for a less likely large-scale attack, while not addressing the declining number of public health responders who are needed in any kind of attack.”

I absolutely agree with the last statement.  The recession hit the public health workforce hard, and these are the very men and women who will be on the front lines of a response to a bioterrorist attack or a naturally occurring pandemic. If the federal government could provide funds to increase the number of local cops during the 1990s, how about doing the same for public health today?

In terms of this latest turn in the BioWatch program, I am both happy and a little dismayed.  Happy that this seems to be an indication that some real risk analysis is taking place, albeit behind closed doors.  Dismayed that I harbor concerns that before all this money was spent, the system was conceived to detect any aerosolized attack and this new focus on “small-scale releases” is  due to the realization that planners wrote checks that technology can not yet cash.

Moneyball is an informal name given to sabermetrics.

Sabermetrics comes from the acronym SABR, the Society for American Baseball Research. Specifically, sabermetrics is about using non-traditional statistics to determine how baseball players perform.  More generally, it is about using numbers to measure performance.

This is going to be the homeland security link. The enterprise continues to have problems connecting spending to performance.  There’s less homeland security money to spend.  Where should it go?

The theological response includes the chant “risk-based.” The political answer is more nuanced.  But I’m getting ahead of myself.

I’m thinking about Moneyball in part because the Oakland A’s took four games from the New York Yankees earlier in June.  The A’s have a 60 million dollar team salary; the Yankees spend 203 million.

I’m also thinking about Moneyball because of an article I read last week by John Bridgeland and Peter Orsazag called Can Government Play Moneyball?: “How a new era of fiscal scarcity could make Washington work better.”

The A’s get credit for popularizing sabermetrics.  In 2002, they were expected to use their 41 million dollar team salary to compete against teams like the Yankees (with their 215 million dollar payroll).

Michael Lewis’s “Moneyball: The Art of Winning an Unfair Game” gives the details.  Several people in the A’s hierarchy wanted to make resource allocation decisions based on a broad range of rigorous statistical analysis.  They wanted to supplement, if not replace, the traditional measures used by experienced baseball men — mostly gut feel — to decide how to spend money. There’s a vivid scene in the Moneyball movie that shows how baseball scouts reacted to the new rules.  Not well.  But the A’s went to the playoffs in 2002 and 2003.

Sabermetrics got the credit.  Other teams and sports took notice.  Moneyball — “replacing scouts’ traditional beliefs and biases about players with data-intensive studies of what skills actually contribute most to winning” — arrived.

Bridgeland and Orsazag think we can do something like moneyball with government spending.

They start their article with this:

Based on our rough calculations, less than $1 out of every $100 of government spending is backed by even the most basic evidence that the money is being spent wisely. As former officials in the administrations of Barack Obama (Peter Orszag) and George W. Bush (John Bridgeland), we were flabbergasted by how blindly the federal government spends. In other types of American enterprise, spending decisions are usually quite sophisticated, and are rapidly becoming more so: baseball’s transformation into “moneyball” is one example. But the federal government—where spending decisions are largely based on good intentions, inertia, hunches, partisan politics, and personal relationships—has missed this wave.

The authors offer anecdotes and data to support questioning the relationship between spending and performance.  That’s not a new insight.  But it’s a measure of how jaded you’ve become if you can read without surprise that the Scared Straight-type programs increases criminal behavior rather than decreases it, or that a member of congress can respond to a data-based program suggestion by saying ““You and your staff may have your Ph.D.s, but you have no clue…. “We don’t need any of your fancy analysis.”

I’m sure you have your own stories.

The authors believe things can change:

We’re optimistic too, even though the obstacles to moneyball in government are daunting. Absent major changes in campaign finance, special interests that profit from blind budgeting will still have a powerful means of thwarting reform. Agencies’ staff will roll their eyes at the next round of “budget reforms,” wait out the incumbent, and then continue business as usual. And members of Congress will stay wedded to their legacy programs.

But we believe the federal budget crunch will force change. Already, many cities have had to choose between fewer cops and fewer teachers; between slower ambulance response and less-frequent garbage removal. The federal government is now beginning to face similarly stark choices. Do we really want to furlough hundreds of FBI agents at a time of heightened threats? Or lay off air-traffic controllers? Do we really want big cuts at the National Institutes of Health or to early-childhood-education investments, both of which are engines of economic growth? Do we really want to eat our seed corn?

Does moneyball (as metaphor or program) have anything to offer homeland security? Something is needed.

In yesterday’s Homeland Security Watch, Beckner wrote about a fiscally irresponsible and data-blind proposal to almost double the size of the border patrol and reincarnate SBInet.

Also yesterday the Government Accountability Office provided what seems to be their annual reminder that

According to FEMA officials, neither program [ Emergency Management Performance Grants and Assistance to Firefighters Grants programs] has a standardized tool with which to validate the performance data that are self-reported by recipients; additionally, the regions are inconsistent in their approaches to verifying program performance data. The absence of a formal established validation and verification procedure, as directed by Circular No. A-11, could lead to the collection of erroneous performance data.

A friend recently sent me a collection of articles making the same point.  Here’s a sample (with my emphasis):

Cybersecurity — DHS IG Says Department Lacks Strategic Plan To Implement Cybersecurity Mandate. The Government Computer News .. cites a “recently released” report by the DHS Office of Inspector General which says DHS’ efforts at implementing the Federal
Information Security Management Act of 2010 “are hampered by a lack of a strategic plan with long-term goals and metrics”….

New border policy — House Committee Approves Border Security Legislation. All 32 members of the House Committee on Homeland security voted Wednesday in support of legislation by Rep. Michael McCaul (R-TX) that would “require the Department of Homeland Security to establish metrics and a roadmap for additional enforcement before seeking additional enforcement spending….”

Old border policy — Napolitano, McCain Discuss Border Security, Immigration Reform In Arizona.  KPHO-TV Phoenix notes differences in gauging border security between Napolitano and Arizona Gov. Jan Brewer. KPHO says that while “Napolitano says the border is the safest it’s been in decades,” Brewer argues the border won’t be secure until local residents indicate as much. Meanwhile, “McCain said at this point there is no way to gauge when the border is secure,” stating, “We’ll have to establish those metric and they are very difficult. Right now there are not enough sufficient metrics in order to make that assessment.”

TSA — Pistole Defends Behavior Detection Program. USA Today reports the IG “said in a 41-page report…that the TSA doesn’t effectively assess the program or have a comprehensive training program.” Assistant inspector general for audits Anne Richards wrote, “As a result, TSA cannot ensure that passengers at United States airports are screened objectively, show that the program is cost-effective or reasonably justify the program’s expansion.”

Information Sharing Enterprise — ODNI’s Networking Efforts Cited In Appeal For Agencies To Share More Information. Government Executive reports Leon Fuerth, former national security adviser to Vice President Al Gore, argued Monday at a global policy forum in Washington that … “Networked governance structures can facilitate rapid flow of information and can thus serve as the basis for a smarter and more prescient bureaucracy.” He added that Washington is moving towards this, citing “the Office of Management and Budget’s implementation of cross-agency priority goals and metrics under the 2010 Government Performance and Results Modernization Act…as well as in the Office of the Director of National Intelligence,” but cautioned that “a like effort by the Obama White House national security team…was derailed by congressional appropriators who felt undermined.“

I’m sure you have your own stories.

A sometimes cynical college tells me moneyball in government is simply another way one set of interests will try to take power away from another group. He believes moneyball won’t work.

As much as I would like to see something like moneyball (as metaphor or experiment) crack the performance code, I’m not optimistic.  Unlike baseball, where performance is measured every time a ball is put into play, homeland security is more like the game of Chinese baseball described in a 1975 Public Administration Review article by R. G. H. Siu (the article – Chinese Baseball and Public Administration — is behind a $25 JSTOR paywall): once the ball is in play (I’m paraphrasing), any player can change any of the rules, move any of the bases, alter the field or modify the game in any way that seems sensible at the time.

Keep the game going.

If the history of homeland security budgeting and spending has demonstrated one truism over the past dozen years it is this: threat specters trump performance metrics. The fear of terrorists, cybersecurity villains, mega-disasters, hoards of illegal immigrants, rampant drug smuggling, and information dots not getting connected in time outgun rule-loving, eye-shadded, data-sniffing nerds.

Keep the game going.

I do think Bridgeland and Orsazag’s idea is worth tinkering with.  If moneyball did come to homeland security, what might it look like?  What numbers could tell us more about performance than the current approach of dividing “number of things” into “amount spent?” Maybe there is someone in the homeland security enterprise already doing this, or something like it. If so, where are you? What are you doing?

One more thing. If moneyball does have something to teach homeland security, the teacher probably won’t be very involved with the “doing” of homeland security.

Neither sabermetrics nor moneyball came from baseball players.

————————–
Correction and updates June 25, 2013 11:18 AM :
1. The A’s only took three games in a row from the Yankees in June, not four. I had that confused with the Met’s four game sweep of the Yankees in May.

2. A helpful explanation of Moneyball can be found in Season 22, Episode 3 of the Simpsons, called “Moneybart”. The explanation starts around the 7:45 mark.

3. For reasons buried in gramatical tombs, the apostrophe in “A’s” is apparently correct, as is the absence of one in “Simpsons.”

4. For more on how FEMA assesses preparedness, please see Tim Manning’s June 25, 2013 “Written testimony of FEMA Protection and National Preparedness Deputy Administrator Tim Manning for a Senate Committee on Homeland Security and Governmental Affairs, Subcommittee on Emergency Management, Intergovernmental Relations, and the District of Columbia hearing titled “Are We Prepared? Measuring the Impact of Preparedness Grants Since 9/11”.  The proposal to “establish a National Preparedness Grant Program” is described toward the end of the testimony.

5. Among the thoughtful comments on today’s post, please see the ones by “JD” and an equally anonymous “street cop.”

Immigration reform legislation has been debated for the last couple of weeks on the floor of the Senate, and late last week a compromise emerged – in the form of an amendment from Sen. Corker and Sen. Hoeven – that appears to have secured enough votes for the bill to survive a cloture vote in the coming week and then move to final passage.  This New York Times story provides a good overview of the state of play.

One of the key provisions in the amendment (which is technically being wrapped into a larger substitute amendment) is $30 billion in funding over the next decade to add 19,200 new Border Patrol agents, nearly doubling the size of the Border Patrol from its current staffing level of 21,370 agents.

This proposal is a terrible idea – one that would be wasteful of taxpayers’ money and is not based on sound operational or technical analysis as to what investments are really needed to improve border security.

Before discussing this in depth, let me be clear: I would like to see broad-based and balanced immigration reform legislation be enacted, and it is sensible for a component of that legislation to be focused on border security, as is the case with ‘Gang of 8’ base bill.  Many of the border provisions in the base legislation are reasonable, including proposed investments in technology and infrastructure (although strong oversight is needed on these, given the history of SBInet) and the proposal to increase the number of Customs and Border Protection Officers (CBPO’s, who are different from Border Patrol agents).

However, the proposal to double the number of Border Patrol agents is different, and is something that deserves careful scrutiny by people on all sides of this debate before moving forward.

I have three primary concerns about this provision:

First, adding “boots on the ground” may make for a good soundbite, but it’s a costly and inefficient way to improve border security.   CBP spends around $3.2 billion/year today on personnel costs for the Border Patrol – a figure that doesn’t include the cost to train and equip them.  This $3.2 billion is already a very large chunk of DHS’s budget – as a point of comparison, it’s about 3-4 times greater than what the Department spends overall each year in support of its cybersecurity mission.  A proposal to double the Border Patrol would increase that total to over $6 billion/year in current dollars – and this would be an annual investment for the long-term, because of the difficulties associated with reducing such a workforce once you’ve expanded it.

Second, this proposal is not based on any real analysis about operational needs on the border.  Has anyone assessed what are these additional 19,200 agents going to do, or where are they going to work, or what infrastructure is needed to support them?  Not that I’ve seen, and I doubt that any analysis along these lines has been done.  And if we’re going to be making technology and infrastructure investments (e.g. fixed towers, UAVs, better comms) using funds available elsewhere in the legislation to improve the operational efficiency of the current Border Patrol agents, then why it is logical that we would also need twice as many of them?  As it is, we are already at the point where in some parts of the country, we’re seeing the “diminishing marginal returns” in border security that Secretary Napolitano spoke of a few months ago, exemplified by media reports where Border Patrol agents are fighting constant boredom.   Given this, I think it’s very hard to justify this proposal on its operational merits.

Third, it would be unwise to be spending billions of dollars to double the size of the Border Patrol when many of the other parts of DHS (and other key security-focused agencies) are struggling under the weight of four years of flat and declining budgets, topped off in the last few months by the cuts of sequestration.  For example, the Coast Guard is cutting personnel and continues to be delayed in its acquisition of its next generation of maritime vessels due to budget constraints.  (And keep in mind that the Coast Guard’s maritime border security requirements in the Gulf of Mexico and southern California will likely increase as the southwest land border becomes more secure).  The FBI is expecting that it’s going to need to furlough agents next year because of sequestration.  Nearly every part of DHS has felt the impact of budget cuts by Congress in the last four years – in many cases trimming out needed fat, but now to the point where the cuts are having an operational impact.   But now, suddenly, the Senate is proposing to spend tens of billions of dollars to double the size of the Border Patrol without one iota of analysis.

Given these three factors, I would hope that members of Congress in both parties would rethink this fiscally and operationally unwise proposal, regardless of their position on the broader bill.   There are many better ways to accomplish the shared goal of improved border security.  Some of these are already integrated into the base bill, and others, such as increased resources to investigate overseas human trafficking and smuggling organizations, and increases to the intelligence offices at CBP and ICE, and increases to state and local law enforcement grants in border states, would cost much less but collectively deliver a greater overall benefit to border security.

The agents who currently serve in the Border Patrol are hard-working and patriotic, and deserve our support.  But doubling their ranks doesn’t make any sense, and would be a fiscally irresponsible and operationally uninformed decision by the Congress.

This is Christian Beckner, the founder of this site back in 2005, seven and a half years ago.  As longtime readers of the site will know, it’s been more than six years since the last time I authored a post on HLS Watch, due to my employment from 2007 to 2013  on the professional staff of the Senate Homeland Security and Governmental Affairs Committee, working for Sen. Lieberman.

I left the Committee staff back in January and started a new job as Deputy Director of the Homeland Security Policy Institute at the George Washington University.   Given this job change, I’m planning now to start posting again at HLS Watch, starting this weekend, although not at the frequency I maintained in the past.   I’m also going to be increasingly active on Twitter – you can follow my comments there at http://www.twitter.com/cjbeckner

I’d like to thank Jonah, Phil, Chris, Jessica, Mark, Arnold and others for keeping this site going in the last six years.  And I’m looking forward to re-engaging in the public dialogue on all of the issues that this site covers.

Today is the summer solstice in the northern hemisphere.  Wildfire season has had a strong start.  Despite an above-average prediction for hurricane season, there are no significant energy pulses currently off North Africa. Floods are receding in Central Europe and rising in Western Canada.  The MERS coronavirus continues to emerge. Violence in Syria, Turkey, Somalia, Sudan, Nigeria and elsewhere suggest, if anything, increasing opportunity for phase transitions in sectarian conflicts.

What’s on your mind related to homeland security?

Two weeks ago I started thinking-out loud regarding the sometime tension between public and private cultures, especially related to homeland security.  I suggested the two sectors are divided by contrasting perceptions of context.   Given the difference in context, it is not surprising two very different concepts of operations emerge. Last week I gave specific examples related to planning.

This week I look at communications.   The differences here are especially profound, but as far as I can determine have nothing to do with my context-and-concept framework.  Today no theoretical notions, just observational reports.  If you have a hypothesis that explains the differences, please let us know.

–+–

Scheduling, Size, and Agenda

If I am doing private sector meetings in New York, Chicago, or San Francisco I begin setting up the schedule four to six weeks before.  I can usually do three or four meetings a day. Typically I exchange notes on agenda and key questions or purposes about two weeks prior.    The most important meetings are usually a working lunch or dinner.  These are set aside for two-hours plus and are conceived as encouraging non-linear conversations.  The vast majority of meetings are one-on-one or, perhaps, four or five altogether.  Early in my private sector career I was instructed to seriously discount the potential of any meeting involving more than seven people (myself included).

If I am doing public sector meetings — especially in Washington DC — it is risky to set up more than one in the morning and another in the afternoon.  It is not unusual for me to make an appointment and have it shifted two or three times on the scheduled day.  It is typical to make a meeting with one person and for a team of twelve to show up.  Eating together is seldom involved, but it is a signal of unusual intimacy.   Most of the public sector meetings to which I am invited have also invited dozens of others, but often less than a dozen show up.  More –sometimes many more — are on the phone (teleconferences are less common, involve smaller numbers, and are generally less interactive in the private sector). I almost always have an agenda in my mind, but I have learned that being explicit is seldom helpful and often hurtful.  Many of my most productive public sector meetings are totally spontaneous pop-ups.

Participation and Purposes

A private sector meeting usually begins with either a problem or a purpose (hence the prior discussion of agenda).  Some sort of previously prepared product is presented that either defines the problem/purpose or purports to solve/advance the problem/purpose.  Questions are asked.  Criticisms are offered.  Answers and explanations are attempted.  There is a conversation, often facilitated by the most senior person or an outside consultant. Adjustments in the original product are made.  Action steps are assigned. Who is assigned what is especially important.  What is the A Team assigned?  What is given the soon-to-retire guy and why? This signals the real priority associated with the product.  Some sort of follow-on measure or meeting or such is targeted.   Someone almost always follows up immediately in writing with what the meeting covered and decided. Who sends the follow-up and the proportion of CYA to advance-the-plow is significant. Corrections or “clarifications” to the follow-up can become very complicated. The product may be badly conceived.  The conversation can be stilted and non-productive.  The action assigned may be anemic and have the half-life of a May Fly, but this is a regularly repeating pattern.

A public sector meeting usually begins late, almost always ten minutes late.  It is not unusual to have a significant number of participants showing up thirty minutes late.   The meeting is often designed to generate a big piece of a product and it may be designed and constructed in the open meeting.  Positions are staked out. Pennsylvania is interested in X. HHS is insistent on Y.  Red Cross won’t play unless ABC is assured.  The product is accordingly adjusted, sometimes on a big screen in front of everyone.   Questions may be asked.  I have seen effective questioners transform meetings and products.  But when questions are answered it is much more reminiscent of a thesis-defense than a dinner conversation. Another version of the product is distributed claiming to reflect the meeting outcomes.  Sometimes it does, often by padding the product and making it even more unwieldy and unreadable, occasionally in an integrative way.  But in any case, the authors can claim to have consulted key stakeholders and peers.

In the private sector “products” — as used above — are usually a collection of research, production, organizational, and/or marketing actions.   In the public sector products are as often written documents of some sort.

Rhetoric

Private sector meetings are more and more informal.  This trend has been especially pronounced over the last ten years.  Casual Fridays have overtaken the whole week.  The discussion ranges from family to a couple of cells on the spreadsheets to purposeful (very short) stories.  There is — in many, though not all, private sector settings — a deep bias toward “blending.”  Private and professional are blended.  Numbers and narrative are blended.  Everyone is expected to contribute to the conversation in a balanced happily blended way. Courtesy counts. Cool counts.  Generation Y has a serious claim on the culture.

There is — at least to my taste — a persistently paramilitary flavor to most  public sector meetings.  Many more ties are worn in the public sector.  Many more PowerPoints are shown.  There are many more formal presentations and “official” interventions.  The size difference between private and public meetings, noted above, probably has a considerable influence.  Command Presence counts. Baby boomers continue to define the culture.

When these two cultures come together the rhetorical results can be dramatic, especially when there is numerical parity.  Private sector conversations seem off-point or ill-informed or glib to many in the public sector.  Public sector interventions seem long, defensive, and bossy to many in the private sector.

At a private-public session a few months ago a senior government official attempted to direct the discussion by asserting his (and his organization’s) greater knowledge of the situation.  It was an extended comment punctuated with just a tad of table-pounding.  It was followed by uncomfortable silence.  I was trying to conceive a follow-on question that might open up some shared space.

A younger private sector guy broke the silence with, “I don’t believe you.  You may be absolutely right, but it doesn’t matter because I don’t believe you.”  The following is a paraphrase, “I don’t believe you because you are claiming more knowledge of your world than I have of my world.  You are claiming to have more control of the world than I believe is possible.  And you are speaking to me as if I was a child.”

I wish it was possible to report that this was an epiphany that unlocked greater understanding on both sides.  Instead it seemed to deepen the chasm.

I saw the following press release about the Quadrennial Homeland Security Review on the Center for Homeland Defense and Security website today.

A stronger risk-based approach and expanded stakeholder input will be included as the Department of Homeland Security (DHS) undertakes the second Quadrennial Homeland Security Review (QHSR) this summer, a top department official said June 6.

“The second review will also have the benefit of a consolidated DHS office that will guide the process,” said DHS Office of Policy Assistant Secretary for Strategy, Planning, Analysis and Risk (SPAR) Alan Cohn. DHS consolidated the functions of the Office of Risk Management and Analysis with the Office of Strategic Plans to form SPAR in March 2012, creating an integrated strategic planning, risk modeling and analysis function for the Department.

The QHSR is legislatively mandated to be conducted every four years under the Homeland Security Act of 2002, as amended. The first review was completed in February 2010 and set forth a strategic framework for the nation’s homeland security. Five homeland security missions were identified during the first review and will remain the core of the strategic approach: 1) preventing terrorism and enhancing security; 2) securing and managing our borders; 3) enforcing and administering our immigration laws; 4) safeguarding and securing cyberspace; and 5) ensuring resilience to disasters.

The second QHSR will build on this foundation and focus on how DHS will build smarter, more dynamic, risk-based approaches to homeland security that engage the broadest possible range of partners. The key difference for the second review is that DHS and its partners will be able to engage continuously through the study and analysis phase of the review, according to Assistant Secretary Cohn. “We will look for areas where strategic shifts may be necessary to keep pace or get ahead of changes in strategic environment,” he said. DHS will complete the second QHSR review process by the end of 2013.

“The first QHSR spelled out the idea of homeland security, but also described the importance of thinking about homeland security as an enterprise responsibility,” Assistant Secretary Cohn said.

“Beyond being a federal responsibility, this is a national responsibility. There is an enterprise that goes far beyond the halls of DHS that is engaged in assuring the security of the homeland of the United States. For that reason, it’s vitally important for the Department to engage with that broader community of stakeholders in conducting a review of this type.”

DHS plans to connect with state, local, tribal, and territorial governments, the private sector, and non-government entity stakeholders through an online community to be established through the DHS Science and Technology Directorate’s First Responders Communities of Practice. DHS will use this and other venues to invite stakeholders to offer perspectives, comments and ideas.

Cohn urged academics and practitioners, including those associated with the Center for Homeland Defense and Security, to contribute.

“We encourage the broader homeland security community, including alumni of the Naval Postgraduate School Center for Homeland Defense and Security program, to fully and extensively participate in the process of building that community of practitioners,” Cohn said.

The first QHSR was crafted based on input from 42 DHS offices/components, 26 federal departments, and 118 stakeholder groups. The Department received 43 white papers as well as more than 3,000 public comments received during three “National Dialogues.”

Welcome to Disaster Hero.

That’s the title of an advertisement I saw in the June issue of the IAEM Bulletin. IAEM stands for the International Association of Emergency Managers.

Here’s a picture of the ad.

You can play the game online, at no cost. Just click on this link. http://www.disasterhero.com/ (It took a while to load the first time, but subsequent runs don’t seem to take as long.)

Here’s what the FAQ file says about the game:

Disaster Hero is a free online game designed to teach children (grades 1 through 8), parents, and teachers/caregivers how to prepare for disasters. The overall goals are to ensure that players know what to do before, during, and after a disaster. Parents and teachers are included so that the family and school are familiar with the main concepts of disaster preparedness. Emphasis is placed on three steps – make a plan, get a kit, and be informed….

Disaster Hero covers four main topic areas: (1) basic preparedness steps – including get a kit, make a plan, and be informed – to be accomplished to protect the participant and family before, during, and immediately following a disaster or large-scale emergency event, (2) common disasters (earthquakes, floods, hurricanes, and tornadoes), their associated danger signals, typical effects, common injuries, and appropriate responses, (3) basic quick-care tips and techniques for specific common injuries, and (4) basic information about geographic-specific disasters.

A 12 year old boy lives in my house. He is an avid gamer, and by avid I mean to the point where his mother occasionally searches Google for the difference between avid and addiction.

I asked him to play the Disaster Hero game and tell me what he thought about it. He avidly agreed.

I gave him the url and let him explore. What follows are summaries of the field notes I took while he was playing. Words in quotation marks are his, generally directed at the screen, as if no other humans were in the room with him.

———-
There’s an option to register as a user, but he chose to play as a guest. That cuts the start time significantly.

Then you have to load the flash based game. It took about 5 minutes to load. Our broadband access is around 5 mbs; not especially fast. I wondered what the game demographic was. What kinds of kids have access to the internet at home and in school?

“This is taking forever. They really missed a marketing opportunity here. When Droid games load, they run crawlers that advertise other games you could buy. The people who put this game together could be telling people disaster facts while the game is loading. This is taking forever.”

The game opened to reveal a stage that looked like a mix of CNN, Fox News and the Price is Right.

“Oh God; it’s a game show.”

You select your age appropriate difficulty level: bronze, silver or gold. Then you pick a charter who will be your avatar, sort of like Skyrim and maybe tens of dozens of other games.

Next comes an overly long introductory narrative about a retired emergency manager who spent a lot of his career going from planet to planet helping out.

“I don’t care about all this talking. Let me play.”

The head hero (Dante) left the operational world to train the next generation of disaster heroes.

“This is so annoying.”

The action takes place on a planet that has lots of disasters caused by earth, wind, fire, and so on. But the primary theme, as the advertisement promised, is “make a plan, get a kit, be informed.”

There is a skip option, so you only have to listen to all the talking once. The rules are basic and simple.

“Oh my god. Just shut up.”

Next you pick someone to compete against: Techtonic, Tempest, Whirlwind and Dr. Deluge. Guess what disasters they represent.

Living in the northwest, subject to the whims of the Cascadia subduction zone, he selected Tectonic.

After more words from Dante, the first game starts. The player navigates on a jet pack through a worm hole to pick up disaster supplies (I think that’s what it was), competing against Techtonic to see who can score the most points.

Occasionally there are disaster related multiple choice questions: Such as “How can you tell when an earthquake will happen?” Eventually the player gets enough points to move on to the next stage.

Then more talk.

“This is so slow. I want to skip the talk, but I’m afraid if I do I’ll miss something important.”

The next part of the games consists of three rounds, based on Make a Plan, Get a Kit (the type face makes it seem like “Get A Hit”), and Be Informed.

The Make A Plan game starts with 16 sentences to read about how to make a plan and what to include in it. The words can also be read by the game.

“I’m not going to read all that.”

Once past the reading screen, you go to a picture of two rooms and you have to find the 10 differences between the rooms. Click on the missing item (like a telephone) and another lesson pops up — e.g., make a list of your contacts, and so on.

“This is tedious.”

After that game was over, he moved to the Get A Kit screen and found another long list of sentences, this time about the kit. Because of a Flash problem, the list included such items as “forget your pets,” “food when the electricity does not work,” and “medicine is lost.” But one could work through easily enough what the real list was.

Once that was done, the next game appeared. It consisted of 9 squares, each one containing an object that appeared for a few seconds then disappeared. Click, for example, on three decks of cards and you score points; plus you get a hint about keeping a deck of cards in your kit so you have something to do during disaster downtime.

Be Informed was the third game. After going through another list (“I’m not going to read that.”), there was a map of the United States, shovels, shields and red crosses, plus a news crawl at the top of the screen that said something about floods and earthquakes and other things. The player had to do something with the shovels and shields, but — without reading the directions — it was not clear what one was supposed to do. So Tectonic won that round.

Once that game was over, the player goes back to the Headquarters screen to receive congratulations and the news that there was another round coming up.

“I’m done.” he said, returning to his room. “I’m going back to Minecraft.”

A few hours later, before he went to bed, I asked him for his summary review of Disaster Hero. I asked him what score he would give the game if he were doing a review for something like IGN (a site that reviews games).

“I’d give it about a 6.5 on a scale of 10. Essentially it’s a bunch of moderately interesting mini games needlessly framed around how to prepare for a disaster. There are lots of mini games, but they are not especially interesting. The introductions to the sections are tedious. The sense of humor in the game is not amusing.”

I asked him what he learned about disasters from the game.

“Nothing that I can think of right now. I didn’t want to take the time to read all that stuff. I wanted to get right to the game. If I wanted to learn something about disaster preparedness I’d just search it online. I didn’t need to play a game to find out how to be prepared.”

The Black Forest Fire, raging just a few miles northeast of Cheyenne Mountain, has claimed at least 379 homes and two lives.  This morning it is reported five percent contained.  You can read more at the Colorado Springs Gazette.

What’s on your mind related to homeland security?

Tuesday afternoon Mayor Bloomberg unveiled New York’s multi-year strategy and plan to recover from Hurricane Sandy and be better prepared for the next — potentially worse — climate-related event.

You can read the complete document here:  A Stronger More Resilient New York.

I found the press release from the Mayor’s office an informative quick read.  You can see the press release here:  Mayor Proposes How to Protect City from Climate Change.

It strikes me as an entirely reasonable mainstream effort.  It is a mix of several different strategies customized to particular sectors, specific geographies, and — I’m guessing — what it is perceived most citizens are willing to accept.

It is “just” a plan.  Funding, sequencing, and execution of individual pieces will determine what is really achieved.  If you’re a resilience nerd (like me) you’ll probably find it lacking imagination.  But if you’re in favor of “git’ur done” recovery, you’ll probably see it as a whole series of non-market-based complications.   There are surely some New York property developers who see a whole host of new opportunities, and maybe that’s the implicit answer to my critiques below.

The report is organized (mostly) by threat, sector, and geography.  There is a section on community preparedness, but it is probably the weakest in the entire document.  The report is further evidence that governments are willing to build stuff and regulate more stuff.  But there is very little attention to politics: the purposeful practice of living together in a city.

(I can just hear my NY buddies laughing that there is not enough politics in something Mayor Bloomberg is pushing.  But this report — and the news conference at which it was released — sounds/reads more like a systems engineering study than anything involving people.)

This political anemia may contribute to my second impression: Significant elements of the plan depend on working with private sector owners and operators of critical infrastructure, but I don’t see anything outlined to suggest how this shared public-private responsibility will be effectively advanced.

I recommend reading the Utilities section.  This is especially well written systems engineering.  When you come to the “Initiatives for Increasing Resiliency in Utilities”, notice the how involves private-public collaboration and creativity.  But there is no rhetorical or systemic case made for why tomorrow will be different than the day before Sandy hit in regards to these crucial relationships.   I have been involved in private-public dialogue related to electric power.  It can be tough even when everyone is operating in good faith.

I assume it’s just a digital glitch.  But on Wednesday when I was reviewing the plan the Telecommunications section was missing… just as wireless was “missing” across large areas during much of Sandy.  The wireless communications industry is currently expending significant resources to resist new efforts at government regulation.  This has seriously complicated private-public collaboration on emergency preparedness involving the wireless sector. I would love to read that Mayor Bloomberg — with his personal background in the private sector working in an area closely related to telecommunications — has cracked the code for engaging the telecom companies.  For the moment, I find the report’s missing piece richly ironic.

In any case, at least read the news release.

Last week I launched an analysis of private-public tensions in homeland security.  I argued — very broadly (perhaps too broadly to be meaningful) — that the private and public sectors experience two very different contexts.  

The private sector context is perceived as  having significant opportunities for growth, where failure — especially when recognized and jettisoned — can be a key contributor to ultimate success.  The public sector context is perceived as (and often is) resource static or declining and failure is seen as wasteful and/or a source of personal humiliation.

With the exception of an exception by Bill Cumming, this analysis did not prompt comment.  In some cultures silence is a signal of disagreement.  In the United States silence is more often a matter of tacit agreement or apathetic disengagement.  In this instance, I assume the latter but would value your input to challenge or refine these reflections.

–+–

Different Contexts produce Different Concepts of Operation

If reality is static then planning (derived from the Latin for flat or plain or easy to be seen) is not only logical but is reasonably likely to work well.

Moreover if reality is static and failure is “not an option” then planning needs to be — and can be — very detailed.  It becomes the operational analogy of a symphony score.

In the military, emergency management and related public sector domains the score (plan) will often seem similar to an early 20th Century orchestral composition by Schoenberg or Berg or Eisler where excruciating detail unfolds from many pages of careful notation.  It is almost impossible to perform, but  with enough practice serious professionals can pull it off.  Audience reaction varies from wild applause to rioting in the aisle.

Planners are certainly aware they are planning for a non-static situation.  But their current reality — in terms of budget, assignment, measures, and more — is mostly static.  Their own success or failure is much more likely to emerge from the ongoing stasis than the anticipated non-stasis for which they are planning.

(Which reminds me of a Niels Bohr aphorism: “You’re not thinking, you’re just being logical.”)

Meanwhile the private sector — because it perceives expansive opportunity — is inclined to much looser plans, much more jazz than symphony.  This does not mean it is undisciplined, but it is a very different kind of discipline. “To the uninitiated, jazz seems like chaos, whereas the reality is that it’s very ordered,” according to Deniz Ucbasaran. “Underpinning the structure is a long tradition of education and practice.”

In the public sector a great deal of perceived value is embedded in the plan itself.  Developing explicit guidance for future execution is the goal. The private sector tends to focus more on the planning process.  Private value is generated by bringing together individuals and teams from across the enterprise with customers and suppliers and other stakeholders for problem-seeking discussions that emphasize choosing strategic predispositions.  Developing implicit understanding is a frequent goal.

Because private sector context is perceived to be ever-changing it is assumed most tactical decisions cannot be made until real-time is unfolding.  But strategic advantages can be recognized and claimed to better support tactical choices.

Both private and public planning is focused on an anticipated future.  Both private and public recognize the future is not precisely predictable.  But there is a tendency for the public sector to perceive that unpredictability is best engaged through systematically conceived pre-decisions, while the private sector is more inclined to identify present action and shared strategic objectives.

(In a future post I will try to describe what is actually done by the two sectors when the anticipated future unfolds.  It often seems to me counter-intuitive given these predispositions.)

Recently I was involved in a mostly public sector planning process for an unlikely but very consequential event.  There was a private sector guy having his baptismal experience in public-private joint planning.  It was a much better-than-average  public sector planning activity.  There was a substantive discussion of risks. It focused helpfully on meaningful objectives and how the plan should be amended before the next meeting of the inter-jurisdictional, inter-agency, (sort of ) private-public group.

But after the session the newbie private sector participant shared his frustration with the lack of immediate operational/functional action.  He was not referencing planning actions.  He wanted to know when actual changes in personnel, financial or operational commitments would be made to reflect the substantive discussion.  Of course such actions are almost never within the purview of public sector planners.

In a static — or receding — universe, planning relates to what should be done in the future.  In an expanding universe planning is mostly about what will be done now to shape the future.

–+–

Another Niels Bohr quote (can you guess who I am reading?): “Every sentence I utter must be understood not as an affirmation, but as a question.”  While the rhetoric above may sound confident, I am not. This is written out as a kind of discovery learning.  I hope you have some corrections or, at least, alternatives.

It goes without saying that there are several important homeland security-related stories currently playing out in the news.  The following are just a sampling of smaller stories/ideas that I’ve come across in the past few weeks that haven’t garnered similar attention – but that I think are interesting.

First off, a few followup stories on the Moore, Oklahoma tornado:

“Walking the Path of a Tornado”

John Sutter, a columnist for CNN, walked the entire path of the tornado that devastated Moore, Oklahoma from start to finish, tweeting as he went.  Along the way he ran into some amazing stories of individuals helping their neighbors:

In the Braum’s parking lot, I chatted with a couple of for-real volunteers. Judging by Blake and Drew Thompson, selflessness and access to heavy equipment seem to be two valued traits in times like these. The brothers heard on the radio that volunteers were needed and took off work to come. Blake, 28, wore a shirt dedicated to Oklahoma City’s beloved local celebrity, meteorologist Gary England. (Other cities have dozens of famous people to gawk at. OKC has The Thunder, its NBA team; the Flaming Lips, the indie band; and Gary England. People freaking love him. There’s even a Gary England Drinking Game). The brothers brought a chainsaw and wheelbarrow, hoping to help clear rubble. Ready to do whatever was needed to assist strangers.

And the kindness of individuals moved by others’ acts of courage:

Waynel Mayes made news after she sang with her first-grade students to drown out the storm as it pummeled the school. “I told them to sing as loud as they could and if they got scared, they could scream,” she said in an interview with CNN. “She was singing ‘Jesus Loves Me,’ and she was playing instruments with them to keep them entertained – and that really hit me,” said the young man in orange. Barry Chalifoux, 18, told me he sold off many of his electronics – a DVR, satellite dish and cell phone – to come to Oklahoma to meet that teacher, who he’d seen on CNN. He traveled here from Slave Lake, Alberta, a place that was hit by a major May 2011 wildfire, which Chalifoux said he lived through. “I just want to say I thank her for keeping those kids occupied that way,” he said, earnestly. “I know if that was me, I would appreciate it all my life.” He also felt compelled to volunteer to help people in Moore.

I strongly encourage you to go to CNN’s webpage and read the entire piece.  It’s not only moving, but also includes pictures and tweets that Sutter took/posted along the way, embedded within the story.  A very good example of taking advantage of the digital medium: http://www.cnn.com/interactive/2013/05/us/sutter-walk-oklahoma/

“Analyzing 2 Million Disaster Tweets from Oklahoma Tornado“

The use of social media during and following a disaster is an emerging topic across the preparedness/response community.  In this post, Patrick Meier describes the analysis of the millions of tweets associated with the Moore tornado.

Thanks to the excellent work carried out by my colleagues Hemant Purohit andProfessor Amit Sheth, we were able to collect 2.7 million tweets posted in the aftermath of the Category 4 Tornado that devastated Moore, Oklahoma. Hemant, who recently spent half-a-year with us at QCRI, kindly took the lead on carrying out some preliminary analysis of the disaster data. He sampled 2.1 million tweets posted during the first 48 hours for the analysis below.

His conclusions are interesting:

The first point to keep in mind is that social media complements rather than replaces traditional information sources. All of us working in this space fully recognize that we are looking for the equivalent of needles in a haystack. But these “needles” may contain real-time, life-saving information. Second, a significant number of disaster tweets are retweets. This is not a negative, Twitter is particularly useful for rapid information dissemination during crises. Third, while there were “only” 152 unique tweets offering help, this still represents over 130 Twitter users who were actively seeking ways to help pro bono within 48 hours of the disaster. Plus, they are automatically identifiable and directly contactable. So these volunteers could also be recruited as digital humanitarian volunteers forMicroMappers, for example. Fourth, the number of Twitter users continues to skyrocket. In 2011, Twitter had 100 million monthly active users. This figure doubled in 2012. Fifth, as I’ve explained here, if disaster responders want to increase the number of relevant disaster tweets, they need to create demandfor them. Enlightened leadership and policy is necessary. This brings me to point six: we were “only” able to collect ~2 million tweets but suspect that as many as 10 million were posted during the first 48 hours. So humanitarian organizations along with their partners need access to the Twitter Firehose. Hence my lobbying for Big Data Philanthropy.

“Don’t Be a Dead Hero” 

This piece was of particular interest to me.  In the past, I’ve (and so many more individuals and organizations much more important and influential) advocated for the positive impacts of citizen or bystander care in the immediate aftermath of a disaster.  However, in the back of my mind I’ve always wondered if the potential risks could outweigh the positive impacts.  Fortunately, Bryce Hall of Slate is here to help:

OSHA defines confined spaces as those with limited or restricted entrances or exits, places that are not designed for continuous occupancy. They include, for instance, underground vaults, tanks, storage bins, manholes, pits, silos, and pipelines.

But untrained rescuer fatalities aren’t limited to confined spaces. Chances are you’ve read other stories about compound tragedies, most likely involving floods, riptides, traffic accidents, electricity, or mines. Here are just a few.

“The Problem with One-Night Stands in Locked-Down Boston“

There’s not much I can add to the author’s description:

The whole city was locked down. Taxis were suspended. Public transit shuttered. Cops were going house to house. Armored vehicles were roaming the streets. No one could go out. You weren’t even supposed to open the door unless it was for a cop.

At that point, I really had no option but to just pull up my socks (literally and figuratively) and deal with the moment. One of the great joys (or at least essential requirements) of the boozy one-night-stand is the ability to throw on whatever clothes of yours found strewn across an alien bedroom, and saunter out the door on your own volition. Without it, you face the very real and comically awkward situation of hanging around, reeking of stout and sex, until the city resumes its regularly scheduled programming.

Then time elapsed and cabin fever began to take hold. We slipped out the door, contravening the governor’s orders, and hustled down the deserted Boston streets, hoping not to get shot by a SWAT team, to go to Dunkin Donuts (if Dunkies closes, the terrorists win) and get some smokes.

You get the idea…the terrorists didn’t win.

Here are the answers (and page citations) to the quiz I posted last week.  See the end of this post for instructions on grading yourself.

1. Why was the Report written?

• The answer is f – All of the above: Required by PPD 8 (page 1); To provide a national perspective on preparedness trends; To inform program priorities; To help allocate resources; To communicate concerns to stakeholders (page 59).

2. How many core capabilities are identified in the National Preparedness Goal?

• The answer is b – 31 (page 2).

And — for your skimming pleasure — here they are: 1) Planning, 2) Public Information and Warning, 3) Operational Coordination, 4) Forensics and Attribution, 5) Intelligence and Information Sharing, 6) Interdiction and Disruption, 7) Screening, Search, and Detection, 8) Access Control and Identity Verification, 9) Cybersecurity, 10) Physical Protective Measures, 11) Risk Management for Protection Programs and Activities, 12) Supply Chain Integrity and Security, 13) Community Resilience,  14) Long-term Vulnerability Reduction, 15) Risk and Disaster Resilience Assessment, 16) Threats and Hazard Identification, 17) Critical Transportation, 18) Environmental Response/Health and Safety, 19) Fatality Management Services, 20) Infrastructure Systems, 21) Mass Care Services, 22) Mass Search and Rescue Operations, 23) On-scene Security and Protection, 24) Operational Communications, 25) Public and Private Services and Resources, 26) Public Health and Medical Services, 27) Situational Assessment, 28) Economic Recovery, 29) Health and Social Services, 30) Housing, 31) Natural and Cultural Resources. 

3. Number of times the National Preparedness Goal is described specifically in the Report:

• Answer is d – Zero.

The National Preparedness Goal is referred to in the 2013 Preparedness Report, but unless I missed it, the Goal is not described specifically in the Report.

I’m not even sure the Goal is clearly defined in the September 2011 document that introduced the Goal to the nation (available here). The closest I can get to identifying the Goal is this statement on page 1 of the 2011 document:

We define success as: “A secure and resilient Nation with the capabilities required across the whole community to prevent, protect against, mitigate, respond to, and recover from the threats and hazards that pose the greatest risk.” 

I contrast that statement with the National Preparedness Goal described on page 1 of the 2005 Draft Goal:

The National Preparedness Goal is: To achieve and sustain risk-based target levels of capability to prevent, protect against, respond to, and recover from major events, and to minimize their impact on lives, property, and the economy, through systematic and prioritized efforts by Federal, State, local and tribal entities, their private and non-governmental partners, and the general public.

4. The majority of state and local respondents in a preparedness survey expect the federal government to be largely responsible for all the below, except for:

• The answer is f, Planning. (See the chart on page 10 of the 2013 Preparedness Report for details.)

The majority of state and local respondents expect the federal government to be “mostly” or “entirely” responsible for Economic recovery, Fatality management, Cybersecurity, Forensics, and Housing.

5. According to a 2012 survey of state Chief Information Security Officers, what percent were confident in their state’s ability to protect against external cyber threats?

• The answer is b, 24% (page 25)

6. According to the Preparedness Report, what is the percentage of Americans who have “physical, sensory, intellectual, or cognitive disabilities”? 

• Answer is a, 18%

Page 6 reports “Inclusive preparedness planning for the whole community requires integrating the needs of over 59 million Americans with physical, sensory, intellectual, or cognitive disabilities….”  There are approximately 316,000,000 people in the United States.

7. Which of the following is not among the 4 capabilities states rated as areas where they were the least prepared

• The answer (again) is c, Planning (page 6).

“… states and territories continue to rate recovery capabilities among their least-prepared areas. Three of the four lowest-rated capabilities— Economic Recovery, Housing, and Natural and Cultural Resources—are in the Recovery mission area, mirroring [State Preparedness Report] results from the previous year. Fewer than half of states and territories identified these three capabilities as a high priority.

8. Which of the following are “newly identified national areas for improvement”? (select all that apply)

• The answers are b and d (page 59): “Enhancing resilience of infrastructure systems,” and “Maturing the role of public private partnerships.”

9. According to the 2012 state assessment of current capability, which of the 31 capabilities received the highest average capability score?

• The answer is d, “On scene security and protection” (page 8)

10. Which of the 31 capabilities received the lowest average score in the state assessment?

• The answer is c, “Cybersecurity” (page 8)

As noted above, in questions 4 and 5, approximately three-fourths of the states are not confident in their ability to protect themselves against external cyber threats, and the majority of states expect the national government to have the primary responsibility for cybersecurity.  I wonder if the national government — whoever they are —  knows that.

11. As of 2012, agencies had to belong to the Emergency Management Assistance Compact if they wanted to receive a DHS preparedness grant

• The answer is True (page 10)

“In FY 2012, DHS preparedness grants required grantees to belong to the Emergency Management Assistance Compact and to ensure that grant-funded capabilities are deployable outside of their community to support regional and national efforts.”

12. Applicants for Hospital Preparedness Program grants and Public Health Emergency Preparedness grants have to submit four separate grant applications to four different agencies before they are eligible to receive one of the grants.

• The answer is False (page 11).

“In 2011 and 2012, the HHS ASPR and CDC led a collaborative initiative to define essential public health and healthcare preparedness capabilities and operationalize the public health and medical components of the core capabilities included in the Goal. Using these tailored capabilities, HPP and PHEP applicants were able to submit a single application for both cooperative agreements for the first time in May 2012.”

13. FEMA’s 2012 household preparedness survey found more people who believe that a natural disaster was likely to occur in their community. This awareness triggered a “substantial increase” in individual preparedness behaviors, such as building a disaster supply kit and making a household emergency plan.

• The answer is b, The first statement is true; the second one is false. (page 31)

“In FEMA’s FY 2012 national survey, nearly half of respondents reported familiarity with local hazards and about half expected to experience a natural hazard, continuing a previous upward trend. However, the survey also showed no substantial change in the percentage of respondents reporting that they had made a household emergency plan (43 percent) or built a preparedness kit (52 percent).”

14. In 2012, federal agencies had to include climate change adaption plans in their sustainability plans.

• The answer is True (page 13).

“In 2012, for the first time, Federal agencies included climate change adaptation plans in their sustainability plans for reducing greenhouse gas pollution, eliminating waste, and improving energy and water performance. These climate change plans outline initiatives to reduce the vulnerability of Federal programs, assets, and investments to the effects of climate change, including rising sea levels and extreme weather.”

15. Which of the following acronyms is not related to the public information and warning capability (select all that apply)

• The answer is d,  BARDA – Biomedical Advanced Research and Development Authority (page 63).

Here’s what the others mean: IPAWS (Integrated Public Alert and Warning System), WEA (Wireless Emergency Alerts), EAS (Emergency Alert System), FCC (Federal Communications Commission)

16. Which of the following acronyms do not appear in the 2013 Preparedness Report (you may select more than one)

• The answer is d,  LGBTQQIA – Lesbian Gay Bisexual Transgender Queer Questioning Intersex Ally

Here’s what the others mean: PHEMCE (Public Health Emergency Medical Countermeasures Enterprise), RRAP (Regional Resiliency Assessment Program), SLTTGCC (State, Local, Tribal, and Territorial Government Coordinating Council), EPCRA  (Emergency Planning and Community Right-to-Know Act), SLOSH (Sea, Lake, and Overland Surges from Hurricanes)

17. Which country was not involved (according to the Preparedness Report) with helping the US improve “operational coordination in law enforcement, cargo screening, and passenger screening”.

• The answer is b, Mexico.

The other “operational coordination” countries are identified on pages 15 and 16 of the Report.  I wonder why Mexico was not mentioned.

18. Average time DHS said it took to conduct searches of biometric watch list data from US ports of entry and US consulates.

• The answer is d, Less than a minute (page 17).

“The Federal Government is improving the ability of authorized users to access this data quickly. For example, DHS reported that the average time to conduct searches of biometric watch-list data from U.S. ports of entry and U.S. consulates was less than one minute.”  Given last week’s data collection and mining news, this National Preparedness Report finding approaches irony.

19. According to the Preparedness Report, the approximate number of terabytes of data processed by regional computer forensics laboratories in 2011 was:

• The answer is c, 4000 terabytes (page 18)

“Computer Forensics Laboratories increased from 5,616 to 6,318; the number of terabytes processed nearly doubled from 2,334 to 4,263; and the number of digital forensics examinations rose from 6,016 to 7,629 (see Figure 7). Additionally, these resources have played key roles in recent counterterrorism investigations. For example, in 2011, the Kentucky Regional Computer Forensics Laboratory supported the investigation of two Iraqi nationals conspiring to purchase weapons and ship them to Al-Qaeda in Iraq.”  And yes, yottabyte is a real word, “a unit of information equal to 1000 zettabytes.”

20. DHS established a maturity model that identifies the four stages through which the national fusion center network will progress “as it moves toward full capability and operational integration as a unified system.” As of February 2013, the national network was at what stage of the maturity model:

• The answer is b, Stage 2 – Emerging (page 19). “As of February 2013, the national network is in the second stage of the maturity model, with ongoing efforts to build and achieve full capacity.”

I wonder who decided to create a “national fusion center network”.  The idea of a system like that — combined with last week’s data monitoring news — recalls Erik Dahl’s observation two years ago (in an article titled “Domestic Intelligence Today: More Security but Less Liberty?”): 

“…even though we as a nation decided not to establish a domestic intelligence organization, we have in recent years done just that: we have created a vast domestic intelligence establishment, one which few Americans understand and which does not receive the oversight and scrutiny it deserves. There is good news here: this domestic intelligence system appears to have been successful in increasing security within the US, as demonstrated by numerous foiled terrorist plots and the lack of another major successful attack on American soil since 9/11. But there is also bad news: these gains are coming at the cost of increasing domestic surveillance and at the risk of civil liberties.”

21. As of 2011, approximately what percentage of the 1500 requests for financial transaction data from the Department of the Treasury’s Financial Crimes Enforcement Network [FinCEN] was “directly related to terrorism”?  

• The answer is b, 25% (page 21).

“FinCEN also provides a mechanism for law enforcement agencies to communicate with financial institutions during investigations through the Secure Information Sharing System. As of 2011, law enforcement agencies and other FinCEN customers issued over 1,500 total requests for information on financial transactions, with 378 of these requests directly related to terrorism.

22. The State, Local, Tribal and Territorial Government Coordinating Council studied critical infrastructure programs in 31 states.  Approximately what percentage of the programs were able to measure the effectiveness of their critical infrastructure protection activities?

• The answer is a, Zero (page 28).

“As part of its two-year reporting effort, the SLTTGCC conducted interviews with critical infrastructure protection officials in 31 states, and found different approaches in how states were implementing the NIPP’s six-step risk management process…. The SLTTGCC also found that none of the critical infrastructure protection programs it studied could measure the effectiveness of their activities. The group cited the uncertainty of future grant funding and the inherent complexities in assessing the effectiveness of risk mitigation efforts as potential reasons.”

23. Approximately how many Citizen Corps Councils are in the US?

• The answer is c, 1200 (page 32)

“Councils now serve 63 percent of the U.S. population, an increase from 58 percent in September 2011.”

24. The most common natural disaster in the US is:

• The answer is c, floods (page 32).

“Floods are the most common natural disaster in the United States and cause an average of $7.8 billion in damages and an average of 94 deaths each year.”

25. The method most frequently used by states and local jurisdictions to enforce mandatory evacuation orders is:

• The answer is d, Mandatory evacuation orders are rarely enforced (page 36).

“The authority to order mandatory evacuations lies with different levels of government across the Nation, as outlined in Figure 13 [in the Report]. Figure 14 illustrates that states levy a variety of penalties to enforce evacuation orders.15 However, few states enforce these penalties in practice.”

26. Which of the following is not a part of the DoD CBRN response enterprise?

• The answer is e, They are all a part of the DoD CBRN response enterprise (page 37).

“The DOD CBRN Response Enterprise includes the Defense CBRN Response Force (DCRF); two Command and Control CBRN Response Elements (C2CRE); 57 National Guard Weapons of Mass Destruction (WMD) Civil Support Teams; 17 National Guard CBRNE Enhanced Response Force Packages (CERFPs); and 10 newly established Homeland Response Forces (HRFs). Together, these units provide approximately 18,000 personnel capable of supporting and conducting operations in CBRN environments.”

27. According to the Preparedness Report, most counties in the United States have established capabilities to provide response-level interoperable communications within one hour of an incident.

• The answer, according to the Report, is True (page 43).

“The National Emergency Communications Plan (NECP) establishes the Nation’s strategic approach to improve interoperability. As a result of NECP implementation, by 2011, 90 percent of more than 2,800 counties and county-level equivalents demonstrated response-level emergency communications (i.e., managing resources and making timely decisions without technical or procedural issues impeding communications) within one hour for routine events involving multiple jurisdictions and agencies.”  I thought this was one of the more surprising findings.

28. The federal highway administration estimate of the percentage of the nation’s bridges that are either structurally deficient or functionally obsolete is:

• The answer is c, 25% (page 53).

“Based on current investment trends, the ASCE [American Society of Civil Engineers] estimated a $1.1 trillion funding gap by 2020 for the Nation’s water and wastewater treatment; surface transportation [including bridges]; airports; inland waterways and marine ports; and electricity infrastructures.”

29. According to the Preparedness Report, “Interstate mutual aid plays a limited role in augmenting the capabilities of states and territories.”

• The answer (according to the Report) is True (page 59).

“States and territories continue to report the highest capability levels in those areas frequently cited as high priority. Interstate mutual aid plays a limited role in augmenting the capabilities of states and territories.”  I’m not sure I understand what this finding means. I think it mean states are not incorporating Emergency Management Assistance Compact agreements into their capability plans.

30. “Each year, the Nation makes additional advances toward realizing the National Preparedness Goal and implementing the National Preparedness System through improved guidance and new partnerships involving all levels of government; private and nonprofit sectors; faith-based organizations; communities; and individuals.”

• This assertion appears in the Conclusions section of the report (page 59). The 2013 National Preparedness Report is offered in support of that assertion.

Here’s how to score yourself:

–       Fewer than 10 correct: Read the report

–       10 to 15 correct: Read the report again

–       16 to 20 correct: You know more about the preparedness report than most people

–       21 to 25 correct: You know a whole lot about the preparedness report

–       26 to 29 correct: You know a disturbing amount of information about the preparedness report

–       30 correct: I’m guessing you wrote the preparedness report