The DomPrep Journal’s Aaron Sean Poynton recently spoke to Tom Ridge, the nation’s first secretary of the U.S. Department of Homeland Security and former governor of Pennsylvania, about the state of homeland security and what is ahead for 2012.
Aaron Sean Poynton: Governor, you have been a major figure in the nation’s homeland security program since its inception, beginning as governor of Pennsylvania, when flight 93 crashed in Shanksville in 2001. Over the past 10 years, many efforts have been made to prevent and respond to not only terrorist activities, but to all major hazards – including weather hazards. Do you think that the nation has accomplished what you had anticipated when you assumed the job as the first Secretary of the then-new Department of Homeland Security [DHS]?
Tom Ridge: I would like to give you an unequivocal and enthusiastic response that we have done everything that we set out to do, and there’s nothing left to be accomplished – but that’s just not accurate. I must say that I believe the country – frankly, with the input from all levels of government, the private sector, the academic world, and the non-profits – has made a lot of progress in terms of policy and our approaches to combating terrorism. In the past 10 years, we’ve demonstrated our own resiliency from an attitudinal point of view – which is very important, considering the trauma and the horror of September 11th. But I also think that honest reflection on the past 10 years shows that we have lost a bit of that sense of urgency to even put in place the very fundamental mechanisms or approaches to reducing the risk. We’ll never eliminate it entirely, of course – we’re just managing the risk.
In my judgment, there are three specific areas that need improvement: First, we are still not doing a good enough job with regard to information sharing. The information sharing within federal agencies has improved – sharing horizontally among federal agencies is better; sharing vertically with the state and local is better. But there is still plenty of room for improvement – and you can cite [the shootings in] Fort Hood as a perfect example.
Next, we failed to listen to Congress when they said to take commercial off-the-shelf [COTS] equipment and apply it to our needs in securing the country. Exhibit A, in my judgment, is the electronic fence – which was untried, unproved COTS technology – [that] we tried to build along the southern border. There are plenty of COTS technologies out there; I think it’s cheaper and accessible. I talked with some good CBP [U.S. Customs and Border Protection] people the other day and they have gotten the message and they have some short- and long-terms plans to take care of that. In other words, we did not take advantage of the things we already had.
The third point is the failure to generally embrace the notion of risk management. Until recently, we have still been treating everyone who walks up to a commercial airline security station as a potential terrorist. To TSA’s [Transportation Security Administration’s] credit, they have begun a modest pilot program, but improvements in information sharing and ramped-up uses of COTS [systems and technologies] encourage embracing more enthusiastically the notion of risk management.
Still, we have made huge progress. The reorganization of the department itself [DHS] continues to impose challenges; it remains a work in progress. However, nothing that has occurred in the past 10 years suggests to me that we did not bring in the right agencies. The aggregation in one department of those units of government [now in DHS] is appropriate, but there is a level of maturity that has yet to be realized in terms of integrating IT infrastructure, fiscal infrastructure, and procurement infrastructure. Progress has been made on the business side of the department, but it [DHS] is not yet the kind of efficient and effective enterprise we would like it to be. Frankly, you cannot expect it to be that well organized in such a short period of time. That is too much to ask when you are cobbling together over 180,000 people plus multiple agencies and a number of different cultures.
Poynton: You have suggested that the post-9/11 threat is “multigenerational,” calling it the “new norm” – for example, this year’s graduating West Point, many of whom will be deploying in support of the global war on terrorism, were only in elementary school when the terrorist attacks of 11 September 2001 took place. So, while sustaining the progress that has already been made, how is the importance of homeland security being emphasized to the next generation – especially in the face of shifting priorities and interests, such as immigration, healthcare, and the U.S. economy? Do these shifting priorities and interests, along with that lost sense of urgency you just noted, make the United States less prepared today than it should be to respond to emerging threats?
Ridge: The United States need not look further than its founding documents to understand that there is and has been a continuing national responsibility, from 1789 forward, to “provide for the common defense.” That responsibility is not a shifting priority – it never has been and it never will be. There are several different types of threats that confront the United States: traditional threats from sovereign countries, for example, and the challenges associated with the complicated issues associated with the global economy – as well as the asymmetric threats associated with those who embrace themselves in this flawed belief system. All of which simply means that we need to be very clear as a country that providing for the common defense is not a shifting priority.
We have to be both thoughtful and strategic in identifying the threats that we confront, and in figuring out how to handle them and appropriating the right resources to do so. The threat is real – and it is generational. We will be living with it for quite some time. It’s manageable, but it cannot be eliminated. There is, though, a law of diminishing return associated with mindlessly pouring more money in to extract that last 0.1% of security. We have to accept at least some risks, because government has other responsibilities to the population at large.
Poynton: The 9/11 Commission Report castigated the government for lacking imagination, and suggested that that lack might have facilitated the 9/11 attacks – at least to some extent. Do you believe that the U.S. government now has the “imagination” the Commission was talking about – and can you provide a specific example in the field of homeland preparedness?
Ridge: Let me be very candid on this one. I think that there is a bigger issue than imagination here. It is my belief that the [current] administration’s decision to treat terrorists as criminals has an adverse effect on our thinking – and on our approach with regard to dealing with terrorists. If you tell those responsible for combating terrorism that those who are plotting to kill innocent people in the most devious and imaginative ways are simply to be treated as criminals – well, at the very least, in my judgment, that dulls the imagination. And it reduces the sense of urgency that I also think is needed.
Poynton: Different surveys have shown that many, maybe most, U.S. citizens think of homeland security solely in the context of terrorism, but as you know it is much broader than that. In the United States, natural disasters are and have been far more frequent, more costly, and more deadly than terrorist attacks. So, in your opinion, does the Department of Homeland Security put enough emphasis on preparing for natural disasters?
Ridge: One of the more interesting controversies surrounding the legislation that created the Department of Homeland Security involved the decision to include the Federal Emergency Management Agency [FEMA] within the new department. That was, and still is, the right decision. FEMA was, is, and always should be the all-hazard agency, and its more traditional role was, is, and always should be dealing with natural disasters. I personally believe that DHS has placed the right emphasis on preparing for natural disasters. And I am hopeful that the states and local governments will continue to prioritize these almost-predictable events [natural disasters] as they prepare for the upcoming year.
I also think that DHS is doing a far better job in the broader community today than before. First, we built a national incident management system, which the state and local governments have embraced, that provides a standard platform within which all levels of government can operate in the event of a disaster. We also built the National Response Plan – the name of which was changed to the National Response Framework after, frankly, the failure to invoke it before [Hurricane] Katrina rather than after. There is also a better understanding of the role that the federal government plays in supporting state and local governments, particularly if or when the natural disaster is of such a magnitude that it overwhelms the traditional capabilities of the local and state agencies – and even the limited resources that FEMA has.
I believe that the emergency management professionals today are far better prepared for natural disasters than they were just a few years ago. I also believe they would be even better equipped if Congress would make good on a 9/11 Commission Report recommendation and build an interoperable broadband public safety network that would enable all of our first responders to perform even more effectively in the event of a natural disaster or terrorist event. In my opinion, the one major remaining gap in our ability to respond and recover as quickly as possible to an all-hazard event is the failure of Congress to match its own rhetoric – which supports a public safety network – with the actions needed to create one [a public safety network].
Poynton: A lot was learned from Hurricane Katrina in 2005. This year’s Hurricane Irene was no Katrina – but did the east coast prepare accordingly, in your opinion? Some people said they over-prepared.
Ridge: I have a very deeply rooted bias when it comes to answering this question. In the face of a terrorist warning – or hurricane warning, or some other advance notice of a potentially catastrophic incident – it’s difficult for me to believe that you could be over-prepared. I can’t think of a governor, mayor, utility executive, or emergency manager who should ever be criticized for being over-prepared in the face of timely – and what at the time seemed to be – relevant and appropriate information.
[New York City] Mayor Bloomberg’s actions have been criticized, but what a wise and sage man he would have appeared to be if the weather pattern had done what some [weather forecasters] said it was going to do. Some utility executives took the warnings seriously, developed mutual-aid agreements, sent crews in from the Midwest, and had everybody’s power restored in a few days. Other utility executives got the daylights kicked out of them because they were not as well prepared. The bottom line is that I don’t think you should ever be criticized for being over-prepared.
Poynton: This year, the previous DHS alert systems were retired and a new national terrorism advisory system has been adopted. Do you see this as a long-term solution to advising citizens, as well as state and local governments, about imminent threats?
Ridge: This is the third iteration of the department’s responsibility to inform citizens with regard to potential threats. In my judgment, whether it was the five levels of preparedness in the original color-coded alert system, or the later two levels of preparedness – imminent and elevated – in the current system, as long as the public is given information not only about the threat but also, and just as important, what specifically to do about it, then this solution is as good as any. One of the ongoing responsibilities of the department is to keep the public informed.
With the first iteration of the alert system, Attorney General John Ashcroft, FBI Director Robert Mueller, and then-Assistant to the President for Homeland Security Ridge held press conferences and informed the public about a potential threat. We gave them [the public] absolutely no advice, council, or instruction on what to do to prepare for it. That’s why we came up with the color system because at each color there was a predetermined, prescribed set of precautionary measures to be taken. In my judgment, whether you have five levels or two levels, as long as you tell folks about the threat and what they need to do in order to reduce the risk to them, their families, and their communities, then it’s an appropriate system.
Poynton: The homeland security enterprise has significant components in the private sector. What areas or opportunities have the biggest potential for the private sector and the government to work together to increase and improve preparedness levels?
Ridge: There are two areas that come to mind immediately – because I do believe that, while Homeland Security may be a federal department, it is also a national mission and everybody has a role to play. One of the biggest roles to play involves the private sector and, in that arena, there are two areas where I think the contribution can be most significant, and the collaboration must be permanent. The first is cyber security, given the fact that we are living in a digital world, and the impact it has on how we live – every aspect. The second area is response and recovery after a cataclysmic event. These two areas cry out for collaboration at the highest level, and they require the same commitment from both the private and the public sectors to partner in perpetuity.
Let me expound on cyber security. I have enormous regard for the men and women in government. But combining the government’s resources and talents with those in the private sector is absolutely essential. The private sector – both academic and professional – has an enormous breadth and depth of experience. Those capabilities need to be combined with the good people of government to secure the digital world.
Frankly, the government’s digital infrastructure is primarily owned by the private sector. In order for the government to effectively deal with its digital concerns, they [government employees] must deal with an infrastructure that is primarily owned by [private-sector] companies and shareholders. There is no reason why, in this day and age, there cannot be the closest possible collaboration in this arena. It cries out not for anecdotal, transactional, or periodic information sharing and collaboration – it has to be ongoing, it has to be intense, and it has to be forever.
Poynton: There is currently a lot of uncertainty in the world, especially within the U.S. political and financial environments. As a former state executive, what practical advice can you offer to state and local leaders and practitioners on how to maintain readiness in the face of austerity measures and, probably, more federal government budget cuts?
Ridge: The best approach to dealing with the readiness issue, particularly when it is associated with potential terrorist incidents, is to build a platform of preparedness on the foundation and belief that you will never have enough resources to totally eliminate the risk. There is a belief that any government entity has multiple obligations to its citizens and that its duty to them is to fund the technology and the measures that help manage the risk in a thoughtful, rational, and responsible way. But they [government officials] should not under any set of circumstances succumb to the belief that they can totally eliminate the risk. It cannot be done. So don’t be breathless about it. Understand that people, companies, and the world at large operate under that theory – and government should do the same thing. So understanding the risk and building a strategy and platform that manages it is key. It will also take considerable pressure off your budget problems if you go about this in a rigorous and intellectual way.
Poynton: Final question, Governor: What in your opinion is the single greatest challenge facing emergency management and homeland security going into 2012? What advice can you give to overcome the challenges you see ahead?
Ridge: I don’t mean to be repetitive, but on this question I have to be. This all comes down to information sharing – and there are two types of sharing. The first type is information that the government shares with the general public. The second type is information that the first responders share with one another in preparation for or in response to an incident.
I personally cannot believe that we approach 2012 without a public safety communication network. It is extremely difficult to accept the simple fact that the one tool that first responders have clamored for long before 9/11, but certainly even more since 9/11 – and that is the creation of this network – has still not been completed. It [the network] will take a couple of years to create, but if we want to make one major, dramatic, substantive, positive change to improve the health, safety, and lives of all citizens throughout the United States, it is to build this public safety communication network. Period.
The Honorable Tom Ridge is President and CEO of Ridge Global, an international security and risk management firm headquartered in Washington, D.C. He served as the nation’s first Assistant to the President for Homeland Security (October 2001-December 2002) and first Secretary of the U.S. Department of Homeland Security (DHS) (January 2003-January 2005). Previously, he was governor of the Commonwealth of Pennsylvania (1995-October 2001) and a member of the U.S. House of Representatives (1983-1995). A Vietnam combat veteran, he works with multiple organizations to assist the nation’s veterans, serves as chairman of the National Organization on Disability and co-chairs the Flight 93 National Memorial Fundraising Campaign. He also serves on public and private boards, including the Institute for Defense Analyses and the Center for the Study of the Presidency and Congress. He holds a B.A. from Harvard University and J.D. from Pennsylvania State University’s Dickinson School of Law.
Aaron Sean Poynton
Aaron Sean Poynton is the director of global safety and security business at Thermo Fisher Scientific. He has served in various leadership positions with companies in the defense and homeland security markets over the past 10 years. Before his civilian career, he served in U.S. Army Special Operations and as a CBRN Officer. He is currently enrolled at Duke University’s Fuqua School of Business Global Executive MBA program. He’s a graduate of the Johns Hopkins University Army ROTC program and holds a bachelor’s degree in economics from the University of Maryland UMBC, a master’s degree from the George Washington University, and a doctorate in public administration from the University of Baltimore.