Today this post is by guest blogger KR who addresses the first question of the Homeland Security Round Table centering around an article in the recent issue of Homeland Security Affairs.
Ok, first I should introduce myself I am not a security, military or defense professional. I am a certified financial planner who, as an American citizen has a vested interest in this dialogue. My objective here is to broaden my knowledge on these subjects, explore and clarify my opinions and hopefully, share some thoughts of a lay person with the more educated members of the group.
As a financial planner, I’d qualify a large part of my job as risk management. I do this by seeking both concrete and anecdotal information about variables that contribute to an overall premise on market, sector and specific holding performance expectations. This is a top down assessment starting at the economic level, eventually reaching the local or company-specific data. It seems remarkably similar to the risk management associated with anti-terrorism activities and threat assessment. There however, are some significant differences which tie in directly with Mr. Bellavita’s questions (numbers 1 and 5 in particular).
Axiom or law, I think we have to start with the premise: Risk is either held, shared or transferred, increased or decreased. It is never, ever eliminated.
In financial risk management, we have a firm concept of acceptable losses. There is never an expectation of only gains or zero losses. That’s understood to be unrealistic and in fact, pursuing those misinformed objectives actually incurs significant risk and expense. Fortunately, in my business, many theories and actual practices are tested, retested and back-tested to measure effectiveness. Quantifiable results are just that, quantifiable. Part of the issue confronting homeland security is the non-quantifiable nature of success, failure and ongoing performance. Politics, psychology and general culture play heavily into those definitions.
I’ve heard more than once, that, “Counter-terrorism activities have to be successful all of the time, terrorists only have to succeed once.” Frankly, I find that concept dangerous and misleading. It sets up everyone involved for failure. That statement is true when considering the execution of a terrorist act. But it would be unwise to consider that completion to be a failure of a homeland security system. By leading people to believe that any terrorist activity is a failure, and the converse, that the only success of homeland security is zero terrorist activity, we create an environment that ironically benefits the terrorists. By mismanaging their expectations, our population is more susceptible to fear and disappointment. The professionals are subject to criticism, policy shifts and general turnover (typically as a result of political responses). Homeland security is a defensive, reactive activity. That’s not to say it’s passive. Merely that it’s goal is to counter the objectives of those engaged in hostile, terrorist acts agains the US. So what is success for a terrorist? I think the real definition of success by a terrorist is the changing of a culture or general set of policies to coincide with the specific goals of the terrorist organization. It is not the death or destruction of a particular target for its own sake. These groups and individuals want to have impact, whether by spreading a message, changing our attitudes and ways, or actually changing US policies. If that is true, success for homeland security should be the disruption or mitigation of enough activities to prevent those cultural or policy changes.
In my business, I determine a targeted risk level, or concept of ‘acceptable losses’ for each client. My worst client is one who expects to never lose a penny. I cannot help that client and can either educate them or fire them. I admit, it can be difficult to do the prior, but when it works, the change is usually dramatic. Instead of focusing on the occasional losses, we focus on their financial goals. Those in reality are their priority. In the homeland security arena, it seems the American citizens are being trained to expect perfection. I think that is a product of both our political environment and our cultural belief that we can have everything, all the time, at no cost, now. I’ll summarize that notion simply as ‘short sightedness’ for simplicity sake. While we cannot ‘fire’ our way out of this relationship with our fellow citizens, we absolutely hav eto edicate them on the follow of that false expectation.
Homeland security is a process, not an event. It needs to be viewed similarly to our national education system, the population’s general health and wellness, our overall transportation infrastructure or similar issues of long term, national importance which may be subject to event risk, but are actually systems, not discrete events, locations or organizations. Instead, our national discussion seems focused on the granular level how did which person get onto what plane. By looking so closely without the larger context we seem to repeatedly miss the forest for the trees.
Similar to my own risk management processes, when considering the homeland security situation, I again approach from a top down perspective. At a high level there is the question: what can be done to prevent terrorism. At a lower, more tactical level, there is the question of how do we prevent terrorist acts. I do believe that addressing the first question is fundamental to a long term American solution. Obviously, the better we do there, the fewer incidents we will have to address at the lower level. However, the reality of the present situation calls for us to address them both simultaneously. Mr. Bellavita seems focus primarily on the tactical level. I think the first step in dealing with risk-based decsion making, and all decision making for that matter, is to accept the situation. The real, honest situation. These acts will be attempted. And some, despite our best efforts, will be executed as planned. We also must realize, that is very different from saying that the terrorists have succeeded. And, in my opinion, therein lies part of the difficulty in making risk-based decisions. That very acceptance is untennable from a political standpoint. It is far better for any individual’s career to pretend that perfection exists, despite how stunting it is to our capability to address the situation, than to speak plainly about costs, consequences and long term goals with the American public. =============================== Here are a couple questions for those more educated that I on these matters. Please forgive me if they are not directly related to the first question on our list. We’ve had extremist, militant groups in this country for quite some time. We’ve investigated and infiltrated them, tracked their leadership, mapped their organizations and, at times, taken direct actions against them. We’ve had some terrible events such as the 1993 World Trade Center and 1995 Oklahoma City bombings. Are the strategies and methods of dealing with these homegrown radicals so different than the ways we should approach terrorists from outside of the country? I realize that the specific agencies and resources employed, and degrees of local cooperation and competence will impact implementation, but my question is regarding the actual practices. If we consider our domestic counter-terrorism activities to be successful (even without a 100% event-free history), shouldn’t we map those activities (and definitions of success) to the global scene?
As a lay person, I see homeland security largely as a police activity. That is not to say it should be performed solely by police departments, rather it is more similar to police work than say, military or emergency response work. Activities center around information gathering, investigation, analysis, apprehension, prevention and disruption. It seems that the inclusion of emergency response functions are a separate matter that only get involved when a threat is identified or action has taken place. Is that a gross oversimplification?