DSBlog

The Presidential Policy Directive on National Preparedness issued on March 30, also known as PPD-8, is at first glance a document with little that is radically new. But a closer look reveals several telling inclusions – and a couple of glaring omissions – that may indicate a shift in the power dynamics of homeland security in Washington.

The intended purpose of PPD-8 was to replace the 2003 Homeland Security Presidential Directive on National Preparedness (HSPD-8), while reaffirming its general policy direction and that of the 2006 Post-Katrina Emergency Management Reform Act (PKEMRA), and 2009 National Infrastructure Protection Plan (NIPP).

PPD-8 does in fact reaffirm the all-hazards risk-based approach to national preparedness. Intriguingly, though, it describes four categories of hazards: terrorism, “catastrophic” natural disasters, cyber attacks and pandemics. Several aspects of this grouping are eyebrow-raising:

• Cyber attacks and pandemics are called out separately; previously the former was subsumed under terrorism and the latter under natural hazards. The change provides, in our opinion, a very helpful distinction, as cyber and pandemic hazards have characteristics that make them qualitatively different from the other two categories.
• Only catastrophic natural disasters are called out as a worthy of preparedness focus. While the term “catastrophic” is not explicitly defined in the PPD, the focus is clearly on “threats that pose the greatest risk to the security of the Nation.” In that spirit, even the most expansive reasonable definition of the term “catastrophic” would seem to limit the types and intensity levels of disasters sometimes encountered in risk assessment work.
• Industrial accidents aren’t mentioned by name anywhere in the document. One definition mentions “manmade or natural disasters,” but “manmade” here could be interpreted as encompassing cyber attacks and pandemics exclusively. It is unclear whether this exclusion from consideration in the set of threats that pose the greatest risk to the nation was intentional or not.

The much-maligned Target Capabilities List (TCL) from the old national preparedness guidelines is neither affirmed nor rejected by PPD-8. Some of the specific capabilities called out do map directly to individual target capabilities of the TCL, but the TCL itself is not mentioned by name.

Moreover, the four familiar mission areas of the TCL – Prevention, Protection, Response and Recovery (PPRR) – are mentioned, with the addition of a fifth term: “Mitigation.” The PPRR mission areas each map conveniently to the basic R = T x V x C risk equation (i.e., prevention aims to reduce threat likelihood and protection aims to reduce vulnerability, while response and recovery respectively aim to reduce short-term consequences and limit the duration of adverse consequences). What’s not clear is how mitigation fits in. Based on examples in PPD-8, it appears that mitigation is more of a system-wide activity, potentially shifting the emphasis away from individual critical assets or key resources (CIKR) and instead prioritizing systems that provide functions.

Besides the PPRR framework (let’s call it PPRR+M now), the new directive explicitly mentions another commonly used emergency-management construct, often abbreviated POETE: Plan, Organize, Equip, Train and Exercise. In one superbly crafted sentence in PPD-8, the White House ties together the concepts of risk, capabilities and preparedness with the frameworks of PPRR+M and POETE: “The term ‘national preparedness’ refers to the actions taken to plan, organize, equip, train, and exercise to build and sustain the capabilities necessary to prevent, protect against, mitigate the effects of, respond to, and recover from those threats that pose the greatest risk to the security of the Nation.” In our estimation, this is the foundational statement of PPD-8 – although of course this is not a new concept in the world of preparedness and homeland security.

The term “resilience,” after being used extensively by DHS and FEMA officials, also makes its official debut in PPD-8, defined as “the ability to adapt to changing conditions and withstand and rapidly recover from disruption due to emergencies.” Importantly, however, the term does not appear to be placed on the same level as prevention, protection, mitigation, response or recovery. While this observation may be based on a too-fine parsing of PPD-8’s phrasing, we don’t think so. (In one phrase concerning mitigation capabilities, for example, resilience seems to be a component of, or at least an example of, mitigation.) In the homeland security and emergency management fields, the term “resilience” is commonly applied to systems and to communities of people; what it encompasses in the case of PPD-8 remains somewhat unclear.

The most glaring omission in this document is the Federal Emergency Management Agency (FEMA) which, as the federal agency with principal responsibility for disaster response, would be the obvious choice to lead the efforts described in PPD-8. While PPD-8 does not prohibit the DHS secretary from delegating some of his or her responsibilities to FEMA, neither is the agency designated by name. (In fact FEMA is mentioned only once in the entire six-page document, and then almost as an afterthought in regards to its statutory responsibilities under PKEMRA.) Is this omission of an explicit FEMA role an intentional slight by the White House?

Another obvious shift in defined roles is the relationship between the Assistant to the President for Homeland Security and Counterterrorism (aka the Homeland Security Advisor, or HSA) and the DHS secretary. While cabinet-level positions normally answer directly to the president, PPD-8 effectively demotes the secretary by having him/her deliver all products to the president through the HSA. Three times the PPD uses the construct:

“...the Secretary of Homeland Security shall [perform a task and] submit [the resulting product] to me, through the Assistant to the President for Homeland Security and Counterterrorism. The Secretary shall coordinate this effort with other executive departments and agencies and consult with State, local, tribal, and territorial governments, the private and nonprofit sectors, and the public.”

While it sounds like the president is merely calling for reasonable coordination among all stakeholders, if this were the only aim then the reiteration of this formula three times seems like overkill. It appears instead that whereas both the responsibility for improving the nation’s security and the authority to do so have formerly both resided with DHS, PPD-8 leaves DHS with most of the responsibility while removing much of its authority. DHS is now beholden to other federal agencies, state and local governments, private sector organizations and the public, and just to make sure the message is not lost, all products must also be vetted through the White House’s HSA.

This separation of responsibility from authority is a potential sign of a power struggle between the White House and DHS – or potentially between DHS and other agencies like the Department of Justice, and it clearly represents a diminished role for DHS. (As one department source put it to us when referring to PPD-8: “We lost.”)

It also creates an environment that makes it very difficult for DHS to be productive. The general rule of thumb for sound organizational structure is that authority and responsibility must always be aligned, or the function is doomed.

––––––––––––––––

Digital Sandbox is the leader in public safety risk management, providing analytic tools and information products to government agencies and large enterprises, for optimizing risk-based strategic, policy, and budgetary decisions.

Finally, some good news from Port-au-Prince: Haitians went to the polls and peacefully elected a new president by a wide margin in early April, a mere 15 months after a magnitude-7.0 earthquake devastated large swaths of the country and killed an estimated 230,000 people, and barely five months after an earlier election attempt disintegrated into chaos. The political shift that has taken place in that short time says much about the resiliency of the Haitian people, and also about the priorities of the U.S. and other nations in managing the strategic risks associated with political instability while helping a country get back on its feet.

The January 2010 quake resulted in consequences of all kinds – almost all of them negative. Millions were made homeless (and remain so), a cholera epidemic killed thousands and violent crime spiked. One of the few bad things that did not happen after the quake, however, was a mass exodus of Haitians to U.S. shores. Despite predictions to the contrary, and a prior record of large migration (think post-1991 military coup), Haitians stayed put this time.

But living conditions in the island nation have remained medieval and, as if those weren’t dire enough, Haiti’s already precarious political foundations eroded further in the aftermath of spectacularly disorganized and fraud-riddled presidential elections last November, which led to widespread rioting and mounting concern among Haiti’s neighbors. Natural disasters didn’t push the Haitians out, but political chaos had in the past – and could again.

So the most pressing question in Washington over the winter became: What should we do now? One of the more intriguing answers that caught our eye came from former DHS Assistant Secretary for Intergovernmental Programs Juliette Kayyem. Writing in The Boston Globe on the one-year anniversary of the quake, Kayyem asked: “How does the United States continue to help Haitians rebuild Haiti – rather than flee it?” Her answer was that U.S. strategy “should focus on one basic objective: keeping Haitians committed to Haiti.”

Kayyem outlined two necessary components to achieve such an objective. The more obvious one was of course to press ahead with an already massive humanitarian assistance effort that has involved not just U.S. citizens and relief organizations but entailed a large federal government presence as well. This was no mere sideshow, she pointed out. “In recent history, due in no small measure to international humanitarian intervention, populations have remained incredibly resilient to natural disasters. The 2004 Indian Ocean tsunami, the 2005 Kashmir earthquake, and the 2010 Pakistan flooding resulted in tremendous death and devastation, but no major civilian exodus.”

The second component was more subtle but also potentially more consequential. It was to monetarily and materially support fresh presidential elections that had been called for the spring, recognizing in her words the “tangible risk to the recovery from the uncertainty now surrounding Haiti’s politics” as well as “the key fact… that America’s interest in Haiti today is as much about the election politics as it is about food and shelter.”

Kayyem reported that, “embedded in the budget for humanitarian assistance to Haiti, the United States is also supporting the elections themselves, including technical assistance, the procurement of election materials and ballot boxes, and domestic and international observers for post-electoral developments.”

The respective articles by The New York Times covering the November 2010 and April 2011 elections starkly highlight the differences between the two, and serve to confirm Kayyem’s reading of what was important from a strategic risk management perspective. It may be all but impossible to ascertain how much of an influence outside assistance has in such cases, but either way the outcome is obviously being greeted with smiles of relief all around.

Haiti’s political foundations, at least, have again been shored up.

(Photo courtesy of Thomas Coex/Agence France-Presse, via Getty Images)

––––––––––––––––

Digital Sandbox is the leader in public safety risk management, providing analytic tools and information products to government agencies and large enterprises, for optimizing risk-based strategic, policy, and budgetary decisions.

The White House has released its long-awaited replacement for the 2003 Homeland Security Presidential Directive on National Preparedness (aka, HSPD-8), to lots of criticism and some praise.

Our own analysis of the new Presidential Policy Directive on National Preparedness, known as PPD-8, will follow shortly. In the meantime here is a sampling of early feedback from the blogsphere:

• The Comments section of an April 8 Homeland Security Watch piece noted that PPD-8 “almost totally ignores the dedication and hard work of many individuals and organizations since 9/11/01 and even long before to help the US face not just Black Swans but also the expected and more probably [sic] events. It also fails to improve on past guidance.”
• A follow-up HLS Watch piece the next day calls the directive “an important reframing of strategic intent. What is new – and important – in PPD-8 is the inclusive character of the goal-development process and the focus on capabilities-based planning.”
• On April 13, another HLS Watch posting contained pointed comments from several individuals, including a DHS official, countering several of the more scathing critiques.
• A day later, a couple of Heritage Foundation analysts wrote yet another scathing critique, which found the directive’s “dismissal of key national preparedness guidance and plans… puzzling” and said it “reads as though the past seven years never happened.”
• Finally, a piece in Continuity Compliance asks: “Is PPD-8 Re-Creating the Wheel in Terms of Preparedness Policy?”

Stay tuned for our own take on the subject…

––––––––––––––––

Digital Sandbox is the leader in public safety risk management, providing analytic tools and information products to government agencies and large enterprises, for optimizing risk-based strategic, policy, and budgetary decisions.

A special event of national significance is a major undertaking for any public safety and security team. When the event in question is the National Football League’s annual championship showdown – aka the Super Bowl – the task can be especially daunting.

This year’s event at Cowboys Stadium in Arlington, Texas, was one of the biggest yet. For a full two weeks prior to the February 6th game, there were hundreds of concerts, fund-raisers, press conferences and other events, spread over a 9,286-square-mile region known as the Dallas/Forth Worth/Arlington (DFWA) Metroplex. In addition to the known events there were scores of spontaneous parties and other so-called ‘flash’ gatherings, advertised with little advance notice on printed flyers and via social media outlets like Twitter. (See image below for a daily breakdown of these events.)

This Texas-sized job of safeguarding the population and critical assets during the two-week Super Bowl period was managed by the DFWA region’s public safety team, supported by federal government partners and NFL security. Across more than a dozen emergency operations centers, command posts and intelligence fusion centers as well as units deployed in the field, the team monitored and when necessary responded to all manner of incidents, scheduled and flash events, emerging threats and other developments that posed potential risks to the population and/or to infrastructure deemed critical to the smooth operation of the Super Bowl.

Given the scope, duration and size of the operation, it was imperative that all jurisdictions and agencies on the DFWA team share a common and continuously updated picture of their operating environment. Keeping this common picture from overwhelming the user required analyzing masses of existing data and a steady stream of new incoming information, so as to filter out the unimportant ‘noise’ and leave only the highest-priority threats and risks to be identified and acted upon by executive and field commanders.

Our term for this pared-down view of the essentials is ‘smart situational awareness.’ In the third paper of our Inside The Box series we describe how the DFWA regional public safety team managed this tremendously complex event, and the key role played by smart situational awareness. Read and download the full paper here.

––––––––––––––––

Digital Sandbox is the leader in public safety risk management, providing analytic tools and information products to government agencies and large enterprises, for optimizing risk-based strategic, policy, and budgetary decisions.