Tuesday, January 30, 2007

Review: "Discourse, Dissent, and Strategic Surprise"

The Institute for the Study of Diplomacy at Georgetown University recently published a report titled "Discourse, Dissent, and Strategic Surprise."

Although the authors' focus is the federal government - i.e., the communication difficulties experienced by diplomats (especially those overseas) and policymakers in Washington D.C., I thought the report had some relevant findings for homeland security professionals at all levels of government.

Generally, the report argues in favor of casting a wider net when seeking intelligence on a given threat - and it harshly condemns the practice of filtering all information through a pre-existing mindset.

We all are given to interpreting new information through the filter of our past experiences, but this report shows how prior failures of the U.S. government should serve as a lesson that the way to proceed is to keep an open mind, to listen, and to avoid pretending that we already know what the threat is.

The report focuses on a number of case studies which resulted in unpleasant surprises for the United States. Specifically, the failures to:

  1. Anticipate the 1979 revolution in Iran
  2. Recognize the threat against U.S. embassies prior to the 1998 embassy bombings
  3. Recognize the scale of the Soviet invasion of Afghanistan in 1979
  4. Understand the nature of the conflict in the U.S. - U.S.S.R. "proxy war" in Afghanistan from 1989-1992; specifically, the danger in arming and training the mujahedin
  5. Anticipate the Asian financial crisis of 1997-98
Here are a few highlights of the report, with comments:
Long-standing and systemic tensions in U.S. democracy exist between the need for open discourse and the requirements of a disciplined decision-making process, both of which are needed to govern effectively. Protection of the consensus, however, has the potential to hinder sound policy formulation when professionals are discouraged from presenting informed views simply because they challenge the status quo. When such information—and the people providing it—are excluded from policy discourse, the “marketplace of ideas” ceases to work as an essential corrective to mistaken or flawed assumptions.
Leaders must be especially sensitive to the danger of silencing those at lower levels. "Speaking truth to power" becomes extraordinarily difficult when your career is on the line. Leaders must be open to dissenting views:
It is inherently difficult for subordinates to challenge the prevailing views of their leaders at any time. This is particularly so when leaders are intent on pursuing a course of action, driven by firmly held assumptions about the nature and urgency of a threat.

But nonmonetary—or even monetary—incentives aimed at encouraging independent thought may not be enough to persuade individuals to express candid disagreements with the consensus if by doing so they also are bargaining with their professional survival. The interactions among senior and mid- to low-level professionals in both the intelligence and policy arenas are therefore central factors considered in our study, part of the analysis of how constraints on discourse can emerge and inhibit alternative interpretations of events, sometimes leading to a collective failure to anticipate or understand new threats.
The case of the Iranian revolution shows how the silencing effect can work:
Efforts by low- and mid-ranking analysts to discuss the regime’s failings were treated by most senior officials not just as irrelevant but suspect and soft headed. Just raising such issues could be incendiary, given that some officials believed that discussions of deteriorating conditions in Iran could add to the prospects that the shah would not survive. As such, reporting of bad news was actively discouraged, contrarian analysts found they were not being invited to meetings, and eventually the voices faded away.
In the case of the African embassy bombings, the problem was different. Information about the threat was available, but it was unwelcome:
Failure to heed—or to ask for—reports about conditions on the ground can lead to ignorance or misunderstanding of important political and economic trends that portend new security challenges.
Most ominously, the warning bell was repeatedly sounded by the U.S. ambassador to Kenya. But the warnings were received with hostility:
After it was disclosed that she had arranged to have her letter voicing security concerns hand-delivered to the secretary, [U.S. Ambassador to Kenya, Prudence] Bushnell, for the first time in her long and distinguished Foreign Service career, received a mediocre performance review. Just weeks before the bombings, Bushnell was chided for her excessive preoccupation with security and her “tendency to overload bureaucratic circuits.”
In the case of the 1989-92 "proxy war" in Afghanistan, which was almost entirely a covert operation, senior policymakers were actually the blindfolded ones. They kept on the current track because they did not have enough information to question whether it was the correct track:
This case provides a textbook example of how those who have access to information can become the drivers of policy, granting individuals authority that would normally exceed their jurisdiction or level of seniority. Without routine access to information, policymakers will always feel constrained from questioning the prevailing policy because, as one participant put it, “they feel they are missing the information needed to make judgment calls . . . and so they tend to back off.”
In short, the information sharing system virtually shut down:
Information about covert operations is always highly restricted, but in Afghanistan it extended only to a small number of individuals from Congress, the intelligence community, and a few executive branch officials. One former congressional aide whose senator was not included in the inner circle remembered how difficult it was for him to gain access to information about the situation in Afghanistan, notwithstanding the authority granted to the senator by virtue of his committee assignments. An intelligence official who was part of the operations agreed, adding the observation: “At any given time, in the peak of our involvement in Afghanistan, there were never a hundred Americans at work on the problem. . . . We [U.S. intelligence operatives] provided wide open door access [about events in Afghanistan], but to a very limited number of people. And they were very good about keeping it from everybody else.”
After examining all of the case studies, the report comes to some predictable conclusions:
The instances of surprise we examined in this study are not often the result of missing or faulty intelligence information; they are far more about the way information is interpreted, distributed, and prioritized by senior officials.

Policymakers dismissed warnings when the indicators failed to conform to common conceptions of what constitutes a genuine threat to U.S. “vital” interests.

When a healthy consensus evolves into a “mindset,” the assumptions and beliefs underlying that consensus can become impervious to new information, sometimes blinding leaders to the implications of global trends.
And ... in summary ... information sharing is absolutely vital to recognize threats:
When there is no routine discourse among top officials and professionals with detailed expertise, the ability even to consider realigning policies in response to breaking events, let alone to understand complex events, is virtually impossible. This factor is critical to understanding the phenomenon of surprise. Undue restrictions on the number and kind of individuals or agencies allowed to contribute to intelligence or policy debates by definition interfere with the government’s ability to assess events reliably.

Info Sharing and the Water Supply

A brief article in today's Tallahassee Democrat discusses an audit of that city's security plan for its water treatment systems. It's well known that water systems are potential targets for attack, for two reasons:

  1. Many of them use dangerous chemicals to purify water (i.e., chlorine and ammonia)
  2. The water system would be an excellent means of distributing poisons or other dangerous substances to an entire community.
City auditors found that Tallahassee's security plan was lacking in a few key areas:
Among its findings, the Jan. 9 audit noted that: some city employees weren't properly notified of what would be expected of them in an emergency; the locations of valves needed to isolate the water supply weren't identified in the emergency plan and access to a city wastewater plant was too lax.

The city has made good headway, the audit found, but the written plan needs to locate valves that isolate water supply to critical customers such as hospitals, nursing homes, day care centers and schools because "the ability of the Water Utility to quickly locate and shut off valves may be hindered without this information."

It also needs to be formally communicated to the staff who would potentially execute it, he said.

"The thought process was that the employees already knew what to do," said City Auditor Sam McCall. "But this actually spells out what you should be doing."
This is another demonstration that a good plan is next-to-useless unless you share information with others who need to know.

Monday, January 29, 2007

The County Interagency Safety Board

Hamilton County, Indiana - which includes northern suburbs of Indianapolis - recently approved its Interagency Public Safety Board, the Indianapolis Star reported.

The board has been meeting unofficially for about two years, but is just now getting formal recognition from county officials.

The board includes the sheriff, police and fire chiefs from Fishers, Noblesville and Carmel, the town of Westfield's administration director, two officials from the county emergency management office and one representative from the northern fire and police departments.

Originally created to help decide how to use a $4.8 million Homeland Security grant to update technology, [Sheriff Doug] Carter said the board will now delve into other issues.

"We want to have an open dialogue and meet and talk about things we can do, whether it's training initiatives, statutory updates or issues facing law enforcement around the county," he said. ... "We want to share resources and information."

"We have a lot of different issues before us today, and two of those major issues are communication and training," Noblesville Police Chief Dick Russell said.

He said public safety agencies today shouldn't try to function independently of each other. "It takes the public, it takes us communicating with other agencies. The better we can communicate, the better we will be able to do our jobs."
A few thoughts come to mind: First, this sounds like the kind of collaborative spirit that local authorities should have. Second, I wonder how many other communities have such a board - either official or unofficial? Third, I wonder why they waited 2 years before trying to get official recognition from county authorities?

Wednesday, January 24, 2007

The Risk Right Here

There was some interesting testimony at last week's hearing of the House Permanent Select Committee on Intelligence. Generally, there was a lot of old info, but some new info as well.

Director of National Intelligence John Negroponte discussed the likeliest threat:

Use of a conventional explosive continues to be the most probable al-Qa'ida attack scenario. … Nevertheless, we receive reports indicating that al-Qa'ida and other groups are attempting to acquire chemical, biological, radiological, and nuclear weapons or materials.
Lieutenant General Michael Maples, who's the Director of the Defense Intelligence Agency, provided more insight into probable WMD threats, as well as some of the more likely avenues of terrorist recruiting:
CBRN-related information is widely available, and if terrorists were to use unconventional materials in an attack, we believe they likely would use low-level biochemical agents such as ricin, botulinum toxin or toxic industrial chemicals such as cyanide. … We also judge that al Qaida and other terrorist groups have the capability and intent to develop and employ a radiological dispersal device.

Extremism throughout the West will continue to be spread primarily through radical clerics, the Internet, and in prisons.
Charlie Allen, the Chief Intelligence Officer at DHS, chimed in with some information on potential U.S. targets and additional info on terrorist recruiting:
We determine that transportation (particularly commercial aviation and mass transit) and commercial facilities remain the sectors most threatened by al-Qa'ida and its affiliates.

Our research indicates a variety of radicalizing influences, to include the role of charismatic extremist leaders, the spread of extremist propaganda through the Internet, the use of mass communication and multimedia, and more traditional person-to-person encounters, are among the key drivers that shape radicalization dynamics within the Homeland.
I thought the most interesting testimony was given by Phillip Mudd, who was appearing on behalf of Willie T. Hulon, the Executive Assistant Director of the FBI's National Security Branch (NSB). Mudd talked about the connections between terrorists and more ordinary criminal activities, the risk of homegrown terrorism, and the threat posed by Hezbollah:
Last year, we disrupted a homegrown Sunni Islamic extremist group in California known as the JIS, a.k.a. 'Assembly of Authentic Islam,' operating primarily in state prisons, without apparent connections or direction from outside the United States and no identifiable foreign nexus. Members of the JIS committed armed robberies in Los Angeles with the goal of financing terrorist attacks

The radicalization of US Muslim converts is of particular concern. … converts appear to be more vulnerable and likely to be placed in situations that put them in a position to be influenced by Islamic extremists.

The Internet has facilitated the radicalization process, particularly in the United States, by providing access to a broad and constant stream of extremist Islamic propaganda, as well as experienced and possibly well connected operators via web forums and chat rooms.

US Hizballah associates and sympathizers primarily engage in a wide range of fundraising avenues in order to provide support to Hizballah to include criminal activities such as money laundering, credit card, immigration, food stamp, and bank fraud, as well as narcotics trafficking.
The UPI also reported on the hearing, adding some additional perspective from the participants on the use of the Internet to spread extremist ideologies. Mudd said:
The commonality we have (with Europe) is people who are using the Internet or talking among friends who are part of what I would characterize as a Pepsi jihad ... It's become popular among youth, and we have this phenomenon in the United States.

So that you have a kid in Georgia, a kid in California, a kid in Kansas, he may see the same images from Iraq, from Palestine, from Afghanistan, from Pakistan, that someone in Indonesia or Saudi Arabia sees, and he may be infected the same way with an ideology that says the use of violence against innocents is okay.
But, the UPI reported, others point out that there is a generally small risk of a group of young people becoming radicalized over the Internet and then launching a catastrophic attack, without any further connections or training:
"It's ridiculous to think that the U.S. or any other military would do its training over the Internet," said analyst and author Peter Bergen, arguing al-Qaida was just as professional in its approach. "Radicalization is one thing, having operational cells with the capacity to launch attacks is something else entirely.

"That basically means people who have been through one of the (terrorist training) camps."

Bergen said that the homegrown plots uncovered in the United States so far appeared to lack that thread back to al-Qaida central, which was one reason why he said they had been "pretty pathetic ... not much of a threat."

Monday, January 22, 2007

Calling Mall Security

The Department of Justice recently released the results of a study on mall security. The findings were not that surprising to me: Overall, state homeland security officials and mall security directors say yes, things are fine, they're prepared. But when you look closely at the actual preparations and training that's going on at malls, gaps emerge. And it's especially revealing to compare the security at American malls to the security at malls in Israel.

First, the good news:

In several cities, police and security firms have formed formal cooperative associations to meet and discuss topics such as bomb threats, executive protection, and burglary investigation.

Overall, [state homeland security directors] were fairly optimistic about the ability of large retail malls in their state to respond to terrorist attack. … Most respondents who reported a positive assessment (very good, good, or fair) believed either that malls cooperated well with local law enforcement or that they had developed emergency plans.

One state advisor noted:

We have three malls in the state that are currently participating in the DHS Buffer Zone Protection Plan initiative. By actually sitting down at the table and working with the other key stakeholders from the local law enforcement, fire, EMS, and EMA communities, these malls are much further down the road in identifying, understanding, and acquiring the physical security resources and training that better prepare them to interdict and/or respond to a terrorist event.

Fifteen, or slightly less than half, of the state homeland security advisors affirmed that they were aware of joint exercises between security staff in some malls and local police. Thirteen affirmed joint exercises with fire and/or EMT staff.

Cooperation with public officials proved to be an important stimulus for the development of emergency preparedness plans.

Three out of four (73%) [mall] security directors reported that they had developed written protocols for security staff to follow in the event of a disaster. The same proportion reported that these plans included coordination and communication with local law enforcement, fire, and medical first responders. A much smaller number (3 in 10) had held exercises to rehearse emergency protocols with first responders.

[T]wo in three mall security directors characterized their local police as being at least somewhat involved in their security planning. Nearly half (44%) of mall security directors stated that law enforcement officials regularly shared key intelligence with them, and another 34% said that information was sometimes shared.
But ... mall security directors would like even more help. And they need to do more:
By a large majority (63%), mall security officials would welcome greater involvement of their state DHS and law enforcement officials in security planning.

One of the most consistent and striking findings during the site visits was that malls we visited have not made any significant investment in increased security following 9/11.

We observed that, in sites that had received Buffer Zone Protection Program (BZPP) funds, local law enforcement, working with the state homeland security offices, took the initiative and contacted area malls to conduct a risk assessment. … Risk assessments, when conducted, have largely been driven by the BZPP application process. …Without undergoing some form of risk assessment process, it is difficult for mall managers to arrive at an understanding about what elements should be protected and which strategies should be employed for prevention of specific assets.

None of the malls we visited had developed ways to coordinate with first responders in the event of an emergency. The only means of communicating with first responders was by phone. The general plan in all cases was that, once first responders arrived on the scene, they would take charge and mall staff would follow any instructions they were issued by police or fire officials. In none of the malls we visited was it clear who would be responsible for briefing first responders or how mall security evacuation plans would be coordinated given law enforcement’s need to retain and interview eyewitnesses.

We found wide variation in how local law enforcement and regional terrorism task forces had been involved in mall security. We observed malls that had a close relationship with local law enforcement. … On the other hand, we also observed malls that had little relationship with local law enforcement. These malls were generally not privy to police intelligence data and did not participate in risk assessments or emergency plans.

We did not encounter any active programs to evaluate what guards derived from terrorism training, or if terrorism prevention and response was actually incorporated into daily work routines. … With no tabletop or live exercises and no clear standards for evaluation, it is impossible to say how well staff would respond in the event of a disaster.
And when compared to the security at malls in Israel, the security at American malls looks positively shoddy:
According to the [mall] security directors that we spoke with [in two Israeli malls], local law enforcement and emergency service representatives often conduct joint exercises with mall security. The exercises include comprehensive drills attended by the district fire brigade, ambulance system, and the entire police district. In addition, there is open intelligence sharing between mall security and local law enforcement. In one mall, police briefed the mall security chief weekly. In the other, the local police district held monthly meetings during which antiterrorism intelligence was shared and discussed with key individuals in the community, including mall security directors. One of the malls we visited provides the local police district with an onsite substation. This allows a subset of officers to become knowledgeable about mall operations and physical layout. It also allows these officers to get to know the mall’s security staff. Finally, mall security and local law enforcement share interoperable communication systems. In the event of an emergency, each unit could communicate with one another over a shared radiocommunications band.

According to the security officers we talked with, the malls [in Israel] usually conduct about 50 drills per month. These range from minor procedural drills to covert drills during which false bombs are planted and attempts are made to bring them into the mall. Major exercises are carried out in cooperation with the police, who evaluate the adequacy of the response by mall security. When security officers fail to detect planted threats, they are retrained. If they fail a second time, they are fired. In addition, a system of positive incentives is also utilized. If a security officer detects a problem during a drill and acts accordingly, that officer will receive a monetary bonus.
The study authors admit that it's unrealistic and unnecessary to try to protect American malls to the same degree that malls are protected in Israel. But they suggest a few reasonable steps "steps that are not expensive and would not alter the experience of consumers":
  1. Conduct formal risk assessments and take steps to mitigate known risks on a costbenefit basis
  2. Develop and rehearse detailed and coordinated emergency response plans and involve stakeholders
  3. Standardize antiterrorism training courses.
  4. Enhance partnerships with the public sector.
Once again, the emphasis is on developing relationships, collaborating, and sharing information. That's the foundation. Training and interventive measures can then build on this foundation.

Friday, January 19, 2007

Hurdle to Interoperable Comms: It's Not Money

Federal Computer Week ran a brief story on a market research report by Datamonitor, whose primary findings were that local communities plan to spend a lot of money on interoperable communications, but that there's still no guarantee of success:

State and local governments will boost their technology investment by 40 percent in the next five years as they struggle to overcome communications problems that stymie coordinated emergency response efforts ...

Technology spending will rise from $3.2 billion in 2006 to $4.4 billion in 2011 ...

But despite increased spending, those initiatives could run into a raft of problems ... Public safety agencies say funding is the major obstacle to improving interoperability, said Kate McCurdy, Datamonitor’s government technology analyst, “but we cannot overlook the fact that collaboration and collective decision-making is difficult in an environment where individual agencies or jurisdictions typically purchase equipment independently.”
These findings echo DHS' own recent findings, which indicated that "Governance" was the major factor for successful implementation of interoperable communications (original report: here; my blog entry: here).

You can't overestimate the importance of collaboration and information sharing. Throwing money at this problem will not solve it by itself.

Thursday, January 18, 2007

An al Qaeda Training Doctrine

Terrorism Monitor has an interesting article on the evolution al Qaeda's training doctrines. Focusing on one particularly influential jihadi strategist, Abu Mus'ab al-Suri, the report describes how his strategic thinking is affecting the shape of the al Qaeda organization today.

Anyone interested in homeland security should be aware of how terrorists are organizing their operations. In a nutshell, the article argues that al Qaeda is abandoning hierarchical organizational structures and is promoting the idea of small-cells-everywhere. The same concept has also been noted by others. Call this another data point that helps clarify the picture:

[T]he practice of "individual terrorism" is a core theme in al-Suri's most recent writings, and it is rooted in his most famous slogan: nizam, la tanzim (System, not Organization). In other words, there should be "an operative system" or template available anywhere for anybody wishing to participate in the global jihad either on one's own or with a small group of trusted associates, and there should not exist any "organization for operations." Hence, the global jihadi movement should discourage any direct organizational bonds between the leadership and the operative units.

The same goal of decentralization is applied in al-Suri's training doctrines; training should be moved to "every house, every quarter and every village of the Muslim countries." ... For al-Suri, the issue is not only that of decentralization, but also of transforming the jihadi cause into a mass phenomenon.
For local homeland security professionals, it is always worth noting that terrorists are most likely to manifest themselves in small groups or individuals.

One key question is whether the jihadist cause could or would ever be picked up by a critical mass of Muslims worldwide. Mass movements tend to peter out, often before they reach this critical mass, especially when an insistence is made that fighters should be true believers in the cause.

And that's just what Al-Suri insists upon. He argues that jihadist fighters should be fully ideologically motivated for the fight. He wants true believers:
The decisive factor for successful jihadi training is the moral motivation and the desire to fight, not knowledge in the use of arms, al-Suri asserts. If the ideological program is not fully digested and the mental preparation is absent, weapons training is of no use.

In an audiotaped interview in the late 1990s, al-Suri recalled how he had second doubts about the training that many Arab volunteers received in Peshawar and in Afghanistan, especially those hailing from the Gulf countries, since they more often than not failed to share his radical ideological platform:

"I am not prepared to train [people] in shooting practices because I think they will fire back at us justifying this by the fatwas of the Muslim Brothers and the Azhar clerics … People come to us with empty heads and leave us with empty heads ... They have done nothing for Islam. This is because they have not received any ideological or doctrinal training"
From the perspective of terrorist vulnerability, it is revealing that al-Suri questions the devotion of even many of those who went to Afghanistan. This tells me that, wherever there is a terrorist group, it's never a sure bet that all of them are going to be fully committed. This is a vulnerability for them.

Thursday, January 04, 2007

NYC's New Decontamination Central

According to an article in the New York Sun, NYC's Downtown Hospital just opened a large, advanced decontamination station, capable of treating 500-1000 patients per hour (compared to 20 patients per hour in the hospital's old decon unit):

Because water is the single greatest antidote to contamination, according to Dr. Najer, the hospital installed 25 high-power showerheads that jut down from the roof of the semi-outdoor enclosure.

The shower water is warmed by a 1,000-gallon tank that is separate from the hospital's water supply, ensuring a constant supply of heated water. Gas-powered heaters are scattered along the roof of the facility.

The unit also has several outlets that can pump "medical air" into the self-contained suits that physicians wear while treating contaminated patients.

"It's arguably the most technologically advanced decontamination unit in the world," Dr. Antonio Najer said.
This is good preparedness, at a relatively inexpensive cost of about $1 million. And it's not just NYC that could use one of these things. Any community that's near a chemical plant, a port, a nuclear power facility, etc., could benefit from a large decon station like this. In any major situation, you've got to get people cleaned up quickly. And, in a nod to hospital administrators, you can find other uses for it as well:
The unit has other functions as well, according to the hospital's assistant vice president of public affairs and marketing, Vanessa Warner. In the case of plane crash, it could be used to clean hazardous jet fuels off of victims, and it could double as a car wash for ambulances.

Wednesday, January 03, 2007

The Threat to the Energy Infrastructure

The National Governors Association recently released a report on the threat to the nation's energy infrastructure, both from natural and man-made threats. The report provides a number of recommendations that state-level executives can take to manage the risk. The suggestions were generally not surprising - work with other states, the energy industry, develop response and recovery plans, etc.

I thought some of the more interesting information in the report dealt with the threat itself:

The nation’s diffuse energy infrastructure—with many pipelines and transmission lines running through sparsely populated areas and electricity substations sited in remote areas—makes the industry susceptible to sabotage by international terrorists, loosely organized home-grown movements, lone-wolf extremists, and common thieves and vandals. Documents discovered in Afghanistan and elsewhere since the September 11, 2001 terrorist attacks indicate that al Qaeda has targeted energy infrastructure, particularly nuclear power plants and oil and gas infrastructure in the United States and Saudi Arabia, as part of a campaign to disrupt the U.S. economy and inflict mass casualties.

[E]xperts warn switching systems that control electrical substations could be vulnerable to sabotage and, if damaged, are expensive and difficult to replace. … Should a number of critical switching stations come off line, entire segments of the grid could be affected for weeks.

In fact, significant terrorist attacks against electrical systems are common in other parts of the world. In Colombia, for example, the electrical grid is a favorite target of the Revolutionary Armed Forces of Colombia (FARC). Shortly before the country’s May 2006 presidential elections, a FARC bombing of the electrical grid serving the port city of Buenaventura left the city in darkness for days.
The energy sector in general, and the electric grid in particular, are highly exposed. It's important for local first responders to know the vulnerable points in the network in their area.

Most Likely WMD Scenario?

The Canadian Security Intelligence Service (CSIS) recently issued a report indicating that the most likely WMD terrorist threat involves a radioactive dispersal device, or "dirty bomb," the Globe and Mail reported.

The CSIS even goes so far as to say that it's surprising that no one has yet used this mode of attack:

Canada's spy agency says it is “quite surprising” that terrorists have not detonated a crude radioactive bomb, given the availability of materials and ease with which they could be made into a weapon.

But the CSIS study cautions that “a determined and resourceful terrorist group” could execute more elaborate forms of nuclear or radiological attack.

The technical capability required to construct and use a simple RDD is practically trivial, compared to that of a nuclear explosive device or even most chemical or biological weapons,” the CSIS study says.

A homemade radiological weapon could consist of a conventional explosive laced with radioactive material commonly found at universities, medical and research laboratories or industrial sites.

The intelligence service points to the notion terrorist thinking has shifted from the desire to inflict mass casualties to “one of inflicting severe economic damage.”
It's not news that an RDD is a more likely mode of attack than a nuclear weapon. It's important to note, though, that the CSIS is seeing terrorists as pursuing economic aims rather than bodycounts. This has long been a key element of al Qaeda's strategy, as Brian Michael Jenkins pointed out in his excellent book, Unconquerable Nation:
Lest anyone misunderstand the purpose of jihad and consider it a form of spiritual calisthenics, bin Laden is explicit: “It is a religious-economic war,” he says. ... He argues that the United States can be brought down by destroying its economy.
Al Qaeda, in its view, brought down the Soviet Union by draining its economy through the Afghan war. It seeks to do the same thing to the United States.

Seven, Not Three

Eric Holdeman, the director of the King County (WA) Office of Emergency Management (i.e., Seattle) published an opinion piece in the Seattle Post-Intelligencer that diverged from the DHS standard for personal preparedness.

Rather than be ready for 3 days without assistance, Holdeman writes, citizens should be ready for a week on their own:

If you are planning to be on your own for only three days, you are doing only the absolute "minimum" necessary to keep safe, warm and well fed after a disaster.

We should all plan for a minimum of seven days of preparedness. Seven days is how long it will take the federal government to mobilize resources and deploy them to a disaster area.

Does seven days sound like a lot? Consider a worst-case pandemic flu scenario, where a wave of infection can last 12 weeks; or a catastrophic earthquake ... Not only will we lose power, but also our bridge and overpass-dependent transportation system will be disrupted for months, hampering the movement of disaster supplies, food and goods.
Holdeman's advice is sensible. But the real question is how to encourage citizens to actually make their kits and plans. Being prepared for a disaster is one of those things that people never get around to.

Rail Security: Will the Information Be Shared?

GovExec has a short article today about pending rules from TSA regarding rail shipments of hazardous materials:

The Transportation Security Administration is set to propose a new rule that would require rail carriers to respond more quickly to government queries on the whereabouts of hazardous chemicals they transport through urban centers.

Under the proposed rule, slated for publication next week in the Federal Register, transporters of potentially explosive chemicals or those that could be lethal if inhaled would have as little as five minutes to tell federal investigators the precise location of rail shipments, in the highest risk situations. In less severe circumstances, the companies would be allowed up to half an hour to respond.

The regulation also would require industry officials to designate a rail security coordinator to work with federal officials and track and reduce "standstill" time for railroad cars carrying hazardous materials.
Here's my question: Who notifies local authorities, who will be the first on the scene in any hazardous materials incident? In a HAZMAT incident, every second counts. If lives are to be saved in this type of incident, they will be saved by local personnel. Will the information be shared promptly with local authorities?