Defining Terrorism

It seems odd that in 2017 we still need to be clear about what constitutes an act of terrorism.  For context, last night, the horrible shooting in Las Vegas occurred.  At the time of writing this, it’s already been the most fatal shooting in US history.  This is a horrible incident that, as usual, I’m not going to Monday morning quarter-back, as so much is still developing in the aftermath.

What I will comment on are statements by media outlets and ‘experts’, many of which proclaimed once it was released that the perpetrator of this crime was an older white guy local to the Las Vegas area, that this was not an act of terrorism.  So let’s clarify against stupidity, ignorance, and general bullshit.  While there are a variety of definitions of terrorism that can be found, no definition worth its salt includes any pre-determined profile based upon race, age, gender, religion, sexuality, nationality, or skin color.  Those factors alone have nothing to do with determining if an act was or was not terrorism.

The most common definition referenced in the US is what is known as the ‘FBI definition’.  This definition actually comes from a section of the US Code of Federal Regulations (28 CFR 0.85) which outlines the general functions of the Director of the Federal Bureau of Investigation.  In the Code, terrorism is defined as ‘the unlawful use of force and violence against persons or property to intimidate or coerce a government, the civilian population, or any segment thereof, in the furtherance of political or social objectives’.

It seems easy in these times to decry any act of violence as terrorism or, similarly, to dismiss certain acts because they are perpetrated by some old white guy with no known agenda.  Both of these actions would be wrong without further evidence.  The FBI definition focuses on motive and intent.  While the results of the incident may certainly be intimidating or coercive, the motivation may not have been to accomplish that – it may have been, not to understate any act of violence, simply to kill people.  It may not have necessarily been motivated by any specific social, political, or religious extremism.  At this moment, there has been no publicly-released information indicating that this person acted to ‘intimidate or coerce a government, civilian population, or segment thereof in furtherance of political or social objectives.’  But that could change at any moment.

In the hours and days ahead, more details will be uncovered on the perpetrator of this crime and their possible motives.  Some people simply want to call it terrorism so they have a label for it or because they think that the crime is somehow elevated by calling it terrorism.  Over 50 were killed and over 500 were injured.  Whatever label you apply doesn’t make the crime any better or worse.  It’s still horribly tragic.  Some people, particularly those with pre-conceived notions of what is or is not terrorism, will hold that this couldn’t possibly be terrorism because it was committed by an older, local, white guy; and not a radicalized individual from the middle east.  Assumptions either way are dangerous.

Regardless of how the investigation shakes out and what labels may be applied to this act, the loss of life and impact to families and loved ones is horrific.  Let us all take some time to consider that and what must be done to prepare for and prevent further mass shootings such as this.

No matter what the disaster is, be informed!

© 2017 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

Advertisements

The Inability to Apply NIMS is a Human One

With a busy month of travel and project work, it’s been a few weeks since I’ve had much opportunity to write.  While there are always a great number of topics to write about, I find myself regularly drawn to certain focus areas, such as NIMS or exercises, since these topics are regularly the emphasis of my work.

As many of my readers know, Domestic Preparedness Journal is one of my regular reads.  Each issue features a slate of excellent articles from practitioners in the field.  While I don’t always agree with all the articles in DomPrep, they are at least thought provoking and occasionally provide me with some ideas for my blog.

A quick note: Many students of emergency management, homeland security, and related fields reference this blog for research – something I greatly appreciate and am humbled by!  Be sure to search back issues of the Domestic Preparedness Journal, as well.  There is a lot of good stuff there!

I believe I’ve posted my thought in the past that emergency management is largely a sociological endeavor.  This is nothing new or revolutionary… if you care to consider this further, I suggest any of Thomas Drabek’s work.  While emergency management exists to protect and serve people, the actions are implemented by people.  I’ve also written in the past about the human factor of incident management, because that’s what truly makes or breaks our efforts.  Essentially, it’s humans that fail.  Not plans, not incident management systems, or any other excuses that can be contrived.  Human failure is our greatest enemy.

In discussing failure, it doesn’t have to be a total failure.  It can be a mistake, an oversight, or a wrong decision.  It might be intentional, given the body of knowledge we have and other factors, like ego.  Or it might be due to a lack of information; sometimes we have to make a best guess.  Often times we don’t realize until afterwards, if ever, that these even occurred or that there were better choices.  Despite advanced analytics and diligent after action reports, where we are quick to criticize, we don’t often identify what choices individuals (not just the incident commander or other leadership) had available to them.

Back to the Domestic Preparedness Journal.  Last month’s issue had an article penned by Chief Charles Bailey, titled Where Incident Management Unravels.  Chief Bailey offers a thought provoking argument against the effectiveness of NIMS in certain incidents, particularly those that are highly dynamic.  He argues, particularly, that once a situational assessment is completed and accepted early in the ICS planning process, that the process enters a largely static state since plans are developed to address that snapshot of the situation and are unable to account for situational changes during the rest of that planning process.

Fundamentally, Chief Bailey isn’t wrong.  What he mentions is exactly what we are taught and these are criticisms of ICS I’ve heard many times through the years.  Remember, Incident Command System Training Sucks!  (if you aren’t familiar with my thoughts on the sad state of ICS training, click that link and read the few articles I’ve written on the topic).

Let’s examine the situation that Chief Bailey describes.  Most incidents, especially early on, have dynamic elements.  Does this mean we can’t use ICS?  No.  In fact we still need to.  If we don’t make efforts to proactively address the incident, we will continue reacting instead of getting ahead of it.  Our tactics will be purely reactionary and we’ll never have the resources we need when we need them.  We can’t allow the incident to be in charge, we need to manage it.  To do so, we need to acknowledge that new and changing situations will occur, and plan for them.  Just because we are taught to plan in a static situation, does that mean that’s our only option?  Nope.  What we learn little to nothing about in ICS training are concepts like contingency planning.  Interestingly enough, we regularly see first responders account for this.  When an incident occurs with unknown factors, we often hear fire departments call for additional resources to be sent to staging.  Sometimes this is in anticipation of needing them, sometimes this is a contingency plan.  A ‘just in case’.  While no one likes to be stuck in staging and never deployed, it’s better to have the resources immediately available and not need them then to need them right away and have to wait.

Not only can these resources in staging be identified in our incident action plans, we can also develop these resources and even identify tactics (roughly) in our IAPs to account for dynamic situations.  It’s easy enough to identify an objective for contingency planning and have efforts dedicated to it.  Resources in staging can be pulled together into task forces and strike teams for anticipated application.  Our IAPs can pre-identify these potential applications and give the resources tactical parameters, allowing task force and strike team leaders some latitude in their initial tactical response.  While the rest of the incident organization is addressing known issues and proactively managing the incident, we have elements in reserve to tackle pop-up situations.  At best, these reserve forces are able to fully address these emergent needs, at the very least, they can sustain life safety matters until additional resources can be deployed.

Further, if any incident management organization isn’t able to change based on a dynamic situation, I severely question their credentials.  Incidents and disasters are by nature unpredictable.  We must acknowledge that any situational assessment is only, at best, mostly accurate.  For any significant incident, we can’t possibly know everything we need to know when we need to know it.  Having reserve forces and contingency plans, and being able to quickly identify emergent situations and redeploy resources is simply smart incident management.

So while Chief Bailey makes great points about some book answers to ICS applications, I argue that any failures that exist, at least in these regards, are human ones and have little to nothing to do with shortfalls in NIMS/ICS.  First, there are tools available to us to address these situations; although most people aren’t aware of them because of issues with ICS training.  Second, even if direct applications of the system weren’t in place to address certain situations, we can’t be slaves to the system.  We need to be able to think ‘beyond NIMS’ (words used by Chief Bailey, himself).  Finally, I’m not being critical at all of Chief Bailey’s points.  He closes his article identifying a need for creating ‘nimble response paradigms’; I’m just pointing out that we have that ability within the NIMS construct.  It’s our (human) ability to apply these where we often get stuck.

As always, I’m highly interested in the thoughts of readers on the topics I write about.

In closing, a quick but heartfelt thanks to all the responders and organizations who have been working tirelessly as of recent to save lives and help communities stabilize after the impacts of far too many hurricanes and the earthquake in Mexico.  Every small action you take makes a world of difference to those you are helping.  Be safe.

© 2017 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC (ß have you checked out our new website????)

Nationwide EAS Test Scheduled

From FEMA~

Mandatory Nationwide Test of the Emergency Alert System to be Conducted September 27

The Federal Emergency Management Agency (FEMA), in coordination with the Federal Communications Commission (FCC), will conduct a mandatory nationwide test of the Emergency Alert System (EAS) on September 27, 2017 at 2:20 pm EDT. The test will assess the readiness for distribution of the national level test message, as well as verify its delivery.

The EAS test is made available to radio, television, cable, and direct broadcast satellite systems, and is scheduled to last approximately one minute. The test’s message will be similar to the regular monthly test message of the EAS with which the public is familiar, only inserting the word “national.” “This is a national test of the Emergency Alert System. This is only a test.”

Significant coordination and regional testing has been conducted with the broadcast community and emergency managers in preparation for this EAS national test. The test is intended to ensure public safety officials have the methods and systems that will deliver urgent alerts and warnings to the public in times of an emergency or disaster. Periodic testing of public alert and warning systems is also a way to assess the operational readiness of the infrastructure required for the distribution of a national message and determine whether technological improvements are needed.

Conducting the test following Hurricanes Harvey, Irma, Jose, and Maria will provide insight into the resiliency of our national-level alerting capabilities in impacted areas. The test will also provide valuable data into how the Integrated Public Alerts and Warning System performs during and following a variety of conditions. With two major hurricanes already making landfall, and a potential for two more impacting our nation, we need to have the ability to maintain the continuity of critical infrastructure under various conditions.

Receiving preparedness tips and timely information about weather conditions or other emergency events can make all the difference in knowing when to take action to be safe. FEMA and our partners are working to ensure alerts and warnings are received quickly through several different technologies, no matter whether an individual is at home, at school, at work, or out in the community. The FEMA App, which can be downloaded on both Android and Apple devices, is one way to ensure receipt of both preparedness tips and weather alerts. The FEMA App can be downloaded at https://www.fema.gov/mobile-app.

The back-up date for the test is October 4, 2017, at 2:20 pm EDT, in case the September 27 test is cancelled. More information on the IPAWS and Wireless Emergency Alerts is available at https://www.ready.gov/alerts.

This is the third mandatory nationwide test of the EAS. The first test was conducted in November 2011, in collaboration with the FCC, broadcasters, and emergency management officials. The second mandatory test was conducted in September 2016. You can also access a video, FEMA Accessible Emergency Alert System IPAWS Test Message, in American Sign Language.

In 2007, FEMA began modernizing the nation’s public alert and warning system by integrating new technologies into the existing alert systems. The new system, known as IPAWS became operational in 2011. Today, IPAWS supports more than 900 local, state, tribal, and federal users through a standardized message format. IPAWS enables public safety alerting authorities such as emergency managers, police, and fire departments to send the same alert and warning message over multiple communication pathways at the same time to citizens in harm’s way, helping to save lives. For more information on FEMA’s IPAWS, go to: www.fema.gov/ipaws. For more preparedness information, go to www.ready.gov.

FEMA Request for Staff

From FEMA…

As you are all very much aware, our Nation has sustained severe flooding and damage as a result of Hurricane Harvey, and we are anticipating major impacts from Hurricanes Irma and possibly Jose. This is the peak of the hurricane season and it is far from over; to this end, we are reaching out to you to help in response and recovery efforts.  FEMA is looking to recruit personnel, with an expected deployment of 30 days, in the following areas:

Program Area: Skillset Required

Individual Assistance: Survivor outreach and communication, case management

Logistics: Load and unload trucks; coordinate and deliver resources; track inventory

IT: Establish connectivity for facilities; install, track, and manage equipment; configure communications equipment

Disaster Survivor Assistance: Engage directly with survivors; demonstrate understanding of available programs; case management

Hazard Mitigation: Floodplain management, mitigation strategies for the built environment, flood insurance, FEMA’s grant programs and authorities

Disaster Emergency Communications: Set up, operation, and shut down of communications vehicles; installation of voice and data cables; knowledge of radio protocols

External Affairs: Communications, Congressional and intergovernmental affairs, media analysis, media relations, tribal affairs, private sector relations

Environmental and Historic Preservation: Knowledge of environmental, historic, and floodplain management processes and regulations

Human Resources: Human resources specialists and managers

Finance: Travel arrangements and budget controls

Acquisitions: Contracting officers, purchasing specialists, and procurement specialists

If you are available to serve in one or more of these areas, please send your résumé to FEMA-CAREERS@fema.dhs.gov, and please put “Higher Ed” in the subject line.  Feel free to also share this request throughout your networks.  This is a great opportunity to serve the Nation and support our survivors in this time of need.

FEMA Seeks Input on Fiscal Year 2018-2022 Strategic Plan

From today’s FEMA Daily Digest Bulletin is an item related to FEMA’s FY 2018-2022 strategic plan.  FEMA Administrator Brock Long is inviting stakeholders to provide input to their upcoming strategic plan update.  They are doing this via IdeaScale, which is the same platform being used by DHS for an information campaign they promoted back in May of this year.  I’ve been monitoring the submissions to the DHS campaign and unfortunately find that the vast majority of ideas submitted are crap.  Many are ill informed (such as one idea of sending passenger baggage on a separate plane solely intended for that purpose) or politically motivated, with few offering any practical solutions to real problems.

Relative to the FEMA campaign, I’m seeing much of the same.  Here’s what FEMA requested input on:

Simplifying Recovery and Reducing Disaster Costs

  • How can FEMA simplify recovery programs and reduce disaster costs while ensuring accountability, customer service, and fiscal stewardship?

Buying Down Risk through Preparedness and Mitigation

  • How should risk be calculated in awarding grants?
  • What type of grants are best suited for effectively reducing risk?
  • How do we incentivize more investment in preparedness/mitigation prior to a disaster (not only federal investment)?
  • How should the nation, including but not limited to FEMA, train and credential a surge disaster workforce ahead of major disasters?
  • What are new ways to think about a true culture of preparedness?

Much of the input they are receiving thus far is less than helpful in the endeavor to drive strategic planning.  Rather, they are receiving ideas of tactical applications both in general as well as specific to disasters, such as Hurricane Harvey.  While some of these ideas aren’t bad (some are), it seems that people are missing the point.

This brings about some thoughts on the concept of whole community engagement, which is obviously what FEMA and DHS as a whole are trying to accomplish through these IdeaScale endeavors.  I’m 100% in favor of whole community engagement, but opening the doors and inviting unstructured commentary is less than productive.  I’m sure it’s frustrating to the people on the receiving end who are having to sift through a lot of largely irrelevant input to find a few gems.  At the community level, these discussions can be moderated in public forums, but through an electronic means, it’s pretty much a free-for-all.  A valiant effort, but I wonder if they are getting the input they really need or if this merely accomplishes them ‘checking a box’ to say they solicited whole community feedback.

While feedback from the public can be valuable, I posit that most of the public simply isn’t aware enough of the mission, organization, and activities of FEMA to provide meaningful ideas toward their strategic plan.  Instead, forums such as the ones they’ve opened up simply provide opportunities for people to vent frustrations, which I suppose has some value but not in this forum.

What I’m hopeful of is that professionals in emergency management and public safety take advantage of the opportunity to provide thoughtful feedback and ideas which can contribute to FEMA’s strategic plan update.  If they are making the effort to obtain feedback, let’s give them what they need.  That’s my challenge to you!

© 2017 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

A Few Words On Hurricane Harvey, and How You Can Help

Readers who have been with me for a while know that I generally refrain from providing commentary on active incidents.  There is already enough chatter out there, with a variety of experts (real and otherwise) providing their opinions.  As with any ongoing incident, there is plenty of information and assumptions, right and wrong.  This disaster is already generating a lot of discussion on the decision by Houston and other jurisdictions to not issue evacuation orders.  Once the flood waters recede and life safety matters are addressed, perhaps I’ll jump into that discussion.  For now, let’s stay focused on the lives that are at risk.

Several people have asked me how they can support the Hurricane Harvey response and relief efforts.  There are many reputable charities out there providing great assistance.  A few tips…

  • Most of these organizations want and need money, not things, so unless they are asking for donations of certain goods or commodities, don’t send them things. The management of unwanted donated goods is an absolute nightmare and a distraction when all resources need to be focused on the disaster at hand.
  • Find a charity/organization that aligns with your own interests and beliefs. If you are most concerned about animal welfare, the ASPCA is a great organization doing incredible work during this and other disasters.  The American Red Cross is a long-standing go-to humanitarian aid organization.  There are also a variety of faith-based organizations, such as the Salvation Army, Adventist Community Services, Catholic Charities, Islamic Relief, and others which are dedicated to supporting communities in need.
  • If you are sending a check (you can even drop off a check at your local offices of any of these organizations), be sure to write ‘Hurricane Harvey’ in the memo of the check. That should direct those funds to this disaster effort.
  • Keep records and request a receipt (if they don’t provide one) for tax purposes.
  • For those of you who want a specific recommendation, I suggest Team Rubicon.  Team Rubicon unites the skills and experiences of military veterans with first responders to rapidly deploy emergency response teams that provide direct life-safety response efforts as well as short-term recovery work, such as mucking out people’s homes.  They are an outstanding organization that not only provides disaster assistance, but also directly supports our veterans.

These organizations absolutely need your support.  The costs of deploying personnel, even volunteers, are high.  Every dollar makes a difference.

-TR

Thinking Smarter About Security

If you work in any facet of public safety and you aren’t thinking about how you secure public and event spaces, you haven’t been paying attention.  Our complacency is the greatest gift we can give to terrorists and criminals.  I certainly acknowledge that the most difficult aspect of dealing with criminal intent versus natural hazards is their determination to circumvent our own protective measures and systems, but we often make it easy for them because it’s too difficult for us to change. Is that really the excuse you want to give to the board, the media, or the families of those killed in a criminal act?

While I will never claim to be a security expert, I try to look at things with a critical eye and take the advice of those who are experts in the field.  Here are a few examples of things I’ve encountered.

Several years ago I was part of a team supporting preparedness at a major sporting venue.  The organization who had exclusive rights to the venue requested support in planning, training, and exercise activities.  I provided incident management training and was the lead on exercises.  As preparation for a tabletop exercise, I coordinated with the organization to observe security procedures during a major event.  The security screeners at the entrances to the venue did a reasonable job with most patrons, although consistently faulted with one type of patron – persons in wheelchairs.  Anyone who came to the door in a wheelchair was waved through ALL security screening without so much as a bag check.  This became the gap that I exploited for the exercise, much to the objection of their head of security who insisted that personnel were trained in how to screen patrons in wheelchairs.  While they may have been trained, it is something they consistently failed in doing and I never observed a supervisor correct the behavior.  Perhaps they weren’t trained at all, or the training wasn’t effective, or it was too uncomfortable or inconvenient for them to do.  Regardless, this is a significant gap that I’ve continued to see at other locations through the years.

Earlier this year I attended a large convention that drew tens of thousands of patrons in a large convention center over a long weekend.  I was an attendee and not working in any official capacity.  Security at the venue was laughable.  Security personnel had three main activities – bag checks, credential checks, and metal detector operation.  Metal detector operation was only performed the first day, utilizing walk through detectors as well as wands.  The personnel clearly had no idea how to operate either (I was among dozens if not hundreds of people who were directed to go through a walk through detector – which I noticed was unplugged).  On the occasion that a walk through alerted (one that was plugged in…), I observed security personnel waiving the wand around people too quickly and too far away from their bodies.  For bag checks, we were asked to open all bags for security inspection.  The ‘inspection’ I observed on each day usually consisted of someone saying thank you and waving you through as they looked around the room or chatted with a co-worker, certainly not actually looking into the bags.  As for checking credentials, every patron was provided with a lanyard and a pass to be attached to said lanyard.  Security personnel were supposed to be checking passes as people entered doors to the main exhibit hall and other areas.  I noted some security personnel did this better than others – some of which didn’t check at all.  I actually managed to keep my pass in my pocket through the entire event, only being challenged by security once.  I was so alarmed by some of the practices that on separate occasions I introduced myself to a county sheriff’s deputy and a fire marshal to point out some of the more egregious issues.

My work has brought me to a number of secure facilities owned by various levels of government and private entities.  One federal facility I’ve frequently visited through the years usually screens vehicles.  As expected, this includes the opening of doors and the trunk of the car.  Not once, in the many years and visits to this facility has anyone ever moved a seat or checked a bag or package.

My last anecdote comes from a few years ago spending some down time in a small park in an area of DC where there a number of embassies.  One embassy seemed to have regular traffic in and out for visitors as well as some light construction work being performed on their grounds.  As one guard would check identification and presumably verify the need of the visitor to be there, another guard would walk around the vehicle with an inspection mirror (the type at the end of a pole with which to inspect the underside of a vehicle).  It was evident that the guard was either not trained in its proper use or the importance of this protocol, as every time he walked around a vehicle holding the mirror, but never actually putting it in position to view under the vehicle, much less ever looking down at the mirror.  He simply took a casual stroll around the vehicle.

The things I’ve noted here are just a few that happened to come to mind as I crafted this article.  There are dozens more, and I’m sure each of you can come up with a list of poor practices as well.  Keep your eyes open when you go to a public space to see how security is handled.  Look at things through the lenses of potential adversaries.  How could someone gain entry?  Are there recognized security patterns they can circumvent?  What vulnerabilities exist?  If you are responsible for security for a facility, have a security audit performed.  While formal security audits are valuable, often the most meaningful ones are casual and unannounced, with someone the front-line security personnel don’t know trying to gain entrance to the facility.  Are they challenged appropriately? Are they screened effectively?

The mitigation, prevention, and protection against security threats is something that many take too lightly – clearly even those whose job it is to focus on those matters.  Highly effective training programs are available – but we need to ensure that people take these courses and implement what they’ve learned in accordance with documented organizational practices.  Supervisors must be present and constantly maintain quality control.  This is a good matter of practice, but even more important when most non-sworn security personnel have a high rate of turn over or may be part time or temporary employees, or even volunteers.  For large events, proper just-in-time training must be performed for supplemental security staff who are not certified or otherwise professionally qualified security personnel.

Security is a challenging environment to work in.  We must constantly be recognizing threats and trying to out-think potential adversaries.  We must strive to keep passive and active security practices up to par, meeting or exceeding standards without becoming predictable to an observer.  How do you assess security in your facility?  What best practices have you identified?

© 2017 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC