Homeland Security: Alerting the Nation

Delivered to the House Subcommittee on National Security, Emerging Threats, and International Threats

Chairman Shays, Ranking Member Kucinich, and other distinguished members, I am honored you asked me to testify before the committee today. This hearing focuses on what I believe to be one of the most critical components of our emerging national homeland security system: the means for alerting the nation about potential terrorist acts.

One of the most important actions taken by President Bush's administration in the wake of the September 11 attacks on New York City and Washington was establishing a national homeland security strategy. In turn, the strategy defined the six critical missions required to protect U.S. citizens from the threat of transnational terrorism.[1]

The first critical mission area is intelligence and early warning. It includes activities related to detecting terrorists and disseminating threat information and warning. Central to the success of this mission is the development of programs that promote intelligence sharing across the public and private sectors. Effective intelligence sharing is a prerequisite for exploiting the full potential of national capabilities to respond to potential terrorist threats.

The Homeland Security Advisory System (HSAS) is an important component of the intelligence and early warning mission area. The HSAS employs a series of color codes to designate various levels of national preparedness in anticipation of a terrorist attack. Associated with each threat condition are a range of suggested protective measures (such as implementing various contingency plans), with federal, state, and local agencies responsible for developing and implementing their own specific response activities.[2] Since the system has been established, the HSAS threat condition has been raised five times over the last two years.

Getting the HSAS exactly right is critical for four reasons.

First, the Administration envisions the HSAS serving as one of its key tools for integrating federal, state, local, and private-sector responses. Thus, it is potentially a vital tool for wielding these disparate capabilities into a true national preparedness and response system.

Second, if effectively employed, the HSAS may help prevent, deter, or mitigate the effects of a terrorist attack.

Third, the HSAS has significant fiscal implications. The $10 million requested for funding the system in FY 2005 is not an issue of concern. On the other hand, implementation of the HSAS could have a significant impact on future requirements for supplemental funding. Increased security resulting from changing the alert status requires an estimated $1 billion per week at the federal level. The additional costs incurred by state and local governments and the private sector, as well as the impact on the economy overall, such as reducing consumer confidence or affecting business travel and tourism, are more difficult to estimate, but no doubt significant.[3] 

Fourth, how the HSAS is employed may have a significant psychological impact on the nation. It is not clear what the long-term mental health impact may be or how frequent and ambiguous changes in threat condition may undermine the system's responsiveness.

My research explores these issues from the perspective of the impact of the HSAS on executing the national strategy and how changes in alert status affect the overall state of national preparedness. In my testimony I would like to cover three points: 1) the positive aspects of the present system, 2) concerns over how the HSAS is currently organized, and 3) what long-term issues must be addressed to ensure that the HSAS can effectively serve the nation for years to come.

The Nation on Watch
The HSAS was established by presidential directive in March 2002. The U.S. Attorney General assumed overall responsibility for implementing the system.[4] Subsequently, the Homeland Security Act of 2002 placed responsibility for intelligence and early warning activities squarely on the shoulders of the Secretary of the Department of Homeland Security (DHS). According to the legislation, it is the responsibility of the DHS Assistant Secretary for Information Analysis and Infrastructure Protection (IAIP):

 (1) To access, receive, and analyze law enforcement information, intelligence information, and other information from agencies of the Federal Government, State and local government agencies (including law enforcement agencies), and private sector entities, and to integrate such information in order to--(A) identify and assess the nature and scope of terrorist threats to the homeland; (B) detect and identify threats of terrorism against the United States; and (C) understand such threats in light of actual and potential vulnerabilities of the homeland.[5]

Section 201 of the law also assigns IAIP responsibility for administering the HSAS.

I would like to start off by commending Secretary Ridge on the work that he has done in implementing the HSAS, both at the Office of Homeland Security and as DHS secretary. The war on terrorism is likely to be a long, protracted conflict, and the DHS has the difficult task of being on watch right now against possible terrorist threats and building a robust homeland security that must stand for decades. The DHS has achieved a lot given the short time frame of its existence and the magnitude of the challenge it faces. With regard to the HSAS, there are clearly some things that have gone right.

It is worth noting that the Homeland Security Council (HSC) and the council staff have played an important role. When the HSAS threat condition is elevated, the HSC convenes to ensure that the federal response is integrated and appropriate. At the deputies level, behind the scenes a steady stream of policy directives and strategy planning documents suggests ongoing and improving coordination under the direction of the HSC staff. Particularly commendable was the rapid development and implementation of domestic security measures (Operation Liberty Shield) resulting from the increase in threat level during Operation Iraqi Freedom.

The HSC must always play a central part in the implementation of the HSAS to ensure that federal agencies undertake protective measures commensurate with changes in alert level and the nature of the threat that prompted the need for heightened security measures. Indeed, at the national level the HSAS appears to be achieving its stated goal on ensuring the coordinated employment of protective measures across the federal government.

Also noteworthy is the development of the Homeland Security Operations Center (HSOC) in the DHS. The center is responsible for consolidating information and putting out warnings. This consolidation has been long-overdue and contributes to the Department of Homeland Security's ability to see the "big picture" and manage implementation of the HSAS.

The February 24 announcement of the establishment of the Homeland Security Information Network was also welcome news. HSIN will link states, territories, and major urban areas to the HSOC through the Joint Regional Information Exchange System (JRIES). Initially, the system will be limited to sensitive-but-unclassified information, but in the future it is intended to carry secret information to the state level. A collaborative tool such as HSIN is essential for establishing the interactive communications necessary to support implementation of the HSAS.

Additionally, the DHS has undertaken programs to make average citizens more aware of their role in how to prepare and respond to terrorist attacks. The DHS Web site Ready.gov provides appropriate, clear, and jargon-free advice on how to respond to chemical, nuclear, biological and radiological dangers.

Concerns and Recommendations
That said, there are areas relating to implementation of the HSAS that raise issues that Congress should carefully consider.

In particular, it is becoming increasing clear that the management of the Terrorist Threat Integration Center (TTIC) will be critical to the long-term success of the HSAS. Established by President Bush in 2003, the TTIC is staffed by an interagency group responsible for gathering, assessing, and disseminating all terrorist-related information to federal agencies. The Administration intends for TTIC to be the place where all the dots get connected and the right information gets to the right people, at the right time. Over the long term, it is likely that the TTIC will be providing the key intelligence assessments that determine changes in the HSAS.[6]

Currently, the Director of Central Intelligence provides oversight of TTIC, and most of the TTIC staff are from the Central Intelligence Agency. The DHS plays only a subordinate role. Policies on operations and the functions and duties of DHS personnel, and other participating agencies as well, are governed by an interagency memorandum of understanding.

Establishing TTIC separate from the DHS is problematic. The current arrangement appears to conflict with the intent of the Homeland Security Act of 2002 and raises concerns over whether such an approach will optimize intelligence sharing overall and the implementation of HSAS specifically. It is deeply troubling that the DHS, as the primary consumer of intelligence for providing domestic security, does not have primary control over the mechanisms for fusing and disbursing information.[7]

The current arrangement leaves the DHS as little more than just another intelligence end user, competing with other members of the national security community to ensure that its priority requirements are met and that it has the information it needs to manage the HSAS.

The Congress should consider measures to strengthen the role of the DHS in TTIC. The best course would be to merge TTIC and the intelligence functions of the DHS Information Analysis and Infrastructure Protection Directorate (IAIP) into a single interagency staff under the supervision of the DHS. In addition, the DHS secretary should have authority over all TTIC-related appropriations. Finally, the DHS should have authority to approve, evaluate, and establish the education and experience requirements for all TTIC staff, much as the Pentagon's Chairman of the Joint Chiefs of Staff has legislative authority to designate qualified personnel from the military services to attend the joint staff.

A second major concern is the "one-size-fits-all" nature of the national alert system, amply demonstrated when recent changes in the HSAS brought America its first "orange" Christmas-the second-highest danger level. Currently, when the HSAS is raised to orange, the whole nation ratchets up security-even in areas where no credible threat is made. This is because the current system does little or nothing to inform state and local governments as well as the American public of specific threats. As Dan Goure, a national security specialist with the Arlington, Va.-based Lexington Institute, concluded, "We have a better system for rating movies."[8]

The limitation of the current system is its all-inclusive nature. During the Cold War, the Pentagon established DEFCON (defense condition) levels to ramp up the readiness of its forces to respond to global contingencies based on changes in the nature of the Soviet threat. At the same time, civil defense systems were developed to alert local authorities and the general public of impending attacks. One system was designed to enhance levels of preparedness, the other to alert public safety officials and the public of imminent emergencies.[9] The HSAS attempts to efficiently combine both these attributes in a single system. Given the large and diverse population and infrastructure of the United States, this is a daunting and perhaps unachievable task.

On the other hand, we should not scrap the current system entirely. It appears to work well at the federal level, where assets are under centralized control and deployed by people with unfettered access to classified intelligence. Washington needs an integrated system to add or subtract from the levels of security at our borders, at sea, and around key assets. The HSAS threat conditions are evolving into an appropriate instrument to accomplish that goal.

Application of the HSAS to state and local governments, as well as the private sector, is more problematic. A survey of various state and local response organizations, done by the Gilmore Commission, showed overwhelmingly that these organizations want more information on the type of attack, where it is likely to occur, and when.[10] Currently, few have the classified intelligence and the sophisticated analytical capabilities to evaluate threats. Lacking concrete assessments, many states, counties, and cities typically react in two ways: do nothing or pile on layers of possibly unneeded security that generate exorbitant overtime costs and other expenditures.

That is not to say that the nation requires a standardized system that solicits uniform responses from every state and local government. In fact, just the opposite is needed. Research suggests that diversity is natural and desirable. Public safety and emergency response entities are more effective by adapting their operations to local conditions.[11] The HSAS needs to be flexible enough to serve all their needs.

Of even greater concern is the impact of shifts in the threat level on average citizens. Many appear perplexed by changes in threat condition. Though the HSAS is intended to serve a variety of purposes, it is perceived by many as primarily a warning system for the general public. That's a problem. The HSAS does not meet all the expectations of an effective public alert system.

Public alerts must be credible, specific, understandable, and actionable by individuals.[12] Arguably, the change in color code, which dominates the public perception of what the HSAS represents, is none of these. For example, when the national alert level is changed, local officials may take no publicly discernable action because they have no specific information of threats in their area. In February 2003, when the federal government changed the national threat condition to code orange, the Governor of Hawaii chose to maintain a blue level of alert. The Governor of Arizona suggested that Arizona might do the same, depending on threats to the state[13]For average citizens, these responses are incongruous, raising questions about the overall credibility of the HSAS.

The lack of specificity over the nature of the alert and the absence of clear guidance on what actions need to be taken by individual citizens is problematical as well. The American Red Cross, recognizing the public confusion over the color-coded system, has issued its own guidelines for preparedness by the private sector.[14]This advice, and the recommendations given in the DHS Ready.gov Web site as well, include practical measures that should be taken every day to ensure public safety and prepare for all kinds of natural and technological (i.e., man-made) disasters. They do not, however, suggest significant changes in behavior when the threat status shifts from one color to another. Thus, even citizens who have studied the Red Cross guidance provided might well be puzzled over how to react to the HSAS alerts.

Additionally, there is a real question over whether any national alert system will have a significant effect on enhancing public preparedness. A considerable body of research suggests that many individuals change patterns of behavior or take precautionary measures in preparation for disasters only after they have had some personal experience with that threat. Additionally, the perceived need for preparedness recedes as the event becomes more remote.[15] Given that few Americans have experienced, or are likely to experience, a terrorist attack, such findings do not bode well for the effectiveness of the HSAS as a means of risk communication to the general public. Certainly, at the least, significant additional and tailored pre-alert education and continuous reinforcement will be needed to convince a significant number of Americans to take common-sense precautions in anticipation of a terrorist attack over threat periods that may span several years between major attacks.

While color-coded alert may not spur greater preparedness, it could have unintended adverse psychological consequences, fostering a "fortress America" mentality or increasing anxiety among some individuals. Since age, socioeconomic, and sociodemographic factors can significantly condition preparedness and public response to warnings,[16] significant additional research may be needed to determine the long-term mental-health impact of the HSAS and its capacity to reach a growing and increasingly diverse U.S. population.

Responsible voices, including former Virginia Governor James Gilmore, who chaired a prestigious national commission on terrorism, along with Representatives Christopher Cox, R-Calif., and Jim Turner, D-Texas, have called for revising the alert system. The report also concluded that the Homeland Security Advisory System has become largely marginalized. This panel believed that "this may be attributed to a lack of understanding of its intended use as well as the absence of a well-orchestrated plan to guide its implementation at all level of government."[17] The Gilmore Commission goes on to make a series of useful suggestions for improving the HSAS.[18]

As a minimum, I recommend the following solutions:

• That the public color-coded portion of the Homeland Security Advisory System be scrapped. Rather than a complex, vague, multi-tiered system, a simple two-tiered system similar to that used by the National Weather Service,[19] to which the public is by and large already conditioned to respond, might be more appropriate.
• Public alerts, when appropriate, should be issued in brief, simple, and clearly worded watch or warning reports that average people can understand. Officials should tell people what they can, when they can, then let them make their own choices on how to respond. These reports must contain specific threats and specific actions that should be taken. An objective system would probably merge terrorist alerts into an "all hazards" alert system with common formats and methods of dissemination.
• Replace the national alert to state and local governments with regional alerts and specific warnings for different types of industries and infrastructure. In fact, the DHS is already moving in this direction. As the department has become more sophisticated in analyzing threats and communicating information, it has been issuing more audience-tailored warnings. For example, after the DHS lowered the national threat level on January 9, 2004, it continued higher levels of security for commercial aviation and specific air routes.[20] This practice will no doubt become easier and more routine once the DHS completes its comprehensive risk-level ranking of all areas in the country. Hopefully, the ranking will address criteria such as population, threat assessment, number of important sites, and level of vulnerability, and then classify areas as low, medium, or high risk.
• Establish standards of preparedness and response for state and local authorities. National performance standards will provide a guide to help state and local governments determine what they need to do to counter terrorist threats and what help they should expect from the federal government.[21] In turn, these assessments will assist in establishing appropriate security measures for each of the HSAS threat conditions.

With more specific alerts, DHS, in cooperation with other federal agencies and state and local authorities, will be better able to apply scarce resources to address the higher threats. Congress should consider providing additional appropriations in the FY2005 budget to support revamping the HSAS.

Looking to the Long Term

Finally, I would like to briefly discuss the issues that must be addressed to ensure that the HSAS evolves into an integrated component of a true national preparedness and response system and remains effective for decades.

A legitimate concern with regard to the HSAS is that overuse will lead to apathy among civilians. This is known as the Cry Wolf Syndrome, a subject that engenders some controversy. Some argue that the syndrome is a myth. In particular, they contend that the response of the "internal" audience (e.g., public officials and emergency responders) to alerts can actually be strengthened by frequent alarms. Using the system provides an opportunity to test readiness and refine procedures. On the other hand, other research suggests that the public "external" audience (individual citizens) can be adversely affected by alarms that are not followed by the appearance of an actual threat.

Instances of the cry-wolf scenario have been documented. For example, at a Seton Hall University dorm in 2000, 18 false fire alarms had caused students to ignore the fire alarms. As a result, when a real fire did break out, students continued to ignore the alarms and three people died in the blaze.[22]

According to a research paper entitled "The Warning Process: Toward an Understanding of False Alarms" and a survey conducted by Eve Gruntfest and Kim Carsell of the University of Colorado at Colorado Springs, most people who issue public safety alerts have a fear of false alarms that directly impacts their decision to issue warnings to the public. In fact, 54 percent of such responders to the survey said that fear of false alarms delays their decision to notify the public.[23]

In contrast, there are numerous experiences where alerts of "imminent" threats that did not materialize subsequently did not lead to degradation in responsiveness. For example, during World War II, when air raid sirens sounded in London, German bombers were headed toward the city. However, increasingly as the Battle of Britain progressed, British air defenses would drive off the air attacks or make them less effective. Yet citizens responded with alacrity to each alert. Similarly, residents in tornado-prone areas routinely react to severe-weather warnings, even when funnel clouds have not appeared overhead for years.

In each of those instances, the public had a clear understanding of the threat and of how to respond to it. In contrast, the United States may see long periods when terrorist dangers represent "potential" rather than imminent dangers. Thus, the HSAS could be more prone to degraded public response over time.

The fact that al-Qaeda operatives took five to seven years to plan and execute the September 11 terrorist strikes is a cause for concern. It could well be a half-dozen years before the HSAS faces its next great test. There is a compelling requirement for additional research to determine the long-term prospects for the HSAS to remain an effective public alert system with regard to intermittent terrorist threats.

More work is also needed to explore how modern information technologies can be used to enhance the public portions of the HSAS. Currently, the government relies on an emergency broadcast system that interrupts broadcast television, radio, and cable programs to inform the public of emergency events.[24] The system is not sufficiently robust, however, to meet the needs of HSAS, nor does it exploit the Internet and multi-media and telecommunications capabilities of the information age. Additional research is required to determine how best to leverage all these capacities, as well as the costs and benefits of integrating HSAS with other alert systems such as the AMBER alerts employed by various states and the National Weather Service advisory system.

Finally, and perhaps most important, more attention needs to be given to the capacity of the emerging national preparedness system to best exploit the warnings that may be provided by an effective HSAS. Particular focus should be placed on human capital and leader development programs that will be required to train the next generation of homeland security professionals, public safety leaders, and government officials.[25] After all, it will be the actions of these men and women, not the alerts themselves, that will determine whether the nation is safer in the years to come.

Currently, the nation lacks an overall homeland security training and education strategy. The advanced degree program offered by the DHS through the U.S. Naval Post-Graduate School is one admirable initiative, but it is not enough. Other professional development opportunities for emerging senior leaders are also needed. The Massachusetts Institute of Technology, for example, conducts a program called Seminar XXI for the federal government. Seminar XXI provides a year-long series of lectures and workshops for mid-grade professionals on international affairs. A similar program targeted on homeland security might be equally useful. In the same manner, the national community might benefit from the establishment of a national homeland security university modeled on the military's war college system.

Finally, any national leader development effort will have to include a plethora of state and local leaders. The nation's network of junior colleges, which have become the hub of continuing adult education throughout the country, may provide the best venue for offering appropriate leader development opportunities.

Over the long term, the capacity of the national homeland security system to exploit the advantages of intelligence and early warning will be more dependent on the quality of the decisions made by its leaders and the programs they implement than on the structure of the HSAS. The nation would be well served if equal attention was paid to both sides of the equation.

I, again, thank the committee for the opportunity to testify on this vital subject and I look forward to your comments and questions.

James Jay Carafano, Ph.D., is Senior Research Fellow in Defense and Homeland Security at The Heritage Foundation.