Threat Levels and Beyond
What do changes in the color-coded Homeland Security Advisory System really mean? What should government agencies and people in general do when an alert comes with reports of “spikes in chatter” and “surges in information related to possible threats?”
Government Security asked Ross Bulla for his take on these issues. Board certified in security management, Bulla, a CPP, is president of The Treadstone Group Inc., provider of security consulting and investigative services to corporations, law firms, government agencies, and private clients around the world.
Q: How should government executives react to changes in color-coded threat levels?
Bulla: First, you should familiarize yourself with written policies and procedures that outline appropriate steps to take during periods of heightened security. Periodically, you should also review emergency procedures that remain in effect at all times. For government owned, leased and occupied facilities, the General Services Administration (GSA) has prepared an Occupant Emergency Program Guide.
Second, executives should regularly review and update employee rosters. Document the location of workstations for people with disabilities and special needs. Do not forget that some people may have temporary special needs, related, for example, to pregnancy or injury.
Q: How useful are color-coded threat level warnings? Wouldn’t more specific warnings improve our ability to react?
Bulla: The color codes are useful, but some have suggested that it might be better to implement color-coded advisories (or other kinds of advisories) specific to regions, sectors, sites or events.
Q: How seriously is this suggestion being taken?
Bulla: Pretty seriously. Over the next couple of years, I think you’ll see more targeted alert systems under which specific sectors will be notified. For example, there are a number of critical infrastructures: transportation, finance, electrical power, and so on. I think you’ll see threat response guidelines developed for each industry and each specific infrastructure.
In addition, you will see advisories designed to warn specific infrastructure sectors and even sectors in particular regions.
Q: Will the general color-coded system eventually be discarded?
Bulla: I don’t think so. The color codes are easy for the public to understand. But for law enforcement and public and private organizations, this system doesn’t provide substantial actionable information.
Q: What do you mean by actionable information?
Bulla: Suppose the threat level rises to orange. What does that mean to a nuclear facility? The threat response matrix developed for a threat level of orange lists 48 steps that you should consider. Among these are steps that require inspections of arriving vehicles and parking restrictions. But if the warning involves a potential air attack, who cares if you shut down the parking lots? If the warning involves an underwater bomb attack aimed at a reactor’s water intake system, it would be better to focus time on preventing the delivery of water-borne explosives.
Q: While maintaining the color-coded warnings for the public, the system is gradually being modified for responders — public or private. Is that what you mean?
Bulla: Right. The threat advisory system has not changed, but the government is responding differently by notifying specific agencies (local, state and federal) and relaying industry-specific information.
Q: So agencies might be asked to respond to specific threats although the threat level hasn’t changed?
Bulla: Yes. Agencies are improving the way they use communications systems — radio, telephone conference calls, e-mail, intranets, and so on — to issue warnings and share intelligence, reducing the need to constantly raise threat levels. In addition, the Department of Homeland Security and the White House seem to be working smarter. They are giving extra consideration to the need to raise alert levels.
Q: Changes in threat levels often include warnings about increased chatter or surges in threat information. Is it growing difficult for the public to take such general threat information seriously? Isn’t there a better way?
Bulla: General information is usually shared with the public. If information is specific enough, and the situation offers some guarantee of success in preventing an attack, then it might be reasonable to withhold information from the public — but only if subsequent intelligence leads to significant disruptions in the terrorist network thereby preventing future attacks. And don’t forget, specific terrorist threat warnings place terrorists on notice and may allow them to alter tactics or targets.
It has been suggested that the advisory system be used to communicate an “All Hazards” warning, not just terrorist threats. This system would raise alert levels by region, sector, and so on for all types of natural and man-made hazards including terrorism, weather and disease.
No matter what, threat information should be as specific as possible. It should be delivered in a consistent way to everyone concerned. And it should include advice for preparing and reacting.