Infrastructure security task force develops a guide for building response strategies and improving preparedness plans
It is a traumatic experience to tour the miles of decimated New Orleans communities, slowly maneuvering through block after block of gutted homes that display gaping holes where doors and windows used to be. Nearly a year after Hurricane Katrina devastated the city and surrounding parishes, much of the population has not returned, certain critical services remain unavailable, and infrastructure remains to be rebuilt. When asked why the state and localities, with federal assistance, cannot get the restoration job done, local residents claim a simple lack of leadership.
Government officials point to legal impediments, lack of funds, and difficulty in securing resources and developing consensus on rebuilding among competing interests.
As residents, officials, and engineers in other parts of the country contemplate the devastation along the Gulf Coast, they also worry about how their own communities would deal with a local disaster. For the Pacific Northwest and California, it is major earthquakes and tsunamis; for much of the West, the great concern is wild fires; in the Midwest and on both coasts, it is floods; and for the areas from Texas through the Southeast and up the East Coast, hurricanes are the big fear. All the while, states and major municipalities are planning and exercising their responses to a terrorist attack that could cause regional paralysis through cascading impacts to interconnected infrastructures.
Most of these regions, and the various jurisdictions that comprise them, have disaster preparedness plans. But these plans—as confirmed in a study released in June by the U.S. Department of Homeland Security (DHS)—are for the most part inadequate. Even for those few state plans that the DHS study deemed "sufficient," there is no guarantee that the jurisdictions with adequate plans have the capability to manage a large-scale disaster.
Moreover, these plans do not take into account the regional interdependencies among critical infrastructures and essential service providers that can cause unanticipated problems when disaster strikes.
Aware of this fact, an increasing number of local and state government and privatesector representatives have begun to think in terms of a holistic approach to disaster preparedness and management that focuses on regional resilience.
In October 2005, the leaders of The Infrastructure Security Partnership (TISP), a national public-private collaborative organization created after Sept. 11, decided to move beyond talking about lessons learned from disasters and to start developing a framework for a regional disaster resilience strategy—an action plan. The intent was to provide states, municipalities, and other key stakeholders (organizations providing essential services or with vested interests in emergency management) with a proactive, comprehensive regional approach—a flexible, dynamic, and comprehensive set of simple and clearly stated needs, as well as recommended activities and projects, that organizations could take collectively and individually to improve disaster resilience. Such a set of guidelines would also enable these stakeholders to gauge the utility of their existing plans and readiness activities.
The resulting publication, Regional Disaster Resilience: A Guide for Developing an Action Plan, is a user-friendly resource for regional stakeholders on how to build their own strategies or to improve existing preparedness plans. The guide was produced by TISP’s Regional Disaster Resilience (RDR) Task Force, chaired by Edward Hecker, the U.S.
Army Corps of Engineers’ chief of homeland security, and comprised of nearly 100 volunteer representatives from key stakeholder organizations from across the country. The task force began its work in mid-November 2005, and the first draft of the guide was completed in February 2006. Following an external review by state and municipal homeland security and emergency management officials, as well as experts and practitioners from across the country, the guide was finalized and published in June 2006.
The guide leverages many of the lessons learned from recent events, including natural disasters such as hurricanes Katrina and Rita, the August 2003 power outage that darkened much of the Northeast United States, the Sept. 11 attacks, as well as the results of regional interdependencies exercises.
The guide is based on a large set of fundamental assumptions that are important in establishing a rationale for regional disaster resilience. The goal of the guide is to help stakeholders develop a comprehensive preparedness strategy, or action plan, to improve regional preparedness to address all-hazards with the goal of "sensibly securing interdependent critical infrastructures and achieving disaster resilience." The guide provides key definitions.
Disaster resilience is described as the capability to withstand, prevent, or protect against significant all-hazards and rapidly to restore critical services with minimum damage to public safety and health, the economy, and national security. A region is defined as generally coinciding with infrastructure service areas, and can be a city, part of a state, an entire state, multiple states, or can cross national borders.
Creating regional partnerships
In achieving regional resilience, it is essential to bring together a region’s key stakeholders, including state and federal representatives (civilian and defense), in a collaborative initiative that focuses on identifying and raising awareness of regional interdependencies and associated physical and cyber vulnerabilities, as well as the impacts of disruptions under various scenarios.
The guide outlines a seven-step action plan process for this type of regional interdependencies initiative. The process brings together key stakeholder representatives initially to plan and conduct an interactive Interdependencies Workshop, and then to develop a multi-faceted, challenging interdependencies tabletop exercise. The lessons learned from this exercise—needs (preparedness gaps) and the short-term (sixmonth), medium-term (two-year), and longer-term (multi-year) activities and projects required to mitigate them—can become the foundation of a regional action plan. This action plan framework is the heart of the guide.
The guide’s comprehensive nature is intended to offer a range of activities that organizations can implement collectively and individually, based on their perceived requirements, to achieve regional disaster resilience while maintaining the goal of sensibly and cost-effectively securing critical interdependent cyber and physical infrastructures.
It is essentially a high-level strategy—a baseline of identified, stakeholder- validated, prioritized regional preparedness needs and solutions. The 12 needs categories addressed in the guide include the following:
- awareness and understanding of interdependencies;
- cyber threats and challenges;
- resilient and interoperable communications;
- risk assessment and mitigation;
- cooperation and coordination;
- roles and responsibilities;
- business continuity and continuity of operations;
- logistics and supply chain management;
- response challenges;
- recovery and restoration;
- public information and risk communications; and
- exercises, training, and education.
Another important benefit of the guide is that states and localities, the private sector, and other organizations can use it to assess the comprehensiveness and utility of their current plans and procedures. State and regional stakeholders can determine which activities to undertake based on existing capabilities, assessed risk, available resources, and incentives.
TISP also is developing a best practices and solutions database that will enable users of the guide to have access to available plans, technologies, methodologies, and other tools that can be leveraged to keep costs low and to maximize standardization across regions. The goal is to include only those solutions that have been validated and recommended for inclusion by stakeholders.
These solutions will be keyed to the 12 needs categories, and will include contact information for the user/sponsor of each particular solution.
A living document
Moving forward, the guide will be expanded to include additional, specialized information on particular hazard situations (for example, the bird flu pandemic), and will be updated on a regular basis as new preparedness gaps and solutions emerge.
The RDR Task Force, now a standing committee within TISP, will be charged with this responsibility. TISP and the new RDR committee also are seeking avenues to raise awareness about the need for regional disaster resilience, and TISP will be sponsoring events—workshops, conferences, and exercises—that promote regional resilience.
TISP also will bring together key stakeholders and experts to tackle some of the tough challenges that must be overcome to implement the solutions identified in the guide.
In many respects, the publication, Regional Disaster Resilience: A Guide for Developing an Action Plan, provides an incentive as well as a framework for action.
However, its utility is only as good as the energy, enthusiasm, and momentum generated by key stakeholders to create and sustain a regional partnership, and to develop and implement an action plan to move toward disaster resilience. Encouragement and support by the federal government, in terms of technical expertise and funding, will be critical. It also will be necessary to bring funding from multiple entities for larger projects with the required project oversight.
The guide is an important first step, but will require an ongoing commitment to develop true regional disaster resilience.
Paula L. Scalingi, Ph.D., is a vice chair of TISP, co-director of the Stony Brook University Forum on Global Security, and president of The Scalingi Group, LLC, located in Vienna, Va. She can be contacted at firstname.lastname@example.org.
Sidebar: Disaster assistance volunteer directory
By Marla Dalton, P.E., CAE
Each time a natural disaster occurs, such as Hurricane Katrina or a man-made event such as the terrorist attacks of Sept. 11, American Society of Civil Engineers (ASCE) members generously volunteer their time and talents to assist in response and recovery initiatives,and look to ASCE to provide an avenue to do so.
The ASCE Committee on Critical Infrastructure (CCI), in response to members’ desire to lend support to such efforts,has developed a directory of members with an expressed interest and availability to assist with disaster management activities—planning, preparedness, response, and recovery—on an as-needed basis. The ASCE Disaster Assistance Volunteer Directory will be available to qualified parties, including local, state, and federal agencies, as well as private consulting firms seeking professional engineering expertise. For additional information about CCI and the directory, visit http://ciasce.asce.org.
Marla Dalton, P.E., CAE, is the director of Critical Infrastructure at the American Society of Civil Engineers, located in Reston, Va. She can be contacted at email@example.com.