Happy 10th Birthday, DHS

Ten years ago Thursday, the Department of Homeland Security was established to unify our national capabilities in the wake of 9/11. A strong sense of urgency was pushing us to do everything possible to prevent another terrorist attack, and, if that failed, to respond. As the chief of staff of the Coast Guard, I led a team that planned and executed the service’s move from the Department of Transportation, where it had been housed for 35 years, to its new berth at DHS.

The entire process moved at bureaucratic light speed. President Bush signed the Homeland Security Act into law on November 25, 2002; the department was officially created two months later, and 22 agencies moved into DHS on March 1, 2003. It was remarkable: in only four months, an entirely new department with nearly 200,000 employees was stood up.

But the conditions under which the department was created limited its ability to operate. There was no time for strategic, long-term planning. There was no assessment of the various authorities of the agencies relocated to DHS in the context of what the department was expected to do. Instead, the existing authorities, resources, capabilities, and competencies of multiple agencies were simply merged into a single organization. The department’s constituent parts retained their ability to operate, but their ability to coordinate with each other and support the department’s overall mission was limited.

Ten years later little has changed, and we know we need a more unified homeland security force. To get there, let’s take a deep breath and reassess our priorities. It is time to create a strong, forward-leaning strategy for preparedness at home — one that focuses on national resiliency, defends our networks, diminishes the threat posed by bad actors, and rethinks how we protect our borders.

Strive for Resiliency. The curves that Hurricanes Isaac and Sandy threw at us remind us that, despite the Federal Emergency Management Agency’s improvements in recent years, Mother Nature gets the final vote. Isaac found low barriers to entry; Sandy attacked dense coastal populations and antiquated infrastructure. Looking ahead, we need plans and investments that create resiliency and limit the impact and cost of emergency response. Think of resiliency as the community equivalent of an immune system that improves our ability to respond to and recover from catastrophic events. We must rethink the roles and responsibilities of all levels of government, collaborate and coordinate across public and private sectors, and create regional strategies based on regional risks. This concept has been strongly endorsed in the recent report by the National Academy of Sciences, Disaster Resilience: A National Imperative, which recommends creating a national database for disaster loss information similar to the one used by the National Insurance Institute for Highway Safety to improve automobile safety.

It Takes a Network. The attack on our consulate in Benghazi is a grim reminder of the threat we still face from terrorists and radicalized groups and individuals. The terrorist networks and transnational criminal organizations that threaten us must have money to operate, and they move cash gained from illicit trafficking through shadow financial networks. As a result, our law enforcement and intelligence organizations are in effect battling a network of networks.

Our counterterrorism successes have shown that it takes a network to defeat a network. The demise of Osama bin Laden proved that. In many cases, our successes are backed by high-performance computing and cloud-based analytical tools that allow us to extract more value from the data we collect, and in turn act more quickly.

Unfortunately, many agencies are handcuffed by proprietary technologies, bureaucratic controls, or outdated authorities that limit data sharing and hamstring the network-on-network fight. For example, there are a number of repositories that contain biometric information that could be networked and interoperable, while adhering to common quality and security standards. Some improvements don’t require legislation — just organizational will and leadership. They include increased collaboration and the management of threats across traditional "case" boundaries within agencies. We need agencies that share information seamlessly and securely, acting with unity to make Americans safer. These goals were laid out in President Obama’s recent National Strategy for Information Sharing and Safeguarding, which directs federal agencies to act collectively to improve both the security and sharing of information. Contrary to some concerned with privacy, advances in high-performance computing and our ability to analyze large datasets more quickly can create greater transparency and ensure compliance with privacy laws and civil liberties because greater controls and tracking can be embedded with the data. Discrete permissions can also be established that allow greater access by all who need the information, including state and local partners.

Defend That Network. Similarly, it takes a network to defend a network. The Internet touches every facet of our lives and the cyber threat is one of the gravest threats we face. Few areas warrant the attention needed here. Yet recent attempts to pass cyber legislation have failed because of a lack of agreement on the respective roles of government and the private sector. This is a shared responsibility; quibbling needs to stop. Responsible collaboration is the answer. We need to find that middle ground that allows private firms to receive or provide sensitive information on cyber threats while retaining their freedom to operate in a market economy. While an executive order is being created to address roles and responsibilities within the federal government, the new Congress should move immediately to pass legislation that addresses key issues of corporate liability, legal implications of disclosures of attacks by the private sector, and antitrust issues associated with coordinated industry actions.

Rethink Our Borders. Perhaps the most visible symbol of the homeland security challenge is the border itself. The past decade has seen a continued, evolving discussion as to what constitutes border security. Turns out, defining a "border" is much more complex than identifying the line that legally separates nations, whether it be drawn on land, sea, or air. It is time to broaden our discussion of the border from its physical attributes to a more inclusive concept of what it means to secure a nation.

In fact, the "functional border" transcends physical boundaries and adds cyberspace to the traditional domains of air, land, and sea as conduits through which legitimate and illegitimate flows of people, goods, money, and information pass. Transactions are accomplished online, fees are transferred electronically, and goods ranging from light bulbs to complex technologies travel from Bucharest to Omaha. In today’s world, only a fraction of our protection and enforcement responsibilities can be met through physical inspections at the ports of entry. In an increasingly globalized economy, we must simultaneously secure and speed trade and travel through the analysis of data provided by travelers and shippers and data about the shippers themselves.

Our national conversation should match this "boundary-less movement" — it must include all the functions required in all domains. This begins with a more integrated Customs and Border Protection organization that still faces challenges from 2003 in integrating operations both at and between ports of entry. It extends to greater unity of effort among all agencies with trade and travel enforcement responsibilities, such as the Coast Guard, Immigration and Customs Enforcement, the Transportation Security Administration, and the Department of Agriculture. Here, too, the need for data integration, faster analyses, and quicker, more agile response should be the overarching goal. Finally, we must realize that trade and travel facilitation and border security are not separate and distinct, but that we must balance the needs of commerce and the requirement to secure our borders. They are intertwined elements of national power.

We are ending a decade of incremental adjustments, and we have the opportunity to recalibrate our approach to achieving a unified force. A strong strategy must transform this aggregated enterprise and focus on achieving national resiliency, attacking terrorist and criminal networks with more effective networks, defending our cyberspace through collaboration, and managing a functional border in the global commons. As the Quadrennial Homeland Security Review begins, it is time to pause, think, and get it right.