Uncle Sam's plan
Homeland Security Director Tom Ridge says a national blueprint for the war on terrorism won't be ready until this summer. But White House officials have been dropping hints about where they want to go and how IT companies can help.<@VM>What's the plan?<@VM>Drafting the plan<@VM>Fostering teamwork<@VM>Fort Belvoir security solution: Grow your own
- By Nick Wakeman
- Mar 15, 2002
Mir Aimal Kasi didn't use a disguise or grow a beard to circumvent border security and enter the United States in late 1992. He simply added an "n" to his last name. Because there was no "Kansi" on the government watch lists, he was issued a visa.
Once in the country, Kasi made his way to Virginia, where he went to the entrance of CIA headquarters in Langley, Va., Jan. 25, 1993, and opened fire with an AK-47 assault rifle, killing two people and wounding three others.
The next day, Kasi left the United States the same way he got in ? with his slightly altered name. He wouldn't be captured for another four years.
"If we had looked harder or used smarter software, we never would have let him into the country," said Jack Hermansen, co-founder and principal of Language Analysis Systems Inc., Herndon, Va.
After years of research for government agencies, LAS has developed a name-searching solution that uses databases, user tools and algorithms to identify various spellings of a name that are created when the name is translated from one language to another. The same name in Arabic, Korean or Greek, for example, can be spelled a variety of ways when it is translated to English, Hermansen said.
If the person issuing Kasi's visa, or the visas for several of the Sept. 11 hijackers, had been using a system that included LAS' technology, he would have been prompted to check other records attached to similar names.
"It is a decision support tool," Hermansen said. "It is not going to deny anyone a visa. ... ultimately, it is a human decision."
The CIA shooting, though it occurred nearly a decade ago, illustrates several important truths about the war on terrorism. The terrorist threat and many potential anti-terrorist solutions, such as name-searching technology, existed before the Sept. 11 attacks. Like the LAS solution, many of the solutions now being pushed into deployment are smaller, targeted technologies that, to be effective, must be part of a broader system drawing upon public resources, data and people throughout the nation. This will require unprecedented cooperation and information sharing among government officials and agencies at the federal and state and local levels.
The war on terrorism, said Leif Ulstrup, vice president for homeland security for American Management Systems Inc., will instigate a "fundamental shift" in the culture and structure of U.S. government, not unlike the changes that occurred in the late 1940s as the United States prepared for the Cold War.
And so as information technology companies retool for the war effort, industry officials have three main questions: What's the plan? Where are the opportunities? How will the White House ensure that the post-Sept. 11 spirit of cooperation within government survives?
"There is no national military strategy, no blueprint. What is happening is like people building a house blind." | Robert Nabors, senior vice president for homeland security and enterprise solutions at Electronic Data Systems Corp.
President Bush moved aggressively after the attacks on the Pentagon and the World Trade Center. He appointed former Pennsylvania Gov. Tom Ridge as director of the Office of Homeland Security to coordinate government activities. Under the auspices of Ridge's office, multiagency working groups and task forces have formed to drive efforts aimed at securing borders, boosting intelligence and making transportation safer.
The president asked for and got $40 billion in supplemental appropriations to meet immediate security needs and begin the war on terrorism. A $37.7 billion homeland security budget for fiscal 2003 was developed in a matter of weeks.
But notably missing from the Bush administration's war on terrorism is an overarching blueprint or strategy that details the new mission areas and priorities for government agencies and, most importantly, describes how the agencies and new security programs will work together in a unified homeland security effort.
The absence of a plan is exacerbated by Ridge's refusal to testify at congressional hearings regarding the administration's homeland security budget requests for 2003. Ridge contends that, as an adviser to the president, he is not required to appear before Congress.
Lawmakers and industry officials have praised the administration's response to the terrorist threat, but they worry that the seeming lack of information coming from the White House is making it difficult to develop and deploy solutions. Business executives, for example, say they are trying to answer the government's call for innovation, but the administration has not provided companies with clear guidance on how to tailor their solutions or where to take them.
"You've basically invited the private sector to ring any number of 100,000 doorbells in Washington," Tom Siebel, chief executive officer of Siebel Systems Inc., told lawmakers Feb. 26 at hearing of the House Government Reform subcommittee on technology and procurement.
Ridge, who has been on the job less than six months, said his office is crafting a plan that will be unveiled this summer. And while industry officials said they understand such things take time, they also questioned whether embarking on so many projects and activities without an overarching plan would create problems down the road.
"There is no national military strategy, no blueprint," said Robert Nabors, senior vice president for homeland security and enterprise solutions at Electronic Data Systems Corp., Plano, Texas. "What is happening is like people building a house blind."
These days, requests for information and task orders for support services have an increased emphasis on security, said Anthony Urreta, senior vice president for business development at Getronics Government Solutions.
Although the blueprint is still under development, its broad goals and spending priorities can be gleaned from administration statements and budget requests made to this point.
Senior White House officials, speaking on background at a Feb. 20 briefing, said the homeland security strategy will follow two guiding principles: initiatives must improve responsiveness, and they must increase the quality of decision-making.
Responsiveness includes activities such as acknowledging and being aware of threats, responding to incidents and disaster recovery, officials said.
"These are two overriding performance measures that we will use to track success," one of the White House officials said.
The $37.7 billion proposal for homeland security in 2003 describes initiatives and additional funding in four areas regarded as most urgent for the nation: police, fire and rescue workers (called first responders); bioterrorism defense; securing borders; and using technology, which cuts across all aspects of homeland defense.
"We knew that IT, borders, bioterrorism and first responders would be part of the larger strategy" now being developed, said a senior White House official, "so we were comfortable launching them earlier."
In the IT area, the budget includes $380 million for the development of an entry-exit visa system for tracking non-U.S. citizens. There is another $60 million to develop a wireless program that will give first responders priority access to cellular phone coverage during emergencies. The bioterrorism portion of the budget includes $1.6 billion to enhance state and local capabilities, such as monitoring efforts and communications systems.
"Here we are starting to get a feel for how homeland security goals are going to translate into business opportunities," said Bill Moore, head of homeland security at DynCorp, Reston, Va., and a retired Army major general.
Even before the Sept. 11 attacks, various agencies were working on security projects, but many of those are now getting a higher priority, and some are even being refocused to combat terrorism.
For example, SI International Inc., Vienna, Va., was already working on a wireless solution that would transmit data to Customs Service inspectors working at airports.
"The inspectors are everywhere in an airport. They are on the jetway, they roam the airport, and they need information now," said Dale McHenry, SI's senior vice president of consulting. The original intent of the project was to aid inspectors looking for drugs and other contraband, but anti-terrorism has been added, he said.
Using handheld devices and a secure wireless network, the inspectors will have access to databases from the Department of Justice, the Immigration and Naturalization Service and the airlines. The project is being moved forward under the Customs Modernization contract won by IBM Corp. last year.
Likewise, AMS of Fairfax, Va., has launched a pilot program in Pennsylvania to aid that state's department of motor vehicles in identifying applicants for driver's licenses.
"A lot of our customers came to us after Sept. 11 and asked us to help them out with the issue of identification," said Ulstrup of AMS. Adding biometrics to a driver's license may be nice, but "the whole process starts with verification: How do we know you are who you say you are?" he said.
The AMS solution, based on work the company has done in developing online loan approval processes, taps into a variety of databases that check for the validity of dates of birth, addresses and Social Security numbers.
"That's the kind of checking that isn't done at a lot of DMVs," he said.
At Getronics Government Solutions, the big push from customers has been for computer and network security, both assessments of conditions and how security plays a role in projects that are not directly related to homeland security efforts.
Requests for information and task orders for support services, such as seat management, now have an increased emphasis on security, said Anthony Urreta, senior vice president for business development at the Herndon, Va., company.
"There are a lot more questions now about how are you going to guard my network and things of that nature," he said. "Not long ago, task orders were pretty much silent on that."
According to industry officials, agencies have been following dual tracks in responding to the terrorist threat. In the short term, they have asked industry to help them with vulnerability assessments while they rework contingency plans and reassess priorities. For the long term, agencies have aggressively reached out to the private sector to learn about new technologies and solutions that can aid in the war on terrorism.
"They are very much interested in the art of the possible," EDS' Nabors said.
The government is particularly interested in technologies such as public key infrastructure, biometrics, wireless Internet and holographic imaging, said James Flyzik, chief information officer of the Treasury Department and a member of the President's Critical Infrastructure Protection Board.
Flyzik in a recent speech described a wireless system that the Treasury and Justice departments developed for the 2002 Winter Olympics in Salt Lake City. The system allowed state, local and federal law enforcement and security personnel to communicate and share information in a common wireless environment.
"We think this can be a springboard for a national infrastructure," he said. "It could be a homeland security initiative."The spirit of cooperation among agencies since Sept. 11 has been nothing short of phenomenal, according to government and industry officials.
Agency working groups and task forces have formed around specific functions, such as intelligence gathering, data sharing and border controls, bringing together IT personnel with anti-terrorism and intelligence experts.
"There is a very valuable marriage going forward to get these two sets of expertise on the table and identify the things that are doable," a White House official said.
But government officials also know that the collaborative spirit within government could wane in the coming months, and so the White House is looking for ways to institutionalize the cooperation that has characterized the post-Sept. 11 efforts.
"We are going to complement the personal warmth of some these meetings with structures that will continue to work it," one official said.
The fiscal 2003 budget contains several initiatives aimed at creating these long-term structures. The budget, for example, has $30 million for a Cyberspace Warning Intelligence Network that will link major players in government and the private sector to manage cyberspace crises. Another $20 million is earmarked for a National Infrastructure Simulation and Analysis Center to promote collaboration among agencies and the private sector to increase understanding of the interdependence among the Internet, critical infrastructures and the economy.
The homeland security plan to be released this summer and the fiscal 2004 budget, which will be built off of the plan, will contain more initiatives for building cooperation and information sharing into government operations. Some agencies will see missions and priorities changed, said Mark Holman, deputy assistant to the president for homeland security.
Ulstrup said what we are seeing is just the beginning of a fundamental shift in the government's priorities and the way it works. Homeland security, he said, "is something that over time will become a much bigger part of how the government operates."Senior Editor Nick Wakeman can be reached at firstname.lastname@example.org.
Soldiers at Virginia's Fort Belvoir remember when visitors could drive onto the Army base as if it were just a large office park. That changed very quickly after Sept. 11.
Gatehouses sprang up, and security guards began stopping every car. Now IDs are checked, phone calls made, parking passes filled out and information collected.
While the increased security is reasonable and expected, it also is inconvenient and time consuming. Some visitors, such as technology vendors calling on customers, spent two hours waiting to get on the base.
"We had to do something," said Peter Johnson, chief information officer for the program executive office for enterprise information systems at Fort Belvoir. Using his staff and available software and technology, Johnson created a homegrown security solution for the Army base located in Northern Virginia's suburbs. It relies on a secure wireless network and Web-based applications.
Authorized visitors to the base can pre-register online, using forms that include fields for name, license plate number, reason for the visit and the person being visited. When the visitors arrive, the information is available through wireless devices at the gatehouse and the visitors center.
The parking pass is already printed out and waiting. The guard just needs to verify credentials, and then visitors are sent on their way.
The new system has not only reduced significantly the waiting time outside the base, but also should help improve security. That's because the system, which uses an Oracle database and Fortress Technologies wireless security, is creating a repository of information on visitors. The system can be audited to see who is visiting, how often and who is authorizing the visits, Johnson said, noting that kind of trend analysis is impossible with a paper-based system.
Johnson and his folks are now showing off the solution to other bases around the country. Those expressing interest include facilities of the Defense Logistics Agency and the Military District of Washington.
"Word has been spreading," he said.