1
1.1
Introduction to Critical
Infrastructure Assurance
and Protection
INTRODUCTION
Critical infrastructure protection (CIP) is a topic that is now beginning to span
generations. Some will remember the year 2000 (Y2K) issue as an emerging crisis.
For others, the issue began shortly after the attacks on September 11, 2001. And
the list is not going to end anytime soon. What this book addresses is a fundamental shift in how we look at CIP—changing the approach from one that can
be described as a series of connected, consecutive mad dashes to one that better
approximates a marathon.
The mad dashes began with Y2K when the situation became dire enough that
airline executives had to board aircraft to fly across 0 hour in order to demonstrate
that their planes were still safe. While Y2K caused concerns at a technical level, the
events of 9/11 led to urgent calls for the protection of critical infrastructures—calls
that were likely well founded when considering bombings in London and Spain and
various other threats. Populations have become less confident that critical services
can be protected and delivered at all times.
For example, one analytical method for prevention is to perform penetration tests
(formerly referred to as tiger teams,1 now referred to as red teams2). Tiger teams3 is
a former U.S. military term4 defining government- or industry-sponsored teams of
experts and professionals who attempt to break down (or through) any defenses or
perimeters in an effort to uncover, and eventually patch, any security holes.5 This
concept is useful for short-lived projects or tasks that involve designating individuals within a given organization to think, act, and behave in a manner that supports
the way criminals or terrorists would think, attack, and study their approach to set
targets and priorities.
In U.S. military history, these teams were made up of paid professionals who
performed hacker-type tricks; for example, leaving cardboard signs displaying the
word bomb within critical defense installations or leaving handwritten notes stating
“Your codebooks have been stolen” (even though they usually were not) inside safes
or locked, secured areas. In some instances, after a successful penetration mission,
when an official security review was conducted the next morning, officials would
find signs, notes, etc., placed by the security team(s) of the previous day or week,
which sometimes resulted in the “early retirement” of base commanders or their
security officers. It is generally assumed that, with CIP initiative, the bad guys are
determined adversaries—flexible, creative, resourceful—and able to learn how to
1
2
Critical Infrastructure: Homeland Security and Emergency Preparedness
target vulnerable areas while avoiding those that are more protected and predictable.
In many situations, modern, sophisticated, or technologically advanced societies are
perfect targets for terrorists; businesses that are not flexible enough also make perfect targets.6
Downloaded by [University Library] at 05:24 16 July 2017
1.2
WHAT IS CRITICAL INFRASTRUCTURE?
The term critical infrastructure refers to assets of physical and logical systems
that are essential to the minimum operations of the economy and government.
They include, but are not limited to, telecommunications, energy, banking and
finance, transportation, water systems, and emergency services, both governmental and private. As these systems become further interconnected, we see two
major trends becoming apparent. The first trend involves the pace at which technology evolves. This is not a constant around the world, and as time progresses,
we are likely to see societies either fall behind, struggle to keep up, struggle to
maintain control over the pace of evolution, or even make revolutionary leaps forward. The second trend involves understanding that what is critical infrastructure
for one community may well not be critical infrastructure for another. Consider
the sources of energy used to heat homes. These are essential in colder climates,
but are relatively benign in climates that are considered tropical. As a result, CIP
practitioners need to understand the contexts (economic, environmental, cultural,
and political) within which critical infrastructures can be found. Thus, due to
advances in information technology and efforts to improve efficiencies in these
systems, infrastructures have become increasingly automated and interlinked.
These improvements have created new vulnerabilities relating to equipment failure, human error, weather and other natural causes, as well as physical and computer-related attacks.
Over the past decade, various levels of government have been held responsible for the protection of their own infrastructure. As the world moves inexorably
toward a global-centric network, we are seeing levels of government, along with
the private sector, and even individual citizens, having responsibilities take a more
global approach. It is not unusual for individuals to call service centers halfway
around the world to assist them with their networking difficulties. At the same
time, global supply chains require that private entities become much more aware of
events around the world that can affect the resilience of their supply chains. What
this means is that local efforts that were seen as manageable, if somewhat uncomfortable, have grown exponentially into international “monsters.” As a result, the
previous process associated with critical infrastructure assurance has grown in
scope from consistent testing and evaluation of local infrastructures to one that
is at its beginning of understanding the vast influences that operate at a much
more global level. This has changed the playing field—significantly—from one
where the edicts coming from national capitals are now the second step in a much
grander process that involves balancing of international interests and priorities
with national responsibilities.
Introduction to Critical Infrastructure Assurance and Protection
Downloaded by [University Library] at 05:24 16 July 2017
1.3
3
WHAT IS THE PRIVATE SECTOR?
The private sector of a nation’s economy consists of those entities not controlled
by the state, such as private firms and companies, corporations, private banks,
nongovernmental organizations (NGOs), etc.7 Many nations have entities that are
established to deal with the private sector. Often these are linked to applying
requirements or to the contracting arrangements that can be made between the government and the private sector. What needs to be understood here is how controls
differ between the two. The private sector entity may influence laws or government
policy, but does not have the authority to set that policy. Even in arrangements
where the government delegates work, it is always done under the oversight of
some legal mechanism. The private sector may also have to respond to authorities
that are outside of the nation—such as those imposed on it by parent companies,
partners, or even financial institutions. This can lead to a level of complexity when
attempting to determine what the requirements being placed on the private sector
actually are.
The second aspect to remember about the private sector is the nature of its
finances. Regardless of good intentions and public messaging, the private sector
entity seeks to generate wealth. In return for some consideration, companies that
operate for-profit business models tend to seek to increase that wealth, while those
that operate not-for-profit business models attempt to balance their cash flows with
their operations. In short, decisions are made with a very clear understanding that
there are financial risks involved.
This financial risk is also different than that of the government. The government
operates on a fiscal year that allows for budgets to be reset to a starting point and
also has a significant ability to determine its level of debt. The private sector does
not have this. Budgets are linear in that if money out is greater than money in, then
eventually the company will first go into debt, then insolvency, and then finally cease
to exist. This has a profound effect on how organizations look at their budgets and
new requirements—the government may see issues in terms of “costs of doing business,” while the private sector may interpret those new measures as another step on
the road toward “going out of business.”
With increases in globalization, differences in the competitive playing field can
either exacerbate this challenge or mitigate it. In the context of critical infrastructure assurance (making sure it’s there), we need to take a whole-picture approach
to this issue. If competition is based on lowest dollar value or even best dollar value
approaches, entities operating within those states with lower costs of production are
able to market their goods or services globally at a lower cost. This is a major issue
associated with issues such as outsourcing or offshore production that, while reducing
financial issues and fostering a competitive position on the surface, may actually result
in a condition where various sectors begin to lose control over their supply chains.
What is important to understand here is that the management of the company
makes these decisions in the private sector unless they are constrained through regulation or law or by being aware of issues that could arise, such as damage to brand
(stock value).
4
Critical Infrastructure: Homeland Security and Emergency Preparedness
Downloaded by [University Library] at 05:24 16 July 2017
1.4 WHAT IS THE PUBLIC SECTOR?
The public sector consists of government-owned or government-controlled corporations,
as well as government monetary institutions.8 This includes offices, departments, ministries, and agencies of these organizations or entities that receive monies or appropriations from public interest groups, public funding committees, and tax revenue centers.
Public sector entities may be involved in two major functions. The first function is
regulating the behavior of those persons or entities that fall within their jurisdiction.
This is accomplished through legal tools that may include laws, regulations, rules,
measures, or simple direction. Compliance with any of these is considered mandatory in the eyes of the state, and breaches of compliance may result in penalties ranging from financial to significantly more severe.
The concept of jurisdiction is reasonably important, particularly when looking
at issues that involve international operations—such as shipping. In these cases, the
mechanism by which the state generates its requirements often involves participation in groups of various sizes and whose decision-making processes are guided by
consensus that is taken back to the various national governments. Depending on the
nature of the international group within which the nation-state is participating, the
laws and regulations that it passes may be constrained in terms of operating within
the constraints of the consensus of the international group or body.
This leads to the second function, which is the protection of people, property,
and operations under its care. Generally, public safety will look more toward people
and property, with operations being included as part of the suite of business risks.
The nation-state will operate bodies that are designed to protect those persons that
are abiding by its requirements in most legitimate forms of government, and against
significant events such as natural disasters, fire, etc.
This level of constraint may also have an involuntary aspect. Over the past decade,
the world has seen an increase in international bodies becoming involved in settling national disputes. Organizations such as the United Nations, Gulf Cooperation
Council, and other similar bodies have taken on an increasing role in determining
what constitutes acceptable national behavior. We see this in international bodies
sanctioning actions that range from trade restrictions to enforcement through military intervention. As we move toward more international operations, these international bodies are taking on increasing roles in overseeing the decisions of their
individual members. This has been particularly evident in situations associated with
the financial sector in Europe, where the EU essentially dictated what financial controls the Greek government was to put in place in order to receive bailout funds.
While this dynamic is still evolving with respect to critical infrastructure assurance
and protection doctrine, the fact that international bodies appear to be becoming
more active should at least be in the back of the researcher’s mind when looking at
potentially evolving challenges.
1.5
WHAT IS CIP?
The term CIP pertains to activities for protecting critical infrastructures. This
includes people, physical assets, and communication (cyber) systems that are
Downloaded by [University Library] at 05:24 16 July 2017
Introduction to Critical Infrastructure Assurance and Protection
5
indispensable for national, state, and urban security, economic stability, and public
safety. CIP methods and resources deter or mitigate attacks against critical infrastructures caused by people (terrorists, other criminals, hackers, etc.), natural calamities
(hurricanes, tornadoes, earthquakes, floods, etc.), and hazardous materials accidents
involving nuclear, radiological, biological, or chemical substances. Essentially, CIP
is about protecting those assets considered invaluable to society and that promote
social well-being.9 CIP is often considered a reactionary response to threats, risks,
vulnerabilities, or hazardous conditions. It does entail some preventative measures
and countermeasures but usually is reactive by nature.
CIP has two goals. The first goal can be related back to an alternative way of
thinking. By definition, a critical infrastructure involves physical and logical systems necessary to support the safety, security, and economic well-being of communities (to paraphrase the growing list of definitions). The second goal should be
more concerned with the protection of the infrastructure (in its physical and constructional contexts), and whether it is capable of delivering its anticipated services
to the community.
1.6
WHAT IS CIA?
Most asset protection programs and their efforts often begin with determining why
something needs to be protected. The first part of this is generally defined in terms
such as identification of assets or mission analysis. Various inputs are identified and
assigned value based on their contribution to the given system and its desired outputs
or results. The second part focuses on threats and assets (things) that can or might disrupt processes. These steps become the foundation for such statements as risk being
a “possibility of loss or injury” of “a factor of asset value, threat, and vulnerability.”
The value associated with a critical infrastructure can be divided into several
parts. The first part involves circumstances in which the critical infrastructure provides a unique service within and to a community. This is often the case where infrastructure costs are relatively (or even prohibitively) high, such that the community
can only afford one of the installation types. An example that supports this premise
might be that it is unlikely that you will see a town of 7,500 inhabitants with a water
purification plant able to handle a population of 15,000 suddenly decide that it is time
to put in place a second similar installation. In this example, the concept of physical
security or force protection10 becomes vital, given any potential impacts associated
with the interruption, loss, or destruction of that particular infrastructure—in this
case, the loss of fresh drinking water to the local community.
In a networked environment, an additional layer of protection is possible when
leaving the local level as one begins to look at state/provincial, regional, or even
national levels. Depending on the nature of the service being provided, the networked environment allows for an application of robustness, resilience, and redundancy to be designed. When one infrastructure suffers a negative impact, the loss of
its performance in one area is offset by the remaining elements within the network
by either increasing or reallocating their own contributions so as to either reach the
desired level of overall performance or, in more extreme cases, reduce the amount of
impact associated with the disruption.
Downloaded by [University Library] at 05:24 16 July 2017
6
Critical Infrastructure: Homeland Security and Emergency Preparedness
The question becomes whether to protect an individual infrastructure or the ability of the networked environment to perform at a level that meets the demands.
The truth is that both are needed. Individual nodes and conduits associated
with an infrastructure network are intrinsic to that network’s ability to function.
Simultaneously, individual nodes operating in isolation must be looked at closely
in terms of residual risks allowed into a system that is essentially a single point of
failure. Another harsh reality of the critical infrastructure domain is that there are
people (i.e., families) who rely on those operating in that field ensuring that services
are there when needed.
A range of events illustrates this reality. During the 1998 ice storm in Canada
and the August 2003 blackout that affected much of the northeastern portion of the
United States, the challenge was that electrical power was not available to maintain either heating and sumps (ice storm) or refrigeration and heating, ventilation,
and air-conditioning systems (2003 blackout). This lack of availability prompted the
declared states of emergency, and resulted in organizations putting their business
continuity plans in motion and practicing other extraordinary measures. The use
of Canadian National Railway locomotives and generators to supply electricity (in
response to the ice storm) tends to point toward a lack of electricity being the problem and not simply a specific electrical transmission line being disrupted.
Consider another example involving the U.S. postal system. Does it really matter
what street the mail comes from before it gets to your home? The answer would be
“of course not.” What does matter is that your mail arrives at your home on time and
in unbroken condition. The concern sets in when we wonder whether the mail or post
is actually being delivered at all—something that affects our paying of bills, receipt
of ordered goods, and other forms of communication.
Finally, consider the U.S. water supply systems. Again, we are less concerned
with whether the water is coming through a central pipe or some peripheral parts of
the system. We tend to become significantly concerned if the water supply fails to
provide water to our homes.
Other examples will tend to follow the same suit, because it is the lack of critical
services that poses the risk to society. Some might argue that the population is only
concerned about protecting critical infrastructure insofar as that protection ensures
the availability of the service to the public.
This leads to the concept and definition of CIA. The definition of CIP focuses on
protecting the nodes and conduits of any given infrastructure that delivers services
to its community through force protection. Although CIP tends to focus on an allhazards approach, it tends to operate at a very basic or local level—say, one facility,
one road, etc.
CIA, on the other hand, tends to focus on a layer higher than CIP, which includes
the necessary arrangements to shift production around within the network or surrounding networks so that demand is met, even if a local node or conduit is disrupted.
If we were to take our two power-based examples, we would see the difference in
the approach. CIP would tend to focus on a very granular level—power production
facilities would be protected against various types of physical attacks or hazards.
CIA looks at the entire power grid, ensuring that the system can detect disruption, shift capacity to meet demand, and ensure that services are being met—often
Introduction to Critical Infrastructure Assurance and Protection
7
transparently to the consumer. In this context, it might be argued that CIA is the
holistic view that is actually sought by most CIP professionals.
Downloaded by [University Library] at 05:24 16 July 2017
1.7
WHAT ARE PUBLIC-PRIVATE PARTNERSHIPS?
The divide between the public and private sectors is becoming more grey and
flexible through the concept of public-private partnerships. A public-private partnership is an agreement between a public agency and a private sector entity that
combines skills and resources to develop a technology, product, or service that
improves the quality of life for the general public. The private sector has been
called upon numerous times to use its resources, skills, and expertise to perform
specific tasks for the public sector.11 Historically, the public sector has frequently
taken an active role in spurring technological advances by directly funding the
private sector to fulfill a specialized need that cannot be completed by the public
sector. What this arrangement seeks to accomplish is a stable relationship between
the two that allows a more efficient and effective delivery of services. This is discussed in detail in Chapter 2.
1.8
CRITICAL INFRASTRUCTURE FUNCTIONS
Defining, using, and maintaining critical infrastructure is a combination of processes. When looking at what should be defined as a critical infrastructure, we need
to move beyond the convenient definition and shopping lists promulgated by governments and associations and ask three fundamental questions:
• Is the infrastructure necessary for the preservation of life or the continuation of a society?
• Is the infrastructure operating in a very limited context or across a much
broader context? Meaning, is that infrastructure only specific to a local
community, or does it interconnect with other communities to make a much
larger, more fragile community? This may influence whether the infrastructure is considered to be a critical infrastructure in the national context
or a vital asset at the local level.
• Is the infrastructure operating as a singly or uniquely organized entity, or is
it a community of coordinated efforts put forth by several parties? This is
important to understand because the infrastructure, and its capacity, needs
to be understood in terms of assurance to its operations.
The answers to each of these three questions will have a profound impact on
the methods needed to protect the infrastructure and ensure delivery of its services. This in turn will have an impact on the various methodologies and measures that are available to those seeking to accomplish the same. It should not be
looked upon as a purely administrative process guided by checklists and prescriptive formulas.
8
Critical Infrastructure: Homeland Security and Emergency Preparedness
Downloaded by [University Library] at 05:24 16 July 2017
1.9
EVOLUTION OF CRITICAL INFRASTRUCTURE
What many policy makers consider critical infrastructure has been evolving and is
often ambiguous. Twenty years ago, the word infrastructure was defined primarily
with respect to the adequacy of the community’s public works. In the mid-1990s,
however, the growing threat of international terrorism led policy makers to reconsider the definition of infrastructure in the context of security at national levels.
Successive government policies and laws have become refined and more understood
based on the expanded number of infrastructure sectors and the types of assets considered critical for purposes of an economy’s security.12
This definition was adopted, by reference, in the Homeland Security Act of 2002
(P.L. 107-296, Sec. 2.4),13 and it established the U.S. Department of Homeland
Security (DHS). The national strategy adopted the definition of critical infrastructure in P.L. 107-56, providing the following list of specific infrastructure sectors and
its assets falling under that definition.
Sectors include:
Agriculture and food production
Banking and finance
Chemical production
Critical manufacturing
Communications
Emergency services
Energy
Government facilities
Information technology
Nuclear energy and facilities
Postal shipping
Public health and healthcare
Transportation and logistics services
Water and wastewater treatment
Key resources include:
Defense industrial base
Commercial facilities
Dams
National monuments and icons
The critical infrastructure sectors within the national strategy contain many physical assets, but only a fraction of these could be viewed as critical according to the
DHS definition. For example, out of 33,000 individual assets cataloged in the DHS
national asset database, the agency considers only 1,700, or 5%, to be nationally critical.14 Of the 33,000 assets listed in the DHS database, only a small subset is defined
as critical infrastructure sectors.15 Because federal, state, and local governments, as
well as the private sector, often have different views of what constitutes criticality,
Introduction to Critical Infrastructure Assurance and Protection
9
compiling a consensus list of nationally critical assets has been an ongoing challenge
for the DHS.
Downloaded by [University Library] at 05:24 16 July 2017
NOTES
1. www.tsl.state.tx.us/ld/pubs/compsecurity/glossary.html (alt URL: http://cipbook.infracritical.com/book5/chapter1/ch1ref2.pdf).
2. http://www.idart.sandia.gov/ (alt URL: http://cipbook.infracritical.com/book5/chapter1/
ch1ref3.pdf).
3. Ibid.
4. www.comedia.com/hot/jargon-4.2.3/html/entry/tiger-team.html.
5. Def: “Tiger team: (n.)—1. Originally, a team (of sneakers) whose purpose is to penetrate
security, and thus test security measures. These are paid professionals who do hackertype tricks; for example, leave cardboard signs saying ‘bomb’ in critical defense installations, hand-lettered notes saying ‘Your codebooks have been stolen’ (they usually have
not been) inside safes, etc. After a successful penetration, some high-ranking security
type shows up the next morning for a ‘security review’ and finds the sign, note, etc., and
all hell breaks loose. Serious successes of tiger teams sometimes lead to ‘early retirement’ for base commanders and security officers (see the patch entry for an example). 2.
Recently, and more generally, any official inspection team or special firefighting group
called in to look at a problem.
A subset of tiger teams are professional crackers, testing the security of military computer installations by attempting remote attacks via networks or supposedly ‘secure’ communication channels. Some of their escapades, if declassified, would probably rank among
the greatest hacks of all times. The term has been adopted in commercial computer-security
circles in this more specific sense” (http://catb.org/~esr/jargon/html/T/tiger-team.html).
6. http://faculty.ncwc.edu/toconnor/431/431lect06.htm.
7. FEMA Emergency Management Institute, U.S. Department of Homeland Security
Federal Emergency Management Agency, Principles of Emergency Management
Supplement, p. 5, released September 11, 2007; http://training.fema.gov/EMIWeb/
edu/08conf/Emergency%20Management%20Principles%20Monograph%20Final.doc
(alt URL: http://cipbook.infracritical.com/book5/chapter1/ch1ref10.doc).
8. National Archives (United Kingdom), Cabinet Papers 1915–1978, the International
Monetary Fund and Bretton Woods Conference; http://www.nationalarchives.gov.uk/
cabinetpapers/themes/bretton-woods-conference.htm (alt URL: http://cipbook.infracritical.com/book5/chapter1/ch1ref4.pdf).
9. www.usfa.fema.gov/subjects/emr-isac/what_is.shtm (alt URL: http://cipbook.infracritical.com/book5/chapter1/ch1ref1.pdf).
10. A term used by the military establishment of the United States and other countries to
define the following: “preventative measures taken to mitigate hostile actions against
Department of Defense personnel (to include family members), resources, facilities,
and critical information. Force protection does not include actions to defeat the enemy
or protect against accidents, weather, or disease” (Joint Publication 1-02, Department
of Defense Dictionary of Military and Associated Terms, April 12, 2001 (as amended
through August 26, 2008), pp. 213–214).
11. http://www.dhs.gov/xlibrary/assets/st_innovative_public_private_partnerships_0710_
version_2.pdf (alt URL: http://cipbook.infracritical.com/book5/chapter1/ch1ref12.pdf).
12. Library of Congress, CRS Report for Congress, Guarding America: Security Guards
and U.S. Critical Infrastructure Protection, CRS-RL32670, November 2004; http://
www.italy.usembassy.gov/pdf/other/RL32670.pdf (alt URL: http://cipbook.infracritical.
com/book5/chapter1/ch1ref5.pdf).
Downloaded by [University Library] at 05:24 16 July 2017
10
Critical Infrastructure: Homeland Security and Emergency Preparedness
13. http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname
=
107_cong_public_
laws&docid = f:publ296.107.pdf (alt URL: http://cipbook.infracritical.com/book5/
chapter1/ch1ref9.pdf).
14. Liscouski, Robert, Asst. Sec. Infrastructure Protection, Department of Homeland
Security, testimony before the House Select Committee on Homeland Security,
Infrastructure and Border Security Subcommittee, April 21, 2004. Note that DHS’s
list of 1,700 critical assets may not include the 430 U.S. commercial airports with
passenger screeners, whose security is primarily administered by the Transportation
Security Administration; http://www.italy.usembassy.gov/pdf/other/RL32670.pdf (alt
URL:http://cipbook.infracritical.com/book5/chapter1/ch1ref5.pdf).
15. For example, in the chemicals sector, DHS has identified 4,000 facilities as potentially critical out of 66,000 total U.S. chemical sites. See Liscouski, Robert, Asst.
Sec. Infrastructure Protection, Department of Homeland Security, testimony before
the House Committee on Government Reform, Subcommittee on National Security,
Emerging Threats and International Relations, Combating Terrorism: Chemical Plant
Security, serial no. 108-156, February 23, 2004, p. 13; www.access.gpo.gov/congress/
house/house07ch108.html or http://bulk.resource.org/gpo.gov/hearings/108h/94257.
pdf (alt URL: http://cipbook.infracritical.com/book5/chapter1/ch1ref6.pdf and http://
cipbook.infracritical.com/book5/chapter1/ch1ref6a.pdf).
Buildings and
14 Protecting
Infrastucture with CPTED
The attacks on the World Trade Center and the Pentagon and the Oklahoma City bombing are
forever etched as terrorism landmarks in our collective memory. Terrorism represents a real threat
for our society and to our peace of mind. The face of terrorism is undergoing systemic changes as
the level of terrorist sophistication increases with the availability of knowledge and materials with
which to carry out these acts of violence. Knowledge about bombs and terror has proliferated to the
point that virtually any terrorist or criminal can find the information needed to build virtually any
kind of explosive device.
Timothy McVeigh, who blew up the Alfred R. Murrah Federal Building, stated in an interview
shortly after his arrest that he picked that particular building because “it was more architecturally
vulnerable.” Who would have ever thought that a rental truck and a load of manure could be so
deadly (see Figure 14.1).
What can we do to diminish the threats and losses to persons, information, and property? How
do you reduce the opportunity and fear of terrorism in the built environment with Crime Prevention
Through Environmental Design? This chapter will address how to reduce the threats and vulnerabilities in buildings by changing how we design and use our spaces.
LESSONS LEARNED FROM THE WORLD TRADE CENTER
People watching the horror on live TV were shocked that the World Trade Center buildings collapsed. The towers, built in 1972–1973, were 110 stories tall, and experienced progressive structural collapses similar to that caused by the
,Q3ULVRQ0F9HLJK$GPLWVWR%RPELQJ
1995 explosion to the Alfred R. Murrah Federal
Building in Oklahoma. The two plane crashes
0D\
into the towers destroyed columns and floors on
)URPSULVRQ7LPRWK\
several stories, which transferred excessive loads
0F9HLJKKDVDSSDUHQWO\
DGPLWWHGWRFRPPLWWLQJ
to the remaining structural columns. ExploWKH2NODKRPD&LW\
sions and raging fire weakened the remaining
ERPELQJ7ZRXQQDPHG
VRXUFHVZKRVSRNHRQ
columns, which were already overloaded. The
FRQGLWLRQRIDQRQ\PLW\
original design had provided for the structural
VDLG0F9HLJKWROGWKHP
strength to withstand a Boeing 707, which was a
KHZDVVXUSULVHGWR
OHDUQIURPQHZVSDSHUVWKDWFKLOGUHQKDGEHHQNLOOHGLQWKH
large jet of its time but held a lower fuel capacEODVWWKDWKHZDVXQDZDUHWKHUHZDVDGD\FDUHIDFLOLW\LQ
ity. The design of the towers was substantial
WKHEXLOGLQJ
enough to withstand the impact of a jet with$FFRUGLQJWRWKHWZRSHRSOHZKRVSRNHWRKLPLQSULVRQ
out toppling instantly. Even with huge gaping
0F9HLJKDOVRVDLGKHKDGWDUJHWHGWKHIHGHUDOEXLOGLQJ
holes, the remaining columns were sufficiently
VSHFLILFDOO\EHFDXVHLWKRXVHGJRYHUQPHQWRIILFHVDQGZDV
DUFKLWHFWXUDOO\YXOQHUDEOHPRUHVRWKDQRWKHUSRWHQWLDO
strong to hold the structure up for over 45 minIHGHUDOEXLOGLQJV
utes and allow 20,000 people to escape. The jet
6RXUFH0XOWLSOHQHZVDJHQFLHV
fuel released a much higher heat than paper or
plastic burning, which might be the contents of
FIGURE 14.1 Article on Timothy McVeigh.
a normal office fire. Fire suppression systems in
(Excerpted from multiple news sources. Image from
the
towers did not include foam sprinklers that
public records.)
173
© 2008 by Taylor & Francis Group, LLC
AU6807.indb 173
4/22/08 12:19:28 PM
174
21st Century Security and CPTED
Downloaded by [University Library] at 05:24 16 July 2017
could deal with the jet fuel fires. Both of the crashed jets were fully fueled for transcontinental
flights, making them “flying bombs.”
Fireproofed steel loses half its strength when it reaches 1,100 degrees Fahrenheit, and fails rapidly after 1,600 degrees Fahrenheit. The temperatures inside the building were estimated to be over
2000 degrees. The steel columns, weakened by fire, finally buckled, and the floors they supported
dropped on top of each other in a “pancaking” action. Each falling floor overburdened the columns
and floor below, causing the buildings to tear themselves down (Architectural Record, 2001, pp.
24–26). Designers agree that few structures short of a missile silo, no matter what their height, can
endure such aggressive attacks.
Environmental design might not have been able to prevent the tragic events of 9/11, but the
design of our public and private spaces does relate to safety and security through planning for:
crowd behavior in high-density environments; wayfinding and design of escape routes; placement
and type of building security features; design for high risk environments; and effective design of the
built environment providing the building users with less stress, less confusion, and less opportunity
to be a victim of a crime (Environmental Design Technical Group News, 2001).
THE GSA STANDARDS: ARCHITECTURAL GUIDELINES FOR FEDERAL FACILITIES
In June 1995, President Clinton mandated basic standards of security for all federal facilities. The
mandate states that each Federal building shall be upgraded to the minimum-security standards
recommended for its audited security level by the Department of Justice. In November 2001, President Bush signed a bill federalizing airport security screeners and antiterrorism legislation that
empowers law enforcement and the military to take preventative actions.
Before the U.S. Marshall’s Service conducting a vulnerability assessment in the wake of the
Murrah Building bombing in 1995, there were no government-wide standards for security at federal
buildings. The U.S. Marshall’s Service Building Security Study developed 52 standards, primarily covering perimeter security, entry security, interior security, and security technology planning.
Each federal building was rated within five levels of security based on facility size, facility population, and level of public access, with Level I being minimum security and Level V being a defense
plant or nuclear facility. Most courthouses with a multi-tenant, multistory building are considered
Level III and require shatter resistant glass, controlled parking, 24-hour CCTV monitoring and
videotaping, x-ray weapon and package screening, and a photo identification system.
The GSA Security Standards encourages a Defensible Space/ Crime Prevention Through Environmental Design (CPTED) approach to clearly define and screen the flow of persons and vehicles
through layering from public to private spaces. Edges and boundaries of the properties should
clearly define the desired circulation patterns and movements. The screening and funneling of persons through screening techniques is an effort to screen legitimate users for the building from
illegitimate users who might look for opportunities to commit crime, workplace violence, or acts
of terrorism.
The result of one year of work by the GSA panel is a set of criteria covering four levels of
protection for every aspect of security in the U.S. Marshall’s report. The U.S. Marshall’s report
made a large number of recommendations for both operational and equipment improvements. The
GSA Security Standards addresses the functional requirements and desired application of security
glazing, bomb resistant design and construction, landscaping and planting designs, site lighting,
natural and mechanical surveillance opportunities (good sight lines, no blind spots, window placement, and proper application of CCTV). These recommendations were further subdivided according to whether they should be implemented for various levels of security (e.g., a Level I facility
might not require an entry control system, while a Level 4 facility would require electronic controls
with CCTV assessment).
What follows are some of the general guidelines the architect and engineering team should
address for major renovations or new construction on any federal building. Although not required,
© 2008 by Taylor & Francis Group, LLC
AU6807.indb 174
4/22/08 12:19:29 PM
Protecting Buildings and Infrastucture with CPTED
175
Downloaded by [University Library] at 05:24 16 July 2017
the exercise of due diligence suggests that state governments and commercial businesses also consider these standards in new construction as a comparable reference point or standard of care.
The GSA Security Standards have the following key areas that are addressed that are applicable
to most comparable buildings:
1. Perimeter and Exterior Security
• Parking area and parking controls
• CCTV monitoring
• Lighting to include emergency backup
• Physical barriers
2. Entry Security
• Intrusion detection system
• Upgrade to current life safety standards
• Screen mail, persons, packages
• Entry control with CCTV and electric door strikes
• High security locks
3. Interior Security
• Employee ID, visitor control
• Control access to utilities
• Provide emergency power to critical systems
• Evaluate location of daycare centers
4. Security Planning
• Evaluate the locations of tenant agencies in leased buildings, and assess security needs
and risk
• Install security film on exterior windows
• Review/establish blast standards for current relevant projects and new construction
• Consider blast-resistant design and street setbacks for new construction of high-risk
buildings (Level III or IV)
The GSA criteria takes a balanced approach to security, considering cost-effectiveness, acknowledging acceptance of some risk, and recognizing that Federal buildings should be not bunker or
fortress-like, but open, accessible, attractive, and representative of the democratic spirit of the country. The guidelines suggest prudent, rather than excessive, security measures are appropriate in
facilities owned by and serving the public.
In addition to these general recommendations, the GSA standards are further broken down into
three different levels: external site, buildings, and internal design.
On a site level, the GSA standards recommend:
•
•
•
•
•
•
•
•
•
•
•
Eliminate potential hiding places near the facility
Provide unobstructed view around the facility
Site or place the facility within view of other occupied facilities
Locate assets stored on site, but outside of the facility within view of occupied rooms of
the facility
Minimize the signage or indication of assets on the property
Provide a 100-foot minimum facility separation from the facility boundary, if possible
Eliminate high-speed avenues of approach perpendicular to the building
Minimize the number of vehicle access points
Eliminate or strictly control parking beneath facilities
Locate parking as far from the building as practical (yet address ADA spaces and proximity) and place parking within view of occupied rooms or facilities
Illuminate building exterior or exterior sites where assets are located
© 2008 by Taylor & Francis Group, LLC
AU6807.indb 175
4/22/08 12:19:29 PM
176
•
•
•
•
•
•
•
•
•
•
•
•
•
21st Century Security and CPTED
Secure access to power/heat plants, gas mains, water supplies, electrical and phone service
Consider space for placement of hardware and servicing
Plan for redundant wiring
Plan for backup power
Plan for intrusion detection devices
Plan for site intrusion detection
Plan for boundary penetration sensors
Plan for motion detection systems
Plan for access control systems
Plan for contraband and weapons detection
Plan for explosive detectors
Plan for credential readers and positive personnel identification systems
Plan for security control and information display systems
Downloaded by [University Library] at 05:24 16 July 2017
On a building level, the GSA standards recommend:
•
•
•
•
•
Employ the concept of security layering
Locate assets in spaces occupied 24 hours a day where possible
Locate activities with large visitor populations away from protected assets where possible
Locate protected assets in common areas where they are visible to more than one person
Place high-risk activities, such as the mailroom, on the perimeter of the facility
On an interior security level, the GSA standards recommend:
•
•
•
•
•
•
Employee and visitor identification systems
Secure the utility closets and vulnerable utilities
Develop emergency plans, policies, and procedures
Have daycare located and protected from unauthorized access
Screening points where applicable for weapons, pilferage, or identification
Secured and controlled shipping and receiving areas with integrated access control, CCTV,
intercoms, data logging, and report capabilities
WHAT ABOUT BUILDINGS IN THE PRIVATE SECTOR?
In the private sector, the American Society of Testing Materials (ASTM) Premise’s Liability Committee was disbanded in 1997 by lobbying pressures for developing minimum-security guidelines
for multitenant residential housing environments. Their effort was resurrected with the National
Fire Protection Association (NFPA) several years latter. The NFPA regulates fire protection and life
safety requirements and security is definitely considered part of a life safety issue. NFPA Premises
Security Committee developed the 730 and 731 occupant-based security Guidelines which were
passed in 2005, and are beginning to serve as industry standards. Europe has had minimum-security standards since 2000.
The ATRiM program outlined in Chapter 13 is one of the first comprehensive steps for helping
facility managers, architects, and designers conduct basic, and advanced, CPTED retrofits for the
purpose of antiterror protection. It does this by taking into consideration four attack modes: bombings, arsons, product contamination, as well as elementary WMD. What about using CPTED to
design private buildings in the first place?
The CPTED process provides a holistic methodology to meet the challenges of crime and terrorism with three approaches: organizational methods (people—security staff, capable guardians),
mechanical methods (technology—hardware, barriers, hardening), and natural design methods
(architecture, design, and circulation movement flow). Property owners must determine the assets
© 2008 by Taylor & Francis Group, LLC
AU6807.indb 176
4/22/08 12:19:29 PM
Protecting Buildings and Infrastucture with CPTED
177
they want to protect, the level of risk they are willing to assume and how much they can afford to
spend protecting their sites, facilities, employees, and other occupants (Nadel, 2004). A comprehensive building security plan integrates three elements: design, technology, and operations—each
consisting of policies and procedures. These elements are most effective when used together and are
appropriate to protect structures against terrorism, natural disasters, crime, and workplace violence.
For example, if one of the vulnerabilities of a threat analysis for a government building is the
challenge of a truck bomb, and the goal is to distance a potential bomb from the façade of the building, then the CPTED approach would propose careful consideration of:
Downloaded by [University Library] at 05:24 16 July 2017
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Where is the parking placed?
How does service delivery get screened and controlled?
How do pedestrians flow into the building?
How many entrances are there for the public, staff, and service?
Is there one main entrance for the public?
How much distance is the exterior path of travel from the street, pedestrian plaza, to the
building facade?
Do all four facades have setbacks from the street?
What is the most appropriate bollard system or vehicular barrier system?
Do bollards or planters create blind spots or sleeping places for homeless persons and
street criminals?
Does a threat exist from bicycle and motorcycle bombers, thus requiring a smaller barrier net?
Does surveillance from the building to the street remain unobstructed?
Do landscaping and plantings remain unobstructed?
Do barriers hinder accessibility by persons with disabilities?
Where do private or public security forces patrol?
Are security patrol patterns unobstructed and verified with a guard tour system?
Is the structure of the building designed with structural redundancy?
Does the building become a less appealing target by layers of buffer zones that make it
more difficult for an intruder to reach the intended target?
If the building is at high risk of a bomb threat, have the structural components been
designed to allow for the negative pressure effects of an explosion?
If the building is at high risk of a bomb threat, are the window systems a balanced design to protect against the threat of broken glass using blast curtains, or blast resistant glazing materials?
Does lighting around the property provide a uniform level of light to resist shadows or
hiding places?
Are there CCTVs in places of extraordinary activity to detect inappropriate behavior and
record and monitor that activity?
Does the building have a consistent and comprehensive weapon-screening program for the
building users, staff, packages, and mail?
Does the property use security layering to create a sense of boundary of the property (site),
the building, and specific points within the building?
Do management and maintenance practices and policies support security operations, the
use of security staff, monitoring devices, weapon screening procedures for people and property, the screening of employees’ backgrounds, and the physical upkeep of the premises?
It is evident that a lot of thought and money goes into making a building secure. However,
neither an architect nor a security director can change human nature, and criminal acts will be
perpetrated in spite of the best-laid plans. Our built environment cannot be defended against every
potential threat. No building security system could have prevented the act of terrorism of 9/11, or
the bombing of our embassies, or courthouses. But there are many active steps that can be taken to
© 2008 by Taylor & Francis Group, LLC
AU6807.indb 177
4/22/08 12:19:30 PM
Downloaded by [University Library] at 05:24 16 July 2017
178
21st Century Security and CPTED
reduce the opportunities and fears of crime, and increase our awareness of the threats. Our goal is
to design safe buildings that protect our assets of people, information, and property.
Design includes architecture, engineering, landscaping, and site planning. The first line of
defense is the site perimeter. Site placement and layout is the single most important goal in planning
to resist terrorism and security threats in the protection of life, property, and operations (FEMA
426, 2003, 2–6). Building placement is important relative to the ability to have access control and
natural surveillance. Building orientation can have an impact on the spatial relationship to the site,
its orientation relative to the sun, and its height and volume relative to the site. The placement and
amount of open space is important to site security, specifically as it applies to the ability to observe
the perimeter and detect intruders, vehicles, and hide contraband. Another benefit of open space is
the standoff distance from the blast energy of an explosion.
Designers should understand that the impact of vehicular circulation patterns could make a
facility or site more vulnerable if security implications are not carefully considered. The designer
can propose a roadway system, to minimize vehicle velocity, thus using the roadway itself as a protective measure (FEMA, 2003, 426 2–11). Straight-line approaches to buildings should not be used,
because these give cars and trucks the opportunity for gathering speed and momentum to crash
into the building. Raised entrances, low landscaping, dirt berms, strategically placed decorative
boulders, bollards, fencing and curved driveways can render vehicular attack difficult or impossible.
Architectural landscape elements like raised planter beds, park benches, lamp posts, serpentine or
curving roads, traffic calming devices, site lighting, and trash receptacles serving as vehicle barriers
prevent a direct line of approach and a direct line of sight to the building (Feldman, 2005).
Buildings with layers of buffer zones are much less appealing targets than those without them
(see Figure 14.2). Placing visitor parking in an area not directly adjacent to the building can also
be a deterrent insofar as terrorist vehicles cannot be parked for detonation purposes in an effort to
destroy or damage the building. Natural surveillance, or the ability to see with an unobstructed view
of who is entering the property and whether it is for a legitimate use, is an important part of the
safety plan. The best placement of the footprint of a freestanding building is one that has all façades
set back from the street.
Beyond environmental design, other relatively low-cost precautions can be as basic as protecting
vulnerable utilities by locking manholes in the street and securing areas such as electrical rooms,
fan rooms, mechanical rooms, and telecommunications spaces inside the building with locks and
alarms (Feldman, 2005).
Other measures include developing operational policies and procedures including the increased
use of security personnel, motion sensors, cameras, and closed-circuit TV as part of a more comprehensive security plan; biometrics, proximity card readers and other forms of electronic access
controls; and defenses integrated into heating, ventilation, air-conditioning (HVAC), and other systems. To counter a chemical attack, defense design experts recommend installing air intakes above
grade, either on the roof or at least three or four stories above ground (Feldman, 2005).
Other built-in defenses for existing buildings could include air-detection systems and carbon filters to protect against chemical releases and high efficiency particulate air filters used in conjunction
with UV3 light wands to achieve a high capture rate of spores or other biological agents. In existing
buildings, where renovating the entire HVAC system is likely to be cost-prohibitive, an alternative
is to put vulnerable areas such as the lobby, mailroom, and receiving dock on a separate HVAC
zone. Then, if there is a release in the lobby, it is not transmitted throughout the entire building.
The design also can positively pressurize the building lobby or even the whole building, in the event
there is an external release, it is kept outside those areas by the pressure (Feldman, 2005).
Pressurizing a building and locking it down can protect against an external release. The goal in
defending against an internal release is to isolate the contaminated area and purge it as quickly as
possible. The process of protecting people and property against terrorism is much easier to implement into new buildings. In a new building the costs to isolate the lobby, the loading dock, and
© 2008 by Taylor & Francis Group, LLC
AU6807.indb 178
4/22/08 12:19:30 PM
Downloaded by [University Library] at 05:24 16 July 2017
Protecting Buildings and Infrastucture with CPTED
179
FIGURE 14.2 Street setbacks and reinforced street furniture as proposed for Washington, DC. (Reproduced courtesy of the National Capital Planning Commission (www.ncpc.gov/), Urban Design Security Plan,
2002.)
mailroom areas are minimal, and a building owner should incorporate that level of defense (Feldman, 2005).
Other defenses against terrorism include hardened floors, walls, and doors that are difficult to
penetrate, tamper-resistant door and window hardware, and use of security zoning. Dividing building space into zones with varying security levels such as unrestricted, controlled, and restricted can
more effectively protect sensitive areas. The focus of access control strategies is to deny access to a
crime target and create in offenders, a perception of risk and detection, delay and response.
When a building progressively collapses, as in the Oklahoma City bomb blast, it falls dominostyle after one or more columns fails. The total collapse took less than three seconds. In a protective
design structure, one or two columns may collapse but the rest of the building remains standing,
allowing some time for occupants to escape.
Understandably, the first recommendation of the Final Report of the National Construction Safety
Team on the Collapses of the World Trade Center Towers (U.S. Commerce Department’s National
Institute of Standards and Technology) is to use protective design to avoid progressive collapse. The
report is expected to lead to more cutting edge solutions and improved code requirements in cities
nationwide. Occupants also can escape quicker from a collapsing building if staircases are located at
the opposite ends of a building and lead to exits going directly outdoors and not into a lobby.
Based on the results of a three-year federal study of the 9/11 terrorist attack, the U.S. Commerce Department called for several major changes in the planning, construction, and operation
© 2008 by Taylor & Francis Group, LLC
AU6807.indb 179
4/22/08 12:19:30 PM
180
21st Century Security and CPTED
Downloaded by [University Library] at 05:24 16 July 2017
of skyscrapers in its National Institute of Standards and Technology report, Final Report of the
National Construction Safety Team on the Collapses of the World Trade Center Towers. It also
selected other buildings needing changes to improve survival and prevent natural or accidental
calamities from terrorist attacks. The recommendations for improved public safety in tall and highrisk buildings, intended to serve as a basis for improvements in the way buildings are designed,
constructed, maintained, and used. It addresses nine distinct areas:
•
•
•
•
•
•
•
•
•
Increased structural integrity
Enhanced fire resistance of structures
New methods for fire resistance design of structures
Improved active fire protection
Improved emergency response
Improved building evacuation
Improved procedures and practices to encourage code compliance
Improved emergency response
Continuing education and training of fire protection engineers, structural engineers, and
architects
What issues should the architect address with the owner and security director, or consultant?
Based on the security layering principles described in earlier chapters, the architect will address
security concerns on a site level, building level, and interior space level.
Site Planning
•
•
•
•
•
Access
Service delivery
Circulation patterns
Lighting quality and quantity
Perimeter defense
Main Lobby
•
•
•
•
•
•
•
•
•
•
Visitor control issues
Building fire system location
Reception/guard kiosk design and equipment provisions
Architectural security barrier design—turnstiles, glass enclosures, reception areas, and
so on
Retail tenant security adjacent to lobby areas
Development of unobtrusive CCTV surveillance
Controlling access into emergency stairwells adjacent to the main lobby
After-hours access control into the main lobby
Alarm monitoring of perimeter doors
Main lobby lighting
Parking Garage
•
•
•
•
Valet or self-parking
Public, private, or mixed use
Segregated parking levels
Executive parking security
© 2008 by Taylor & Francis Group, LLC
AU6807.indb 180
4/22/08 12:19:31 PM
Protecting Buildings and Infrastucture with CPTED
181
• Need for and use of CCTV surveillance system, emergency signaling system, intercom
system, and guard tour system
• Lighting issues, including type of lighting and number of footcandles to be provided
Loading Docks
•
•
•
•
•
•
Amount of vehicular traffic flow expected
Impact, if any, on street traffic or pedestrian walkways
Storage of package and materials
Distribution of deliveries throughout the building
Development of necessary CCTV surveillance and intercom systems
Provision of remote door release controls
Downloaded by [University Library] at 05:24 16 July 2017
Emergency Stairwells
•
•
•
•
•
Restricting access or allowing use by the public for interfloor traffic
Communication provisions in stairwells
Emergency exit alarm devices on doors
Alarm monitoring of the stairwells
Access control into and out of the stairwells
Miscellaneous
Elevator bank access control and architectural design
Communication provisions in elevator vestibules on individual floors
Public washrooms
Mail services
Deliveries
Security in mechanical areas
Door hardware for telephone, electrical, and storage closets
Security for fuel and water storage areas
Roof access
Tunnel or skyway connections to other nearby buildings
Plaza security—issues related to landscaping, lighting, and use of unobtrusive surveillance
systems
• Elevator cab communication devices
•
•
•
•
•
•
•
•
•
•
•
Building Tenant Security
• A comprehensive access control program to encompass elevator car access control requirements and individual floor access control measures
• Security measures for individual departments and operations that may have additional
security requirements
• Executive floor security
• Receptionist workstations
• Boardroom or executive conference room access control issues
• Vestibule construction of freight elevator lobbies
• Console room design
• Secured storage areas, vaults, and safes within tenant space
• Closet space for security-related equipment
• HVAC and power requirements for security operations
© 2008 by Taylor & Francis Group, LLC
AU6807.indb 181
4/22/08 12:19:31 PM
182
21st Century Security and CPTED
Major Systems That Should Be Addressed
•
•
•
•
•
•
•
•
•
•
•
Fire and life safety
Public address
CCTV surveillance
Access control
Alarm monitoring
Radio communication
Emergency signaling
Intercom
Guard tour
Door control
Uninterruptible power supply
Downloaded by [University Library] at 05:24 16 July 2017
The following are recommended CPTED design features that may be applicable to your building:
•
•
•
•
•
•
•
•
•
•
•
•
•
Place unsafe activities in safe areas where there is natural surveillance and supervision.
Design the exterior of a structure so it is difficult to climb.
Minimize the number of exterior openings at or below grade.
Protect all building openings against entry or attack.
Provide for extra conduit for growth and changes.
Design walls to resist penetration by intruders possibly using cars, hand tools, explosives,
and so on.
Provide sufficient space in the lobby or entry areas for verification, identification, and
screening of users, i.e. sign-in desks, contraband detection equipment such as X-ray
machines, and personal identification equipment.
Provide adequate space for maintaining security equipment.
Protect all utilities and control panels from disruption by unauthorized persons.
Design elevators, stairways, and automated locking mechanisms not to compromise security during emergency evacuations.
Design lighting for proper illumination in coordination with CCTV—reduce glare, increase
view of field.
Design perimeter to be well defined and supported by natural barriers such as landscaping,
mechanical barriers such as walls, fences, buried sensors, motion sensors, proximity sensors, and by organizational methods such as guard patrol.
Integrating the security technology into functional design and architecture, allowing the
legitimate building users to be your capable guardians for legitimate activity and deterrence of criminal activity.
The following measures should be considered in the design of entry control points (FEMA 426,
2003, 2–38):
• Design entry roads to sites and to individual buildings so that they do not provide direct
or straight line vehicular access to high-risk buildings. Route major corridors away from
concentrations of high-risk buildings.
• Design access points at an angle to oncoming streets so that it is difficult for a vehicle to
gain enough speed to break through the stations.
• Minimize the number of access roads and entrances into a building or site.
• Designate entry to the site for commercial, service, and delivery vehicles, preferably away
from high-risk buildings whenever possible.
© 2008 by Taylor & Francis Group, LLC
AU6807.indb 182
4/22/08 12:19:31 PM
Downloaded by [University Library] at 05:24 16 July 2017
Protecting Buildings and Infrastucture with CPTED
183
• Design the entry control point and guard building so that the authorization of approaching
vehicles and occupants can be adequately assessed, and the safety of both gate guards and
approaching vehicles can be maintained during periods of peak volume.
• Approach to the site should be designed to accommodate peak traffic demand without
impending traffic flow in the surrounding road network.
• Provide pullover lanes at site entry gates to check suspect vehicles. When necessary, provide a visitor/site personnel inspection area to check vehicles prior to allowing access to a
site or building.
• Design active crash barriers, such as bollards, speed bumps, vehicle barriers, as may be
required to control vehicle speed and slow incoming vehicles to give entry control personnel adequate time to respond to unauthorized activities.
• Design the inspection area so that it is not visible to the public, when necessary. Place
appropriate landscape plantings to accomplish screening.
• Consider current and future inspection technologies for screening vehicles.
• Provide inspection bays that can be enclosed to protect inspection equipment in the event
of bad weather.
• Design inspection areas large enough to accommodate a minimum of one vehicle and a
pullout lane.
• Consider providing a walkway and turnstile for pedestrians and a dedicated bicycle lane.
• If possible, provide a gatehouse for the workstations and communications equipment of the
security personnel. It may also serve as a refuge area in the event of an attack.
• Provide some measure of protection against hostile activity if ID checking is required
between the traffic lanes. Cameras and lighting will be important features.
• For high-security buildings, provide a final denial barrier to stop unauthorized vehicles
from entering the site.
• Design the barrier system to impede both inbound and outbound vehicles. The system
should include traffic control features to deter inbound vehicles from using outbound lanes
for unauthorized access. Barrier devices that traverse both roadways should be included in
the design. The safety features discussed above for inbound lanes should also be provided
in the outbound lanes.
APPLICATION OF GSA SECURITY STANDARDS TO ALL BUILDING TYPES
Whatever the building or its use, security for antiterrorism and crime prevention criteria should be
similar to fire safety, accessibility, and structural integrity. Any piece of architecture should establish a hierarchy of space that goes from open access by the public, to semipublic, to semiprivate, to
private spaces. Any areas or spaces that are unassigned to a specific purpose or capable guardian
should be avoided as it becomes “no-man’s land” and not claimed, protected, or defended by any
individual or group. Traffic patterns of pedestrians and vehicles into sites and buildings should be
carefully thought out and controlled for the desired goal. The design of any building should maximize the potential for natural observation by the legitimate building users.
Target hardening is one method of increasing the effort using techniques such as: improving
locks to be dead bolts; upgrading window screens; using break resistant glazing; increased use of
fencing; magnetic locking doors. Another technique is access control, which includes installing
barriers, designing paths, walkways, and roads so that unwanted and unauthorized users are prevented from entering vulnerable areas. Barriers may include limiting entrance to specific individuals, places or times; security vestibules, parking lot barriers, entry phones, visitor check-in booths,
guard stations, vehicle control systems, bio-metric screening for access control.
© 2008 by Taylor & Francis Group, LLC
AU6807.indb 183
4/22/08 12:19:31 PM
184
21st Century Security and CPTED
SUMMARY
Downloaded by [University Library] at 05:24 16 July 2017
The goal for designers, landscape architects, and security professionals to prevent or reduce the
opportunity for terror incidents, and the fear or incidence of crime, should be to think holistically, yet minimize fortress design and target hardening. Fortress minimization should be the goal,
except where it may be specifically required only after thorough analysis and study. The design
professional must address the issue of how architectural design features and approaches can be
enhanced by security without imposing objectionable and unreasonable measures on the aesthetics
and functionality of the building. As you have seen throughout this part of the book, there are a
number of necessary assessments and analytical steps that accompany any security design. In short,
when designing buildings with antiterrorism and crime prevention in mind, the design and security
professional should:
• Conduct the need assessment and include it as part of the architectural programming
process.
• Determine the level of criticality and threats to the building assets.
• Change how people use the building for legitimate authorized uses.
• Use security technology last, once the circulation patterns are clear and the architecture of
form reflects the function of facility.
• Use the national standards as a starting point to establishing a standard of care, in order
to improve efficiency, safety, and security, and to reduce premises liability from negligent
security design and practices.
Architecture is, unfortunately, one of the least used pieces of the security puzzle to make public
and private buildings safe and secure. CPTED planning creates the environment for better security
by allowing natural surveillance and unobstructed visibility, controlling access to persons who
belong on the property, preventing unauthorized access of persons onto the property, integrating
the security technology into functional design and architecture, and allowing the legitimate building users to be your capable guardians for legitimate activity and deterrence of criminal activity.
Finally, environmental design can never eliminate crime or terrorism completely because it does
not attack root causes. Architectural security design may shift the places where crime or terrorism
occurs, but in the process the offender must start a new target search, and is thus put at greater risk
of apprehension before the event occurs. Furthermore, environmental control does go a long way
toward making people feel better about their work and living environment, and that empowers
people to act in a safer manor, and to design buildings in a safer, more resistant manner.
Architects and security professionals should avoid worrying about events over which they have
no control: real estate markets, zoning regulations, fire department inspections, and operational
policies. They should focus instead on the things over which they do have control: good CPTED
design, integrated security systems, competent training and staff, and keeping a watchful eye on
workplaces, living environments, and residences to see how CPTED design might fit.
REFERENCES
American Society of Industrial Security (ASIS). http://www.asisonline.org/.
ASTM F 1642 (2004) Standard test method for glazing systems subject to airboat landings. American Society
of Testing Materials. West Conchohocken, PA.
Architectural Record (2001) October. 24–26.
Atlas, R. (1998) Just when you thought it was safe to go back in the building. Security Management, 64–73.
Atlas, R. (2004) Security design concepts. Security Planning and Design: A Guide for Architecture and Building Design Professionals. Washington DC: American Institute of Architects, Wiley.
Atlas, R. (2006) Architect as nexus: Cost effective security begins with design. ArchiTech (May–June),
30–34.
© 2008 by Taylor & Francis Group, LLC
AU6807.indb 184
4/22/08 12:19:32 PM
Downloaded by [University Library] at 05:24 16 July 2017
Protecting Buildings and Infrastucture with CPTED
185
Atlas, R. (2006) Designing for Security. The Construction Specifier (April), 83–92.
Crowe, T. (2000) Crime Prevention Through Environmental Design, 2nd ed. Boston: Butterworth−Heinemann.
DiGreggario, A. Applied Research Associates, Alexandria VA.
Environmental Design Technical Group News (2001) EDRA. September.
FEMA 426 (2003) Reference Manual to Mitigate Potential Terrorists Attacks Against Buildings.
FEMA 427 (2003) Primer for Design of Commercial Buildings to Mitigate Terrorist Attacks.
FEMA E155 (2006) Building Design for Homeland Security.
Feldman, W. (2005) Developers and owners design properties to minimize loss in event of terrorist attacks.
Journal for Property Managers. IREM Institute of Real Estate Managers. Oct.
Final Report of the National Construction Safety Team on the Collapses of the World Trade Center Towers
(2005) U.S. Commerce Department, National Institute of Standards and Technology.
Final Report of the National Construction Safety Team on the Collapses of the World Trade Center Towers
(2005) U.S. Commerce Department, National Institute of Standards and Technology.
GSA Security Criteria (1997) General Services Administration, October 8.
Interagency Security Committee (ISC) (2001) Security Design Criteria for New Federal Office Buildings and
modernization Projects. September 29.
Miami Herald (1995) I did it, bombing suspect tells two. 5/19.
Nadel, B. (Ed.) (2004) Building Security: Handbook for Architectural Planning and Design, New York:
McGraw-Hill.
Newman, O. (1973) Defensible Space: Crime Prevention Through Urban Design. New York: Macmillan.
Unified Facilities Criteria (UFC) (2002) DoD Minimum Antiterrorism Standards for Buildings. July 31.
Unified Facilities Criteria ( UFC) (2002) DoD Minimum Antiterrorism Standoff Distances for Buildings.
July 31.
Vulnerability Assessment of Federal Facilities. (1995) U.S. Department of Justice. June 28.
Security Watch (2001) Bureau of Business Practice Newsletter, Oct., 4.
Werkerle, G. and Whitzman, C. (1995) Safe Cities: Guidelines for Planning, Design and Management. New
York: Van Nostrand.
© 2008 by Taylor & Francis Group, LLC
AU6807.indb 185
4/22/08 12:19:32 PM
Chapter 10
The Elephant in the
Emergency Operations
Center: The Fundamental
Flaw within Formal
Response Systems
If you want to succeed in social media you’ve got to be okay to just lose
control.
Alexis Ohanian, Co-Founder of Reddit.com1a
Chapter Objectives
◾◾ To address foundational considerations of national response and preparedness models for emergency management and response
◾◾ To analyze the challenges of implementation and integration of social media
into national models of emergency management and response
◾◾ To consider the implementation of social media into intelligence processes utilized by incident commanders and Emergency Operations Center
management
181
182
◾
Disasters 2.0
◾◾ To apply social media concept into the understanding of modern review and
approval of public information processes
◾◾ To consider the potential impact of using social media during emergency
exercises and trainings
Downloaded by [University Library] at 05:24 16 July 2017
National Preparedness and Response Systems
Emergency management disciplines throughout the United States have long been
defined by national response systems based on best practices, disaster experiences, and political motivations and direction. Such systems include the Incident
Command System (ICS), National Incident Management System (NIMS), and the
Homeland Security Exercise and Evaluation Program (HSEEP). In each case, these
systems have had positive and negative impacts related to their application before,
during, and after emergencies and/or disasters and are significantly impacted by the
use and implementation of social media and Web 2.0 technologies. To understand
these effects, it is critical to understand the structures and intended purposes of the
national response systems first.
In February 2003, President George W. Bush issued Homeland Security
Presidential Directive 5 (HSPD-5) which directed the U.S. Department of Homeland
Security to develop and administer a National Incident Management System
(NIMS). (See Figure 10.2.) This system was in response to the management and
communication disorder and chaos that was noted during and after action reports for
the terrorist attacks on September 11, 2011. The intention of NIMS was to provide a
nationwide template to enable all government, private-sector, and nongovernmental
organizations to work together in a coordinated and efficient way during all types of
emergencies and disasters regardless of size, scope, or complexity.6 Specifically, NIMS
created a “framework for interoperability and compatibility by balancing flexibility
and standardization.”6 Specific components of NIMS included command and management, preparedness, resource management, communications and information
management, supporting technologies, and ongoing management and maintenance.
The command and management structure within the NIMS framework is
divided into three major organizational systems: Incident Command System,
Multiagency Coordination Systems, and Public Information Systems. The Incident
IN A NUTSHELL
NIMS created a “framework for interoperability and compatibility by balancing flexibility and standardization.”
—Introduction to the National Incident Management System6
The Elephant in the Emergency Operations Center
◾
183
Downloaded by [University Library] at 05:24 16 July 2017
DISASTER PROFILE—INDIAN GULCH FIRE
On Monday, March 21, 2011, a large fire in the Indian Gulch area of
Colorado was started by arsonists. This area, which comprises a large part of
rural Colorado to the west of Colorado Springs and south of Denver, quickly
became a blazing wildfire; nearly 1,570 acres burned by the time fire responders had contained the fire by the end of the week.8 (See Figure 10.1.) Rowdy
Muir, the incident commander for the response, indicated that the operation
was extremely difficult to deal with due to steep slopes and challenging footholds, especially considering the smoky atmosphere. During the response,
Colorado governor John Hickenlooper issued an emergency disaster declaration that authorized $1.5 million in state money to help cover firefighting
costs and opened up the possibility of additional federal support. A total of
401 firefighters from more than 40 different local, state, and federal agencies
were ultimately involved in response to the wildfire.8 Those responders utilized
a plethora of resources, including numerous National Incident Management
System (NIMS) types of resources, such as one type 1 helicopter, one type 2
helicopter, one type 3 helicopter, two single-engine air tankers, and one fixedwing heavy tanker.8 American Red Cross shelters as well as large animal shelters were established in nearby communities that were not impacted by the fire.
Jacob Smith, mayor of nearby Golden, stated on his blog that the emergency
response plan was quickly initiated and “relied primarily on a traditional communications model: the emergency operations team would compile and verify
information about the fire and they would provide it to our public information
office.” Mayor Smith continued by stating that the public information officer
“could periodically brief the news media…relying largely on the media to then
broadcast that information via television, radio, and print media.”9,10 Mayor
Smith and local councilman Bill Fisher expanded this formal communication
by disseminating periodic email updates, newsletters, and updates to personal
Twitter and Facebook pages. Mayor Smith even noted on his blog that “a very
large number of folks expressed their gratitude for the communication efforts
often especially referring to the Facebook or Twitter.”10 This particular disaster
presents a dichotomy of application of communications and intelligence tools
between formal response systems and social media and Web 2.0 technologies.
Was one system more effective than the other? Did the mayor’s use of social
media violate traditional command and control structures utilized in emergency response and public information for the dissemination of event-related
information? Is there a clear and consistent message being disseminated across
these multiple new media platforms? These are the types of questions that
challenge emergency managers as they consider how to apply social media in
modern emergency management.
Downloaded by [University Library] at 05:24 16 July 2017
184
◾
Disasters 2.0
Figure 10.1 Wildfire response near Loveland, Colorado, in the Indian Gulch
region. (From FEMA, Michael Rieger.)
Command System (ICS) is the paramount component of these organization systems and not only is it the most traditional but it is also fundamental to the other
two sections. According to NIMS training materials, ICS “defines the operating
characteristics, management components, and structure of incident management
organizations throughout the life cycle of an incident.”6 Interestingly, the national
commitment to ICS as part of the NIMS is based strongly on nearly 40 years of
best practices by various first responder disciplines, but particularly fire services
throughout the United States. The best-practice features included common terminology, organizational resources, manageable span of control, organizational facilities, position titles, use of incident action plans, integrated communications, and
systematic accountability.6
These systematic characterizations of ICS are critical to understanding further
evaluation regarding how NIMS and ICS integrate with social media. Specifically,
Figure 10.2 In February 2003, President George W. Bush issued Homeland
Security Presidential Directive 5 (HSPD-5), which directed the establishment of
NIMS. (From U.S. Coast Guard, Telfair H. Brown Sr.)
Downloaded by [University Library] at 05:24 16 July 2017
The Elephant in the Emergency Operations Center
◾
185
Figure 10.3 FEMA representatives provide briefing in Greensburg (Kansas)
Emergency Operations Center. (From Greg Henshall. With permission.)
the ICS characteristics of manageable span of control, position titles and accountability, and common terminology, among others, create an inherent command and
control structure that is dictated by a hierarchal structural dependent on review
and approval at all levels within the ICS structure. Even under ideal circumstances,
this type of structure creates an innate elongation in the time required to initiate
response actions, receive approval, and execute the direction. Unfortunately, this
typical timeframe from start to finish is often incompatible with public expectations and the natural pace of social media exchanges.
An additional command and management component of the National Incident
Management System is the utilization of multiagency coordination systems. While
Emergency Operations Centers (EOCs) are the most common example of multiagency coordination systems, Joint Information Centers (JICs) are also important
examples to consider, especially when evaluating the potential interaction with
social media. (See Figure 10.3.) Originally, the JIC was created out of ICS best
practices. It functions as the communication and public information element at
all levels ranging from localized incident commanders to unified command, EOC
managers, and other governmental response entities. Much like its ICS cohort,
the fundamental rule in all Joint Information Centers is that no information can
be released by public information officers or other response personnel to anyone
outside the formal response hierarchy without the preapproval of the highest ranking official (e.g., incident commander or EOC manager). Additionally, this type
of structure facilitates the need for multiple organizations and/or jurisdictions to
coordinate message dissemination and public “voice.”7 Although this system has
been shown to be capable of distributing information in a timely manner, much
like ICS it would be challenged to distribute information quickly enough to help
manage the reception and distribution of information via social media systems during emergencies and disasters.
Downloaded by [University Library] at 05:24 16 July 2017
186
◾
Disasters 2.0
As mentioned previously, the other multiagency coordination system that
must be considered is the Emergency Operations Center (EOC). In many ways,
the structure established by the National Incident Management System for the
use of the Incident Command System is mirrored in most Emergency Operations
Centers. Typically, EOCs are based on a structured hierarchal environment that
often utilizes similar functions like span of control, unity of command, incident
action planning, and many others. Consequently, some of the same challenges exist
for the use of social media in EOC and ICS structures. Both command and management systems require a high level of situational awareness at all times to initiate
proper responses to ensure efficient and effective protection of life, property, and
community resources. Unfortunately, like the JIC challenge, the pace of situational
awareness is exponentially shorter when the public is capable of receiving and distributing incident information in a nearly instantaneous manner via social media
and Web 2.0 systems.
In addition to the National Incident Management System and the Incident
Command System, emergency managers are encouraged (and mandated when
receiving federal funds) to utilize the Homeland Security Exercise and Evaluation
Program (HSEEP) when creating and executing various exercise scenarios. This
includes the spectrum of exercise activities that includes seminars, workshops,
tabletop exercises, drills, games, functional exercises, and full-scale exercises. In
all cases, a scenario is developed and utilized to test and evaluate certain predetermined exercise goals and objectives. As such, it is necessary to utilize real responders, equipment, and resources, which is potentially not only expensive and time
consuming but also confusing to the general public. For instance, if a local community was testing a large mass casualty scenario via a full-scale exercise, it would
require the colocations of multiple emergency response personnel, vehicles, and
equipment. Because it is critical to ensure the effectiveness of operational plans,
most organizations routinely pull equipment and resources off of actual responses
to perform the exercise and support primary operations through backfilled or
mutual aid support. Unfortunately, this is not possible to do when testing plans
and response related to the incorporation of social media because real social media
channels are difficult to take out of active commission. Consequently, exercises
based on the HSEEP model can sometimes be extremely ineffective at safely and
effectively testing plans and response protocols related to social media for public
information and situational awareness.
Conflicts and Contradictions
Formalized emergency response systems like the National Incident Management
System (NIMS) and the Incident Command System (ICS) are quickly becoming
conflicting entities within the realm of emergency public information as social media
becomes more commonly utilized. NIMS was built on the foundation of formally
Downloaded by [University Library] at 05:24 16 July 2017
The Elephant in the Emergency Operations Center
◾
187
organized command, control, and approval of all emergency actions, including public dissemination of information, while social media was built on open, organic,
and informal responses. NIMS is also based on best practices and is accepted as the
national model for disaster response, including public information. Unfortunately,
it does not address the impact of social media forms such as social networking,
microblogs, blogs, and video sharing, which have quickly become pervasive in emergencies and disasters. These two entities (the formal command structure and social
media) are fundamentally in conflict and must be reconciled to ensure the dissemination of future emergency public information is efficient and effective.
NIMS calls for all information released to the public during an emergency or
disaster to be reviewed and approved by the incident commander (or EOC director
in larger events). However, it is difficult for public information staff to continue to
be timely and efficient when getting approval for traditional outreach strategies such
as television, radio, and print (often online) media considering the time constraints
and universal responsibilities of the incident commander during an emergency or
disaster. If NIMS does not properly establish protocols for situational analysis by
planning, operations, and logistics components, there may be significant disasterrelated information that is missed or unincorporated due to the incompatibility of
the NIMS structure with social media. These incompatibilities create significant
gaps in emergency readiness.
As the need to use and monitor social media increases during emergencies, this
time challenge is further exacerbated by the intrinsic and demanded brevity of
time related to the various forms of social media. Press releases to traditional media
outlets such as television and radio can be adequately handled from creation to
approval within a few hours so the media outlets are satisfied and have information
to use during the next broadcast or publication. On the other hand, social media
outlets (e.g., Twitter and Facebook) desire information nearly instantaneously with
virtually complete transparency. This means social media works in the realm of
minutes, not hours like traditional communications. Therefore, it is fairly selfevident that the incident commander’s approval of messages and/or information
disseminated through social media outlets in a similar timeframe is extraordinarily
difficult, if not impossible. Regardless, social media (like traditional media) must
be provided information (aka “fed”) to reduce the distribution of misinformation
and minimize public discord related to the emergency or disaster.
This was no more evident than during the 2007 Virginia Tech shooting (see
Chapter 5). During this event, students inside and around the impacted buildings were providing a steady flow of information related to the incident through
Facebook and other social media sources. The traditional communication streams
such as press releases and press conferences were (relatively speaking) slow to react
and took several hours to release information related to the event, including the
number and names of the student fatalities. For example, although the shootings
occurred at approximately 7:00 a.m. and again at 9:30 a.m., the Virginia Tech
administration did not formally announce a death toll (without names) until 2:13
188
◾
Disasters 2.0
IN A NUTSHELL
In the simplest form, social media benefits emergency response by providing
ears and mouths. In other words, using it can help the responders listen in
to the conversation going on and glean valuable information that can help
inform response priorities, help understand public sentiment, and help identify emerging issues, misinformation, and rumors.
Downloaded by [University Library] at 05:24 16 July 2017
—Gerald Baron, founder of PIER Systems
p.m. Meanwhile, social media sites and online communities such as the “I’m ok
at VT” Facebook group were actively confirming the identities of those victims.
Although researchers found that no single online social media list contained all
32 victims’ names, they were routinely accurate and preceded the formal partial
release of names at 4:00 p.m. and the full list at 5:15 p.m.11 Clearly, the social media
communication sought out and acquired accurate, event-related information significantly faster than traditional media outreach.
The Virginia Tech example is significant because the community of Facebook
users and other social media systems successfully identified all casualties without
ever posting a name erroneously.1 Moreover, because of the speed and accuracy
of public information via social media during the event, traditional media outlets
began to reference social media content rather than wait for the formally released
information from the university. (See Figure 10.4.) Ultimately, as discussed in
Chapter 3, this event as well as other similar major disasters led to the exponential
growth of citizen journalism and the use of social media systems for primary news
tracking, documentation, and sourcing. Some experts have even suggested that
social media sources such as Twitter are the new press release systems and will
ultimately replace the current news distribution structure.2 Managers of traditional response systems that oversee the distribution of public information would
be foolhardy to not directly address how social media can be adopted to optimize
the best practices established along practical application of modern communication systems.
Figure 10.4 Students at Virginia Tech hold a candlelight vigil after the Virginia
Tech shooting.
Downloaded by [University Library] at 05:24 16 July 2017
The Elephant in the Emergency Operations Center
◾ 189
Figure 10.5 Cars rest on the collapsed portion of I-35W Mississippi River
bridge in Minneapolis, after the August 2007 collapse. (From U.S. Coast Guard,
Kevin Rofidal.)
Another challenge for emergency public information within the NIMS framework is the style and structure of released messages. Specifically, the most common form of message distribution is a press release. The message contained within
the press release is generally crafted in a very structured way using formalized
language and polished contextual placement. They often contain generalized and
nonspecific quotes from decision makers (e.g., the incident commander) or other
local authority figures (e.g., the mayor or governor) that are intended to personalize, empathize, and validate the emergency situation in support of classical crisis
communication models.12 Unfortunately, this model is wholly contradictory to
the expected style of social media. For instance, Twitter only allows posts of 140
characters or less to provide status updates. Because the limited space available
for status updates is inherently a relaxed response, most users are very informal,
casual, and brief.
Facebook adds further complication due to its multifaceted approach. It adds
microblog-like status updates as well as links to photos, videos, and websites. Within
social media systems, both written and visual context to emergency situations can
be distributed via preexisting, trusted networks. This phenomenon was evident
by the usage of social photo-sharing capabilities during the London bombings
(2005), Hurricane Katrina (2005), Virginia Tech shootings (2007), Minneapolis
I-35 bridge collapse (2007) (see Figure 10.5), and the Southern California wildfires
(2007).3 The style and substance of these social media sites are very different from
the standard press release and make their combination delicate at best. Again, some
sort of additional version of the press release such as pre-identified and preapproved
social media messages is vital for the successful management of public information
but is not currently explicitly allowable under the NIMS structure.
Downloaded by [University Library] at 05:24 16 July 2017
190
◾
Disasters 2.0
Lastly, part of the formalized NIMS structure is to ensure unified messages that
support overall incident priorities. This unified message construction is particularly
designed to increase the credibility of the message and to increase the public’s ability
to validate the released information. The challenge facing emergency public information is that the trustworthiness of governmental communications is often low.
Government communications are particularly challenged within certain cultural
and ethnic sectors of the population. For instance, the University of Michigan’s
Institute for Social Research has long noted that some demographic groups such
as African Americans typically show higher levels of governmental distrust than
other community groups.14 Additional research has indicated that predictors of
trust in government include race, gender, and individual social capital such as civic
engagement or interpersonal trust.15 Overcoming these preestablished hurdles is
one of the many challenges that must be overcome during formal emergency public
information activities. Interestingly, there is some thought that social media may
help bridge these trust gaps as the online communities of Facebook, Twitter, and
others are not based on forced relationships (e.g., traditional government–citizen
relationships) but rather on trusted sources and associations.
Take the Filter Off
Due to preexisting space or time restrictions, traditional media outlets get the
opportunity to filter the formally approved government message, which can result
in a biased or distorted presentation or further fracture an already challenged
message. Conversely, social media sites address both of these issues. Social media
sites such as Facebook and Twitter are fundamentally built on the foundation of
trusted networks and open community. Specifically, these social media outlets are
established by being “friends” or “fans” of someone or something. As such, the
social networks provide a local community an opportunity to validate additionally
released messages about the emergency event. Secondly, social media sites allow for
direct messaging to the impacted community by cutting out the traditional media
and thus their interpretation and presentation. Although social media is not free of
bias, one of its core principles is self-correction.4 It is extremely likely that any misinformation presented intentionally or unintentionally via social media channels
would be quickly corrected by members of the shared community. Consequently,
these two components support the potential effectiveness of using social media
during an emergency event at least in support of traditional formalized communications (e.g., press releases).
In conclusion, the application of NIMS guidelines and social media for emergency public information is currently antagonistic and counterproductive. The
structured review and approval process greatly reduces the effectiveness of social
media, which is ultimately detrimental to the overall success of the emergency
public information and situational awareness process. The NIMS process was well
The Elephant in the Emergency Operations Center
◾
191
vetted, nationally practiced, and based on best practices, but the rise of social media
has been quick and fierce, which leaves emergency managers and public information officers in an unenviable and challenging situation. Identifying and implementing a resolution to this conflict will be critical to the future of emergency
management for all disciplines.
Downloaded by [University Library] at 05:24 16 July 2017
Contrasting Opinions
Some emergency managers have suggested that the integration of national response
systems (like NIMS) and social media is not as challenging as it appears in its
most fundamental sense. A common argument put forth is one that suggests social
media is merely a communications tool similar to email and cell phones that are
commonly used by disaster responders. This argument continues by stressing that
NIMS does not explicitly address how, when, and where these communication
systems should be utilized but that they are important. Therefore, based on this
argument, social media should also not be specifically addressed as long as NIMS
maintains its flexibility for technology and application. Unfortunately, this argument is fundamentally flawed. While social media is a communication tool similar
to email and cellular phones, the scope and application of social media is much
greater than those systems. The time, application, and systematic expectations associated with social media usage are much more complicated.
Additional counterarguments against adjusting national response systems to
better incorporate social media and Web 2.0 technologies are based in foundational
interpretations of these response systems. For instance, Hal Grieb, a prominent
emergency manager utilizing social media (see Chapter 2 Practitioner Profile), references the ongoing management and maintenance components of NIMS, which
states that the “ongoing development of science and technology is integral to the
continual improvement and refinement of NIMS.”13 In other words, Mr. Grieb
is presenting a view that NIMS was inherently built with flexibility to absorb
new technologies and systems that impact ...
Purchase answer to see full
attachment