Testimony of Deputy Secretary James Loy, ADM, USCG (RET)
U.S. Department of Homeland Security

Before the House Select Committee on Homeland Security
“ The Homeland Security Advisory System: Improving Preparedness through Effective Warning”

February 4, 2004
12:30 p.m.

U.S. Department of Homeland Security
Washington, D.C. 20528
202-282-8000

Good morning, Mr. Chairman and Congressman Turner. I would like to thank you, as well as the other members of the committee, for providing this opportunity for me to join my colleague from TTIC, John Brennan, to discuss the Homeland Security Advisory System.

On March 11, 2002, President Bush created the Homeland Security Advisory System (“HSAS” or “advisory system”) as a tool to improve coordination and communication among all levels of government, the private sector and the American public in the fight against terrorism. The advisory system is binding on the executive branch, and suggested, although voluntary, for State, local, territorial and tribal governments, and the private sector.

The system, created by Homeland Security Presidential Directive-3 (HSPD-3) and now, pursuant to the Homeland Security Act of 2002 , administered by the Department of Homeland Security (“DHS” or “the Department”) identifies a flexible framework for communicating, addressing and mitigating terrorist threats to the nation utilizing a threat-based, risk-managed system. During periods of heightened concern, the framework provides the ability to change the Threat Condition on a national level, but also affords the opportunity to target communications to particular geographic locales, industry sectors or other affected entities. The latitude provided by HSPD-3 allows the Department to address unforeseen situations and continue to refine the Advisory System as the need arises. This flexibility is critical to the success of the Advisory System and essential to its effective implementation.

With the creation of the Department on March 1, 2003, the advisory system evolved into a framework that married the analytical assets of the Intelligence Community (which includes DHS) with the Department’s unique responsibility to assess the nation’s vulnerabilities and implement protective measures. Since its creation on March 11, 2002, the HSAS Threat Condition has been changed on five separate occasions. In each instance, the condition was raised from Yellow to Orange, but the circumstances surrounding each decision to elevate the Threat Condition varied.

We recognize that a decision to change the Threat Condition has significant economic, physical and psychological impacts on the nation. Therefore, decisions made by the Secretary, in consultation with the Assistant to the President for Homeland Security to change the Threat Condition are made only after careful consideration and close coordination with other Federal agency heads, including other members of the Homeland Security Council. Let me take this opportunity to provide some insight into the decision making process.

In the regular course of business, the Intelligence Community constantly reviews available threat information. When that information provides sufficient indication of a plan to execute a terrorist attack, the source and origin of the intelligence are further analyzed to determine the specificity and credibility of the information. It is only when the information received is both specific and credible that the Department takes appropriate action under the advisory system. Even then, the Threat Condition is not automatically raised to the next higher level. The Secretary has a range of actions available to him. These actions range from the issuance of advisories or bulletins up to a determination to change the Threat Condition. There are instances when the volume and credibility of the intelligence reaches a level that the Department believes it should notify the public of the increased risk and the actions professionals are taking in response to the threat. Although this is a subjective standard, this concept was demonstrated when DHS elevated the Threat Condition from Yellow to Orange for Operation Liberty Shield. The decision to change the Threat Condition was based on intelligence reporting indicating Al Qaida’s desire to attack the US in response to the US-led military campaign in Iraq. As you are aware, in this instance during a time of war, DHS recommended nationwide protective measures during a time of war.

Since then Advisory System has evolved as more specific threat information has become available and the Department’s ability to communicate threat information and protective actions to those affected improved. One example of this evolution is the development of specific, audience-tailored communications tools to address specific threats and provide measures to be taken in response to threats or vulnerabilities. These products have enabled the Department to implement the advisory system in a more practical and flexible manner. In fact, since March 11, 2002, the protective posture of our nation has increased based on our refined ability to respond to specific information with targeted actions and prevention measures. As a result, today’s Threat Condition Yellow is yesterday’s Orange, effectively raising the threshold for changing the Threat Condition. This evolution is best illustrated by the most recent Threat Condition change over the December 2003 holiday period. At that time, the Threat Condition was raised from Yellow to Orange based on intelligence reports indicating a substantial increase in the volume of threat-related reports from credible sources that al Qaida continues to consider using aircraft as a weapon and other threat reporting targeting numerous cities in multiple geographic locales. These were the most specific threat reports that we have seen thus far. Even though the national Threat Condition was lowered on January 9, 2004, DHS recommended that several industry sectors and geographic locales continue on a heightened alert status. In this case, DHS utilized the HSAS communications tools to provide specific recommendations to particular industry sectors and for particular geographic areas in response to specific threat information. For the first time since the creation of the HSAS, the Department lowered the national threat level but recommended maintaining targeted protections for a particular industry sector or geographic locale.

In addition to the ability to change the Threat Condition, the advisory system also utilizes communications tools, defined as threat products, to provide more targeted and specific information to a broad or narrowly focused audience. In some cases, the protective actions taken by the affected entities affect decisions on raising or lowering the Threat Condition.

Threat products consist of warning and non-warning information designed to inform a particular audience about an existing threat or current incident. Two threat products used by the Department are Threat Advisories and Information Bulletins.

Threat Advisories contain actionable information about incident information or a threat targeting critical national networks, infrastructures, or key assets. These products may suggest a change in readiness posture, protective actions, or response that should be implemented in a timely manner.

Information Bulletins communicate information of interest to the nation’s critical infrastructures and other non-governmental entities that does not meet the timeliness, specificity, or significance thresholds of threat advisories. Such information may include statistical reports, summaries, incident response or reporting guidelines, common vulnerabilities and patches, and configuration standards or tools. Because these products are derived from intelligence they are generally communicated on a need-to-know basis to a targeted audience, such as the intelligence that is shared at both the classified and unclassified level with State, local and private sector officials. Together, these products provide a thorough, well-calibrated system to prevent terrorist attack. The evolutionary nature of the advisory system, and the authority resident in HSPD-3, enable the Secretary to utilize a variety of tools to address terrorist threats that may affect the United States.

Like other advisory systems, the success of the HSAS also depends upon our ability to work closely with Federal, State, and local officials, the private sector and the public. DHS not only communicates threat information but must also provide our partners with specific actions that can be taken at all levels to protect against the threat. The cornerstone of the HSAS is the protective measures that are implemented at each Threat Condition. The Federal government, States and the private sector each have a set of plans and protective measures that are implemented when the Threat Condition is raised. It is these protective measures and those specifically recommended in the HSAS communications tools that reduce the nation's vulnerability to terrorist attacks. However, it must be noted that while DHS encourages the adoption of the HSAS at the State and local level, the HSAS is intended to supplement, not replace, other systems currently implemented by State and local authorities and the private sector. Prior to announcing a decision to elevate the Threat Condition, DHS communicates directly with its Federal, State, local, private sector and international contacts as appropriate. These communications provide specific information regarding the intelligence supporting the change in the Threat Condition. As appropriate for the audience, protective measures are developed and communicated with the threat information prior to a public announcement of the decision. While at a heightened Threat Condition, DHS maintains regular contact with State and local officials and provides regular updates. In the event that threats are targeted to particular cities or states, DHS provides those State and local officials with the most detailed intelligence information possible at both the classified and unclassified level.

It is important to note that threat information that is shared by the Department, and the ultimate raising of the Threat Condition, are actions primarily intended for security professionals at all levels of government and the private sector. However, in this post 9/11 world, in some cases threat information distributed by the Department or other Federal agencies eventually becomes accessible in the public domain. Based on this reality, the HSAS has again evolved to include a clear public explanation of the threat information to avoid misinterpretation of the information. When a change is made to the Threat Condition, DHS Secretary Tom Ridge includes guidance to the public regarding specific actions that can be taken in response to the threat. In addition to encouraging increased vigilance, DHS has recommended specific actions for the public including guidance for expediting their interactions with Transportation Security Administration airport screeners when traveling by commercial aviation. Although information is provided publicly regarding protective measures, it is important for the public to understand that DHS implements and recommends additional and more specific protective measures to State and local officials that are only disseminated to security professionals. Increasing citizen and community preparedness is a Departmental priority. One year ago, Secretary Ridge launched a multi-faceted public information campaign in conjunction with the Ad Council, which has received over $150 million in donated advertising. The public information campaign directs callers to a web site or and “800” telephone number that provides critical information on emergency preparedness and different types of terrorist threats. Brochures on this effort are also distributed through Post Offices across the country and Salvation Army distribution centers as well as other private sector partners. The Ready information campaign works in concert with the American Red Cross and Citizen Corps, the department's initiative to mobilize volunteer leaders to increase their community's preparedness. The Ready.gov website provides specific actions individuals and families can take such as creating and testing a family emergency plan and assembling an emergency kit to ensure there are sufficient supplies available when needed. Along with providing information to the public, DHS also works with State and local officials and the private sector in developing specific protective measures. The Department recognizes that each State, locality and private sector facility is unique and requires the development of different protective measures. For example, the protective measures required for and implemented by New York City are vastly different from the protective measures that Orange County, California will implement. In recognition of this difference, DHS communicates regularly with and provides technical advice to State and local officials to assist in the development of specialized and appropriate protective measures. Certain national law enforcement associations have also been awarded Homeland Security grant funding to further develop their own standard procedures for security measures to correspond with HSAS Threat Conditions.

DHS also works directly with critical infrastructure owners and operators to ensure that adequate protective measures and plans are in place to reduce the vulnerability to terrorism. Through this effort, DHS can deny terrorists the opportunity to use our infrastructure as a weapon. Let me offer two examples of this partnering:

DHS sends out teams consisting of DHS personnel and personnel from other agencies to critical infrastructure sites throughout the country to conduct site assistance visits. These visits are focused on identifying vulnerabilities and shared characteristics of that critical infrastructure sector element. After the visits, a report is prepared about the site and shared with local law enforcement, Federal law enforcement and the owner/operator of the facility. This procedure assists the owner/operator in identifying their vulnerabilities and adding appropriate protective measures.

However, it is not enough just to “look inside the fence” and identify the vulnerabilities of the site. We must work to remove the operational environment for a terrorist outside these facilities. To protect the area outside these critical infrastructure sites, DHS also conducts and prepares buffer zone protection plans. These community-based protection plans facilitate the development of effective preventive measures and make it more difficult for terrorists to conduct surveillance or launch an attack from the immediate vicinity of a high value or high probability of success site. The site assistance visits and buffer zone protection plans are just two ways in which DHS partners with critical infrastructure owners and operators to ensure that they have the best protective measures to guard against any terrorist incident.

Since the creation of the Department of Homeland Security, the HSAS has experienced an evolution from the preventative elevation of the threat level from Yellow to Orange during Operation Liberty Shield to the most recent threat specific elevation during the December 2003 holiday season. Over the past year, the system has been raised and lowered on three separate occasions, and each occurrence demonstrates that the Department’s ongoing work to strengthen the system has improved the implementation of the system specific to each emerging threat. The evolutionary nature of the System, and the authority resident in HSPD-3, enable the Secretary to utilize a wide variety of tools to address threats that may affect the United States.

In the future as the Department matures and our implementation of the HSAS continues to evolve, we will work diligently to provide information that best suits the needs of Federal, State and local officials, the private sector and the public. We look forward to working with the Congress on ideas to improve the system. HSAS is simply a tool and is one of the many means to the end we all are working toward which is a secure homeland.

Thank you Mr. Chairman. I would be pleased to answer any questions you may have.


Word Version