Deputy Secretary James Loy, ADM, USCG (RET)
U.S. Department of Homeland Security
House Select Committee on Homeland Security
“ The Homeland Security Advisory System: Improving Preparedness through
February 4, 2004
U.S. Department of Homeland Security
Washington, D.C. 20528
Good morning, Mr. Chairman and Congressman Turner. I would like
to thank you, as well as the other members of the committee, for
providing this opportunity for me to join my colleague from TTIC,
John Brennan, to discuss the Homeland Security Advisory System.
On March 11,
2002, President Bush created the Homeland Security Advisory System
(“HSAS” or “advisory system”)
as a tool to improve coordination and communication among all levels
of government, the private sector and the American public in the
fight against terrorism. The advisory system is binding on the
executive branch, and suggested, although voluntary, for State,
local, territorial and tribal governments, and the private sector.
The system, created by Homeland Security Presidential Directive-3
(HSPD-3) and now, pursuant to the Homeland Security Act of 2002
, administered by the
Department of Homeland Security (“DHS” or “the Department”)
identifies a flexible framework for communicating, addressing and mitigating
terrorist threats to the nation utilizing a threat-based, risk-managed system.
During periods of heightened concern, the framework provides the ability to
change the Threat Condition on a national level, but also affords the opportunity
to target communications to particular geographic locales, industry sectors
or other affected entities. The latitude provided by HSPD-3 allows the Department
to address unforeseen situations and continue to refine the Advisory System
as the need arises. This flexibility is critical to the success of the Advisory
System and essential to its effective implementation.
With the creation of the Department on March 1, 2003, the advisory system evolved
into a framework that married the analytical assets of the Intelligence Community
(which includes DHS) with the Department’s unique responsibility to assess
the nation’s vulnerabilities and implement protective measures. Since
its creation on March 11, 2002, the HSAS Threat Condition has been changed
on five separate occasions. In each instance, the condition was raised from
Yellow to Orange, but the circumstances surrounding each decision to elevate
the Threat Condition varied.
We recognize that a decision to change the Threat Condition has
significant economic, physical and psychological impacts on the
nation. Therefore, decisions made by the Secretary, in consultation
with the Assistant to the President for Homeland Security to change
the Threat Condition are made only after careful consideration
and close coordination with other Federal agency heads, including
other members of the Homeland Security Council. Let me take this
opportunity to provide some insight into the decision making process.
In the regular
course of business, the Intelligence Community constantly reviews
threat information. When that information
provides sufficient indication of a plan to execute a terrorist
attack, the source and origin of the intelligence are further analyzed
to determine the specificity and credibility of the information.
It is only when the information received is both specific and credible
that the Department takes appropriate action under the advisory
system. Even then, the Threat Condition is not automatically raised
to the next higher level. The Secretary has a range of actions
available to him. These actions range from the issuance of advisories
or bulletins up to a determination to change the Threat Condition.
There are instances when the volume and credibility of the intelligence
reaches a level that the Department believes it should notify the
public of the increased risk and the actions professionals are
taking in response to the threat. Although this is a subjective
standard, this concept was demonstrated when DHS elevated the Threat
Condition from Yellow to Orange for Operation Liberty Shield. The
decision to change the Threat Condition was based on intelligence
reporting indicating Al Qaida’s desire to attack the US in
response to the US-led military campaign in Iraq. As you are aware,
in this instance during a time of war, DHS recommended nationwide
protective measures during a time of war.
Advisory System has evolved as more specific threat information
available and the Department’s ability
to communicate threat information and protective actions to those
affected improved. One example of this evolution is the development
of specific, audience-tailored communications tools to address
specific threats and provide measures to be taken in response to
threats or vulnerabilities. These products have enabled the Department
to implement the advisory system in a more practical and flexible
manner. In fact, since March 11, 2002, the protective posture of
our nation has increased based on our refined ability to respond
to specific information with targeted actions and prevention measures.
As a result, today’s Threat Condition Yellow is yesterday’s
Orange, effectively raising the threshold for changing the Threat
Condition. This evolution is best illustrated by the most recent
Threat Condition change over the December 2003 holiday period.
At that time, the Threat Condition was raised from Yellow to Orange
based on intelligence reports indicating a substantial increase
in the volume of threat-related reports from credible sources that
al Qaida continues to consider using aircraft as a weapon and other
threat reporting targeting numerous cities in multiple geographic
locales. These were the most specific threat reports that we have
seen thus far. Even though the national Threat Condition was lowered
on January 9, 2004, DHS recommended that several industry sectors
and geographic locales continue on a heightened alert status. In
this case, DHS utilized the HSAS communications tools to provide
specific recommendations to particular industry sectors and for
particular geographic areas in response to specific threat information.
For the first time since the creation of the HSAS, the Department
lowered the national threat level but recommended maintaining targeted
protections for a particular industry sector or geographic locale.
In addition to the ability to change the Threat Condition, the
advisory system also utilizes communications tools, defined as
threat products, to provide more targeted and specific information
to a broad or narrowly focused audience. In some cases, the protective
actions taken by the affected entities affect decisions on raising
or lowering the Threat Condition.
Threat products consist of warning and non-warning information
designed to inform a particular audience about an existing threat
or current incident. Two threat products used by the Department
are Threat Advisories and Information Bulletins.
Threat Advisories contain actionable information about incident
information or a threat targeting critical national networks, infrastructures,
or key assets. These products may suggest a change in readiness
posture, protective actions, or response that should be implemented
in a timely manner.
Bulletins communicate information of interest to the nation’s
critical infrastructures and other non-governmental entities
not meet the timeliness, specificity, or significance
thresholds of threat advisories. Such information may include statistical
reports, summaries, incident response or reporting guidelines,
common vulnerabilities and patches, and configuration standards
or tools. Because these products are derived from intelligence
they are generally communicated on a need-to-know basis to a targeted
audience, such as the intelligence that is shared at both the classified
and unclassified level with State, local and private sector officials.
Together, these products provide a thorough, well-calibrated system
to prevent terrorist attack. The evolutionary nature of the advisory
system, and the authority resident in HSPD-3, enable the Secretary
to utilize a variety of tools to address terrorist threats that
may affect the United States.
Like other advisory systems, the success of the HSAS also depends upon our
ability to work closely with Federal, State, and local officials, the private
sector and the public. DHS not only communicates threat information but must
also provide our partners with specific actions that can be taken at all levels
to protect against the threat. The cornerstone of the HSAS is the protective
measures that are implemented at each Threat Condition. The Federal government,
States and the private sector each have a set of plans and protective measures
that are implemented when the Threat Condition is raised. It is these protective
measures and those specifically recommended in the HSAS communications tools
that reduce the nation's vulnerability to terrorist attacks. However, it must
be noted that while DHS encourages the adoption of the HSAS at the State and
local level, the HSAS is intended to supplement, not replace, other systems
currently implemented by State and local authorities and the private sector.
Prior to announcing a decision to elevate the Threat Condition, DHS communicates
directly with its Federal, State, local, private sector and international contacts
as appropriate. These communications provide specific information regarding
the intelligence supporting the change in the Threat Condition. As appropriate
for the audience, protective measures are developed and communicated with the
threat information prior to a public announcement of the decision. While at
a heightened Threat Condition, DHS maintains regular contact with State and
local officials and provides regular updates. In the event that threats are
targeted to particular cities or states, DHS provides those State and local
officials with the most detailed intelligence information possible at both
the classified and unclassified level.
It is important
to note that threat information that is shared by the Department,
the ultimate raising of the Threat Condition,
are actions primarily intended for security professionals at all
levels of government and the private sector. However, in this post
9/11 world, in some cases threat information distributed by the
Department or other Federal agencies eventually becomes accessible
in the public domain. Based on this reality, the HSAS has again
evolved to include a clear public explanation of the threat information
to avoid misinterpretation of the information. When a change is
made to the Threat Condition, DHS Secretary Tom Ridge includes
guidance to the public regarding specific actions that can be taken
in response to the threat. In addition to encouraging increased
vigilance, DHS has recommended specific actions for the public
including guidance for expediting their interactions with Transportation
Security Administration airport screeners when traveling by commercial
aviation. Although information is provided publicly regarding protective
measures, it is important for the public to understand that DHS
implements and recommends additional and more specific protective
measures to State and local officials that are only disseminated
to security professionals. Increasing citizen and community preparedness
is a Departmental priority. One year ago, Secretary Ridge launched
a multi-faceted public information campaign in conjunction with
the Ad Council, which has received over $150 million in donated
advertising. The public information campaign directs callers to
a web site or and “800” telephone number that provides
critical information on emergency preparedness and different types
of terrorist threats. Brochures on this effort are also distributed
through Post Offices across the country and Salvation Army distribution
centers as well as other private sector partners. The Ready information
campaign works in concert with the American Red Cross and Citizen
Corps, the department's initiative to mobilize volunteer leaders
to increase their community's preparedness. The Ready.gov website
provides specific actions individuals and families can take such
as creating and testing a family emergency plan and assembling
an emergency kit to ensure there are sufficient supplies available
when needed. Along with providing information to the public, DHS
also works with State and local officials and the private sector
in developing specific protective measures. The Department recognizes
that each State, locality and private sector facility is unique
and requires the development of different protective measures.
For example, the protective measures required for and implemented
by New York City are vastly different from the protective measures
that Orange County, California will implement. In recognition of
this difference, DHS communicates regularly with and provides technical
advice to State and local officials to assist in the development
of specialized and appropriate protective measures. Certain national
law enforcement associations have also been awarded Homeland Security
grant funding to further develop their own standard procedures
for security measures to correspond with HSAS Threat Conditions.
DHS also works directly with critical infrastructure owners and
operators to ensure that adequate protective measures and plans
are in place to reduce the vulnerability to terrorism. Through
this effort, DHS can deny terrorists the opportunity to use our
infrastructure as a weapon. Let me offer two examples of this
DHS sends out teams consisting of DHS personnel and personnel
from other agencies to critical infrastructure sites throughout
the country to conduct site assistance visits. These visits are
focused on identifying vulnerabilities and shared characteristics
of that critical infrastructure sector element. After the visits,
a report is prepared about the site and shared with local law enforcement,
Federal law enforcement and the owner/operator of the facility.
This procedure assists the owner/operator in identifying their
vulnerabilities and adding appropriate protective measures.
However, it is not enough just to “look inside the fence” and
identify the vulnerabilities of the site. We must work to remove
the operational environment for a terrorist outside these facilities.
To protect the area outside these critical infrastructure sites,
DHS also conducts and prepares buffer zone protection plans.
These community-based protection plans facilitate the development
of effective preventive measures and make it more difficult for
terrorists to conduct surveillance or launch an attack from the
immediate vicinity of a high value or high probability of success
site. The site assistance visits and buffer zone protection plans
are just two ways in which DHS partners with critical infrastructure
owners and operators to ensure that they have the best protective
measures to guard against any terrorist incident.
Since the creation of the Department of Homeland Security, the
HSAS has experienced an evolution from the preventative elevation
of the threat level from Yellow
to Orange during Operation Liberty Shield to the most recent threat specific
elevation during the December 2003 holiday season. Over the past year, the
system has been raised and lowered on three separate occasions, and each occurrence
demonstrates that the Department’s ongoing work to strengthen the system
has improved the implementation of the system specific to each emerging threat.
The evolutionary nature of the System, and the authority resident in HSPD-3,
enable the Secretary to utilize a wide variety of tools to address threats
that may affect the United States.
In the future as the Department matures and our implementation
of the HSAS continues to evolve, we will work diligently to provide
information that best suits the needs of Federal, State and local
officials, the private sector and the public. We look forward to
working with the Congress on ideas to improve the system. HSAS
is simply a tool and is one of the many means to the end we all
are working toward which is a secure homeland.
Thank you Mr. Chairman. I would be pleased to answer any questions
you may have.