Intelligence-Led Mitigation

Journal of Homeland Security and Emergency Management Volume 7, Issue 1 2010 Article 63 Intelligence-Led Mitigation Keeley Townsend∗ John P. Sullivan† Thomas Monahan‡ John Donnelly∗∗ ∗ Independent Researcher, ktowns@gmail.com Los Angeles County Sheriff’s Department, jpsulliv@lasd.org ‡ Las Vegas Metropolitan Police Department, t2936m@lvmpd.com ∗∗ DC Fire and Emergency Medical Services, john.donnelly@dc.gov † Copyright c 2010 The Berkeley Electronic Press. All rights reserved. Intelligence-Led Mitigation Keeley Townsend, John P. Sullivan, Thomas Monahan, and John Donnelly Abstract This paper explores methods for capitalizing on existing law enforcement intelligence capabilities to provide intelligence support to decision makers for a full spectrum of public safety and emergency service operations. Intelligence-led mitigation is a management philosophy and business process to proactively guide strategic, operational, and tactical decisions for mitigating the effects of intentional, accidental, and natural incidents. There is currently a gap in the intelligence products needed by public safety and emergency service organizations to support their resource decisions, and the quantity and quality of intelligence products they are receiving. This breach between producer and consumer exists across the country and at all levels of government. The intelligence-led mitigation model was designed to demonstrate how the existing principles and processes of intelligence-led policing can be applied to a broader set of incidents, incident phases, and stakeholders in order to effectively and efficiently fill this critical intelligence gap. KEYWORDS: mitigation, intelligence requirements, risk reduction, situational awareness Townsend et al.: Intelligence-Led Mitigation 1 Intelligence-led mitigation is a management philosophy and business process to proactively guide strategic, operational, and tactical decisions for mitigating the effects of intentional, accidental, and natural incidents. The premise of intelligence-led mitigation includes the intelligence-led policing approach for systematically collecting, organizing, analyzing, and utilizing intelligence to make informed resource decisions. However, while the goal of intelligence-led policing is to support law enforcement actions for crime prevention, disruption, and investigation, the goal of intelligence-led mitigation is to provide organizations with public safety and emergency service functions (including law enforcement) with intelligence products which enhance their understanding of the operational environment and enable them to make informed resource decisions on appropriate preparedness, prevention, protection, response, and recovery actions to mitigate incidents. Background Because intelligence-led mitigation follows the intelligence-led policing approach and intelligence processes, it is useful to review the principles of intelligence-led policing and how the approach has been used within the international law enforcement community. An understanding of the application of intelligence-led mitigation will be further supported by an examination of the scope of operations that fall under the umbrella of mitigation within this context, as well as a comparison of the intelligence-led policing and intelligence-led mitigation concepts. Intelligence-Led Policing Intelligence-led policing has numerous accepted definitions, including: ▪ “the collection and analysis of information to produce an intelligence end product designed to inform law enforcement decision making at the tactical and strategic levels.” (110th Congress 2007; DOJ/OJP 2003, p. 3-4) ▪ “a business process for systematically collecting, organizing, analyzing, and utilizing intelligence to guide law enforcement operational and tactical decisions.” (Global 2009, p. 3) ▪ “the application of criminal intelligence analysis as an objective decisionmaking tool in order to facilitate crime reduction and prevention through effective policing strategies and external partnership projects drawn from an evidential base.” (Ratcliffe 2003, p. 3) Published by The Berkeley Electronic Press, 2010 2 JHSEM: Vol. 7 [2010], No. 1, Article 63 ▪ “a collaborative philosophy that starts with information, gathered at all levels of the organization that is analyzed to create useful intelligence and an improved understanding of the operational environment.” (CPT 2006, p. 3) The concept of intelligence-led policing originated in the United Kingdom (UK) in the 1990s, “where a seemingly inexorable rise in crime during the late 1980s and early 1990s coincided with increasing calls for police to be more effective and to be more cost-efficient.” (Ratcliffe 2003, p2) Today, the UK’s National Intelligence Model promotes the widespread institutionalization of the intelligence-led policing approach across the UK to “rationalise and systematise the ways in which the police service handles information and makes key decisions about the deployment of resources.” (John 2004, p. 2) Within the United States (US), intelligence-led policing gained popularity after the events of September 11, 2001, which heightened recognition of the role intelligence can and should play in local law enforcement decision making. The concept was first formally introduced stateside by the International Association of Chiefs of Police at their 2002 Criminal Intelligence Sharing Summit. (IACP 2002) According to the US Department of Justice National Criminal Intelligence Sharing Plan (October 2003), “the primary purpose of intelligence-led policing is to provide public safety decision makers the information they need to protect the lives of our citizens.” (DOJ/OJP 2004, p. v) The New Jersey State Police (NJSP) Practical Guide to Intelligence-Led Policing (September 2006) further describes the principles for implementing an intelligence-led policing approach to target resource allocation for combating crime, terrorism, and other law enforcement issues. (CPT 2006, p. 1) The Guide acknowledges the NJSP’s “primary responsibility as a state policing organization is to prevent and disrupt crime and terrorism” and that they “will do so by leveraging an intelligence apparatus that communicates clearly, shares information, and focuses resources.” (CPT 2006, p. 1) Thanks to its successful application within the UK and in many domains within the US, the intelligence-led policing approach is now also being used by law enforcement and military personnel in Afghanistan. According to a June 2009 British Ministry of Defence report, “intelligence-led policing has allowed the Afghan National Army, with coalition help, to carry out 146 drug arrests leading to the first heavy jail sentences (10 to 16 years).” (MOD 2009) Mitigation Within the context of public safety and emergency service functions, mitigation can be defined as actions taken to reduce or eliminate risks—from intentional, accidental, and natural incidents—that could negatively impact life, property, http://www.bepress.com/jhsem/vol7/iss1/63 Townsend et al.: Intelligence-Led Mitigation 3 and/or critical services. Mitigation actions can be taken before, during, or after an incident, and may include measures to reduce threats, abate vulnerabilities, and/or minimize the severity of incident consequences. Historically, the term ‘mitigation’ has most commonly been associated mainly with actions taken to avoid environmental damage or to address natural disasters. This inclination is supported by two major pieces of legislation: ▪ Code of Federal Regulations, Title 40: Protection of Environment, Part 1508.20 (incorporated into the National Environmental Policy Act) states that “mitigation includes: avoiding the impact altogether by not taking a certain action or parts of an action; minimizing impacts by limiting the degree or magnitude of the action and its implementation; rectifying the impact by repairing, rehabilitating, or restoring the affected environment; reducing or eliminating the impact over time by preservation and maintenance operations during the life of the action; compensating for the impact by replacing or providing substitute resources or environments.” (40 CFR 1508.20 2009) ▪ The Disaster Mitigation Act of 2000—Public Law 106–390—cites a Congressional finding that “natural disasters, including earthquakes, tsunamis, tornadoes, hurricanes, flooding, and wildfires, pose great danger to human life and to property throughout the United States” and that “predisaster hazard mitigation measures” should be “designed to reduce injuries, loss of life, and damage and destruction of property, including damage to critical services and facilities.” (106th Congress 2000) While the core purpose of mitigation and several elements of mitigation measures are captured in the above, the application of mitigation actions is far broader than just environmental protection and natural disaster remediation. For example, the US Army Technical Escort Unit conducts “rapid deployment to provide chemical and biological advice, verification, detection, mitigation, decontamination, escort, and remediation of chemical and biological devices or hazards worldwide. In accomplishing this mission, it has provided support to, among others, the Federal Bureau of Investigation, the Federal Emergency Management Agency, the Environmental Protection Agency, and the United Nations.” (Bowman 2003, p. 6) The US Department of Justice currently employs a ‘risk mitigation’ process that requires them to “conduct vulnerability assessments to identify risks to its critical infrastructure. After the vulnerability assessments, remedial action plans are required to mitigate the exploitation of risks until the vulnerabilities are eliminated or reduced to an acceptable level.” (DOJ/OIG 2003, p. iv) The Federal Bureau of Investigation (FBI) also uses mitigation actions to achieve its strategic Published by The Berkeley Electronic Press, 2010 4 JHSEM: Vol. 7 [2010], No. 1, Article 63 objective of identifying and responding to weapons of mass destruction (WMD) threats. The FBI Strategic Plan 2004-2009 identifies that “the FBI must be prepared to mitigate the threat from a WMD attack through training and cooperation with state and local law enforcement partners, as well as federal agencies with homeland security responsibilities.” (FBI 2004, p. 32) The relationship between intelligence and mitigation is also not an entirely new concept. The US Department of Homeland Security, Immigration and Customs Enforcement’s Office of Intelligence provides intelligence support to law enforcement and homeland security mitigation efforts by: identifying patterns, trends, routes and methods of criminal activity; prioritizing current enforcement efforts; predicting emerging or future threats; identifying potential systemic vulnerabilities; and, identifying methods to mitigate those vulnerabilities. (ICE 2010) The US Secret Service, which has unique statutory authorities to use intelligence to prevent attacks on the nation’s leaders and visiting foreign dignitaries, “is principally a consumer of intelligence which it analyzes to mitigate threats to those it is charged to protect.” (Randol 2009, p. 49) Finally, the National Counterproliferation Center (NCPC), which resides within the Office of the Director of National Intelligence (ODNI), recognizes mitigation as a part of their mandate to support the Intelligence Community with countering the proliferation of WMDs. The “NCPC conducts strategic counterproliferation planning for the IC to support policy efforts to prevent, halt, or mitigate the proliferation of WMDs, their delivery systems, and related materials and technologies.” (ODNI 2009, p. 26) Intelligence-Led Policing Intelligence-Led Mitigation At the core of both the intelligence-led policing and intelligence-led mitigation concepts is the use of the intelligence cycle, which “seeks to set appropriate tasking priorities for the collection of basic data, process that data into an easily useable format, analyze it to create situational awareness through intelligence products that support tactical, operational and strategic needs, then disseminate those products to customers who provide feedback on what additional or new intelligence requirements remain. The cycle begins anew as new requirements are again balanced against command guidance, operational needs, and resource constraints.” (CPT 2006, p. 6) Within intelligence-led policing, intelligence products that result from the intelligence cycle are used by law enforcement agencies to make resource decisions aimed at increasing the effectiveness and efficiency of actions to prevent, disrupt, and investigate major crimes and terrorism. (See the New Jersey State Police Practical Guide to Intelligence-Led policing for more information on the application of an intelligence-led policing approach.) Within intelligence-led http://www.bepress.com/jhsem/vol7/iss1/63 Townsend et al.: Intelligence-Led Mitigation 5 mitigation, the same intelligence cycle process is employed, but it is used to provide intelligence support to a wider stakeholder group, for making resource decisions in a wider set of applications. The expanded stakeholder group addressed by intelligence-led mitigation incorporates all organizations with public safety and/or emergency service functions. This includes any governmental or private sector organization that has the responsibility to perform law enforcement, security, fire suppression, emergency medical service, hazardous material, search and rescue, public health, environmental health, or emergency management operations. The mitigation applications for intelligence produced through the intelligence cycle include preparing for, preventing, protecting against, responding to, and recovering from intentional, accidental, or natural incidents. Intelligence-Led Mitigation (ILM) Major Crimes, Terrorism Intentional, Accidental, Natural Incidents Evaluation Collection Intelligence Cycle Dissemination Analysis & Production Prevention, Disruption, Investigation Planning & Direction Preparedness, Prevention, Protection, Response, Recovery Intelligence-Led Policing (ILP) Law Enforcement Public Safety & Emergency Services [law enforcement, security, fire suppression, EMS, HazMat, S&R, public health, environmental health, emergency management] Figure 1. Intelligence-led mitigation is an expansion of intelligence-led policing. Published by The Berkeley Electronic Press, 2010 6 JHSEM: Vol. 7 [2010], No. 1, Article 63 It may be difficult to delineate a hard line between ‘policing’ and ‘mitigation’ as they are defined here, but that is because many policing actions are also essentially mitigation actions (i.e. actions taken to reduce risks). For example: crime prevention actions can mitigate current threats; the result of criminal investigations can mitigate future threats; and, actions taken to disrupt criminal activities can mitigate vulnerabilities. This line is further blurred by the fact that both intelligence-led policing and intelligence-led mitigation utilize the same processes for generating intelligence, and many intelligence products can be used to support both policing and mitigation actions. The two concepts share a core structure, have related (and in some cases overlapping) elements, and collectively cover the broad homeland security community for the full spectrum of homeland security operations. The conceptual distinction is that intelligenceled mitigation supplements the intelligence-led policing stakeholder definition in order to expand the landscape of intelligence content, context, and customers served. Principles Intelligence-led mitigation involves the use of intelligence products to make informed resource decisions for appropriate mitigation actions. In order to make those decisions, strategic leaders, incident commanders, and field operators need to have a high degree of situational awareness about the operational environment. Intelligence products that help leaders, commanders, and operators achieve this level of awareness must be driven by a clear articulation of their intelligence requirements, which are in turn driven by an understanding of the types of resource decisions they must be equipped to make. Situational Awareness The most common definition of situational awareness is simply ‘knowing what is going on around you.’ This definition is often narrowly interpreted as information in a static state, or having a snapshot of how things are right now. Within the public safety and emergency service context, static situational awareness could be equated with the information obtained by performing an initial assessment upon arriving at an incident, without prior knowledge of the physical environment, intelligence about what led up to the incident, or intelligence on known or believed incident characteristics (e.g. the presence of hazardous materials). This level of awareness is insufficient for effective decision making. On the other end of the spectrum, dynamic situational awareness involves the ability to understand the current operational environment, anticipate how that http://www.bepress.com/jhsem/vol7/iss1/63 Townsend et al.: Intelligence-Led Mitigation 7 environment might change, and ascertain changes as they occur. For a public safety or emergency service decision maker, having dynamic situational awareness would mean: having been provided with relevant intelligence prior to the incident so they could understand the risks associated with that type of incident occurring in that location (and thus plan accordingly); receiving current intelligence regarding the incident so they could anticipate how the specific characteristics of the incident could affect their response operations; and, receiving intelligence updates throughout the incident so they could ascertain changes in the operational environment and make appropriate tactical and safety decisions. Developing and maintaining dynamic situational awareness requires a continual supply of intelligence (defined as analyzed data or information) about the operational environment—before, during, and after an incident. But more importantly than simply receiving intelligence inputs is receiving accurate, relevant, timely, and current intelligence. There is an important distinction between growth and development that is worth noting here: growth is an increase in size or quantity; development is a maturation of capabilities. Situational awareness can grow through an influx of mass amounts of intelligence, but the intelligence may not necessarily be what a commander needs, and the large quantity of intelligence products may actually hinder the decision making process because of the need to decipher relevant pieces (what some academics refer to as ‘analysis paralysis’). Acute situational awareness is developed when the commander has the intelligence he actually needs, when he needs it, in order to make rapid decisions; it is maintained when the intelligence a commander is provided is updated and built upon (matured) as the threat or incident environment evolves. Finished intelligence is never fully ‘finished’ until the threat has been entirely dissolved or the incident has been fully remediated. The spiral development approach—a part of the Department of Defense (DoD) evolutionary acquisition strategy for obtaining mature technology— provides a parallel model for how dynamic situational awareness can be developed and maintained. Spiral development includes identifying a desired capability, without entirely knowing the end state requirements. As the program evolves, the user is provided “with the best available capability at that time and then future requirements are developed and refined over time based on demonstration, risk management, and continuous user feedback.” (Reifer 2006, p. 67) In the case of dynamic situational awareness, the desired capability is an intelligence-driven understanding of the current risk environment. As the risk environment or actual incident evolves, decision makers are provided with the best available intelligence at that time in order to maintain an accurate understanding of the operational environment. And as with the DoD’s spiral development approach, dynamic situational awareness requires that appropriate Published by The Berkeley Electronic Press, 2010 8 JHSEM: Vol. 7 [2010], No. 1, Article 63 intelligence requirements are repeatedly refined through the demonstration of their utility, updated risk management assessments, and continuous user feedback. The application of dynamic situational awareness for making strategic, operational, and tactical decisions for effective mitigation actions is best demonstrated by the US Air Force Colonel John Boyd’s observe-orient-decide-act loop (also know as the OODA loop or Boyd Cycle). The OODA loop describes the decision-making process as a “four-phase cycle that involves Observing the environment, Orienting to what was observed, Deciding on a course of action, and Acting.” (Sullivan & Bauer 2008, p. 98) Intelligence plays a critical role in the Observe and Orient phases. “A decision-maker’s ability to rapidly cycle through both these phases is strongly dependent on an effective intelligence process with the capacity and capability to provide a steady flow of quality intelligence. In any operational environment involving the use of intelligence, the process used to develop decision support products must be tailored to satisfy both the system’s knowledge requirements and its desired pace of operations.” (Sullivan & Bauer 2008, p. 98) The Los Angeles Terrorism Early Warning (TEW) Group model captures the concept of dynamic situational awareness for their counterterrorism operations by “establishing, maintaining, sharing and constantly improving situational awareness” through intelligence support to reduce the degree of uncertainty in a conflict environment. (Sullivan & Bauer 2008, p. 108) The Los Angeles TEW’s Concept of Operations further states: Establishing situational awareness requires the intelligence operation to routinely track the most dynamic and influential variables within the conflict environment in order to provide an accurate description of “what is” at any moment in time. Further, intelligence operations seek to identify predictable patterns in environmental variables – situational understanding – in order to provide assessments that reach beyond simply describing “what is,” but also identifying potential outcomes, or “what will be.” (Sullivan & Bauer 2008, p. 109) Intelligence Requirements Before intelligence analysts and managers can provide decision makers with the intelligence they actually need to make informed resource decisions on appropriate strategic, operational, and tactical mitigation actions, they must first understand the consumers’ intelligence requirements. An intelligence requirement in this context can be defined as a requirement for intelligence to fill a gap in the knowledge or understanding of the operational environment—before, during, and after an incident. http://www.bepress.com/jhsem/vol7/iss1/63 Townsend et al.: Intelligence-Led Mitigation 9 For example, if an improvised explosive device was detonated at a chemical plant, public safety and emergency service decision makers may have the following general intelligence requirements to help them develop and maintain dynamic situational awareness of the operational environment: ▪ Pre-incident intelligence on threats to chemical facilities, vulnerability assessments of chemical facilities, and consequence models for explosions within chemical facilities. (If available, intelligence on the specific facility in question would be of greatest benefit, but intelligence on similar facilities within the sector generally would also prove highly valuable.) ▪ Trans-incident intelligence on known characteristics of the attack, potential secondary threats to the facility or to the responders, additional facility vulnerabilities created by compromises to the facility structure or support infrastructure, and consequence models based on the actual incident (e.g. plume models for discharged chemicals). ▪ Post-incident intelligence on secondary incidents, updated damage reports on facility structure and support infrastructure, other affected critical infrastructure, and updated consequence models, as well as operational best practices that are identified during the course of incident operations and/or through the development of the incident after-action report. The process of identifying intelligence requirements for mitigation actions requires the active participation of the public safety and emergency service practitioners that will be using the resulting intelligence products to support their decision making process. This participation should take place routinely so the public safety and emergency service managers can better understand the intelligence lexicon and process. Participation should also begin during the early stages of the ‘planning and direction’ phase of the intelligence cycle and continue throughout the cycle via the intelligence analyst and manager utilization of subject matter experts within public safety and emergency service fields, as well as detailed feedback from consumers once intelligence products are received and used. “While the intelligence product’s timeliness and accuracy are critical, the primary value of the product is determined by its relevance and utility within the decision-making system it is intended to support (customer satisfaction).” (Sullivan & Bauer 2008, p. 99) Intelligence analysts won’t be able to satisfy customers if the customers don’t provide feedback on their level of satisfaction. As intelligence analysts and managers better understand these intelligence requirements, they can modify their list of standing and priority information needs to ensure they are collecting the full spectrum of data and information necessary to generate intelligence products to meaningfully support mitigation actions. Published by The Berkeley Electronic Press, 2010 10 JHSEM: Vol. 7 [2010], No. 1, Article 63 Resource Decisions While the Incident Command System (ICS) was designed to organize on-scene emergency management, the system structure provides a convenient framework for illustrating the nature of resource decisions that public safety and emergency service strategic leaders, incident commanders, and field operators must make. For example, using ICS categories, the Operations Section Chief could use intelligence products to identify when and where strike teams are able to safely operate, determine the need for and optimal placement of air support, and establish and maintain a secure staging area. The Planning Section Chief could use intelligence products to inform situation reports, create incident action plans, and identify the need for contingency plans and technical specialists. The Logistics Section Chief could use intelligence products to identify requisite security precautions and anticipate future supply needs. The ultimate consumer of intelligence under the ICS structure is of course the Incident Commander—the person responsible for ensuring that incident operations are not only effective, but also that they are conducted in a manner which protects the safety of victims and responders alike. The primary mission for intelligence producers within this framework is therefore to provide commanders with intelligence products that support their ability to make critical decisions with speed and confidence. “In the world of emergency response, managing safety is fundamentally a question of managing risk. Because dangers are inevitable, decisionmakers must weigh the potential benefits of response activities against the risks involved. The ability to perform such risk-benefit analysis effectively depends on ready access to accurate and comprehensive information [intelligence].” (Jackson 2004, p. 23) An examination of strategic, operational, and tactical intelligence and the general categories of decisions they support provides another way to break down resource decisions related to mitigation actions that can be supported by intelligence products. Within the realm of intelligence-led mitigation: ▪ Intelligence for strategic decisions refers to the intelligence required for the formation of policies or plans at agency, city, regional, or state levels. For example, a public safety or emergency service organization receives intelligence that an adversary overseas has recently been employing a new type of chemical weapon, and that there is reason to believe they have the desire and reasonable capability to use it stateside. The organization can create a policy requiring personnel to use appropriate monitoring equipment at all incidents to immediately determine if this type of chemical is present at an incident site. They can also establish a city-wide plan outlining http://www.bepress.com/jhsem/vol7/iss1/63 Townsend et al.: Intelligence-Led Mitigation 11 protocols for appropriate medical countermeasures if this type of chemical is used. These actions would help mitigate the consequences of an incident. ▪ Intelligence for operational decisions refers to the intelligence required for planning and conducting operations to accomplish strategic objectives within operational areas. For example, a public safety or emergency service organization receives intelligence that munitions are being stored at an unmarked federal facility within the response area of responsibility of a local fire department battalion and law enforcement precinct. The intelligence includes the facility specifications and munitions properties, and an assessment that some structures within the facility may not be able to withstand hurricane force winds or a moderate earthquake. The fire department and law enforcement units can use that intelligence to identify appropriate training and exercises for their units, perform familiarization drills with the facility operators, and draft contingency plans for structure collapse. These actions would help mitigate vulnerabilities of both the facility and the responders. ▪ Intelligence for tactical decisions refers to the intelligence required for the planning and conduct of tactical operations. For example, a public safety or emergency service organization receives intelligence that an adversary wishes to arm ambulances with vehicle borne improvised explosive devices and detonate them at incident scenes to target first responders. Follow-up intelligence indicates that an ambulance and first responder uniforms were both recently reported missing. Law enforcement units at an incident can use that intelligence to decide on setting a wider perimeter area around the incident and to search all ambulances entering the perimeter. These actions would help mitigate both a threat and the vulnerability of responders. The oil industry provides a good illustration of an intelligence-led mitigation approach that is being used today to make resource allocation decisions. The principles of Tiered Preparedness and Response were developed during the 1980s by oil industry companies and promoted by the International Maritime Organization to ensure a risk-based system for identifying and structuring capabilities for effectively responding to an oil spill anywhere in the world. The system includes first looking at data on identified events that could lead to an oil spill, the likelihood of occurrence, and the potential impacts, and then developing scenarios that can be used to identify the most effective and efficient resource configurations for mitigating spill-associated risks. Specific data points examined include the probability of an oil spill, spill volume, oil type, climate, terrain, proximity to and sensitivity of socio-economic resources, and the feasibility to mount a safe and effective response. (IPIECA 2007, p. 6) In practice, the analysis of this data produces intelligence that is used by the oil Published by The Berkeley Electronic Press, 2010 12 JHSEM: Vol. 7 [2010], No. 1, Article 63 industry and relevant government bodies to make informed resource decisions for their strategic, operational, and tactical mitigation actions. Implementation The most fundamental need for implementing an intelligence-led mitigation approach is to get intelligence producers and consumers to pursue a common mission and communicate with a common lexicon. It’s probably fair to say that the intelligence cycle is not an intuitive process for most public safety and emergency service personnel, and that the Incident Command System is not an intuitive process for most members of the federal Intelligence Community or state / local intelligence units. Therefore achieving a state where intelligence producers are able to provide intelligence products that meet consumer needs requires that both sides proactively teach, learn, and find common ground. The following provides some basic actions that organizations and personnel on both sides can take to enhance their collective intelligence capabilities. Intelligence Producers Know your consumers: ▪ Understand the roles and responsibilities of public safety and emergency service personnel, including the types of incidents they operate at and the mitigation functions they perform. This can be done by interviewing personnel, studying the Incident Command System, observing planning meetings and exercises, and reading incident after-action reports. ▪ Identify the types of intelligence that could support consumer needs. While researching public safety and emergency service mitigation functions, capture the potential pieces of intelligence or intelligence products that could help strategic leaders, incident commanders, and field operators make effective resource decisions to execute those functions. Engage with your consumers: ▪ Solicit input from public safety and emergency service personnel throughout the intelligence cycle process to ensure a thorough understanding of their intelligence needs and to ensure the intelligence unit or center has the necessary components in place to meet those needs. ▪ Provide consumers with a robust feedback mechanism to capture whether or not the intelligence provided was: accurate—validated by experience within the operational environment; relevant—supported the ability to make http://www.bepress.com/jhsem/vol7/iss1/63 Townsend et al.: Intelligence-Led Mitigation 13 appropriate resource decisions; timely—was received when actually needed; and, current—was not superseded by concurrent intelligence products from other sources or by observed conditions. Intelligence Consumers Know your producers: ▪ Understand the federal, state, local, and private sector producers of intelligence that exist, and their intelligence production capabilities. Reach out to these producers to better understand what they do and how they operate. ▪ Learn from best practices. Identify existing relationships between intelligence producers and other public safety and emergency service organizations to better understand how resource decisions for mitigation functions can be supported by intelligence products. Engage with your producers: ▪ Solicit intelligence support from intelligence producers, instead of waiting for them to make an offer. Producers may not be aware there are potential consumers out there who could benefit from existing intelligence products and/or an expansion of the current product line. ▪ Use the intelligence products and provide feedback to help shape future products. Many intelligence producers will be eager to effectively serve the public safety and emergency service communities, but will be ineffective without honest feedback on the utility of the intelligence they are providing. Intelligence Centers Mitigation actions are generally most effective when they are the result of collaborative actions by multiple agencies and/or disciplines. Logically, the intelligence products to support those actions are generally best suited to meet consumer needs when they are the result of collaborative intelligence production efforts. There are currently numerous multiagency / multidisciplinary intelligence centers which are either currently producing intelligence products to support mitigation actions, or are currently capable of doing so. Some of these centers are managed by federal agencies, including Department of Defense Joint Intelligence Operations Centers (JIOCs) and FBI Joint Terrorism Task Force (JTTFs), while others are managed by state and local authorities, including Terrorism Early Warning Groups (TEWs) and state/regional/local fusion centers. Published by The Berkeley Electronic Press, 2010 14 JHSEM: Vol. 7 [2010], No. 1, Article 63 There is no single intelligence center model that will fit the unique intelligence production needs within every operational environment. However, examining techniques employed within other centers may help intelligence analysts and managers identify approaches and products their centers could adopt to better support mitigation actions. Examples of how several intelligence centers have addressed the intelligence needs of public safety and emergency service organizations include: ▪ The Los Angeles Terrorism Early Warning Group (TEW) developed an Intelligence Preparation for Operations (IPO) process—modeled after the military’s Intelligence Preparation of the Battlefield approach—to meet the intelligence needs of the response community. The IPO process includes the use of a wide variety of information on local, national, and international threats, the local response environment (e.g. population, terrain, weather, and culture), and local response capabilities. The TEW model analyzes this information to produce tailored intelligence products to support preparedness and response for named areas of interest (potential target locations) and likely incident scenarios. ▪ The Southern Nevada Counter-Terrorism Center (SNCTC) generates intelligence products that address counter-terrorism, emergency management, and chemical, biological, radiological / nuclear, and explosive incident (CBRNE) response mitigation functions. Intelligence sharing by the Center occurs across federal, state, local, tribal, territorial, regional, and private sector entities to achieve coordinated awareness of, prevention of, protection against, and response to domestic and international terrorist threats, as well as major disasters and other emergencies. ▪ The Washington Regional Threat and Analysis Center (WRTAC) facilitates the flow of intelligence across multiple levels and sectors of government and private industry in order to protect and secure the District of Columbia (DC) and the surrounding region. The WRTAC works with the DC Office of Homeland Security and Emergency Management Agency (HSEMA) and Emergency Operations Center to provide intelligence support for mitigation actions through the development of products designed to enhance situational awareness and create a Common Operating Picture before and during an incident. Conclusion Effectively reducing the risks associated with an event requires first reducing the number of unknowns about that event. This principle is especially applicable to mitigating the negative impacts of incidents that could threaten life, property, and critical services. http://www.bepress.com/jhsem/vol7/iss1/63 Townsend et al.: Intelligence-Led Mitigation 15 The unknowns about incidents—including terrorist attacks, industrial accidents, and natural disasters—and ergo the risks associated with those incidents can be significantly abated by providing law enforcement, security, fire suppression, emergency medical service, hazardous material, search and rescue, public health, environmental health, and emergency management organizations with accurate, relevant, timely, and current intelligence. Intelligence products must meet the actual mitigation-related intelligence requirements of these public safety and emergency service consumers in order to meaningfully support their ability to understand the operational environment, anticipate how that environment might change, and ascertain changes as they occur. Intelligence products must also be provided to these consumers when they are actually needed. There is a tremendous amount of long-range preplanning involved in developing the requisite operational capabilities, capacities, and proficiencies to prevent, protect against, respond to, and recover from current and future threats. Receiving intelligence products on these threats and related assessments at the earliest possible moment is an imperative component for enabling strategic leaders to make the appropriate resource decisions. And as the threats or incidents evolve, incident commanders and field operators must continue to be provided with the best available intelligence in order to maintain acute situational awareness of the environment within which they are operating. There is currently a gap in the intelligence products needed by public safety and emergency service organizations to support their resource decisions, and the quantity and quality of intelligence products they are receiving. This breach between producer and consumer exists across the country and at all levels of government. The intelligence-led mitigation model was designed to demonstrate how the existing principles and processes of intelligence-led policing can be applied to a broader set of incidents, incident phases, and stakeholders in order to effectively and efficiently fill this critical intelligence gap. References 106th Congress, 2000. Disaster Mitigation Act of 2000 (Public Law 106–390). Washington DC: Government Printing Office. Retrieved from http://frwebgate.access.gpo.gov/cgibin/getdoc.cgi?dbname=106_cong_public_laws&docid=f:publ390.106.pdf 110th Congress, 2007. Implementing Recommendations of the 9/11 Commission Act of 2007 (Public Law 110-53). Washington DC: Government Printing Office. Retrieved from http://frwebgate.access.gpo.gov/cgibin/getdoc.cgi?dbname=110_cong_public_laws&docid=f:publ053.110.pdf Published by The Berkeley Electronic Press, 2010 16 JHSEM: Vol. 7 [2010], No. 1, Article 63 Bowman, S., 2003. Homeland Security: The Department of Defense's Role (Congressional Research Service, RL31615). Washington DC: Library of Congress. Retrieved from http://www.dtic.mil/cgibin/GetTRDoc?AD=ADA463091&Location=U2&doc=GetTRDoc.pdf Center for Policing Terrorism at the Manhattan Institute (CPT), 2006. New Jersey State Police Practical Guide to Intelligence-Led Policing. New York, NY: Manhattan Institute for Policy Research. Retrieved from http://www.cptmi.org/pdf/NJPoliceGuide.pdf Code of Federal Regulations Title 40: Protection of Environment (40 CFR 1508.20), 2009. Washington DC: Government Printing Office. Retrieved from http://ecfr.gpoaccess.gov/cgi/t/text/textidx?c=ecfr&sid=8c7d0cb38679080debcf2b6c41cba048&rgn=div8&view= text&node=40:32.0.3.3.9.0.29.20&idno=40 International Association of Chiefs of Police (IACP), 2002. Criminal Intelligence Sharing: A National Plan for Intelligence-Led Policing at the Local, State and Federal Levels. Proceedings of the International Association of Chiefs of Police (IACP) Criminal Intelligence Sharing Summit, http://www.cops.usdoj.gov/files/RIC/Publications/criminalintelligenceshar ing_web.pdf International Petroleum Industry Environmental Conservation Association (IPIECA), 2007. IPIECA Guide to Tiered Preparedness and Response Volume 14. London, UK: International Petroleum Industry Environmental Conservation Association. Retrieved from http://www.ipieca.org/activities/oilspill/downloads/publications Jackson, B. A., Baker, J. C., Ridgely, M. S. , Bartis, J. T. , & Linn, H. I., 2004. Protecting Emergency Responders: Safety Management in Disaster and Terrorism Response (Department of Health and Human Services, Centers for Disease Control and Prevention, National Institute for Occupational Safety and Health Publication No. 2004-144; RAND Publication No. MG170). Cincinnati, OH: National Institute for Occupational Safety and Health, Publications Dissemination. Retrieved from http://www.cdc.gov/niosh/docs/2004-144/pdfs/2004-144.pdf John, T., & Maguire, M., 2004. The National Intelligence Model: Key Lessons from Early Research (ISBN 1 84473 308 4). London, UK: Home Office, Research Development and Statistics Directorate, Communication Development Unit. Retrieved from http://www.homeoffice.gov.uk/rds/pdfs04/rdsolr3004.pdf Ministry of Defence (MOD), 2009. Reconstructing lashkar gah. Defence Focus Magazine, June 25, 2009. Retrieved from http://www.mod.uk/DefenceInternet/DefenceNews/DefencePolicyAndBus iness/ReconstructingLashkarGah.htm http://www.bepress.com/jhsem/vol7/iss1/63 Townsend et al.: Intelligence-Led Mitigation 17 Office of the Director of National Intelligence (ODNI), 2009. National Intelligence: A Consumer's Guide. Retrieved from http://www.dni.gov/IC_Consumers_Guide_2009.pdf Randol, M., 2009. The Department of Homeland Security Intelligence Enterprise: Operational Overview and oversight Challenges for Congress (Congressional Research Service R40602). Washington DC: Library of Congress. Retrieved from http://assets.opencrs.com/rpts/R40602_20090527.pdf Ratcliffe, J., 2003. Intelligence-Led Policing (ISBN 0 642 24297 6). Canberra, Australia: Australian Institute of Criminology. Retrieved from http://www.aic.gov.au/documents/7/E/8/%7B7E86F617-9151-4300B53B-D45F6F876360%7Dti248.pdf Reifer, D., & Boehm, B., 2006. Providing Incentives for Spiral Developments: An award fee plan. Defense Acquisition Review Journal, 12(1). Retrieved from http://www.dau.mil/pubscats/PubsCats/AR%20Journal/Reifer%20final.pdf Sullivan, J., & Bauer, A., 2008. Terrorism Early Warning: 10 Years of Achievement in Fighting Terrorism and Crime. Los Angeles, CA: Los Angeles County Sheriff's Department. Retrieved from http://www.lasd.org/tew/TEW2009.pdf U.S. Department of Homeland Security, Immigration and Customs Enforcement (ICE), 2010. Retrieved from http://www.ice.gov/intel/ U.S. Department of Justice, Federal Bureau of Investigations (FBI), 2004. Federal Bureau of Investigation Strategic plan 2004-2009. Retrieved from http://www.fbi.gov/publications/strategicplan/strategicplanfull.pdf U.S. Department of Justice, Global Justice Information Sharing Initiative (Global), 2009. Navigating Your Agency’s Path to Intelligence-Led Policing. Retrieved from http://it.ojp.gov/docdownloader.aspx?ddid=1082 U.S. Department of Justice, Office of the Inspector General (DOJ/OIG), 2003. Department Critical Infrastructure Protection: Implementing Plans to Protect Cyber-based Infrastructure (Audit Report 04-05). Retrieved from http://www.justice.gov/oig/reports/plus/a0405/final.pdf U.S. Department of Justice, Office of Justice Programs (DOJ/OJP), 2003. The National Criminal Intelligence Sharing Plan. Retrieved from http://it.ojp.gov/documents/National_Criminal_Intelligence_Sharing_Plan. pdf Published by The Berkeley Electronic Press, 2010