Chertoff’s opening address, titled “Security, Risk, and Crisis Management in the Coming Decade”, culled the former Bush Administration official’s wealth of experience in security and risk management, including the time he spent as the Justice Department’s criminal division head just after the September 11 terrorist attacks.
As the former homeland security secretary from 2005–2009, Chertoff said that he “saw pretty much every type of catastrophe and disaster that is possible to see”. His job, he continued, included responsibility for prevention, mitigation, response, and resiliency.
“The lesson I try to convey [from my experience] is that there is no such thing as risk elimination”, he told the audience. “If you eliminate the risk, then you probably would eliminate everything good in society. Even if you could eliminate risk, the cost would be incredibly high.”
To illustrate this point, Chertoff said that in the wake of the 9/11 terrorist attacks, the US could have eliminated the potential for bombs on planes, or planes being used as weapons. “But then we wouldn’t have airplanes, and we wouldn’t fly”, he asserted.
He juxtaposed this against our current security protocols, which he said are “designed to manage risk...it’s not a perfect solution, it doesn’t guarantee there are no bombs on planes. It just manages and minimizes the risk” – what he called the lesson of “calibrating risk management”.
The process of risk management, Chertoff continued, also includes managing expectations. “You have to teach people to have a reasonable set of expectations” he said, which means that failures of any risk management plan are inevitable. The key, Chertoff implored, is being prepared to combat the failures and to hold steady in the face of crisis, thus avoiding overcompensation in response or under-delivering on the task at hand.
“Whether its physical security or cybersecurity, it’s really the same principles at work”, he added.
Managing a Crisis
Chertoff then outlined three successful keys to managing a crisis or catastrophe, careful to point out that managing a crisis does not necessarily mean a “happy ending” to a particular disaster. “By definition”, Chertoff said, “a crisis or disaster is unhappy, and will never result in a celebration. It’s a matter of managing the process.”
The three keys included: planning, communication, and decisiveness.
“It is often said that no plan survives first contact with the enemy”, the former cabinet member relayed. “But it is true that without a plan, and more important, that without a plan in process, it is impossible to adapt while managing a crisis.”
In clarifying, Chertoff said that having a response plan in place is the first step in being flexible when situations dictate a change in direction. “That was the great lesson of Hurricane Katrina”, he reflected, noting that, during that calamity, the federal government did not have a plan in place for being the primary responder to a natural disaster.
Examples from Hurricane Katrina also lend themselves to the communication aspects of Chertoff’s three-point response strategy, and it includes both the incoming and outgoing streams of information. “Without situational awareness, you are a hostage to what you hear over the media or anecdotally,” he said. “It never gives you the picture you need in order to make judgments in real time to manage a crisis.”
“Just as important is your communication with the public”, which he believes is a key element to operational success in a crisis situation.
“Because of the uncertainty and confusion about the degree of violence [after Hurricane Katrina]...it became, operationally, very difficult to get transportation companies to come into the cities.” The ability to communicate accurately, succinctly, and with credibility are fundamentally critical to operational activities in today’s modern world, according to Chertoff.
“You will never get perfect information” in a crisis situation, Chertoff reflected based on his experience. This makes decisiveness a critical element to emergency response. “Time is not your friend in these circumstances”, he said, adding that “not acting in these situations is also a decision, but a decision by default.”