Taking a Seat

Local CIOs claim a position at the table for homeland security planning.

by / June 27, 2003
Jabari Simama, executive director of the Atlanta Mayor's Office of Community Technology, heads the city's effort to develop a wireless interoperable network for homeland security. San Diego CIO Rey Arellano was hired with the idea that he'd provide strong leadership in the homeland security arena. Phoenix CIO Danny Murphy is responsible for providing interoperable communications for first responders.

Philadelphia CIO Dianah Neff now claims a seat at the planning table after forcing her way in. Ditto for Gail Roper, director of information technology for Kansas City, Mo. Both realized and convinced cohorts that homeland security plans are incomplete without CIO input.

These officials represent a growing number of CIOs who are taking a stronger role in homeland security as interoperable communications among first responders grows in importance and federal government dollars begin to flow. Local CIOs say they bring an enterprise-wide perspective that's vital to creating information and communication systems that are both effective and efficient.

Getting Involved
Local CIOs' role in homeland security planning varies by jurisdiction. In some places, collaboration between the CIO and first-response agencies is the norm. In other locales, it's overlooked or avoided.

The message from CIOs currently engaged in homeland security planning is this: If there's already a seat at the homeland security table for the CIO, make use of it; if not, create one and plant yourself.

"The CIO really needs to be at the table and get involved in understanding the issues," Roper said. "My experience in Kansas City has been that I wasn't initially very involved, and I quickly realized after beginning to understand some of the issues that there were quite a few technology-related solutions that could apply to homeland security."

Bob O'Neill, executive director of the International City/County Management Association echoed that view. "It is important that the CIO be an integral part of the leadership team and engaged in the discussion and strategies around homeland security," he said. "One of the difficulties is what happens in small communities where you have sites at risk and no chief technology or information officer?"

In initiating development of Atlanta's homeland security network, Simama brought myriad agencies to the table, including CIOs, executives and public safety officials. "If you approach it as merely a public safety issue, you're going to fall short," he said.

Simama benefited from a mayor who understood the role citywide IT will play in the wireless network. Neff wasn't so lucky. The Philadelphia CIO initially was not considered a primary player on the homeland security front, perhaps because of the city's history.

"There weren't that many city epidemics or emergencies where citizens would need to call the Emergency Operation Center into it, so it's pretty much been a purview of police and fire," Neff said. "Emergency management didn't see itself needing IT at all."

Neff realized it was up to her to demonstrate what her organization could add to the process. "We had to show the emergency management team that we could bring value," she said.

Neff sought out areas where she could contribute then began dropping hints to public safety officials about how they were vulnerable and how she could help.

For example, she explored potential applications for a software system called E-Team, which was vastly underused. The E-Team system is a collaborative Internet-based program designed to help public and private agencies prepare for, respond to and recover from daily incidents, unplanned disasters and major events.

E-Team supports the Incident Command System, a nationally accepted set of procedures that lays out how public agencies should organize for and react to emergencies. It's used by federal, state and local agencies, as well as private corporations.

Because the system already was operating in various local jurisdictions, Neff thought it could potentially offer regional interoperability. She broached her findings with public safety officials who would listen.

"We tried to pick out friends. When you've got people who say 'We don't need you, we're talking about securing buildings, that sort of thing,' you've got to find other people who may have a little better understanding and then have them bring up the topic for the group."

Neff used the World Trade Center tragedy to show the need for business continuity and redundant systems in case of a cataclysmic event.

"They had to move from thinking just about physical to thinking about information security as well, and how they would operate if something happened and they lost all their communications," she said. "They wouldn't be able to get any of the GIS maps, because they had nothing in a redundant system that would be stand-alone in an emergency."

Neff approached the emergency operations people and said, "You're exposed here. Let us talk to you about this. Gradually they warmed to that, and we got a position at the table."

Once there, the IT staff offered to help public safety officials locate grants for new technology equipment. "They were very happy," she said. "Because they're not trained to do that, and they know they need to."

Roper also found that the history of public safety planning in Kansas City didn't include the IT organization. She too found it incumbent upon herself to provide evidence that, as CIO, she had a role to play. She was diligent in developing an understanding of homeland security issues. Then she made her move.

"The simple answer is I had to push myself to the table," she said. "I had to think about what I had to offer and have that dialog." She now blames herself for not forcing the issue earlier and advises any CIO not involved in the process to get involved.

Planting the Seed
Despite talk of cultural barriers, Roper and Neff said they were well received once they convinced public safety officials they could help, especially with communications issues.

"It wasn't something that was common to them," Neff said. "It was a lack of understanding of how technology could be used as a tool to make what they do easier and better."

Although cultural barriers still exist, there is growing realization that the stovepipe approach doesn't work, and collaboration is necessary. Roper recalled an experience at a recent homeland security conference where a police chief asked if CIOs around the country were involved in homeland security planning. "I asked the police chief if his CIO was at the table, and he said, 'Not enough.'"

Others at the table looked at Roper with dismay as if asking, "Why should the CIO be involved?"

"My answer was that technology plays a huge part in this," she said. "I mentioned GIS initiatives in their respective cities, and they went 'hmmmm.' I think the seed has to be planted that there is a technology issue or concern or focus that could play a part in a disaster situation."

A Culture of Collaboration
Some jurisdictions, such as San Diego and Phoenix, have evolved to the point where barriers among agencies are considerably less defined. In Phoenix, collaboration is business as usual, according to Murphy.

"That is something Phoenix prides itself on from the manager's perspective, and the mayor and Council's perspectives," he said. "The directors collaborate and cooperate extensively. It's expected."

It's the norm in San Diego too, where CIO Arellano was brought in to head homeland security policy. His 22 years in the military and experience with the Navy's Space Enabled Warfare Systems Command, which involved developing homeland security partnerships, were keys to his appointment.

Both San Diego and Phoenix benefit from an atmosphere of collaboration developed by leaders who understood the value in this approach.

"From experiences I hear, it clearly starts at the top," Murphy said. "The city manager here, who is the CEO equivalent, sets the expectation that this is how the city operates."

Neff said approaching the city manager, mayor or other leaders should be a priority for a CIO who is not involved in homeland security planning.

"You have to find your hook," Neff said. "You always want to start with your mayor or city manager and see if they get it. If it's not a high enough priority on their list then you need to work your way down. It's going to take longer, but it's a way to make it happen."

Roper also said a cultural evolution is taking place, albeit slowly, where safeguarding network infrastructure is gaining the same importance as protecting key pieces of physical infrastructure. The CIO is in a good position to lead those efforts.

Network Infrastructure
"Even at the state and federal levels the idea of a network infrastructure has just recently become a part of the homeland security focus," Roper said. "In the past, it has not been, and it's somewhat missed in terms of discussion. The CIO, if they are going to play a major role in technology initiatives, is going to have to be responsible for initiating those discussions."

Murphy concurred said that there is more to the business of homeland security than "law and order sort of things." Issues such as business continuity also must be considered.

How, for example, would a jurisdiction cope with the destruction of the office that issues building permits? "What would the city or the entity do to get back up and running, or what would be the business resumption issues that people would look at?" Murphy said. "I would guess [public safety people] wouldn't automatically think about things we worry about in terms of systems and infrastructure issues, and making sure that we have, for instance, access to GIS maps to help them make decisions."

San Diego's Arellano believes it's natural for the CIO to be involved in this kind of activity. As one of four deputy city managers and acting CIO, Arellano plays a key role in the city's homeland security plans. That means overseeing protection of the city's infrastructure, including physical infrastructure and data networks.

In San Diego, police, fire, water and sewer personnel must follow certain procedures in response to a heightened alert status as defined by the federal government's color-coded system.

"What does that mean for the rest of the agency and the city, and how do you communicate that?" Arellano said. "What ends up happening is someone has to put in place processes, so the rest of the city employees know what it means when we go to orange, if it means anything at all."

He's floating an initiative to create a citywide process for informing city employees outside the public safety arena how to respond to a heightened alert. "Right now, what we do for the rest of the city employees is keep them advised in an ad hoc manner on what they should be doing," Arellano said. "I'd like to put in place a system that, if we escalate, citywide people can refer to a cheat sheet that tells them what they can be doing, such as limiting access to certain buildings."

Cooperation and Interoperability
That kind of cooperation requires both leadership and technological interoperability, according to Atlanta's Simama, who is in charge of developing the city's interoperable wireless network.

"The mayor took the leadership role by announcing that she wanted to see Atlanta become an all Wi-Fi city," he said. "You need to have the executive and public policy-makers supporting this for it to really work, and as good as emergency management professionals are, it requires key people in the executive branch to step forward and pull people together."

From there, someone has to take the mayor's vision and make it happen, and Simama is that someone.

Simama pulled together a broad group of stakeholders, including the superintendent of Atlanta public schools, a university system president, the district attorney and City Council members. "It's got to be both policy-makers and the people on the executive side who can make decisions, along with the technical people and the public safety and health people," he said. "By no way was it just law enforcement."

He said the initial meeting for developing the wireless network attracted more than 40 people representing more than two-dozen agencies. "This was in some ways precedent-setting, if not revolutionary, just having all these public-sector people in the room at the same time," he said.

Only one person -- a representative from an emergency management agency in Atlanta -- felt threatened by the proposal, according to Simama. "I'm not sure if the perception was that in just having the meeting and pulling people together we were suggesting he was not doing a good job. That was not our intent."

The next task is to develop a pilot to demonstrate that wireless interoperability could work between a city and a county, and key agencies within those jurisdictions. "If you could show it working there, then you could show it could work in a broader area," Simama said.

The pilot may consist of a system that allows agencies to share surveillance video. "Right now, there's not an ability for the Atlanta police or the county police to, in real time, get access to a network that's under control of DeKalb County or Georgia State University," Simama said. "This is what we mean when we say interoperable."

Such a network would let city and county police receive signals from university police in the event of an incident on campus, allowing the city and county command centers to monitor the situation. It also could let police responding to a bank robbery observe video from inside of the bank as they travel to the scene.

"That can happen only if there is political agreement for this to work, but also technologically, if the systems are interoperable," Simama said.

The city experimented with the concept during last year's NBA All-Star Game, when an Atlanta helicopter took aerial photos of congested areas of the city and sent them to Fulton County and Atlanta Police command centers in real time. It worked well, and the city has high hopes for its wireless interoperable network.

"The question is the politics and the culture that hoards information, and hoards networks and the culture that existed in the past that didn't support collaboration and interoperability and cooperation," Simama said.

And part of the solution is getting the CIO to the table.
Jim McKay, Justice and Public Safety Editor Justice and Public Safety Editor