Visit Montpelier, Vt., population 8,400, and there is no mistaking this is the smallest state capital in the country. One of the largest government buildings is a former inn. Many other agencies are housed in equally unpretentious structures, some even in humble wood homes that flank tree-lined State Street, a modest road that bends along the banks of the Winooski River. Even the capitol building - gold-domed and built from marble - looks like it would fit comfortably inside most other state capitols.
It's a beautiful setting for government in a rural state. And, until recently, the biggest news story out of Montpelier was the fact that long-time Gov. Howard Dean had announced he would not seek re-election in 2002. But all that changed after Sept. 11.
Following the terrorist attacks by jets in the air and anthrax on the ground, Vermont, which shares a border with Canada, suddenly realized it was as vulnerable as New York City and Washington, D.C. The sense of rural safety evaporated and the state found itself confronting some of the same issues faced by other states closer to the sites of the attacks.
Despite the lack of any credible threat against the state, Vermont's emergency management officials have been meeting with other state and federal agencies to improve security at potential targets, such as the Vermont Yankee nuclear power plant. State Police are using their new call center to track suspicious incidents. The state is also looking to beef up its computer crime laws, according to Bob West, Vermont's assistant chief information officer.
States Reel from Terrorism
States everywhere are scrambling to reset priorities and face grim, new realities in the wake of the Sept. 11 attacks. Security, whether against rogue airplanes, biological threats or cyber terrorism, has taken on a new urgency. Two years ago, the Justice Department set aside $150 million to help states purchase equipment for civil emergencies. Before Sept. 11, only one state had applied for its share of the funds, according to the Los Angeles Times. Today, states are rushing to get their hands on the money.
While the funds will prove valuable, they are just a drop in the bucket of what states need if they are to fully fund their anti-terrorism programs. For example, Iowa has reported that bringing its emergency responders, doctors, nurses, hospitals, rural clinics, laboratories, communications and computer systems up to strength in the battle against terrorism would cost at least $11 million, according to Stateline.org.
Not every state has come forward with specific numbers like Iowa. But state governments are reviewing a variety of security plans and policies. For instance, Connecticut began developing procedures for issuing state identification cards within a few weeks of the attacks, after prosecutors revealed that five suspected terrorists fraudulently obtained similar credentials from Virginia a month before they hijacked three passenger planes.
By October, Gov. John G. Rowland had asked the federal government to consider creating a special security zone in southeastern Connecticut to protect "key civilian and military assets," including a Navy submarine base and a nuclear power station.
As for the state of security surrounding Connecticut's computer technology systems, Rock Regan, chief information officer, said disaster recovery plans were under constant review, primarily because of the recent development of a new state data center. What worries Regan, however, is cyber terrorism. He pointed out that the newly created Office of Homeland Security has appointed a person to monitor cyber-security issues. "Look at the Nimda virus, which hit Sept. 18. The initial thoughts was that it was somehow related to terrorist attack of Sept. 11," he said. "There's never going to be proof to that, but I think we're going to see more things like Nimda that have a pretty broad impact."
Regan, who is president of the National Association of State Chief Information Officers, said one of his first meetings as president dealt with the cyber security issue. The sole intent was to discuss how states can better coordinate among themselves and the federal government the best way to deal with attacks on computer infrastructure, which has become mission critical to government operations.
New Jersey was another state to closely feel the shock and aftershock of the terrorist attacks. Authorities estimate that at least half of the thousands of people who were killed or listed as missing at the World Trade Center towers lived in New Jersey. Traces of anthrax also showed up at a New Jersey postal facility. Gov. Donald T. DiFrancesco responded by signing a series of bills designed to beef up security in the state, including the creation of a new director of state security, who will report directly to the governor and will be in charge of an agency that is expected to receive approximately $8 million in state funds.
Like her counterpart in Connecticut, Wendy Rayner, New Jersey's CIO, believes her biggest task is thwarting an expected upsurge in attacks against the state's IT infrastructure. "Cyber-terrorism is a huge threat," she said. "We have to realize that more rides on the network now than ever, and that includes mission critical information."
Rayner believes government must be more critical about what information should be made public and what should be kept confidential. "We can no longer afford to expose too much sensitive information over the Internet," she said.
Bigger Role for IT?
Meanwhile, states must contend with a worsening economy that has sent budget projections reeling. Prior to the Sept. 11 attacks, the Nelson A. Rockefeller Institute of Government warned that state tax revenue growth had weakened significantly during the spring and summer of 2000. All indications are that post-terror attack budgets are doing worse. "Prior to September 11, we projected a deficit of $80 million," said Connecticut's Regan. By mid-October, that figure had ballooned to more than $300 million, he added. Other states have been making similar downward revisions.
These shortfalls are coming at a time when jobless claims have surged to nine-year highs, reductions in welfare rolls have slowed considerably - 18 states reported increases during the first six months of 2001, according to the U.S. Department of Health and Human Services - and public health services are facing new demands as people, stressed by the terrorist attacks, seek help and counseling.
Unlike the feds, states must keep their books balanced, so they have responded to the problem by dipping into rainy day funds, cutting spending and warning of possible worker layoffs. These kinds of cuts could hurt IT departments in the short-term. But some see the crisis as an opportunity to play up the strengths of IT and its increasingly important role with electronic government. "The attacks have highlighted the need for more technology in government," Rayner commented.
She pointed out that in New Jersey and elsewhere, the events of Sept. 11 and later have enhanced the importance of having customer-based electronic services in such areas as public health and unemployment. When state and local governments are faced with a sudden surge in demand for services, few have the human resources to throw at the problem, especially when priorities are focused on security and public safety. It's only with technology that governments can absorb such a spike in demand, Rayner pointed out.
And that demand may not dissipate. Americans are waking up to the realization that only government has the capability to respond to such a crisis. The public seems amazed at the resolute will of federal, state and local government to provide critical services during such a crisis and still keep the day-to-day business operating. According to Rayner, there are state workers who have been staying on the job, around the clock, to handle the increased workload. "You have to remember that government goes on during a crisis," she said. "We shift our resources and we work harder."