Homeland Security Today asked top experts in various sectors of the homeland mission to discuss what they see as the greatest threats and challenges facing our country in the year ahead.
Assistant Director for Infrastructure Security, Cybersecurity and Infrastructure Security Agency (CISA)
Unique to 2020 is that it is also the presidential election year. Election security will be top of mind around the nation, and protecting the 2020 elections is essential to our democracy. CISA is working with all 50 states and more than 2,400 localities, and we will continue to conduct regular vulnerability assessments of election infrastructure, engage our partners, and share information on threats and mitigation tactics as we head towards the 2020 election cycle.
Finally, as noted in the January 4, 2020, National Terrorism Advisory System Bulletin, the Department of Homeland Security is working closely with our federal, state, local, and private sector partners to detect and defend against threats to the Homeland, and will enhance security measures as necessary.”
Former Acting Commissioner of U.S. Customs and Border Protection
“A mix of personnel, technology and infrastructure has been ‘Border 101’ for many years,” he said.
Border security is also “not just about immigration, which is an absolutely critical part of border security, but the tendency to put on the backseat the tremendous problem our nation has with narcotics.” The lucrative drug trade and smuggling is “funding the criminal elements that continue to operate on our nation’s southwest border.”
Also necessary is “continued attention to the tech support that Border Patrol and ports of entry require,” innovation that allows “flexibility, mobility, and agility” of operations between ports of entry and non-intrusive inspection (NII) equipment at ports of entry so agents can “receive, evaluate and assess information” in a timely manner.
“In the trade environment, one of the big challenges is e-commerce,” Aguilar continued, noting how the influx driven by transformations in online shopping and shipping is “overwhelming our Customs service.”
“Data information is king in that environment — the more that we can digest to evaluate, the better the actions that our Customs officers and Border Patrol agents can take.”
Officials also cannot “afford to take our eye off the ball” of border crossings that are “impacting us dramatically,” including family units, unaccompanied minors, and migrants from countries other than Mexico (OTMs) “starting to become a big problem again — in some of our Border Patrol sectors, the flow of OTMs is tremendous.” In the El Paso Border Patrol Sector, more than 16,000 Brazilians were apprehended in 2019, contributing to the workload that “weighs down enforcement officers.”
“There has to be a better way for our country to address our problems at our border from a whole-of-government approach,” Aguilar said, adding it “cannot just be a CBP responsibility” but should include DOJ, the courts, U.S. Marshals, DEA, FBI, and the intelligence community.
“There has to be a better focus on empowering those people at the forefront,” he said. And as threats and challenges continue to change and evolve, DHS must be “evolving at the speed of transformation.”
Former Chief Information Officer, Department of Homeland Security
The ransomware attacks that hit local governments in 2019 are going to “continue to escalate,” he said, because “success breeds more activity” from hackers. “It’s been lucrative for a variety of reasons … layers of defense aren’t as strengthened as they are in some of these other environments.”
McCormack also warned about the potential harm to critical infrastructure from cyber intrusions and disinformation campaigns, including election security and even malicious campaigns to get officials to turn off critical systems based on a reaction to disinformation.
Former Acting Director of U.S. Immigration and Customs Enforcement
“If some liberal judge decides to make that decision it’s going to end the ‘Remain in Mexico’ program,” he said. “I think that’s a serious problem DHS is going to face. I think they need to get ahead of it, get agreements in place, get more involved with taking these cartels out… the president of Mexico needs to let us get in there and do our job.”
Current agreements with Mexico and Central America “can be improved upon,” Homan said, but “this decrease in illegal immigration is because of what Mexico is doing and what Central America is doing,” a “band-aid solution” in lieu of congressional action. “It’s never a good policy to count on another country to secure your borders,” he added. “I don’t think Congress will address it until after the election.”
Former Deputy Administrator of the Federal Emergency Management Agency
The key advantage emergency management of today has on emergency management of tomorrow is increased access to past information. It is easy to think that at this point in time, more has happened cumulatively than had happened 10 years ago. We have more mistakes and identified more opportunities to improve. For example, ‘The tragedies that arose from the events of September 11, 2001, and Hurricane Katrina proved the value of firefighters in the emergency management equation. This occurred simultaneously with the self-examination by the fire service of its own record of occupational safety and an effort to learn from its mistakes.’ (FEMA, 2015, p. 10) We have successes to learn from and more narratives to listen to. We have already been doing this as time goes by. As committees meet and we have chances to discuss what was good or bad in any given event, people become storytellers and we network and brainstorm ideas together using our past knowledge and experiences.
2020 will be an important year for exchange of information. Not only are discussions happening, but scholars are also willing to study past events to make recommendations for the future. The new generation of emergency managers are highly educated individuals, often with a passion in research and academia. The number of emergency management programs available at universities and colleges globally is increasing, as well as the number of people pursuant in a master’s level education in emergency-related fields. These individuals may be willing to look through past documentation of events with a fine-toothed comb, picking out usable data and lessons to be applied in future events. We can look at the past as more of a whole through these studies, with the utmost convenience thanks to the work of these researchers. We, in Emergency Management, MUST tap into the next generation of emergency managers NOW! We do not have to wait for them to have ‘years of experience’ to have an impact today and more importantly going forward.
As we look to 2020 and beyond, with all the new technologies, more data and information- we have to also remember to keep people first. There exists a tendency to look at data as numbers, instead of as values and items that could impact human lives. What we do is about PEOPLE. Let’s not forget that as we embark on a new decade.”
Former Chief Security Officer for the Department of Homeland Security
Cybersecurity and critical infrastructure protection should remain the strategic focus of DHS efforts to combat emerging threats against the homeland. The intense interest in these areas should center on the sub-areas of public health and safety, our financial services industries, information technology, electric utilities, communications systems, and election security. The nucleus of each sub-area emphasis should be on assessing risks, implementing resistant and redundant systems to ensure the ability to withstand attacks (resilience), and the swift recovery (continuity) of any successful strike. Additionally, DHS should continue to work across government and industry to ensure security best practices and timely/fluid information sharing, especially with our allied industry, government, and state and local partners. Collaborative processes should be further built out, or in other words enhanced, to involve relevant stakeholders from all critical infrastructure sectors, all 50 states, and from all levels of government and industry. While I know this ability exists today, I also know enhancements can be effected.
In my view, DHS must continue to secure our borders and enforce existing immigration laws, while continuing their efforts to work with Congress to achieve the president’s immigration priorities. Screening and vetting processes will be central. While doing so, DHS should continue working to improve their methods in keeping terrorists from infiltrating our country through border incursion and air travel prevention. Intelligence sharing is vital in this regard.
As the former DHS Chief Security Officer, I found DHS to be excellent at assessing risks in support of their operational capabilities, across every line of business. DHS needs to continue in this vein to encourage a common understanding of everyone’s responsibilities across each component, while at the same time supporting independent action, but with a collaborative game plan.
To this end, DHS should continue to build upon their published Joint National Priorities and the National Infrastructure Protection Plan to ensure safety, well-being, security and agility of our infrastructure, assets, systems, and networks.”
Former Chief Information Officer for the DHS Countering Weapons of Mass Destruction (CWMD) Office
If improvements in cybersecurity controls and reporting are not put in place our nation, and allies, will continue to be at risk of a Bio-terrorism event as a result of a cyber-attack. Bio-terrorism does not require traditional weapon delivery systems, and can be difficult to detect, so protection of these systems should be a high national security interest. Exploited systems can result in mass casualty events and negatively impact the global economy. Additionally, the loss of intellectual property to bad actors such state-sponsored terrorist organizations will undoubtedly lead to the weaponization of bio-medical and bio-chemical technologies.
The deployment of chemical and/or biological weapons are considered ‘weapons of mass destruction’ or WMD. DHS’ Countering Weapons of Mass Destruction (CWMD) is working to improve WMD detection and response capabilities; however, there are currently no published plans for protecting the core systems that hold our intellectual property, allow us collaborate, and manufacture bio-medical devices.”
Sandra L. Stosz
Retired Vice Admiral, U.S. Coast Guard, former Deputy Commandant for Mission Support
A growing threat to United States prosperity is the changing workforce. As experienced baby boomers retire in large numbers, there are fewer young people entering the workforce as a result of declining birth rates. On average, those young workers are less healthy than their predecessors. They are also increasingly lagging behind other nations in education performance. Pew Research Center data from 2015 show that the United States ranks 38th out of 71 countries in elementary through high school math. For science and reading, the ranking is 24th. Those data reflect a significant decline over the years.
Another factor that impacts organizations and corporations is the expectations of the younger generation of workers. They expect more flexibility in their work schedules and more time away from work, yet more responsibility and compensation. Employers must adapt their human capital programs and business practices to address these changing expectations.
The data and other indicators regarding readiness of the workforce foster concern that the United States may be at risk of slowly losing its competitive edge. This should concern the business world as we enter a new decade that will bring new challenges to meet and opportunities to seize in an ever more competitive world.”
Principal Market Growth Strategist – Cybersecurity and Emerging Technologies for General Dynamics Mission Systems; former Legislative Director of the Science & Technology Directorate at the Department of Homeland Security
While there is no quick panacea to solving the issue of having a 3 million talent shortage for cybersecurity professionals, there are steps that can be implemented to reduce the gaps. For example, an investment in training those in economically depressed areas — combined with real-world experience through internships and fellowships — would yield high dividends. At the same time.it would bolster the nation’s pipeline for skilled digital workers.
There is a working model in government for this kind of investment: DHS’ Cybersecurity Veterans Hiring Pilot. The pilot was designed to build the department’s cyber workforce and enhance opportunities for veterans to continue to serve our country in cybersecurity. The veterans pilot model (that is now has transitioned into a program) can be expanded and enhanced to include outreach in economically depressed areas (utilizing HUB Zones) and also with Native Americans living on poor economic condition reservations. The model can also be used to train more minorities and women who are under-represented in the current workforce.
Last year several public/private collaborative efforts were established by industry, academia, Congress, and federal and state governments to establish working guidelines to cultivate and train the next generation of cybersecurity technicians. The public/private effort should continue to establish incentives for public service such as paid education/free tuition, higher federal worker pay authority, and part-time employee rotational sharing arrangements between industry and government. As connectivity permeates every aspect of our lives, being cyber secure is an imperative and developing more cybersecurity workers is critical to cybersecurity success.”
Supervisory Special Agent, FBI
There is no ‘profile’ of an individual intent on engaging in a violent act. Violent offenders cross gender, ethnicity and ages. Additionally, acts of targeted violence are rarely impulsive, emotion-driven or spontaneous. People just don’t ‘snap.’ Instead, perpetrators of pre-conceived violence engage in behaviors that precede and are related to their attacks. They consider, plan and prepare before engaging in acts of targeted violence. These behaviors are often observable and detectable thereby providing an opportunity for disruption of the intended violence.
Persons of concern are best addressed by utilizing a comprehensive, multi-disciplinary approach to assessment and intervention. These assessments are highly individualized and should be treated as such. A holistic assessment, including bio-psycho-social aspects of the person of concern, is paramount to effectively manage a person of concern. Specifically, a 360 degree, in-depth examination of the person of concern should include, amongst other things, a review of their mental health, their background and social support network.
The FBI’s BAU-1, BTAC is available to assist with persons of concern and can be reached through your local FBI office’s BAU Threat Management Coordinator.”
Former TSA Acting Assistant Administrator for the Office of Requirements and Capabilities Analysis
2020 update: TSA has institutionalized the Capability Acceptance Process (CAP) to facilitate receiving capability such as Transportation Security Equipment (TSE) and other technologies from industry stakeholders and partners. Although this process doesn’t get after making the haystack smaller, which TSA still needs to do, it does allow for industry stakeholders (primarily airlines and airports) to procure and ultimately transfer ownership of TSE listed on the Acceptable Capability List (ACL), which reduces the numbers of TSE that TSA has to upgrade, refurbish, or replace. Having said that, industry stakeholders still need to keep an eye on what falls under the CAP to ensure inherently governmental tasks aren’t being shifted over to the private sector.
2019: Over the past two years, there has been some effort by TSA to understand the capability that biometrics could bring to the overall airport security screening process. However, these efforts have not been well coordinated through the entire TSA enterprise (Requirements, Architecture, Intelligence, Acquisition, Information Technology, Privacy, etc.). To truly get to a frictionless travel experience at an airport, the use of biometrics will have to be embraced by all stakeholders within the TSA enterprise as well as within the Airport Security Ecosystem to include airlines and travelers alike. However, there are significant challenges ahead in terms of technology maturity (identity errors), privacy implications, and biometric database ownership, which may slow-roll the use of biometrics in a government controlled application. As an aside it is important to note that TSA recently promulgated their Biometric Strategy, which was a great first step in communicating their intent regarding their immediate plans for the use of biometrics. However, since an airport security environment includes many stakeholders (local law enforcement, airlines, airport concessions, etc.), what is truly needed is a Biometric Strategy co-developed by all Airport Security stakeholders.
2020 update: TSA is developing implementation plans to meet each of the goals and objectives laid out in their Biometrics Roadmap. They have been working with various stakeholders to pilot biometric technologies to assess within an aviation security context if security effectiveness and operational efficiency can be improved while also enhancing the passenger experience. As the technology and the capabilities get better and better, the challenge will no longer be ‘can we do this’ but rather ‘should we do this’. When employing biometrics, everyone knows there has to be a balance between privacy and security. There will always be a percentage of the population that believe security needs outweigh privacy concerns and a percentage of the population that believe privacy concerns outweigh security needs. But before one can identify which camp they are in, one should consider how much added convenience will be provided by the use of biometrics. Therefore, DHS/TSA needs to continue to develop policies and procedures to allow for the traveling public to ‘opt in,’ which will allow the traveling public to voluntarily give up some of their privacy in return for a benefit such as a more efficient security screening experience.
2019: In addition to an airport checkpoint (where TSA puts most of their funding), we need to worry about other airport security needs as well as other transportation modes. The threat is evolving, dynamic, simple and complex and they still have their eyes on the prize: to disrupt, in a negative way, the numerous pathways of our transportation system. This means we need to pay attention to surface transportation security, air cargo security, pipeline security, etc. Unfortunately, the U.S. government doesn’t have enough funding in the coffers to fully address these areas so industry needs to think outside the box and be creative and be willing to work together — yes, I said work together — in developing integrated and distributed security systems.
2020 update: TSA reorganized and established the Assistant Administrator of Surface Operations. This reorg consolidated TSA’s surface activities, which now provides structured oversight over modal surface transportation systems including Pipeline, Highway and Motor Carrier, Mass Transit and Passenger Rail, and Freight Rail. In addition, TSA established the Surface Transportation Security Advisory Committee who represent surface transportation providers and users, as well as federal departments and agencies with surface transportation oversight. These changes will allow DHS/TSA to better coordinate and leverage resources to improve safeguarding surface transportation systems against bad actors.
Additional items to focus on in 2020:
1) Implementation of Real ID. In October 2020, every U.S. air traveler will be required to present a Real ID-compliant license or another acceptable form of identification, such as a U.S. passport, to board a domestic flight. Without much trepidation, it is fair to say that in October there will be air travelers who are at the airport who do not have the proper documentation to board their plane. That number of travelers could be in the thousands to hundreds of thousands. TSA needs to be prepared to handle the inevitable.
2) Insider Threat. ICAO recently approved 100 percent screening for all aviation employees to address the Insider Threat. To execute this mandate, will it mean that airports across the globe will use a lower end of the security spectrum of tools approach such as use of wands, Walk-Through Metal Detectors (WTMDs), and stadium search-like approach for bags? And if so, how effective is that approach? Many security experts believe that a more detailed defense in depth (multi-layer security) approach should be employed, which yields a more effective security posture. TSA should continue to educate and influence the international community in this pathway as they continue to raise the global aviation security baseline.”
Former Chief Commercialization Officer, Department of Homeland Security
While the growth of IIOT is viewed as a positive development, there are certainly security concerns associated with this technology‘s current vulnerabilities. It is estimated that in 2020, IIOT-connected devices will be the target of more than 25 percent of all enterprise security attacks. Undoubtedly, the manufacturers that recognize and rigorously develop security safeguards, at the same time allowing mass-use interoperability, will win the race.
As some of my esteemed colleagues and I wrote to the president of the United States recently, we emphasized the importance of interoperability for our country’s vital security. Despite good intentions, organizations in both the public and private sectors have not positioned themselves to take advantage of the tremendous potential of cross-domain interoperability. More than $180 billion is spent each year to enable defense and security IT products and services to operate together – a high price tag for a ‘patch.’ Our government acquisition strategies need to change to reflect an interoperable approach so that each new purchase meets technological requirements, saves time and money, and supports user readiness and performance from day one.
Government agencies and non-governmental organizations operate using their own processes, which too often result in negative consequences. Examples of proprietary processes that created the need for product modifications and costly equipment integration are the F-22, F-35 and E-8C Joint STARS platforms. Each system was built by the U.S. Air Force without interoperability in mind. Two of the most advanced fighter aircraft with integrated sensors were not designed to work together. The Joint STARS downlink had to be redesigned to support existing military systems. In each case, if the need for cross-domain interoperability had been built into the process, greater capability would have been achieved and future integration costs eliminated.
The healthcare marketplace offers another example of the lack of cross-domain approaches. When service members move from active to veteran status, their health data requires a completely separate and non-interoperable healthcare IT system. The practice of two separate healthcare systems defies common logic, impacts lives, and is very expensive. Experts estimate that creating greater interoperability could reduce healthcare spending by $30 billion, a significant offset of rising costs.
Industry must be incentivized to make interoperable industrial IT products and services – now! Requiring this in the U.S. government acquisition system should provide the ‘necessary encouragement.’ Using a neutral and impartial approach that crosses both agencies and markets, government cannot only incentivize businesses, but improve their profitability. Dealing with challenges in government and agency cultures will undoubtedly be harder. But given the current, or any future administration’s, admirable goal of business value and government efficiency, work needs to begin now by an impartial, cross-functional task team to ‘move the ball’ before predicted disasters occur.
Cross-domain interoperability – the seamless flow of trusted information between systems to where it’s needed most – is a crucial aspect of IIOT. We now have a rare opportunity to ensure that interoperability is mandated in government acquisition and operations, resulting in significant savings of time, money and lives. Organizations like NCOIC had demonstrated proven methods of achieving interoperability efficiencies and opportunity – and we should embrace these field-proven concepts at a critical time in our nation’s history.”
Lead for Data Analytics Programs at the DHS Intelligence & Analysis Cyber Mission Center
For example, as of 2018, 80 percent of the U.S. population lives in (what is considered by the U.S. Census to be) an urban center, with less than 2 percent of all Americans in the profession of farming and ranching (mainly in rural areas). Based on a variety of relevant literature and anecdotal experience, I believe the overwhelming majority of persons in urban areas would not know exactly how to grow ANY food or how to construct simple machines or processes that would aid in survival once initial stocks of (supermarket) supplies were depleted or infrastructure was exhausted/rendered inoperable. Further, I would wager the average American adult today does not have the knowledge of an Eagle Scout in survival and emergency preparedness and response, despite one and a half decades of access to the Internet AFTER the events of 9/11!
In contrast, the challenge to our Cold War adversaries (from the 1940s to the 1990s), for example, was an armed (American) populace with a proclivity for hunting (note: most Soviet Citizens were not allowed to bear arms), which was mechanically-inclined from widespread vocational and factory work, with a greater percentage of that population having grown up on farms learning how to be self-sufficient from a very young age. If prior American generations encountered a challenge, it was incumbent upon these men and women to innovate, adapt, and endure until a threat subsided, while never knowing whether help was ‘on the way.’ Given the undeniable advantages that advances in communication and computing technology have provided Americans over the past 30 years, it is unfortunate that texting/calling for someone to assist in a time of crisis is the sole survival ‘skill’ most are familiar using.”
Professor of Practice, Global Security, at Arizona State University, affiliated faculty at the Center for Narrative Mediation, George Mason University, and Founder and CEO of the Think-and-Do Tank Narrative Strategies
That is the threat we face. The threat is a manufactured and weaponized narrative frame that undermines audience identity and meaning-making capacities.
Why does disinformation stick even when it has been proven false? The answer is because the disinformation is more meaningful to the audience than the truth. The new narrative does something for the audience. It fills a need. This is more easily accomplished when there is a disconnect between inherited narratives and lived experience.”
Counterterrorism researcher, lecturer and security analyst; Director, American Counterterrorism Targeting and Resilience Institute (ACTRI)
International Threats: Since losing its physical caliphate and the death of its leader al Baghdadi, ISIS has been reconstituting itself as full-pledged, decentralized insurgency. The group will likely continue to rely on its sleeper cells and guerilla-type attacks, as evidenced in their recent activities carried out against Iraqi security forces, the Kurdish-led Syrian Democratic Forces (SDF), and the Assad regime. The possible future trends suggest ISIS’ more localized involvement, namely in Syria and Iraq, and less driven by interests to attack targets in the West. The latter could partially be inferred by relying on recent figures suggesting a decline in ISIS-perpetrated attacks against targets in the West (i.e. compared to 2015, 2016, 2017) and successful law enforcement and intelligence efforts to curb their activities in the West, though one must not discount the possibility of such threats in the West.
A complex mix of possible future threats also entails the fact that many Western governments, especially European, remain reluctant to expedite thousands of foreign terrorist fighters (FTFs) and their family members who continue to live under difficult conditions in camps and detention facilities throughout Syria and Iraq, which in many cases not only serve as hubs of extremism but also feed into ISIS’ narrative of collective victimization, the fact that many FTFs remain accounted for, and the fact that many travelers to Iraq and Syria and terrorists in general are expected to be released from prisons in the upcoming years. Strictly speaking in the context of those who remain unaccounted for or those who are about to be released in the upcoming years, the absence of effective monitoring, reintegration and rehabilitation mechanisms, coupled with the fact that ISIS continues to maintain command and control capacity among its sympathizers and recruits globally, may prove problematic in the face of ISIS’ possible attempts to resuscitate its cell links in western countries.
ISIS is likely to continue to enjoy the support of many of its affiliates globally, though this is not to suggest they will necessarily remain unified. In fact, many of ISIS affiliates are concerned more with local grievances than the global narrative that ISIS espouses. In addition to ISIS-linked terrorism, one must not discount potential increase in terrorist activities perpetrated by Shia militias, particularly in light of recent tensions between the United States and Iran. Syria, Iraq, Saudi Arabia, Yemen, and potentially other places, given the global footprint of Shia militias (e.g. Lebanese Hezbollah), are likely to remain potential targets.”
Director of Public Works/City Engineer for the City of Crystal, Minn.
- An emphasis on the loss of the grid (electric and communication) for any reason.
- Malicious actors attacking SCADA (Supervisory Control And Data Acquisition) systems
- General security against the full range of attack types
- Improving the ability of water, sanitary sewer, storm water, and transportation systems to be resilient against human-caused and natural events
- Looking for opportunities to reduce infrastructure (such as narrowing roads, removing unneeded traffic signs) in an effort to lower operating costs and maintenance needs
- Improve the communication and coordination between public works professionals, where much of what we do has impacts on sustainability and resiliency, and the homeland security/emergency management community. These two groups both support the same or similar thing, but sometimes I think a translator is needed to help everyone realize they are actually sharing similar (or identical) goals.
Improved communication and coordination between public works and other first responders:
- This does not just apply during disasters/emergencies
- Public Works can bring a lot of resources to the table at an incident (regardless of scale), but before that incident occurs it is essential that trust be developed.
- With the saying ‘you fight like you train,’ the more we can get public works communicating and coordinating with other first responders on a daily basis, the more prepared we will be for when disaster strikes.”
Vice President, Narrative Strategies
President of Behavioral Sciences Group LLC
Our vulnerability lies in our lack of awareness of our own decision-making capabilities. The fact that we rely on our gut for most decisions — and do not realize that we do — impairs our ability to make the best decisions possible regardless of the topic. Understanding the factors that shape what we think, feel and do should be a critical focus in 2020.”