The Department of Homeland Security (DHS) requires reauthorizing legislation that will reaffirm and, where necessary, update the department’s organizations and functions. Development of such legislation should begin with a roles and missions commission for DHS.
Such a review is not without precedent. With the National Defense Authorization Act of 1994, Congress established the requirement for the Department of Defense to "review … the appropriateness … of the current allocations of roles, missions and functions among the armed forces; evaluate and report on alternative allocations; and make recommendations for changes in the current definition and distribution of those roles, missions, and functions." The review became known as the Roles and Missions Commission of the Armed Forces. This same sort of review is needed today for DHS.
DHS is nearing 15 years since its creation with the Homeland Security Act of 2002. The speed with which it was created, the experiences gained over this period and the changing strategic environment mandates an introspective look. Over this period, changes to the department have resulted from responses to major perceived shortcomings or piecemeal legislation, but have lacked a more focused, top-down assessment and rationalization for the department’s activities and requirements.
For example, the Post-Katrina Emergency Management Reform Act (PKEMRA) of 2006 provided the Federal Emergency Management Agency (FEMA) clear guidance on its mission and priorities; established new leadership positions; allowed the administrator new authorities for pre- and post-disaster and enhanced FEMA’s responsibilities and its autonomy within DHS. It is by far the most comprehensive legislation since DHS was formed. Other legislation directed the department’s role in areas such as cybersecurity. An example is the Cybersecurity Act of 2015, which established mechanism for cybersecurity information sharing among private-sector and federal government entities.
More generally, a roles and missions review could also examine whether the department is properly resourced for all its missions. For example, a joint requirement council was recently established for the department composed of less than 10 government civilians. Is this adequate for supporting requirements development activities for a department of over 240,000 personnel?
So what are some of the big issues requiring such a comprehensive and forward looking review?
First and foremost, the question of centralization versus decentralization must be evaluated. The originating legislation established a structure with a weak central authority in the department, with the authorities — and the power — vested in the operating components such as Immigration and Customs Enforcement, Customs and Border Protection, Coast Guard and FEMA. Each secretary has had to manage through this ingrained lack of central authority. Whether preparing departmental budgets or responding to hurricanes, the results of this decentralized authority is easily recognizable.
Over time, the secretaries have actively engaged with Congress to create greater management capacity within the department’s headquarters. First DHS Secretary Tom Ridge brought the 22 disparate organizations of the department together, even establishing several large organizations including the Transportation Security Administration, yet had little authority for central control. Since then, each secretary has attempted to have greater centralization in management areas such as acquisition, disaster management, resource allocation and even daily operations.
For example, former DHS Secretary Janet Napolitano used a centralized management approach during Superstorm Sandy in directing the department’s efforts both for preparing for the storm and assisting local authorities in reestablishing essential services, including recertification of the New York harbor after the storm.
Under former DHS Secretary Jeh Johnson, the push towards centralization was switched into high gear with the establishment of a Unity of Effort campaign, which included organizational structures for departmental leadership; joint task forces for coordinating border operations and investigations; and a joint requirements council for more effectively linking strategy to resourcing decisions. Of note, only the joint task forces have been codified in legislation through the National Defense Authorization Act of 2017. No congressional legislation containing the other initiatives was passed, and they largely remain as prototypes with no official standing.
A related issue is the role of FEMA within DHS. While the 2006 PKEMRA legislation revalidated FEMA’s direct line to the President when the Stafford Act is implemented (i.e., in the event of a disaster), experiences in managing crises and disasters since then warrant at least a reexamination of this relationship. The synergy created through the DHS secretary’s ability to reach across the department, its components and into state and local partners to coordinate preparedness and response activities should be reevaluated as part of a roles and missions review. FEMA’s capacities have been optimized for natural and manmade disasters such as hurricanes and tornadoes, yet they have not truly been tested in responses to pandemics or cyber incidents. Reexamination and, either revalidating this relationship or more formally recognizing the secretary’s role, would be a useful exercise.
R&D, acquisition management issues
The management of research, development, engineering and acquisition is another area requiring a comprehensive review. The original DHS authorizing legislation placed the coordination for all research and development within the Science & Technology Directorate. The directorate was intended to be responsible for supporting the department’s research and development requirements, as well as tracking any of these activities occurring in DHS’s components. Accomplishing this across the department has proven challenging, according to a 2014 Government Accountability Office (GAO) audit report which found the department had taken some steps, but still was unable to identify the total funding going to R&D across DHS. Furthermore, the department does not actually have a true engineering activity. Elements involved in engineering are spread throughout the department and components, but lack a responsible office — and thus oversight.
Acquisition oversight, while improving, continues to plague DHS. A 2016 GAO report found of 25 programs examined since 2008, "eight … experienced schedule slips, cost growth or both, including 5 programs with life-cycle cost estimates that increased by a total of 18 percent. For the remaining six programs, DHS leadership had not approved baselines establishing their schedule and cost goals as of December 15, 2015." The report noted progress has been made, but also highlighted how far DHS has to go.
Another area requiring a roles and missions evaluation is Weapons of Mass Destruction (WMD) preparedness and response activities. The current lack of unity in this mission space, coupled with the broad interagency coordination required, mandates a holistic look at the issue. Originally, all elements of the policy development, research and development and interagency coordination were within the Science & Technology Directorate.
But over time, the Domestic NuclearDetection Office and Office of Health Affairs respectively were established with authority for domestic nuclear detection and forensics against radiological and nuclear threats and public health impact of biological events. Based on congressional interest, DHS undertook an initiative to examine whether a separate office dedicated to WMD should be established bringing together the two offices into a single entity. This still leaves a large portion of the WMD mission within the Science & Technology Directorate. The current structure — which splits a bulk of the responsibilities for policy, research and development, resourcing and operational advice for the secretary spread across three organizations — leaves the department disconnected on this critical issue, and requires addressing and bringing closure.
A roles and missions commission should also take a hard look at critical infrastructure issues as they relate to national security and safety. Given the adage that 85 percent of the nation’s critical infrastructure is owned and operated privately, and the current state of the infrastructure which the American Society of Civil Engineers rated as a "D+" in its 2017 report, a reexamination seems appropriate. A number of questions underpin this issue.
DHS shares responsibility for critical infrastructure with other departments and agencies. For example, the Department of Energy is responsible for policy and oversight of the nation’s electrical grid, but DHS has a role with respect to securing it. Therefore, a DHS roles and missions review could focus on the department’s missions in critical infrastructure protection.
Policy issues relating to critical infrastructure would need to be addressed immediately. While Presidential Policy Directive-21 issued by the Obama administration addressed some of the concerns, some pointed questions still need to be raised.
What incentive structure could be implemented to improve the security of our current and future infrastructure? Are there areas where the government should have or attempt to establish greater control in order to reduce risk to critical infrastructure? Should older infrastructure be replaced on a one-for-one basis, or should our infrastructure systems be modernized with embedded security features? Will the nation continue to rely on large centrally managed infrastructure which presents inherent vulnerabilities or transition to smaller scale activities where chances of a catastrophic failure are lessened?
The ability to incorporate new technology now and in the future should also be considered. Smart cities with embedded security and resilience capabilities offer new ways for protecting the nation’s population. Will the US infrastructure be ready to accommodate such emerging technologies? Will the nation and our roads be ready for the onslaught of autonomous vehicles? Does the United States need to develop aerial super highways to support the growing commercialization of the drone market? What happens when the Internet of Things meets the 20th century health care system?
Risks related to infrastructure and its future ownership and operation will have important implications as well. What truly lies as the intersection of the cyber and physical worlds? What are the legal issues associated with the growing push towards autonomy, and who pays when the technology fails? What risks are the nation and our citizens willing to accept for the sake of incorporating new technologies and methods?
The human factors
A roles and missions commission should also examine human factors issues that impact homeland security. Are the relationships between the department, the state and local authorities, the private sector and the American people properly aligned?
DHS was borne out of the terrorist attacks of 9/11, but over the past 15 years has been woven far more deeply into the fabric of US preparedness and response capabilities. For example, while development of a Transportation Identification Workers Credential, or TWIC card, certainly has a role in preventing terrorism, it also provides government, critical infrastructure sector and even corporate oversight for those involved in public transportation activities and preventing criminal activities.
Organizational and cultural issues should also be addressed. DHS needs to function as a department, rather than as a collection of independent organizations. Developing an overarching department identity and compatible component cultures within DHS continues to be challenging. Are there changes that would assist in building a "One DHS" culture that could be incorporated? Issues such as work force management in DHS continue to be very uneven, with different compensation across the law enforcement agents within the department. Can these issues be resolved?
Span of control issues and streamlining the organization could also be useful. The number of direct reports to the leadership — most notably the secretary and deputy secretary — should be examined and, where possible and appropriate, changed to reduce this span of control.
Some might ask if a roles and missions commission would be redundant to the Quadrennial Homeland Security Review (QHSR), which is ongoing now and due to be published in February 2018. While certainly related, the two should be complementary with the QHSR, examining "risk informed priorities" as the previous QHSR 2014 did, with a roles and missions commission examining the foundations of the department. Any major overlaps between the two documents would be in what the QHSR has referred to as the sixth mission, maturing and strengthening the enterprise.
A DHS roles and missions commission would be an ideal undertaking to ask fundamental questions about the functioning of the Homeland Security Enterprise as the 15 year anniversary of the Homeland Security Act of 2002 approaches.
The effort should not necessarily be viewed as a requirement for change, but rather an opportunity to reexamine DHS and its relations with the rest of government, the nation and its citizens, and even with our international partners across the globe.
Finally, a homeland security roles and mission commission would be an ideal lead-in to a much needed update to the original 2002 authorizing legislation.
Daniel M. Gerstein was the undersecretary (acting) and deputy undersecretary in DHS’s Science and Technology Directorate from 2011-2014. He’s currently a senior policy researcher at the RAND Corporation and an adjunct professor at American University. He began his professional career in the US Army, serving on four continents, participating in combat, peacekeeping, humanitarian assistance, counterterrorism and homeland security. Before joining DHS, he was the Principal Director for Countering WMD in the Office of the Secretary of Defense, Policy. He also served as a member of the Holbrooke delegation that negotiated the peace settlement in Bosnia and Herzegovina. He graduated from West Point and has Master’s degrees from Georgia Tech, the National Defense University and Army Command & General Staff College, and a Ph.D. from George Mason University.
[Editor’s note: Homeland Security Today Editor-in-Chief Anthony Kimery interviewed Gerstein for the December 2012/January 2013 Homeland Security Today when he was DHS Deputy Under Secretary of the Science & Technology Directorate]