June 2009
|
|
Need Your Own Copy of The Risk Communicator?
|
|
Write for Us
|
| Have you seen a story you would
like to see included in The Risk Communicator? Do you have a research project you want to share with your colleagues? If so, please contact
the newsletter staff at newsletter@sarma.org. |
Thanks to Our Sponsor
|
|
Legal Matters
|
Copyright 2009
SARMA
All Rights Reserved
Privacy Policy
The views expressed in The Risk Communicator reflect the views of their authors, and do not neccesarily reflect the views of SARMA, the US Government or the employers or clients of the contributors.
|
|
|
President's Corner
|
|
Dear Fellow SARMA Members,
It was a great to see so many of you at SARMA's 3rd Annual Conference. Thank you for helping to make this year's event an outstanding success!
I received many positive comments, both during and after the conference, but nothing could have been more gratifying than the sense that we are helping the security risk management profession grow in prestige and knowledge, and that we are playing an important role in informing public policy decisions related to security. The theme we chose this year, "New Perspectives on Security Risk Management," was certainly appropriate to this, and our excellent roster of technical, plenary and keynote speakers delivered with a wide range of cutting-edge presentations and hands-on sessions.
 Likewise, the conference provided an opportunity for SARMA to officially recognize three highly deserving individuals for their contributions to the discipline. Among those honored was former Homeland Security Secretary Michael Chertoff (pictured right), our first-ever Excellence in Public Service Award recipient. In addition, SARMA recognized two of its own: Ed Jopeck, who was honored with the Founder's Award, and whose name will appear on all future SARMA awards to those making significant professional contributions in the security risk management field; and SARMA Service Award winner Christopher Miller, without whom SARMA's last two conferences would not have been the successful events they were.
The conference also marked several changes in the leadership at the association. Three incumbent board members were re-elected, and we welcomed two new members: Dr. David Weinberg (already SARMA's treasurer) and Dr. Michael Gresalfi. You can read about each of the newly elected or re-elected directors on SARMA's website, but I would like to also take this opportunity to thank retiring board member Nancy Renfroe for her support on the board and her dedication to SARMA's mission over the past three years. In addition, we were thrilled to be able to announce that our other retiring director, John Boatman, has assumed the newly created position of SARMA executive director.
In addition to these leadership changes, we also formally implemented our revamped committee structure, which will help SARMA evolve into a more robust, mature and sustainable organization. The new structure comprises 16 committees, each with its own designated chairperson. At its heart, it represents an approach that is specifically focused on the current needs of the profession and the business of running and expanding a successful non-profit professional association. Please see the article later in this issue of The Risk Communicator for more details, including all-important information on how you can contribute your time and talents.
Finally, I would be remiss without taking a moment to thank our co-hosts, the George Mason University School of Law's Center for Infrastructure Protection (CIP), and its director, General Claude M. Kicklighter, for contributing several top-notch speakers, as well as the conference facilities and other invaluable support. Likewise, I would like to extend a special "thank you" to the organizations that supported the conference with their generous donations: Gold Sponsors PricewaterhouseCoopers and ABS Consulting, Silver Sponsor BayFirst Solutions and Bronze Sponsors Secure Mission Solutions and USIS.
For me, the conference represented much more than just an opportunity for professional development. It was a chance to renew old friendships and forge new ones; to exchange vital information and learn from the experiences of others; and, above all, to join with other like-minded professionals from the United States and around the world in a focused effort to mature a profession vital to national and international security. It was in every respect a collaborative effort, and I'm proud to be able to count the groups and individuals mentioned above as members of the SARMA family.
Best regards,
Kerry
Kerry L. Thomas
President
Security Analysis and Risk Management Association
|
News
|
|
Conference Report: International CIP Experts Emphasize Trust Between Public and Private Partners
International homeland security issues took center stage at the 3rd Annual Conference on Security Analysis and Risk Management, with experts from Canada and Brazil, two of the three largest countries in the western hemisphere, sharing insights on how their governments manage their sprawling critical infrastructure systems. Trust between government and private sector partners, they said, remains an important and unresolved issue.
Although Canada has a large land mass, most of its population lives within 100 miles of the border with the United States, and trade is so extensive that a manufactured automobile can cross back and forth between the two countries a dozen times before it is ready for market. In addition, many individuals cross the border each day to go to work. All this makes Canadian and American critical infrastructure heavily interdependent. Both countries, for instance, suffered major economic damage from the northeast electrical blackout of 2003.
For Dr. Kevin Quigley of Canada's Dalhousie University, standing up a robust critical infrastructure protection regime remains one of Canada's ongoing challenges. Relying on insights from social science, he told the conference that the goal of a CIP regime is to balance three competing pressures: financial interests that might object to government interference, market pressures from law and insurance regimes, and public opinion.
Of these, market pressures have typically presented the largest problem, as companies attempt to minimize costs and actively seek to avoid turning over proprietary information to government planners out of fear that competitors will learn about their business continuity planning. Fortunately, the Canadian government has followed the lead of its American counterparts in limiting the scope of public information laws, said Dr. Quigley, but utilities and major industry continue to resist necessary cooperation.
Brazil suffers similar challenges in its efforts to construct a national telecommunications monitoring system, experts from that country told the conference in a separate session. Sergio Luis Ribeiro, a researcher with Brazilian research center CPqD, and Regina Maria De Felice Souza of Anatel, the country's telecommunication regulatory authority, explained that getting the country's myriad telephone providers, many from outside Brazil, to share data can be an exercise in pulling teeth.
"They fear other companies will find things out," said Ribeiro, as he demonstrated software the government hopes to use to keep tabs on telecommunications infrastructure in an emergency. The program can't work, however, unless it has data about the location of all critical switches, their capacities and what back-up systems the companies have already employed. Moving forward, Ribeiro said, the ability to build trust between the Brazilian government and the private sector will play a major part in determining whether the effort succeeds.
|
Study: Terrorism Works, and Terrorists Know It
Does terrorism work as a method of achieving political goals? The answer is yes, according to an analysis by two Israeli economists. At least in Israel, they write, "terrorism appears to be an effective strategy in terms of shifting the ... political landscape to the left."
Examining Palestinian terrorist attacks in Israel between 1984 and 2006, Eric D. Gould and Esteban F. Klor of Hebrew University of Jerusalem found a strong correlation between attacks and increased willingness by Israelis to grant territorial concessions to the Palestinian people. In addition, Gould and Klor found that a local terror attack caused Israelis to be less likely to identify themselves as right-wing and more likely to have a favorable opinion of Arabs.
Whether or not terrorism works on a strategic level is a deeply contested but thinly studied topic, as scholars typically disagree on how to measure success and how much credit to give terrorist activity for any particular success. The new study is among the first to avoid that problem by measuring changes in public attitudes, which in a democracy like Israel should be somewhat reflected in policy decisions at the national level.
Since the Intifada began, general Israeli opinion about the Palestinian problem has indeed softened considerably, with most non-orthodox Jewish Israelis supporting the two-state solution. Nevertheless the Gould and Klor study also explains why, during the same period, some right-wing parties in Israel have suddenly become more popular. According to their analysis of polling data, once the total number of fatalities in a year reaches an average of 78, support for conservative politics begins to bounce back.
This rebound effect also provides clues useful to risk management experts in trying to anticipate terrorist targeting decisions. According to Gould and Klor, "our findings indicate that Palestinian factions target the Israeli population in a strategically successful way by spreading the attacks across localities so that they rarely reach the critical threshold in any given locality." The result, they say, is that "the Israeli population is almost always towards moderation."
|
| Analysis |
|
The Value of Human Life: A Primer For Homeland Security Professionals
by David Daniels, Ph.D.
Although the question of the monetary value of human life comes up from time to time in homeland security discussions, industry professionals rarely talk about it at length. And when they do, it is usually dismissed as being either ill-defined -- some version of "infinite value", or "can't be measured" -- or as an already-solved problem referable to the academic literature or agency analysis.
In the interest of spurring more informed discussion on this topic, let me offer a brief primer on the issue and existing solutions.
Why is the value of a human life important in homeland security risk analysis? Risk involves calculating potential consequences, which usually include both fatalities and economic loss, among other damages. But there is little agreement among experts, as well as lay people, about how a human life should be valued. For instance, at one point in 2006, two different groups within the Department of Homeland Security had implicitly, and simultaneously, assigned values of human life of $100,000 and $12 million respectively in two different risk analysis efforts.
The legal system offers one straightforward way of assigning a financial sum to a person's life: viewing the individual as a source of income. By wrongfully depriving them of this income stream, damage has been done to the deceased's dependents. Therefore, the value assigned as compensation can be calculated as the net present value (NPV) of the expected future earnings. There can also be adjustments made to this value to account for depriving one of the inherent enjoyment of life and other intangibles, but the NPV of an income stream is the fundamental basis of value.
This approach, however, is rarely used to justify a value of a typical human life for homeland security applications. The NPV method is designed to value a specific individual's life, not that of a generic human being. Adopting the method, even in general, would raise uncomfortable philosophical and political questions about the value of groups of people with lower-than-average incomes, including children, the elderly, the poor and the disabled.
The second way to measure the value of human life relies on academic studies of preference. Typically, these studies do not try to measure the value of an entire person but rather they evaluate people's cost sensitivities to small changes in the probabilities of death and extrapolate out to a probability of 100 percent. That value, in dollars, is called the value of a statistical life (VSL).
These studies measure either people's willingness to pay to reduce risk to their lives, or they measure the amount of money required to induce people to accept additional risk. In stated preference studies, subjects are asked about their willingness; in revealed preference studies, data from actual choices made in the marketplace is used to deduce their willingness. For instance, consumer safety laws can reveal the VSL implied by the legislatures that enacted them by comparing the expected cost to implement and the expected number of lives saved as a result. Determining VSL by examining consumer safety laws would be an example of a revealed preference, willingness to pay study.
The most widely-used type of study uses a revealed preference, willingness to accept approach based on wages and occupational hazards, mainly because the data (average wages and job-related injury/death statistics) are publicly available. All things being equal, one can usually trade a higher risk of death on the job for a higher salary. Wages by job type are modeled with a parametric hedonic wage equation, which can have several variables to account for wage variability, one of which being probability of death.
As one might imagine, because of the extremely low probability of death in most jobs, the risk of death is a very minor factor compared with other factors. Another way to say this is that most employees do not seek compensation for what are perceived as negligible risks. This insensitivity at very small probabilities introduces uncertainties into the values of the parameters. Extrapolating out to 100% probability from such small death likelihoods introduces additional uncertainty in VSL from one job to the next. VSL derived from wage studies can vary by up to an order of magnitude, with typical values in the range of $5-10 million.
Another problem with using VSLs derived from wage studies is that those values may not transfer well to a homeland security context. Wage studies mainly probe the price sensitivity of those who are most willing to work in high-risk jobs. This is not a representative sample of the population and may skew any VSL derived from it. Since homeland security risk analysis is meant to be universally applicable, one may view VSL as more of a lower bound than an expected value on the value of human life.
This leaves us with the third method of determining the value of human life: policy direction. This is the most common method historically employed in homeland security, but these decisions have not always been carefully justified. The advantage of making the value of human life an explicit policy decision is that it aligns both the responsibility and accountability for the decision with the policy decision-maker. Adopting a value of human life from another approach to a homeland security application may introduce potentially large systematic errors and, more problematically, shifts part of the responsibility from the decision-maker to the risk analyst.
Dr. David Daniels is the Chief Scientist for Digital Sandbox, a strategic (primarily homeland security) risk management firm specializing in analytic tools based in McLean, VA. He has led the team that calculated the risk-based allocations for DHS/FEMA's Homeland Security Grant Program since 2006, and has also been involved with methodology development for other risk programs across DHS (OI&A, OIP, RMA and FEMA). He may be contacted at ddaniels@dsbox.com.
|
| Inside SARMA |
|
A First Look at SARMA 2.0
by John Boatman SARMA's board of directors has rolled out a new organizational structure that for the first time draws a clear distinction between the association's strategic and policy-making bodies on the one hand, and its operational and project teams on the other. Just as importantly, it has established a mechanism for coordination and communication between the two. This restructuring, unveiled at SARMA's annual meeting on June 17, is the product of months of discussion and deliberation, prompted in large measure by the reality that our growing tempo of operations had begun to severely tax the all-volunteer framework that had been operating since the association was founded in May 2006. By putting in place well-defined strategic and operational components and assigning clear lines of authority and responsibility to each element within those components, SARMA will be better able to manage its current operations and projects while having the flexibility to expand in size and scope as our priorities evolve over time. One of my critical roles as executive director will be to coordinate and communicate among the relevant components during each phase of a project or operation -- from identification, prioritization and resourcing to development, execution and follow-through -- and to ensure that all such activities remain aligned with our strategic goals and our policy and fiscal guidelines. At the operational level, the central component is the committee structure. There are now 16 committees in all, each with its own chairperson and all overseen by a coordination committee. The committees are distributed eight apiece between business and project functions, which -- as their names imply -- focus respectively on the association's day-to-day operations and its ongoing and planned initiatives. But the committees are only as effective as the people in them. Accordingly, the first priority of the committee chairs is to "deepen the bench" of expertise and talent on their teams by providing a home for individuals in the security analysis and risk management field who are willing and able to volunteer their time and talents to help SARMA fulfill its mission and goals. If you attended our recent annual conference you saw numerous manifestations of our volunteer efforts in action. Those individuals with "SARMA" on their nametags have devoted dozens -- and in some cases, hundreds -- of hours a year to keep SARMA proactively engaged with the security risk community. Their contributions have ranged from web design, research and writing to helping develop common risk standards and providing policy outreach to the executive and legislative branches. In fact one of the most outstanding examples of this active spirit of volunteerism was the conference itself, which showcased the many-faceted talents of several SARMA team members. Looking for ways to contribute? Lend us your specific domain and subject expertise by writing an article for The Risk Communicator, adding or updating a SARMApedia entry, starting a discusion on our SARMA LinkedIn Group or speaking at an upcoming seminar or conference. Alternatively, perhaps you've always dreamed of launching a website or managing a professional networking event, or maybe you're seeking a place to exercise your marketing skills or your legal or financial acumen. There's now a place for you to make any and all of those happen. Contribute your functional skills via one of our business committees, and/or your domain expertise by joining a project committee. It's as simple as filling out the volunteer form on our website, which can be found here. So become a committee member today, or join more than one; many of us have worn multiple hats over the years. SARMA can no longer call itself an all-volunteer organization, but we still are a mostly volunteer organization, and will be for quite some time to come. We have an ambitious agenda for the coming year, and will need all the help you can provide in fulfilling it. "Volunteering" is not a code-word for free labor at SARMA. It's our way of asking you to make a meaningful and lasting contribution to an important dialogue, to a growing field and a maturing profession -- and ultimately to national security -- by sharing your expertise, your skills and your time.
John Boatman became SARMA's first executive director on June 1. |
| Key Reports |
|
CSIS: Iran, Israel and the Effects of a Nuclear Conflict in the Middle East
A report by Abdullah Toukan and Anthony Cordesman of the Center for Strategic and International Studies describes the "major civilian effects if a nuclear conflict between Iran and Israel takes place in the future, assuming by then that Iran has a fully operational nuclear weapons capability, and the possible broader impact on other countries in the Middle East" such as Jordan and Syria.
Get the report
FEMA: Hazard Mitigation Assistance Unified Guidance
This detailed look at the five hazard mitigation assistance programs says they "provide significant opportunities to reduce or eliminate potential losses to State, Tribal or local assets through hazard mitigation planning and project grant funding."
Get the report
How Should We Decide What Hypothetical Threats to Worry About?
In a new report, Brian A. Jackson and David R. Frelinger of the RAND Corporation offer "an approach to considering the range of conventional and unconventional, plausible and fanciful ways terrorists might attack that gives them the ability to make prudent and defensible judgments as to which threats are merely distractions that would consume scarce time and attention that should be spent on more-critical threats."
Get the report
|
Job Board
|
|
Risk Analyst: ABS Consulting
General Summary:
Perform research and analysis to solve problems in homeland security risk management in support of DHS clients. Tasks focus primarily on methodology development, metrics design, qualitative and quantitative analysis, modeling and simulation. Services client needs as necessary and coordinates the successful completion of tasks and projects to client specifications. Performs other internal assignments as necessary to meet business objectives and conform to ABS quality standards and procedures. Builds pragmatic and creative solutions to complex technical problems. Active security clearance required.
Principal Duties and Responsibilities:
- Handles client requests in a professional, timely, and accurate manner.
- Manages small projects in a manner consistent with ABS Group / Client standards and procedures.
- Performs specific technical tasks on specific projects as directed by applicable program managers.
- Develops creative, technically sound solutions to problems in homeland security risk management.
- Presents analysis and technical findings in clear, accessible, and concise prose.
- Produces high-quality, client-ready deliverables for tasks and ad hoc requests with minimal oversight.
Minimum Knowledge, Skills, and Abilities Required
- Must hold a bachelor's degree in a homeland security-related field, or bring at least one year of practical experience in a homeland security-related field along with a Bachelor's degree in a related technical discipline. Master's degree in a homeland security-related field preferred.
- Must be technically competent in homeland security risk analysis, methods and research design.
- Must possess strong written and verbal communications skills.
Additional Knowledge, Skills, and Abilities
- Advanced mathematics and statistics.
- Program evaluation and metrics design.
For more information on applying for this position, please contact Micah McCutchan via email or at (703) 682-7373.
| |
|
|
|
