State Perspective - Pennsylvania

By Joseph Straw

James F. Powers Jr. has served as Pennsylvania’s director of Homeland Security since June 2006; he is responsible for coordinating critical infrastructure protection. Powers is a 30-year veteran of the U. S. Army, retiring in 2001 as a colonel. He served with Special Forces, the John F. Kennedy Special Warfare Center and School, and the Civil Affairs and Psychological Operations Command, and he taught at the Army War College. He later served as a civilian senior fellow at the Joint Special Operations University. Powers is a graduate of the University of Alabama, the War College, and Shippensburg University, where he completed his master’s degree in public administration. (His remarks have been edited to accommodate space limitations; read the full interview online.) 

Q. What are your responsibilities? What’s a typical day or week like?

A. The National Preparedness Goal gives us four goals: prevent, protect, respond, and recover. In Pennsylvania, we took the first pillar—prevent—and we assigned those tasks to the Pennsylvania State Police. The last two—respond and recover—are the mission of the Pennsylvania Emergency Management Agency (PEMA).

The second pillar, protection, is my job: to identify critical infrastructure, determine strategies to mitigate the risk, and work with the private sector owner-operators and state agencies to help diminish risks. And that is an ongoing, never-ending cyclical process.

When I say I’m responsible for protecting critical infrastructure, I can’t use one dime of federal or state money to actually harden a site. By federal law, all the money has to go to first response; 80 percent for localities, and 20 percent to the state. So, in practice, it probably should not be called protection, but in overall terms the federal government sees it as protecting the capability to respond.

Q. What are the top threats and assets you focus on?

A. We take an all-hazards approach, but I’m really concerned with man-made criminal acts. I don’t track rising floodwaters. I’m only concerned with whether it’s close to one of our pieces of critical infrastructure, and then I work with PEMA to let them know. But there’s nothing else I can do, because I can’t order the owner-operator to move his people out of the way. I can’t direct him to rebuild outside the flood plain.

The National Infrastructure Protection Plan (NIPP)—which I walk around here with around my neck—has 17 sectors. We’ve got five sector-specific working groups that comprise all of those 17 sectors. But just covering those bases is not enough, because there are things that are critical for us that aren’t critical to the feds. So in concert with state agency heads, county commissioners, municipal emergency management coordinators, and our Keystone Homeland Security University Research Alliance, we capture them on our list. I obviously will not name anything specific, but all those sites fit the same type of template that the feds have in the NIPP.

Q. How has your professional background helped you on the job?

A. I spent 30 years as an Army Special Forces officer, so I spent a lot of my time trying to sneak in and blow up a lot of places, which makes it easy for me to look at infrastructure from the perspective of protection. So I use that. And when I was retired, I was an instructor at the Army War College, teaching national strategy and grand strategy. Then I was a consultant for about five years with the Department of Defense and the U.S. Special Operations Command. Those things really help out. Plus I have a master’s degree in public administration, which gave me the government side of the house.

Q. What’s the biggest challenge you face?

A. The biggest challenge is convincing the private sector owner-operators that they have to invest in their own physical protection. Because the most I can do is leverage federal money to go to first responders.

When I have a camera shoved in front of my face, and people say, “How are you protecting the sites in the commonwealth?” Well, the most I can do is sway other state officials to get the money to local first responders. But that’s not protecting the building that you’re sitting in right now.

I tell private companies that operate the critical infrastructure:  you have to invest in your own security. You’re the only person that can buy cameras and guards and barriers, and reroute traffic, and have a redundancy plan to put your servers in another building.

So in the end, I can do my job, get an “A” from my boss, but still not protect anything. The challenge is to get out there and talk to these people, meet with them, look at their security plans, give them some help, give them some ideas to help mitigate the risk and vulnerabilities, and hope that they invest sufficiently in their own infrastructure.

Q. How do you convince the private sector to respond?

A. There are a couple of things that I consider “carrots.” One of them is, if they invest in their own protection, their insurance rates will go down. And most of the security managers and the business managers understand this, and usually the president or CEO does.

But, of course, there’s an economic equilibrium point where they don’t want to break the bank. Finding that fine point of equilibrium is the toughest point. I don’t have access to these companies’ books, but they know where it is. So it’s a give-and-take all along.

Second, I would like to see a tax credit. I can’t speak for the governor, but we’re looking at that right now. Would that entice private infrastructure to invest in their security? I don’t know. And what is the impact on the commonwealth? If we have 1,000 companies investing $100,000 in physical security, that’s $100 million less coming in to the commonwealth. That’s a lot of money. But let’s take a look at percentages.

Q. How is the state’s relationship with the federal government?

A. Well, we’re in touch with them every day. My primary concern is funding. The feds tell me that sites, however many there are, are critical to the national strategic critical infrastructure of the United States. I want to see money go to those things first before they allow states to pass out money to the counties and municipalities. When the money comes down, 80 percent must go out to the counties and municipalities, and there’s no guarantee that the counties and municipalities are going to put it where it’s supposed to go. There needs to be earmarks on this money. That’s how I would change it. And you know, all of the homeland security advisors share the same thoughts.

Q. Are you working to share threat information with the private sector? 

A. We are prohibited by federal law from sharing specific terrorist-related information with the private sector. At the federal level, for sites that are deemed critical, the federal government has a way of notifying the owner-operator of a particular site that he needs to do something. We share what we can that’s open-sourced.

There are pieces of intelligence that the federal government cannot share with us, and there are things that we can’t share because of commonwealth laws with the private sector. And until we get those solved, it is a very hard nut to crack. But that is under way.

We share information within the commonwealth, we share it with the state police, we share it with other departments, we share it with PEMA, and so they’re in receipt of all this information at the same time everybody else is.

Q. What is your office’s top goal for the coming year?

A. The top goal is to make sure we’re leveraging all the homeland security money on the top priorities, on the right targets. To make sure that the money goes to first responders in the location of the top 100 or 200 or 300 sites in our state to enhance their capability to respond to those sites.

Other people ask me my biggest concern, and it’s complacency. The further away we get from 9-11, the more people are less tolerant of security procedures at airports, on trains, and in all kinds of public venues. They get the attitude: “I’m tired of this…. When’s this going to stop?…. Enough is enough.”

Well, enough is not enough, and so I ask you this question: How much are you willing to pay for your safety? How much is it worth to you to make sure that the person sitting next to you in an airplane is who they say they are? Is there a line at which the public says, “We’re not going to cross this line, we’re not going to pay any more, we’ve had enough”? That’s the complacency I worry about.



The Magazine — Past Issues


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.