If you're unsettled by all the alarms, you've got company. Some nine months after al Qaeda radicals launched their devastating September 11 raids, plans to prevent a terrorist Act Two still verge on the chaotic.
Fortunately, chaotic doesn't necessarily mean ineffective. The good news: The military campaign against Osama bin Laden has been disruptive and has made it less likely that his agents can quickly mount a September 11-type operation. State and local law enforcement have done a good job protecting the most tempting targets. Homeland Security Director Tom Ridge has prodded grassroots public-health officials to prepare for a bio-terror or nuclear attack. And largely on its own, American business has begun the expensive process of stepping up protection of office complexes, communication systems, and key industrial facilities.
The not-so-great news: Major vulnerabilities remain. Security experts caution that the shipping system, with its stress on zippy, just-in-time transit, needs an emergency effort to inspect containers and truck cargos and to protect ports. Border control and implementation of a new immigrant-tracking system lag badly. And law enforcement officials concede that policing of public spaces, from mega-malls to theme parks, is so uneven that terrorists looking to strike a psychological blow could still slip through the net.
Gaps exist despite a huge surge in safety outlays. "The problem with security spending is, how do you define `enough'?" says Randall J. Larsen, director of the ANSER Institute for Homeland Security, a think tank. "It's going to take four to five years to make the changes we need. And that's making targets harder to hit, not absolutely secure."
A big step forward could come on July 1, when Ridge is due to send President Bush a detailed plan that is expected to set overall security standards for key economic sectors. The result could be an enormous prod to business, pushing it to move faster and spend billions more to stave off terrorist assaults. "We will establish some standards of conduct," Ridge told BusinessWeek. "The `miracle of the marketplace' won't necessarily solve all these problems."
What kind of standards, how stringent, and at what cost? Ridge won't say. About the only certainty is that complying with new standards will require untold billions. For Corporate America alone, estimates David A. Wyss, chief economist at Standard & Poor's (like BusinessWeek, a unit of The McGraw-Hill Companies), the fallout from September 11 will cost $135 billion this year. That includes $20 billion to upgrade workplace security, $15 billion to back up information systems, and $35 billion in higher insurance premiums.
Because security investment is not as productive as, say, buying new B2B software, company bottom lines will take a hit. "That burden slows down our productivity and our ability to generate wealth," says Robert "Steve" Miller Jr., chairman and CEO of Bethlehem Steel Corp. According to David D. Hale, chief economist at Zurich Financial Services Group, "security spending will take $50 billion out of corporate profits at a very sensitive time of the business cycle." That's about 5% to 6% of earnings. Indeed, the White House Council of Economic Advisers estimates that by 2007, gross domestic product could dip by 0.6% annually because of new security obligations.
Despite the economic drag, Wyss contends that current security spending is inadequate, since September 11 showed that the psychological damage of a major terrorist attack can be far more devastating than the physical destruction.
An Apr. 30 study by the Brookings Institution urges that federal spending for homeland security be boosted from the Administration's $38 billion request for 2003 to $45 billion, with business anteing up $10 billion more. The Brookings team, led by defense analyst Michael E. O'Hanlon, went further, also urging that priorities include perimeter defense, big population centers, "critical economic assets," and symbols of national pride.
Without waiting for Ridge's homeland blueprint, business has been largely proceeding on its own. Companies such as DuPont have stepped up plant policing and employee screening and are working with industry trade organizations to develop model security procedures. "We hope these best practices will become de facto standards," says AT&T CEO C. Michael Armstrong, who heads the Business Roundtable's security task force.
Such industry initiatives sit well with the Bush Administration, which would rather issue general guidelines and grant business and state governments significant leeway on the compliance front. The obvious advantages: more flexibility, less bureaucracy, and lower costs due to a more relaxed timetable. But some experts warn that a New Federalist approach to security simply is not up to the challenge of terrorists intent on striking at the nation's economic lifeline. "Ridge's office doesn't like [mandatory federal] standards," says ANSER's Larsen. "I understand why, from a Republican standpoint, they're
reluctant. [But] they've got to get over it and set some
standards." As the debate rages, here's a rundown of where the preparedness effort stands:TRANSPORTATION. Transportation, especially shipping, remains the biggest point of vulnerability. Security specialists are particularly worried about the country's 300 ports and a lightly policed container system. Fewer than 2% of containers are inspected. "We are hiring hundreds of inspectors, but we can only do so much," says U.S. Customs Commissioner Robert C. Bonner.
The answer, say some industry officials, is a process of certifying cargo and locking it into containers at the point of origin with tamperproof electronic seals. The e-seals would keep contents secure until an internal global positioning system is activated or until a radio or infrared signal at the destination is triggered to open the lock. But cost is a problem. Today's mechanical seals run up to $1.50 each. An electronic device would cost up to $2,000.OIL AND CHEMICALS. Both government and industry remain deeply concerned about protecting oil refineries, chemical plants, and other big industrial targets. "We're trying to think about the unthinkable," reports Bobby R. Gillham, global security manager for Houston-based Conoco Inc. He says that the company has already spent a few million on protective barriers and vehicle searches. Gillham claims that "very little, if any [of the cost] is being passed on to customers."
The American Chemistry Council, representing 170 major companies, has adopted a new security program for its members in cooperation with the government's Sandia National Laboratories. Potential threats are ranked by managers, with input from outside safety officials. Still, security upgrades won't be in place for two to three years and are likely to cost hundreds of millions of dollars. And even so, "If somebody is intent on doing harm, they are going to find a way," says Beth Turner, DuPont's safety and security chief.ENERGY. Interestingly enough, despite those scribbled drawings found in al Qaeda caves in Afghanistan, security experts believe that U.S. nuclear plants are among the most resistant to catastrophic attack. The nation's 65 facilities have been on alert against commando-style raids for years, and tough reactor housings could resist many airborne assaults. A bigger concern: protecting spent uranium at plant sites and while it is shipped to a new repository in Nevada.BUILDINGS. Although many companies have done a good job beefing up security at their office buildings and other facilities, safety measures are spotty in the absence of clear standards.
Another enormous problem is soaring rates for insurance. With sports facilities considered a high risk for terrorist acts, property and liability premiums for Miller Park, the Milwaukee Brewers' stadium, soared from $255,000 last year to $2.25 million in 2002. Landmarks like the Golden Gate Bridge are going without any coverage, hoping that Congress will soon end its deadlock on terrorism insurance. "It's a political calculation," says Insurance Information Institute economist Robert Hartwig. "People are assuming the bill will be sent to Washingtonif their property is destroyed."COMMUNICATIONS. How about telecom and the information backbone? Thanks to a celebrated noncrisis--the Y2K scare--many companies have already gone a long way toward backing up and decentralizing computer and communication networks. After the World Trade Center collapse, plans to back up data and permit employees to work from remote sites were accelerated.
Going a step further, the Telecommunications Industry Assn. is working on a wireless emergency communication system that is not dependent on transmission towers and antennas. Bottom line: While not impervious to a cyber-attack or a major urban explosion, the info-tech industry is far ahead of many others in designing defenses.
With private industry's efforts varying so widely, should you conclude that the homeland security effort is doomed to failure? Not necessarily. Brookings analysts say that if Ridge & Co. are prepared to back up their decentralized, largely voluntary system with an occasional stream of mandatory security directives, the nation could strengthen its defenses without shifting into a rigid, wartime mobilization model. Normally, Republicans view such "unfunded mandates" with disdain, but Ridge says he hasn't ruled them out--and is actively considering a bigger federal role in joint R&D efforts with business.
And just as the release of embarrassing information in the wake of the Enron Corp. and Arthur Andersen scandals is causing widespread changes in corporate behavior, government at all levels could use information to pressure the private sector to act with greater dispatch. Such an approach could go a long way toward making the country safer and its citizens more secure--while avoiding the costly and ultimately unattainable goal of absolute security in a democratic system.
Just because of the largely voluntary measures taken to date, "We are safer and have more mechanisms in place to guard against a terrorist attack," concludes Washington Governor Gary Locke. "But there's just so much more that needs to be done." And so little time to do it. By Lee Walczak, Richard S. Dunham, and Paul Magnusson in Washington, with Pete Engardio in New York, Michael Arndt in Chicago, and bureau reports