Protecting Kentucky
John Holiday has dedicated nearly three decades of his life to America’s national security. As an intelligence officer and soldier within the Department of Defense, Holiday led a fascinating military career, providing him with almost endless resources and experience in his newest role as the executive director of the Kentucky Office of Homeland Security.
Holiday is dedicated to leading and developing a statewide, comprehensive strategy for KOHS that incorporates local, state and federal efforts to detect, deter, mitigate and respond to terrorist attacks. This could include attacks that are “nuclear; biological; chemical; electromagnetic pulse; agro-, eco- or cyber-terrorism; or any other incidents that affect or may affect the security of Kentucky,” his biography states.
Prior to his appointment as executive director of KOHS in February, Holiday served as the director of law enforcement within the Kentucky Department of Public Protection and also as certified inspector general with the Kentucky Labor, Environmental Energy and Public Protection cabinets.
YOU HAVE LED A LONG AND DISTINGUISHED MILITARY CAREER FOCUSED ON INTELLIGENCE. COULD YOU TELL US MORE ABOUT YOUR BACKGROUND AND EXPERIENCES IN THE FIELD?
I spent almost 30 years serving, primarily in the intelligence field. I’ve worked tactical and at the strategic level of military intelligence, specializing in counterintelligence for non-conventional special operations units. I’ve been to the many of the combatant environments our nation has been involved with since the 1990s. I first enlisted into the Army in 1987 and remained on active duty until the mid-1990s. I transferred to the National Guard, specifically into special operations, where I spent several more years active.
There are seven different special forces groups within U.S. Army’s 1st Special Forces Command, two being National Guard. After 9/11, the special operations community as a whole — including National Guard Special Forces units — played a large part in the global war on terror. I have been the executive officer for one of the Special Operations Forces subordinate units located within Kentucky the majority of this time. Our unit has been engaged in operations since 9/11, and unfortunately lost our share of personnel in the fight against violent extremists.
My last post took me to Africa as the special forces liaison officer to Kenya. Serving as the Kenya Special Forces program manager, I advised, led and coordinated efforts on the ground to assist in building special forces capacity in east Africa to counter violent extremism.
You might remember the terrorist attack that took place at West Gate Mall in Nairobi, Kenya. I visited there weekly with counterparts from British and Kenya special operations to socialize and coordinate events over tea. I was already transferred back to the states by the time the attack took place, but that mall, the exact café where we used to talk, was hit by Al-Shabaab terrorists that killed several innocent people. I had been the program manager for the Kenya Ranger Strike Force/Kenya Special Forces, who were among the first responders to that incident.
YOUR BIOGRAPHY HIGHLIGHTS YOUR ROLE IN THE PAST 20 YEARS SERVING U.S. SPECIAL OPERATIONS “FOCUSING ON IRREGULAR, UNCONVENTIONAL AND ASYMMETRIC WARFARE.” COULD YOU ELABORATE ABOUT WHAT THAT ROLE HAS INCLUDED FOR YOU?
Prior to 9/11, the Department of Defense primarily was focused on outdated doctrinal ways of defeating a common enemy. Asymmetric warfare accepts the fact that now we have to deal with all sorts of enemy actions on multiple fronts. There’s not just one front or one method like 20 to 50 years ago when we were threatened by large armies like the Soviets, North Koreans or the Chinese. Now we have to apply critical thinking and think asymmetrically. They are attacking not only our personnel on many geographic fronts, but also through our cyber networks, for example. Asymmetric warfare covers the whole gamut of ways we are being attacked. It could be through agricultural terrorism, dirty bombs — you name it.
My family is from Washington County, Ky. I was raised in Harrodsburg. After graduation, I enlisted. I’ve held several state government positions over the last decade. Under previous administrations, I worked in regulatory and law enforcement management roles, counterdrug operations and as a certified inspector general. As IGs, we were charged with identifying and preventing fraud, waste and abuse in government. When the new administration began, I applied for the homeland security position. I went through what seemed like a million interviews until I eventually got to the governor himself. The governor and I saw eye-to-eye on how things should be. It was obvious to me that he was a former military leader. Next thing you know, I’m appointed director of homeland security for the state.
HOW HAS THE EXPERIENCE YOU HAVE HAD IN YOUR MILITARY CAREER HELPED YOU PREPARE FOR SERVING AS KENTUCKY’S HOMELAND SECURITY ADVISOR?
In the last three decades of serving, the common factor has been doing more with less, regardless of the threats. Threats are ever-evolving and increasing and have been since 9/11. Simultaneously, resources were ever-decreasing due to shrinking budgets and competing initiatives. Despite that, we had to come up with creative and effective courses of action. Past doctrine simply was too outdated, therefore critical thinking, prioritization and common sense had to be implemented quickly.
I’ve found state government is similar. It’s fortunate we now have an administration under Governor Bevin’s leadership that applies those very principles in decision-making, especially when it comes to state and national security. The governor and the lieutenant governor both served in the armed forces, it’s my belief that is where their critical thinking skills for tough situations were honed, and they developed into effective leaders.
CAN YOU PROVIDE AN OVERVIEW OF WHAT THE KENTUCKY OFFICE OF HOMELAND SECURITY’S OPERATIONS INCLUDE?
We are Kentucky’s center of gravity and clearinghouse for information and intelligence. We are an all-hazards homeland security office, with an intelligence Fusion Center and a grant section. As the homeland security advisor, I am directed to allocate and disseminate federal resources to enhance the capabilities of first responders throughout Kentucky. We now base allocations on priorities of critical need. Peer reviewers from different sides of the states are tasked by the grants section, who are subject-matter experts representing each first responder discipline. Applications are reviewed, and only those that meet an acceptable level of the predetermined parameters of critical need are advanced.
The Kentucky Intelligence Fusion Center’s primary task is to ensure the governor; first responder decision-makers at the local, state and federal level; and the public are equipped and properly informed of the most relevant and accurate information in the event of any threat or hazard.
We define a threat as being manmade or criminal, and a hazard encompasses natural and/or manmade concerns. The fusion center maintains situational awareness on organized crime. We’ve implemented a robust organized-crime working group of law enforcement-only professionals who share information and intelligence. We have a critical infrastructure analyst whose responsibilities include maintaining situational awareness on the 16 sectors of critical infrastructure and key resources, applying laser-like focus on four lifeline sectors — communication, energy, transportation and water/wastewater.
The international terrorism and domestic terrorism analysts, focuses on international and/or domestic terror incidents that may have a direct or indirect link to Kentucky. This administration is the first to implement a cyber security analyst who focuses solely on the cyber threats and trends that affect or may affect the commonwealth cyber networks.
The amount of information and intelligence we have to process, analyze and properly disseminate on a daily basis, while constantly facing shrinking budgets and resources, like every other agency in federal and state government, is insane. We have to maintain absolute situational awareness on all the portfolios I just mentioned. Information flows in from many different sources we develop, whether it is law enforcement agencies — federal, state, local or sheriffs’ departments — fire personnel, emergency personnel, open-source information from media or the Internet. Our job is to gather information, apply critical thinking and analytical process in order to produce actionable intelligence. Actionable intelligence is critically needed by an end user or first responder, whether they are law enforcement, emergency services or a private-sector partner that maintains operational control of a critical infrastructure sector — and approximately 85 percent of Kentucky’s critical infrastructure is owned by private entities. It takes many resources, critical thinking, time and war gaming to be able to put all that information together and turn it into usable products that can save lives. We are the only state agency in Kentucky that connects all those dots, the only state agency that has resident networks where we actually can access classified information from the global U.S. intelligence community in order to augment and/or enhance the commonwealth’s homeland security efforts.
So what does that mean? We have to gather all pertinent information, depending on the classification, in order for us to disseminate intelligence. The information must be relevant and, without any question, accurate. We then determine how to disseminate that information to appropriate end users. Meanwhile, we must protect the information. We can’t just let it go without controls in place, or adversarial players would exploit that carelessness, as we’ve seen on the national stage lately. The receiver of the intelligence must have placement, access and need to know per federal law, and also appropriate security clearances to access information. It’s our responsibility to figure out how that information is disseminated and that it is properly disseminated so bad things don’t happen.
HOW DO YOU DO THAT? THAT’S A BIG MANDATE.
Honestly, I haven’t had a good night’s sleep since February, when I was appointed. Every single day we are hit with new stuff. I don’t want to sound like I’m complaining or being pessimistic; however, we are constantly hit with information that would scare most people. We have to maintain calm, collective heads. Next we engage in “war-gaming”, outlining how we are going to analyze, collaborate and disseminate the information, while being mindful of the sensitive nature of anything we produce. We achieve this balance by having strict processes and following the rules. Our bottom-line purpose is to ensure information and intelligence are properly disseminated and that the governor, first responders and other key decision-makers are equipped with the information and resources needed to address each threat or hazard facing the commonwealth.
We have intelligence liaison officers we bring in from different entities who have a homeland security stake, whether that’s from the first-responder community or private sector who represent industry within the 16 sectors of critical infrastructure. We bring them in and train them in gathering and collaborating critical information that affects state and/or national security, but most of all, to build collaborative relationships.
HOW DO YOU BALANCE KENTUCKY GOV. MATT BEVIN’S COMMITMENT TO TRANSPARENCY WHILE PROTECTING CRITICAL INFORMATION?
Now, here’s a challenge, especially when you’re dealing with classified information. This is what makes the boss so great — his dedication to government transparency. This philosophy ensures taxpayers and citizens of Kentucky have access to what their government is doing and how it’s expending resources. That can become a bit of a challenge in homeland security because we often deal in sensitive, and sometimes classified information. But one of my primary responsibilities and personal philosophies, having been a former certified inspector general, is that I’m all about giving the public access to what we do to ensure they know how their resources are spent and how decisions are made. Information and intelligence will be shared and disseminated properly and legally.
That’s the challenge. In the past, homeland security as a whole got a bad rap, nationally. We’re changing that. This goes back to the question about how we do what we do. Social media is huge for us to get unclassified information out to the public, taxpayers and everyone who has stake in homeland security. We are very careful about not just putting generic, unusable information out there. Not only do we strive to inform first responders and decision-makers, we also want to ensure the public is also receiving needed information. Each time we brief or give a class, we ask is everybody in the room to do us a favor and go to Facebook to like our Kentucky Office of Homeland Security page. We use Twitter as well. When I started here we were reaching less than 100 people, now posts are reaching up to 25,000 people.
Again, the governor’s primary responsibility is to protect citizens. Our job is to ensure the governor has the information he needs. Our job also is to inform the citizens. Social media is a way for them to access that information.
We strive to get information out daily. Counterintelligence tends to focus on the dark side of things. So our director of Public Affairs and Community Outreach, Mike Sunseri, helps balance me to ensure we get positive messages out there as well. We made a management decision that since we put out a lot of bad news, on weekends we try to focus on more positive information, including profiling one of Kentucky’s first responders on Saturdays.
WITH LESS THAN A YEAR UNDER YOUR BELT IN THIS POSITION, WHAT ARE YOUR TOP ISSUES?
Going back to an earlier question, how do you do it all? Again, it’s about being able to make effective decisions on threats and hazards as fast as you can without making decisions in a vacuum or in an emotional state. Those who critically think and can make decisions on threats and hazards in a timelier manner are going to be more successful. Success means decreased response times and maximized safety of all involved. It’s tough and it takes a team effort.
For instance, one of the primary threats the U.S. is seeing right now is the active shooter/aggressor. We made a determination early in the administration that a void existed. We identified the critical need to train folks in dealing with active shooters. Since February, we have trained more than 5,000 people — state employees and private sector — on increasing survivability in active-shooter scenarios and identifying and reporting indicators before an event. As we are witnessing, often these events can happen at any time. That’s what we do. We have to determine what’s most needed and get the most relevant and pertinent information out. This program is getting huge. We are re-thinking how we get that information out to a larger audience, because everybody wants it.
Cyber security is in the news daily. Government and private-sector entities are getting hit by viruses, malware and ransomware constantly by different rogue players to terror-sponsored countries who have identified vulnerabilities within a network. With ransomware, basically you have a criminal player who surreptitiously attacks a cyber network and holds critical information hostage or may threaten to destroy a network unless a ransom is paid out, which is usually done in an online currency known as bitcoin. If the ransom is not paid, the information is gone or maybe the network is damaged or destroyed. This obviously is a very serious problem.
Testifying to the Veterans Military Affairs and Public Protection Committee in August, I spoke primarily on the state of our cyber security in Kentucky. In layman’s terms, on a scale of A to F, the grade I gave Kentucky as a whole, after talking to many subject matter experts, was a D. There are people who disagreed with me. Just a few days after I gave that unofficial D rating, Kentucky Department of Fish and Wildlife got hit with ransomware. A large amount of personal identifiable information was taken. Then one Sunday afternoon, I received a phone call from the U.S. Department of Homeland Security. Several hospitals in eastern Kentucky got hit with ransomware and their service were degraded to approximately 20 percent effectiveness. Imagine if a mass casualty situation occurred at that time.
I’m in no position, nor is Homeland Security, to tell the private sector how to conduct business. But the troubling trend — and this is also happening to financial institutions — is that we’re seeing business decisions to pay these ransoms thinking their systems will be restored. But there’s no guarantee.
How do you explain to private-sector entities that have millions of dollars at stake how they should move forward? We have established working groups of banking, cyber security entities and others to share information and collaborate so people can see best practices being used across the spectrum. We have to be very careful because when you’re dealing with the private sector, you’re dealing with proprietary information, so we have to take extra precautions to not divulge that type of information
All of these exercises, the war gaming, the hours of not sleeping at night — so what? There are so many exercises around the country. Everybody is conducting sophisticated simulations. The one thing I have noticed with all these events is that effective after-action reviews are not taking place. Best practices and worst practices that took place during those exercises are not effectively being recorded and shared with stakeholders. That’s a huge problem. Taxpayer dollars are being spent while pushing our resources to the limits through exercises, yet what’s being done with that information? That’s where I think we can do better nationally. We have to attain that knowledge, document the results, apply critical thinking and be honest with ourselves, and then develop courses of action for improvement. Most of all we must ensure the right stakeholders have that information so we don’t keep repeating the same mistakes.
WHAT CONCERNS YOU ABOUT THE CURRENT STATE OF KENTUCKY’S HOMELAND SECURITY?
What keeps me up at night? Around 2003, the interoperability law was established in the state of Kentucky. Meanwhile, shortly after 9/11 the intelligence fusion center concept was pushed out to all the states. Millions of dollars were dedicated to each of these fusion centers. That money was meant to be used in specific ways to increase state capabilities for dealing with threats. We learned best practices from 9/11 and other events like Hurricane Katrina. After-action reviews were conducted through legislative commissions and other government bodies. Results showed us that states had a critical need to have interoperability in order for all first responders — law enforcement, firefighters, emergency responders — to be able to communicate in emergency events.
Kentucky is one of the last states to have a statewide radio system. We have spent millions, if not tens of millions of dollars on communications interoperability. It’s 2016 and we have no statewide interoperability. Where did all that money go? That’s what keeps me up at night. We have got to figure out how to have interoperability.
One of the biggest obstacles I’ve seen in interoperability is a lingering past culture of divisiveness that still exists amongst some emergency agencies. We have to think collectively and critically about making Kentucky safer by coming together and figuring out solutions on interoperability and so many other issues. We must communicate. We are one major disaster away from potential chaos. We have to dedicate resources to interoperability, and it’s not cheap. But working together is paramount. Emergency services have to work together — local, city, state and federal governments. We must figure out how to implement interoperability in Kentucky. We have to work as a collective or we’re going to continue failing and increasing risk.
YOU MENTIONED ACTIVE-SHOOTER TRAINING. WHY IS OFFERING TRAINING SO IMPORTANT TO THE KOHS MISSION?
Remember when I spoke earlier about asymmetric threats? The asymmetric threat is constantly evolving. The citizens of Kentucky, the decision-makers and those in the homeland security realm must ensure our way of thinking also evolves so we adequately can face tomorrow’s threats. Not evolving in our way of thinking from the old ways of doing things simply increases risk to life, property and wasteful spending.
Government tends to get into routines. The problem with that is when folks settle into routines, many stop thinking outside of the box and that becomes dangerous, especially in dealing with homeland security issues. That’s why it is so important for us to constantly keep people updated on training and trends. That’s why we constantly conduct analysis to ensure all information readily is available.
DISTRIBUTION OF GRANT FUNDING AND RESOURCES IS ONE OF YOUR PRIMARY RESPONSIBILITIES. HOW DOES KOHS DETERMINE WHO RECEIVES THE FUNDS THAT COME THROUGH THIS OFFICE?
Seventy percent of our funding comes from federal grants. Eighty percent of those dollars go to Kentucky communities and homeland security. We just recently awarded several entities $2.7 million. Now think about that. $2.7 million to offset the cost of response to threats and hazards in 120 counties. Every county has its own funding issues. We have to go through every one of those applications and figure out where that money is best spent. That money can buy communications equipment, first responder equipment, CBRNE (Chemical, Biological, Radiological and Nuclear Defense Equipment), personal protective gear for agencies, security equipment and, in some cases, cyber security alarms. We had more than $15 million in requests for this grant cycle.
Hopefully this winter we are going to have another funding stream by the federal government we can offer. The Department of Homeland Security doesn’t guarantee consistent funding to fusion centers. At the beginning, when fusion centers first began, hundreds of millions of dollars were set aside to get them up and going. Kentucky is one of the last states still relying solely on those federal funds. If that funding stopped, guess what? There would be no Kentucky Office of Homeland Security. That’s a huge problem. Many states have figured out how to take it upon themselves to ensure funding by making it a priority.
On a good note — not to sound so negative — we also offer the Law Enforcement Protection Program. Funding is derived from the sale of confiscated firearms at public auction by the Kentucky State Police. We take 80 percent of that money and push it back into local law enforcement communities. We can pay for items like armor, bullets, service weapons and Tasers. Just like I told you earlier about information intelligence, it’s important for us to get resources out there to end users, just as its important to get those monies to end users as well.
WHAT IS IT ABOUT WHAT YOU DO OR OFFER TO LAW ENFORCEMENT THAT YOU FEEL THEY MAY NOT UNDERSTAND OR KNOW IS AVAILABLE TO THEM THAT YOU WOULD LIKE TO ENSURE THEY KNOW ABOUT?
What many don’t get is that they are formulating biased ideas of what we do on what they have dealt with in the past. That’s history, and reality is far from that now. I’m not throwing stones toward anybody or any administration. I am an intelligence officer, that is what I am. Fusion centers are intelligence-based. It is very important, in my opinion, for positions like these to have people equipped with experience along those lines, whether it is in the intelligence field or law enforcement, to fill these critical positions in each state in order for the process of information sharing to be facilitated throughout, to keep information flowing legally, and be sure it gets to the right people. That is what I feel has changed. It is a paradigm shift from what it was. We are creating something new that matches the true spirit of what this office originally was supposed to be, what the tax payers actually paid for and expect it to be.
WHAT GOAL DO YOU HOPE TO ACHIEVE IN YOUR TENURE AS KOHS EXECUTIVE DIRECTOR?
To once again place state and national security matters at the highest of priorities and to extinguish the lingering pockets of divisiveness in order to effectively handle threats and hazards by decreasing response times, maximizing safety and ensuring resources are properly and effectively allocated throughout the commonwealth. One agency alone cannot do it. Trust me, there are enough threats and hazards for all agencies to share in the responsibility of mitigating them. Constant, efficient and effective engagement is a must. We have to come together and figure out solutions to problem sets like interoperability. It will save lives if we do. Most of all to constantly develop the plan. The final plans never will get ahead of the ever-evolving, asymmetric threats; however, the constant planning is indispensable