IAME 2022 - EMVision Talk - Basic Tech Literacy in EM Is Not Good Enough
Back in 2022, I had been deeply involved with IAEM’s Emerging Technology Caucus. This work had begun around the start of Covid but it was deeply tied to a radical shift in my relationship to academia.
When I first got my PhD, I was deeply ivory tower oriented. I wanted to explore theories, philosophies, the humanities, and the place of computing in culture. I was essentially going to be a traditional HCI faculty who focused partially on the same sort of projects we all do. But when COVID began, this shifted toward trying to understand the nature of how we plan for risk and react to it when it is in front of us.
For IAEM’s EMVision talk, there was a lot of feelings wrapped up in it. It was important as I had just spent 4 years working on my mental health. As a result, going to this conference was filled with a lot of talking to my therapist in addition to talking to my wife, every hour of every day I was away. I was working with a new set of expectations and was not always great at communicating them.
My goal in getting involved with IAEM was mostly to try and understand why this article was written: Crisis Informatics: New Data for Extraordinary Times. In it, some of my academic heroes outline that they had failed. They note that there is enormous potential in data for disaster planning and response and that there is a fundamental paradox wherein (in their view) data is more useful than television or radio. Despite that, there are no true use cases that are apparent within computing as there is in television and radio.
*Now, this is BEFORE AI would come to dominate as a solution without a use case that folks would get excited about; however, that is a different conversation. *
I thought i’d post the script of the talk that I gave. It was recorded but apparently all recordings were lost.
Hi everyone!
In 2021, just before the super bowl, someone illegally accessed an industrial control system near Tampa Bay
They used a 15 year old username and password that had never been changed.
The person who used this password attempted poison the water near where the super bowl was going to be held.
The attack was thwarted not because of cybersecurity, but because someone happened to walk by.
The point of this story is that Technology is quickly becoming a menace in emergency management.
This menace has shut down EOCs, PSAPs, Hospital/medical systems, even entire Universities and all of it was avoidable. Billions of dollars of damage prevented with a few minutes.
Last year, I ran a study focused on the technical capacity of emergency management. With the help of the emerging technology caucus, we adjusted a survey instrument meant to help teachers understand the technical skills of incoming students to focus on tech in EM.
What we found was that regardless of age, gender, socio-economic background, or education, the EM practitioner’s technical capacity is lower than even my Grandma’s is…and she died in 1997.
Some of you may say, who cares? And that’s true, who does care?
And to this I say, the menace is hidden behind ignorance, we simply don’t know that the menace is there, but its gaining a whole lot of momentum thanks to that ignorance.
And yet, left unchecked, the menace will inevitably cause a national incident resulting in extremely expensive reactionary moves. We will spend billions on ineffective policy at that point rather than a few million now.
And so we get to the point where I hear someone say, “What can I even do? I dont know anything about technology.”
To this, I say that there are 3 ways for us to embrace the computer without becoming a ~nerd~, a computer scientist.
The first of these is to simply Get curious about technology and how it causes disaster.
This is perhaps the most important aspect of your work, to prepare for disaster.
Like fire, wind, flooding, earthquakes, and hurricanes, Technology is a vector for disasters as well as an agent that can make any response effort worse.
And yet, you may not see why and so i’ll add to this that if you all spent your time ignoring fire as a firefighter, would firefighters be effective?
**Second, I would tell you to Demand trainings on how technology works. ** If i’m proposing a need for EM to get curious about tech, the most simple way to enhance (and reward) that curiosity is through trainings.
We are here today in a conference being put on by the agency responsible for CEM.
We had to train to understand our jobs.
Technology should become part of that training.
Understanding technology in this way is just as important as another training about ICS.
Get curious, get trained, and what else?
**Finally, with your new knowledge you can tell software makers what you need software (and hardware) to do. ** As we’ve wandered around the world of EM, one of the most common phrases we have heard has been, “I don’t know what I don’t know” when we ask, “how could technology help you save lives?”
If you: 1) get curious, and 2) get trained, then 3 allows you know know what you could know…and use it~!
While simple in their approach, each of these items will deepen EM’s capacity, foster easier connectivity between emergent groups and EM, and allow EM the capacity to fight misinformation, disinformation, and other forms of cyberattacks.
I will finish with this note:
In the next 7 minutes, there will be thousands, if not 10s of thousands of cyberattacks in the US and the rate is increasing.
If that doesn’t scare you, replace the word cyberattack with tornado.
An update from this is that I ended up writing a case study of the hack in Oldsmar (which probably wasn’t a hack in the end) and what’s more interesting is the recent discussion of this hack where a plant employee made an error and blamed it on hackers resulting in a massive technology overhaul not really related to the Industrial Control System.
The most fascinating part of the hack that wasn’t a hack is that everything in the case study is true even if the hack isn’t real because the vulnerabilities were just sitting there in the clear.
I think a lot about this talk every day as it marks a significant shift from being in academia to wanting to do good action-based work outside of academia and writing as a hobby.