The list is long, but among the more salient attributes are:

1. Advanced warning of the possibility of such events
2. Insufficient political will to make prior investments that would mitigate their impact
3. Ambiguity about accountabilities in fashioning a response
4. Relative clarity—in hindsight—only about what should have been done
5. Reliance on improvization in responding to the event
6. Resort to traditional managerial prescriptions in recommendations for improving things the next time

Four of the first five items are the norm in highly nonlinear situations, where instability, unpredictability, and turbulence reign, and where "far from equilibrium" conditions mean that small changes can have enormous consequences. The exception is item 2, which has to do with aspects of American culture (e.g., a low capacity for deferred gratification), and the commensurate presumption that re-election to political office depends on short-term and local, rather than long-term and global decisions about how resources are allocated. Former Secretary of State Madeleine Albright made this point succinctly and convincingly in her testimony before the 9-11 Commission: the government didn't do much of anything about Bin Laden and Al Qaeda prior to 9-11 because we the people would not have supported doing much of anything.

Katrina and 9-11 are history, even though their consequences extend far into the future. What can we learn from them about how to improve our performance in the next high-impact nonlinear event, such as an avian flu pandemic? And how could a National Security Enterprise contribute by addressing item 6 with a vastly superior way of managing large-scale responses to unpredictable security threats?

President Bush has raised the question of the military playing the lead role in such situations. Although there is an instinctive (and healthy) Eisenhower flinch by many at the thought of the military taking charge of domestic crises, it’s not hard to understand the features that made the idea worth surfacing: the military has scale, many of the most important response capabilities, and a well-defined command and control structure. Moreover, the Department of Defense (DoD) is the source of some of the highest quality thinking done anywhere about the implications of responding to the unpredictable change that is baked into the logic of the Information Age.

Take, for example, the DoD’s Network Centric Warfare imperatives of "massively distributed decision-making; local self-synchronization; shared situational awareness; and speed of command." These are crisp labels for some of the more important adaptive survival traits. They also reflect the kind of behaviors that federal intelligence and security communities were said to be incapable of by various 9-11 post mortem investigations. Most would agree that these characteristics were lacking in the Katrina response, as well. Confusion about authorities, accountabilities, and the availability of capabilities were obvious, as were questions about the competence of some individuals.

The difference between the response to 9-11 and to Katrina was not better planning, but better improvizing by more competent local and federal leaders. This might be called "the heroic model" because of its reliance on exceptionally talented individuals to overcome the systemic inadequacies of our legacy efficiency-centric concepts of strategy, structure ,and governance. Relative to the demand, there is a severe shortage of Russell Honores. (Honore is the colorful and exceptionally effective army Lieutenant General who brought "Don’t do stupid" and "Understand the difference between activity and progress" leadership to the Katrina response effort.)

The industrial-age management precepts that are still institutionalized in both government and private sectors systematically discourage precisely the adaptive behaviors we celebrate in our crisis-management heroes. That management system is predicated on predictability and efficiency. Strategy is a plan of action; structure is a set of vertical hierarchies of authorities linked by processes (aptly called "chains"), with the knowers at the top and the doers at the bottom. Governance is command and control (actually, in most large commercial organizations command and control has been replaced by "communicate, budget, design processes, and hope.")

So deeply ingrained and unchallenged are the principles of the legacy management system that most readers of the 9-11 Commission report—after becoming convinced that the Commission had nailed the problem (U.S. intelligence badly needs more accountability, collaboration, and information sharing)—would nonetheless find unremarkable the Commission's following organizational recommendation:

It seems unremarkable because we are so used to seeing this kind of picture. But in terms of the issues to be addressed, it is truly remarkable precisely because it is so traditional. It deals with the accountability issue by adding yet another "knower”" layer at the top. The sharing and coordination issues are not addressed at all (in this picture), presumably awaiting subsequent process designs that will specify and sequence all the response options and contingencies that can be predicted in advance. And even the most casual viewer can readily see the battle lines where future turf and budget wars will be waged. The Department of Homeland Security probably has a similar looking design, and Katrina demonstrated the impact on responsiveness of interposing a layer of DHS approval between FEMA and the President.

This picture is most emphatically not the way an adaptive organization looks or behaves. Adaptive people should not be—but regularly are—asked to improvize successfully in spite of the legacy structure and management system. Not many people are highly skilled in getting things done by not breaking too much glass as they finesse, evade, and ignore the institutionalized management system. Katrina makes it very clear how dangerous it is to rely on having an adequate supply of heroes on hand to handle the unpredictable. In order for ordinary people to achieve exceptional results, management must step up to its accountability for providing a management system that fosters and leverages coherent improvization—one premised on adaptability and effectiveness rather than predictability and efficiency.

In an adaptive enterprise, such as the National Security Enterprise (NSE) is envisioned to be, strategy becomes structure: a structure for action, featuring the synchronization and binding of capabilities at the latest possible moment, rather than at process design time. Structure becomes a system architecture of modular roles and accountabilities in which the interactions between capabilities, rather than the actions of them, are specified. These interactions are expressed as inter-role commitments to an exchange of outcomes and deliverables, with unambiguous accountability for the effects those outcomes produce.

And governance becomes Context and Coordination, where Context is a declaration of:

• organizational purpose (Reason for Being)
• Global Constraints and Restraints (Governing Principles)
• how people in accountable roles relate to one another to carry out the Reason for Being (Role and Accountability Design)

Coordination is self-synchronized from the 'Effect back,' using a technology-enabled Commitment Management Protocol to create and track the dynamically changing commitments between roles, and to propagate the Global Governing Principles as conditions that must be satisfied in carrying out any commitment.

Massively distributed decision-making is made coherent by the Governing Principles and by the Role and Accountability Design that shows the "Who Owes What to Whom" architecture of roles. These roles, and the capabilities they have at their disposal, are determined by a decomposition of the Reason for Being into subsystem roles, each of which is held accountable for using the capabilities at its disposal to create specified outcomes for other roles. These roles can be located in local, state, federal, private sector, or coalition partner "home rooms." The National Security Enterprise becomes, in that sense, a "real" virtual organization.

In a National Security Enterprise designed and managed as an adaptive organization, "Who Owes What to Whom" would never be a mystery because the strategic relationships are explicitly addressed by the Role and Accountability Design. Operational and tactical capabilities would be created by local managers when they decompose their accountability into subordinate roles. And some tactical role designs are created in the fray and on the fly...improvizationally, but always coherently, because they are systematically tested for conformance with higher-level designs and the global constraints and restraints.

The highest-level design, once adopted, becomes the national security "strategy as structure for action." Investments are then made to stand up to the capabilities specified in the design, which will be sourced from military, intelligence, homeland security, FEMA, local police and fire departments, Centers for Disease Control, engineering firms, hospitals, et alia. Roles are populated with individuals who might reside in a state, local, federal, or commercial sector "homeroom." The decisions about who populates a given role are made or approved by the person who is held accountable for the higher-level outcome to which the role in question is a contributor.

Note that the NSE need not "own" any of these capabilities—only the architecture and requisite authorities to populate and provide resources to the roles in the design. The actual use of those resources is event specific, and would be substantially different depending on the nature of the event. The response manager for an avian flu pandemic would dispatch a very different set of homeroom resources—and be a very differently skilled individual—than would the response manager for a chemical attack on a Chicago El station, or a 7.9 earthquake on the San Andreas fault, or a local disaster that requires resources housed in federal agencies.

This short essay is intended only to provide the bare outlines of how sense-and-respond managerial concepts could contribute to an adaptive and robust NSE. It does not treat many other important adaptive enterprise concepts, such as the scalability of successively more granular role and accountability subsystems. The emphasis here is on some of the benefits to be derived, such as:

1. The clarification of purpose that a NSE reason-for-being will provide
2. The modular nature of component capabilities that makes possible an exponential increase in the number of national security response configurations, the seamless incorporation of both highly proceduralized and highly improvizational behaviors
3. The intrinsic and dynamic alignment of organizational roles around a common purpose, and the corresponding elimination of sub-optimizing components that are a hallmark of industrial age management
4. The creation of a National Security Enterprise as a scalable design for security, not as a behemoth bureaucracy

In this vision, the NSE would not be designed to respond efficiently to predicted security challenges, but to respond effectively to the challenges that actually present themselves, be they predictable or surprising.