But the threat is evolving, I think there is tremendous -- sort of convergence, at least, of views on this and something that I have been part of being able to share with the -- as a result of my being a member of this National Security Preparedness Group, led by former 9/11 Commission chairs Tom Kean and Lee Hamilton.
Essentially what we're seeing is a fundamental evolution in the terrorist threat with increasingly a homegrown quality, but also a focus on smaller scale attacks. And this is driven in part because the capacity to take on large-scale attacks has clearly been hampered. But we've also been, because there's been a bit of an "ah ha" moment for Al Qaida and its affiliates, which is you really don't need big, spectacular attacks to get big results.
You can get a big bang, particularly in terms of disruption, by doing relatively small-scale things that basically lead to a reaction or, in many cases, overreaction that's very costly and very disruptive for the side that you're targeting.
And so with that, we end up with what Commissioner Ray Kelly of NYPD has called essentially evolves into a "let a thousand flowers bloom" kind of strategy where the recruitment threshold is much lower, and you're willing to essentially allow lone wolves or lone wolves with a few allies to go off and cause mischief.
Now, that's the broad backdrop we're now, I think, having to look at the transit security in. We have both the homegrown dimension to it and the fact that we're looking at one and two and not looking for necessarily massive catastrophic scale attacks but things of the ilk that are really disruptive, certainly can achieve mass loss of life, and very visible sort of attacks.
And mass transit, not surprisingly, and rail freight, as well, become very attractive to satisfying these two criteria. They're open systems spread across vast geography that are also accessible, that are very time-dependent. Therefore, the ability for a relatively small operation to get into the system is small.
The goal is to disrupt the system so you don't need massive kinds of things -- a derailment or taking out commuters in a single car. If that leads to a shutting down of the system for a period of time, you're really starting to have a consequence. And if it leads to essentially Washington then coming up on the fly with lots of new requirements to reassure the public, that can be very expensive and disruptive.
So what I would suggest is that while we -- we -- we do not have, right now, immediate intelligence that I'm aware to say that this is -- something is unfolding in our cities, we have enough in terms of general intelligence about that this is a sector that's being targeted. We have examples of it being targeted. We need to focus to much greater degree.
So now into my don'ts. What do we not want to do as we tackle this problem?
I essentially would advance here that, overall, we need to move away from essentially a law enforcement-centric, screening-centric approach to tackling this issue because both the difficulty of doing so, but also because of the opportunity of taking a much different model.
So my first don't is we should always avoid, in any homeland security endeavor, I would argue, and certainly in the case of rail and transit security, is avoid alienating the public that security officials are obligated to protect.
This is actually something David Petraeus has figured out in Iraq. Its key is that you need the cooperation and collaboration of the people that you're protecting, and you want to make sure that we're seen as part of the solution and that they understand the risk and they're playing a collaborative role.
And we have a tremendous ability within the transportation system to essentially coerce people to comply -- if you want access to the system, subject yourself to A, B, C -- but it's not necessarily the way you win hearts and minds.
And given that we have limited resources to be able to effect something of that scale in the transit system, that's something that I think we should not want to head down their path.
The second is avoid promising more than you can deliver. This is something that, I think, is fundamental to -- to governance overall, but we don't want to set expectations along what we can -- beyond what we can deliver.