The Hindustan Times recently published an article arguing that if India had only invested in IT systems with a common information pool, the Mumbai attacks could have been prevented because information had been received elsewhere that Mumbai was a target.

It’s interesting to see IT portrayed as the panacea solution to countering the threat of terrorism. As with countering any human-based threat, a capability must be created. A capability integrates doctrine, personnel, training, equipment, equipment support, political activities, media relations and other considerations, including IT (equipment and systems).

Buying the IT isn’t enough – because IT on its own simply provides a warehouse of information. The assertion that if there were a common pool of information Mumbai police would have been alerted is misleading. A PHONE CALL would have achieved the same result.

I don’t disagree that information systems supporting the CT effort provide force multipliers, but IT can only support the organizational cultures, not replace them. For instance, most Mumbai police remain unarmed, but the armed police have graduated from .303s to modern assault rifles. Unfortunately, the training to accompany that equipment is minimal, potentially actually increasing the threat to civilians while posing no additional deterrence to well-trained terrorists, who will go through badly trained police like a hot knife through butter.

Counter-terrorism, like countering smuggling, organized crime, narcotics and others, requires collection of information, converting information into intelligence and directed intelligence operations, which trigger operations. These proactive activities must take place simultaneously with a risk management approach to ensure that if unforeseen incidents occur, there are suitable measures in place and responses to manage the incident quickly.

IT is an important part of the information gathering process and can assist in converting information into intelligence; however, anyone who believes that simply dropping all the equipment noted in the article will suddenly cure the terrorist threat in India is setting themselves, and India, up to fail in the face of the next terrorist attack.

For those who seek to challenge this assertion, saying “well, IT worked in America – there haven’t been any other attacks since 9/11,” I suggest you look at the non-technical changes to methodology and investment in human activities that has accompanied the IT investment. In the U.S., there are still “turf wars;” it appears the lack of a phone call between organizations takes us back to where we started – that culture and a capability development approach, not IT, has to be the foundation when organizing a counter-terrorist effort.