The fact that we live in an open society is an inherent risk. Our borders are porous, our water and agriculture are accessible, and our information technology (IT) infrastructure is littered with single points of failure. We lull ourselves into a false sense of security by thinking that great America must be able to outdesign, outmanage, guard, mandate, and legislate our nuclear arms with the best-trained military personnel in the world. This is obviously not the case. We cannot defeat an entity we cannot see beyond or within our borders. We have found it challenging to declare and to win a war on a noun or adjective (e.g., the war on drugs). Without borders, uniforms, or structure, it is hard to measure effectiveness of such a war. (Cyberthreats are discussed in Chapter 15.) Zero risk or 100% security is unobtainable in any society, and the lower the security, the more open the society. The goal is to mitigate risk to a reasonable level given the data, field or location, and resources available. We do not design earthquake criteria in nonearthquake zones; you get the idea.

We live in an open society. This is good news and it is also bad news.

Let me articulate the more obvious acts of God that site selectors, consultants, and their end users are concerned. Exhibit 3.1 is a work product that is often used to guide us through the site selection process. The idea is to weigh the category based on the user's sensitivities and our experiences ...