Homeland Security
Homeland Security
Homeland Security
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Homeland</strong><br />
<strong>Security</strong><br />
CPM 2008 West<br />
(Contingency Planning and Management)<br />
NIPP, SSA, SCC, GCC, and HSIN:<br />
The New Language of Critical Infrastructure Protection<br />
Steven G. King<br />
US Department of <strong>Homeland</strong> <strong>Security</strong><br />
May 2008
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Background – Terrorist Attacks Targeting the United<br />
States<br />
‣ Predate 9/11 and include the first attack on the World Trade Center<br />
‣ PDD-63 was issued in May 1998 by President Clinton to address critical<br />
infrastructure vulnerabilities. Specifically, it established:<br />
• The National Infrastructure Protection Center<br />
• A National Counterterrorism Coordinator<br />
• Information Sharing & Analysis Centers<br />
• A National Infrastructure Assurance Council<br />
• A Critical Infrastructure Assurance Office<br />
‣ PDD-63 also laid out a framework for protecting<br />
infrastructure based on a strong partnership<br />
with the private sector<br />
WTC garage following 1993 bombing
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Background – The September 11, 2001 Attacks<br />
‣ Added urgency to infrastructure protection efforts, leading to passage of<br />
The <strong>Homeland</strong> <strong>Security</strong> Act of 2002 and the creation of DHS<br />
‣ <strong>Homeland</strong> <strong>Security</strong> Presidential Directive (HSPD) – 7 was issued in Dec 03, 2003<br />
superseding PDD-63. This directive:<br />
• Served as a foundation for characterizing the<br />
17 critical infrastructure/key resource (CIKR) sectors<br />
• Requires development & implementation of a<br />
national plan for critical infrastructure protection<br />
• Requires the Federal government to work in<br />
partnership with State, local and private sector<br />
stakeholders<br />
• Established “Sector Specific Agencies” (SSAs), emphasizing<br />
their collaboration with Federal, State, local and private<br />
partners to facilitate undertaking vulnerability assessments,<br />
risk management strategies, and information sharing and<br />
analysis mechanisms to protect CIKR
<strong>Homeland</strong><br />
<strong>Security</strong><br />
The National Infrastructure Protection Plan<br />
Build a safer, more secure, and more resilient<br />
America by enhancing protection of the<br />
Nation’s critical infrastructure and key<br />
resources (CIKR) to prevent, deter,<br />
neutralize, or mitigate the effects of deliberate<br />
efforts by terrorists to destroy, incapacitate, or<br />
exploit them; and strengthening national<br />
preparedness, timely response, and rapid<br />
recovery in the event of an attack, natural<br />
disaster, or other emergency
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Sector Partnership Model<br />
Critical infrastructure protection is the shared responsibility of the Federal,<br />
State, local, and tribal governments and the owners and operators of the<br />
Nation’s CIKR
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Sector Coordinating Councils<br />
‣ Sector governance is assured through a Government Sector<br />
Coordinating Council (GCC) and a Private Sector Coordinating<br />
Council (SCC), with subcouncils chartered for specific issues<br />
‣ GCC membership typically includes:<br />
• DHS agencies<br />
• Other Federal departments and agencies<br />
• State agencies<br />
• Territorial, tribal, and local representatives, as appropriate<br />
‣ SCC membership includes:<br />
• Asset owners/operators<br />
• Trade associations
<strong>Homeland</strong><br />
ecurity<br />
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Sector Specialists<br />
‣ DHS designates a Sector Specialist with recognized<br />
authority and experience to support each CIKR sector<br />
‣ Sector Specialists fill numerous roles:<br />
• Serve as focal points of infrastructure expertise,<br />
knowledge, and analysis<br />
• Maintain operational awareness<br />
• Foster working level relationships with industry and<br />
Federal agencies<br />
• Protect proprietary and business sensitive data
<strong>Homeland</strong><br />
ecurity<br />
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Sector Specialist Contact Information<br />
• Banking and Finance: Casey Smoot<br />
(Casey.Smoot@dhs.gov)<br />
• Defense Industrial Base: Brian C.<br />
Scott (Brian.C.Scott@dhs.gov)<br />
• Energy: William Cummings<br />
(Bill.Cummins@dhs.gov)<br />
• Food and Agriculture: Lyle Jackson<br />
(Lyle.Jackson@dhs.gov)<br />
• Healthcare and Public Health: John<br />
Martin (John.D.Martin@DHS.gov)<br />
• Information Technology: Christina<br />
Watson<br />
(Christina.Watson@hq.dhs.gov)<br />
• Telecommunications: Christina Watson<br />
(Christina.Watson@hq.dhs.gov)<br />
• Transportation: Juan Figueroa<br />
(Juan.Figueroa@dhs.gov)<br />
• Waste and Water: John Laws<br />
(John.Laws2@dhs.gov)<br />
• Interdependencies/Nuclear/Electric: Mike<br />
Cohen (Michael.Cohen@dhs.gov)<br />
• Government Facilities: LaVerne Madison<br />
(LaVerne.Madison@dhs.gov)<br />
• Monuments and Icons: LaVerne Madison<br />
(LaVerne.Madison@dhs.gov)<br />
• Postal and Shipping: Daniel Shultz<br />
(Dan.Shultz@dhs.gov)
<strong>Homeland</strong><br />
<strong>Security</strong><br />
SSA Requirements under the NIPP<br />
‣ The SSA serves as the primary Federal entity responsible for coordinating<br />
the unified effort to protect against and mitigate the effects of natural or<br />
man-made events against CIKR sectors<br />
‣ SSAs lead the effort to develop National Risk Profiles encompassing<br />
all CI/KR sectors<br />
‣ The NIPP levies 150+ requirements upon the SSA<br />
NIPP Risk Management Framework
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Sector Specific Plans<br />
‣ Detail the application of the NIPP risk<br />
management framework across each<br />
sector<br />
‣ Are tailored to address the unique<br />
characteristics and risk landscapes of<br />
each sector<br />
‣ Sector-Specific Agencies (SSAs)<br />
partnered with SCCs and GCCs to<br />
develop the Sector Specific Plans<br />
(SSPs)
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Sector Specific Agency Executive Management Office<br />
(SSA EMO)<br />
SSA EMO core mission processes<br />
enable IP effectiveness through:<br />
‣ Systematic NIPP Implementation<br />
‣ Targeted and consistent messaging<br />
‣ Leveraging critical relationships<br />
‣ Broad and deep subject matter<br />
expertise used to facilitate<br />
implementation of CIKR protection<br />
strategies<br />
‣ Bureaucratic viability due to robust<br />
constituency<br />
‣ Demonstrable, outcome-oriented<br />
results
<strong>Homeland</strong><br />
<strong>Security</strong><br />
IP Organizational Chart<br />
Office of the Assistant Secretary for Infrastructure Protection<br />
Resource<br />
Management and<br />
Planning<br />
Chief of Staff<br />
Administration<br />
Planning &<br />
Programming<br />
Procurement<br />
Financial<br />
Management<br />
Office<br />
Management,<br />
Facilities &<br />
<strong>Security</strong><br />
Human Capital<br />
& Professional<br />
Development<br />
IPExecSec<br />
Chemical <strong>Security</strong><br />
Compliance<br />
Division<br />
Infrastructure<br />
Information<br />
Collection<br />
Division (IICD)<br />
Infrastructure<br />
Analysis &<br />
Strategy Division<br />
(IASD)<br />
Protective<br />
<strong>Security</strong> Division<br />
(PSD)<br />
Contingency<br />
Planning & Incident<br />
Management<br />
Division (CPIMD)<br />
Partnership &<br />
Outreach Division<br />
(POD)<br />
SSA Executive<br />
Management<br />
Office<br />
(SSA EMO)<br />
Programs and<br />
Development<br />
Branch<br />
Inspections &<br />
Training Branch<br />
Adjudications<br />
Branch<br />
Information<br />
Management<br />
Branch<br />
Mission Support<br />
Branch<br />
IICP Branch<br />
Geospatial<br />
Branch<br />
HITRAC<br />
<strong>Security</strong><br />
Strategies Branch<br />
Risk Integration &<br />
Analysis Branch<br />
Infrastructure<br />
Analysis Branch<br />
NISAC<br />
Research &<br />
Development<br />
Analysis Branch<br />
Field Operations<br />
Branch<br />
Vulnerability<br />
Assessment<br />
Branch<br />
Protective <strong>Security</strong><br />
Outcomes Branch<br />
Office for Bombing<br />
Prevention Branch<br />
Contingency<br />
Planning Branch<br />
Incident<br />
Management Branch<br />
Readiness<br />
Branch<br />
Support<br />
Services Branch<br />
NICC<br />
NIPP Program<br />
Mgt Branch<br />
PCII Program<br />
Branch<br />
Infrastructure<br />
Programs Branch<br />
Infrastructure<br />
Coordination &<br />
Analysis Branch<br />
Interagency<br />
<strong>Security</strong><br />
Committee PMO<br />
Chemical Branch<br />
Commercial<br />
Facilities Branch<br />
Dams Branch<br />
Emergency<br />
Services Branch<br />
Nuclear Branch
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Sector Specific Agency Executive Management Office<br />
W. Craig Conklin<br />
Director<br />
Steven G. King<br />
Deputy Director<br />
Chemical<br />
Branch<br />
Amy<br />
Freireich<br />
Commercial<br />
Facilities<br />
Branch<br />
Dave<br />
Crafton<br />
Dams<br />
Branch<br />
Dr. Enrique<br />
Matheu<br />
Emergency<br />
Services<br />
Branch<br />
Kory Whalen<br />
Nuclear<br />
Branch<br />
Marc Brooks
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Chemical Sector<br />
‣ An integral part of the US economy, converting raw<br />
materials into more than 70,000 diverse products,<br />
many of which are critical to the health and well<br />
being of the Nation’s citizenry, security, and<br />
economy<br />
‣ SSA EMO works closely with IP’s Chemical <strong>Security</strong><br />
Compliance Division which is charged with<br />
overseeing the implementation of the Chemical<br />
Facilities Anti-Terrorism Standards (CFATS)<br />
‣ The Chemical SSP covers all facilities within this<br />
sector, regardless of whether they belong/fall under<br />
any regulatory program
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Chemical Sector Segments<br />
‣ Basic Chemicals<br />
• Large volume production w/homogeneous<br />
specifications<br />
• e.g., Petrochemicals, inorganic chemicals<br />
(chlorine)<br />
‣ Specialty Chemicals<br />
• Differentiated products manufactured in low<br />
volumes (e.g., Adhesives and coatings)<br />
‣ Agricultural<br />
• Fertilizers, pesticides, and herbicides<br />
‣Consumer Products<br />
• Employing simple chemicals and formulated along “brand lines”<br />
• e.g., Soap, detergents, and bleaches<br />
‣Pharmaceutical<br />
• Prescription and over-the-counter drugs, and diagnostic substances
<strong>Homeland</strong><br />
ecurity<br />
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Example Program: Web-based Chemical<br />
<strong>Security</strong> Awareness Training<br />
‣ Voluntary web-based training program is an interactive<br />
initiative to increase security awareness in chemical facilities<br />
nationwide<br />
‣ Expected to reach about 400,000 employees directly<br />
involved in the manufacture, transportation, and storage of<br />
chemicals<br />
‣ Designed for all facility employees, not just those traditionally<br />
involved in security<br />
‣ Model applicable across other CIKR Sectors
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Commercial Facilities Sector<br />
‣ Represents an enormous range of<br />
assets where large numbers of persons<br />
congregate to pursue business, conduct<br />
personal transactions or undertake<br />
recreational activities<br />
‣ Unique in that each owner/operator<br />
has distinct processes, assets and risk<br />
management approaches<br />
‣ It is critical that the CFS employ effective<br />
risk management programs that instill a<br />
positive sense of safety and security for the<br />
public as well as promote a favorable<br />
business environment
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Commercial Facilities Subsectors<br />
‣ Sports Leagues<br />
‣ Entertainment/Media<br />
‣ Lodging<br />
‣ Public Assembly<br />
‣ Real Estate<br />
‣ Resorts<br />
‣ Retail<br />
‣ Outdoor Events
<strong>Homeland</strong><br />
ecurity<br />
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Example Program: NASCAR Mass<br />
Evacuation Template<br />
‣ Template created in partnership with NASCAR for<br />
evacuation, re-location or shelter in place response during<br />
NASCAR events<br />
‣ Includes participation from the private sector, Federal<br />
and State security officials; and county and local<br />
emergency responders (fire, EMS, police)<br />
‣ Provides consistent approach to security and safety<br />
‣ Can be replicated for other large-scale events
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Dams Sector<br />
‣ Dams provide a wide range of economic, environmental, and social benefits,<br />
including hydroelectric power, river navigation, water management and supply,<br />
flood control, recreation, wildlife habitat, and waste management<br />
‣ Sector encompasses navigation locks, levees, mine tailing impoundments, and<br />
hydropower generation and control facilities<br />
‣ In a dam failure, the potential energy of the water stored is capable of causing<br />
massive immediate casualties, extensive property damage, severe long-term<br />
consequences due to loss of functions, and significant impacts to other sectors<br />
‣ Long-term disruption to the inland waterway navigation system by damage or<br />
malfunction of critical facilities could cause huge economic impacts
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Dams Subsectors<br />
Current sector emphasis on development of four subsectors in recognition<br />
of the enormous scope and diversity of assets within this sector<br />
Levees<br />
Mine<br />
Tailings<br />
Locks<br />
Hydropower<br />
Facilities
<strong>Homeland</strong><br />
ecurity<br />
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Example Program: Pacific Northwest<br />
Region Pilot Study<br />
‣ The Northwest relies on hydropower dams for more than<br />
60% of its electricity<br />
‣ Partnership with Pacific Northwest Economic Region<br />
(PNWER)<br />
‣ Leverages Federal, State, local, and private-sector data<br />
resources to investigate infrastructure interdependencies and<br />
cascading effects along the Columbia River Basin
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Emergency Services Sector (ESS)<br />
Oklahoma City Bombing - 1995<br />
‣ Encompasses the first-responder<br />
community and includes Federal, State,<br />
local, tribal, and private sector partners<br />
‣ Core capabilities of prevention, protection<br />
response and recovery<br />
• Federal Emergency Management Agency<br />
(FEMA) is a core DHS mission partner in<br />
this area although not part of the IP<br />
organization<br />
‣ The Emergency Management and Response<br />
Information Sharing and Analysis Center<br />
(EMR-ISAC) plays a key role within this<br />
sector
<strong>Homeland</strong><br />
<strong>Security</strong><br />
ESS Components<br />
‣ Law Enforcement<br />
‣ Firefighting<br />
‣ Search and Rescue<br />
‣ Urban Search and Rescue<br />
‣ Emergency Management<br />
‣ Emergency Medical Service<br />
‣ Special Weapons & Tactics/Tactical Operations<br />
‣ Explosive Ordnance Disposal<br />
‣ Hazardous Materials Response
<strong>Homeland</strong><br />
ecurity<br />
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Example Program: Best Practices Guide<br />
‣ Best Practices guidance is being developed to cover a wide<br />
range of issues that are of critical importance:<br />
• Incident management<br />
• Risk analysis<br />
• Exercises<br />
• Mutual aid<br />
• Other security related subject areas<br />
‣ Draws upon expertise from both the public and private sector<br />
in each of the nine disciplines included in the ESS<br />
‣ Positive cross-sector implications are significant
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Nuclear Reactors, Materials & Waste Sector<br />
‣ This sector owns, oversees and operates nuclear power<br />
reactors, research and test reactors as well as<br />
associated uranium mines, enrichment facilities<br />
and disposal sites across the U.S.<br />
‣ 104 nuclear reactors provide<br />
approximately 20% of the nation’s<br />
electricity<br />
‣ There are 33 research and test reactors<br />
‣ There are 2,900 licensees of IAEA<br />
Category 1 and 2 sources<br />
accounting for approximately<br />
18,000 sources
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Nuclear Subsectors<br />
‣ Nuclear power plants<br />
‣ Research and Test<br />
Reactors<br />
‣ Nuclear Fuel Cycle<br />
Facilities<br />
‣ Radioactive Source Production<br />
and Distribution Facilities<br />
‣ Nuclear Material Transport<br />
‣ Deactivated Nuclear Facilities<br />
‣ Radioactive Material Users<br />
‣ Radioactive Waste Management
<strong>Homeland</strong><br />
ecurity<br />
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Example Program: Prompt Notification<br />
‣ Protocol for quickly notifying critical infrastructure in all<br />
sectors in a given geographical area surrounding a critical<br />
infrastructure event (e.g., a terrorist attack)<br />
‣ Upon notification by the NICC of an incident, CIKR<br />
owners/operators can increase security posture to mitigate<br />
the effects of a geographically coordinated attack<br />
‣ 2007 pilot demonstrated successful coordination among<br />
DHS, NICC, NRC, and other, surrounding CIKR<br />
owners/operators<br />
‣ Positive cross-sector implications are significant
<strong>Homeland</strong><br />
ecurity<br />
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Critical Manufacturing Sector<br />
‣ HSPD-7 directs DHS to evaluate the need for<br />
coverage of additional CIKR categories<br />
‣ On March 3, 2008, the DHS Secretary<br />
authorized establishment of Critical<br />
Manufacturing as the 18th CIKR sector<br />
• Manufacturing characteristics, e.g., complex<br />
supply chains, create vulnerabilities<br />
• No other sector addresses manufacturing<br />
• Shares interdependencies with many<br />
sectors<br />
‣ SSA EMO will stand-up the new sector and<br />
integrate it into the NIPP structure
<strong>Homeland</strong><br />
ecurity<br />
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Critical Manufacturing Sector<br />
Critical manufacturing industries designated for the new sector:<br />
Manufacturing Industry Element<br />
Primary Metal Manufacturing • Iron and Steel Mills and Ferro Alloy Manufacturing<br />
• Alumina and Aluminum Production and Processing<br />
• Non-Ferrous Metal Production and Processing<br />
Machinery Manufacturing • Engine, Turbine, and Power Transmission<br />
Equipment Manufacturing<br />
Electrical Equipment, • Electrical Equipment Manufacturing<br />
Appliance, and Component<br />
Manufacturing<br />
Transportation Equipment • Motor Vehicle Manufacturing<br />
Manufacturing<br />
• Aerospace Product and Parts Manufacturing<br />
• Railroad Rolling Stock Manufacturing<br />
• Other Transportation Equipment Manufacturing
<strong>Homeland</strong><br />
ecurity<br />
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Interagency <strong>Security</strong> Committee (ISC)<br />
‣ After the Oklahoma City bombing, E.O. 12977<br />
established the ISC in 1995<br />
‣ ISC was transferred to DHS in 2003 and to the<br />
SSA EMO in 2008<br />
‣ Chaired by the Assistant Secretary for IP, the ISC<br />
is comprised of 21 primary members (including all<br />
cabinet-level departments) and 19 associate<br />
members<br />
‣ ISC’s mandate: to develop standards, policies,<br />
and best practices for enhancing the quality and<br />
effectiveness of physical security in nonmilitary<br />
Federal facilities
<strong>Homeland</strong><br />
ecurity<br />
<strong>Homeland</strong><br />
<strong>Security</strong><br />
<strong>Homeland</strong> <strong>Security</strong> Information Network (HSIN)<br />
‣ A computer-based counterterrorism communications system<br />
connects all states and major urban areas:<br />
• Supports collection and dissemination of information<br />
between Federal, State, and local security partners<br />
• Helps provide situational awareness<br />
• Provides advanced analytic capabilities<br />
• Enables real time sharing of threat information<br />
‣ Secure system handles Sensitive-but-Unclassified info now but<br />
can support SECRET
<strong>Homeland</strong><br />
ecurity<br />
<strong>Homeland</strong><br />
<strong>Security</strong><br />
<strong>Homeland</strong> <strong>Security</strong> Information Network (HSIN)
<strong>Homeland</strong><br />
ecurity<br />
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Emergency Response Information System (E-Plan)<br />
‣ Provides first responders with on-site hazardous chemical<br />
information for US facilities via the Internet<br />
‣ Available information includes:<br />
• Tier II reporting data<br />
• Maps of the area surrounding a facility<br />
• Chemical Hazards Response Information System data<br />
• Material Safety Data Sheets<br />
• Chemical profiles<br />
• Facility Emergency Response Plans,<br />
• Federal Area Contingency Plans<br />
• Chemical data from Risk Management Plans
<strong>Homeland</strong><br />
ecurity<br />
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Emergency Response Information System (E-Plan)
<strong>Homeland</strong><br />
ecurity<br />
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Integrated Common Analytical Viewer (iCAV)<br />
‣ Geospatial analytical tool unites <strong>Homeland</strong> <strong>Security</strong> mission<br />
partners through an integrated web-based architecture for<br />
information dissemination, analysis, and visualization<br />
‣ Imagery, data layers, and dynamic mission specific information<br />
feeds (e.g., threats, situation reports, weather, etc.) provide users<br />
with situational awareness with regard to threatened CIKR and<br />
population centers and response assets<br />
‣ Supports mission partners at all levels with an integrated<br />
geographic and common operating picture
<strong>Homeland</strong><br />
ecurity<br />
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Integrated Common Analytical Viewer (iCAV)
<strong>Homeland</strong><br />
ecurity<br />
<strong>Homeland</strong><br />
<strong>Security</strong><br />
CIKR Private Sector <strong>Security</strong> Clearance Program<br />
‣ Sharing information with security partners is critical to DHS’s<br />
mission. While most information is unclassified, there are<br />
instances when the information being shared is classified<br />
‣ The Private Sector <strong>Security</strong> Clearance Program provides a<br />
process for private sector officials to be cleared for a Federal<br />
security clearance<br />
‣ Private sector officials must be nominated by a Sector<br />
Specialist or a Protective <strong>Security</strong> Advisor who determines the<br />
official’s “need to know”
<strong>Homeland</strong><br />
ecurity<br />
<strong>Homeland</strong><br />
<strong>Security</strong><br />
CIKR Private Sector <strong>Security</strong> Clearance<br />
Program Process<br />
‣ Once a determination is made, the applicant<br />
will receive:<br />
• Questionnaire for National <strong>Security</strong><br />
Positions; electronic version (eQIP)<br />
• Authorization Pertaining to Consumer<br />
Reports to the Fair Credit Reporting Act<br />
• FD-258 Applicant fingerprint cards<br />
‣ A background investigation and records will<br />
undergo adjudication to determine eligibility by<br />
DHS<br />
‣ Since 2004, hundreds of private sector officials<br />
across the sectors have been cleared to view<br />
SECRET level information
<strong>Homeland</strong><br />
<strong>Security</strong><br />
Questions<br />
Steven G. King<br />
Deputy Director,<br />
SSA Executive Management Office<br />
steven.king1@dhs.gov