The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Protective Security Coordination Division Overview Brief
IP Vision and Mission Vision - A safe, secure, and resilient critical infrastructure based on and sustained through strong public and private partnerships Mission - Lead the national effort to mitigate terrorism risk to, strengthen the protection of, and enhance the all hazard resilience of the Nation’s critical infrastructure
Protective Security Coordination Division Mission Statement Reduce the risk of the Nation’s critical infrastructure to a terrorist attack by assessing vulnerabilities and consequences; developing, implementing and providing national coordination for protective programs; and facilitating response to and recovery from all hazards
The Role of Homeland Security Unify a national effort to secure America Prevent and deter terrorist attacks Protect against and respond to threats and hazards to the Nation Respond to and recover from acts of terrorism, natural disasters, or other emergencies Coordinate the protection of our Nation’s critical infrastructure across all sectors 4
Threats May Come from All Hazards
National Response Framework Guides how the Nation conducts all-hazards response Documents the key response principles, roles, and structures that organize national response Allows first responders, decision makers, and supporting entities to provide a unified national response
The Threat We will “hit hard the American economy at its heart and its core.” - Osama bin Laden
Homeland Security Presidential Directive 7 (HSPD-7) Effective December 17, 2003 Specifies the following key elements of the infrastructure protection mission: A strategy to identify, prioritize, and coordinate critical infrastructure protection Descriptions of activities which support each element of the strategy A summary of initiatives for sharing critical infrastructure information and for providing infrastructure threat warning data Coordination and integration with other Federal emergency management and preparedness activities The development of the National Infrastructure Protection Plan The national approach for critical infrastructure protection is provided through the unifying framework established in Homeland Security Presidential Directive 7 (HSPD-7). This directive establishes national policy for “enhancing protection of the Nation’s critical infrastructure” and mandates a national plan to actuate that policy. In HSPD-7, the President designates the Secretary of Homeland Security as the “principal Federal official to lead critical infrastructure protection efforts among Federal departments and agencies, State and local governments, and the private sector” and assigns responsibility for critical infrastructure sectors to specific Sector-Specific Agencies (SSAs). In accordance with HSPD-7, the NIPP delineates roles and responsibilities for security partners in carrying out CI protection activities while respecting and integrating the authorities, jurisdictions, and prerogatives of these security partners.
Critical Infrastructure Defined “Systems and assets, whether physical or virtual, so vital that the incapacity or destruction of such may have a debilitating impact on the security, economy, public health or safety, environment, or any combination of these matters, across any Federal, State, regional, territorial, or local jurisdiction.” Source: National Infrastructure Protection Plan 2009
National Infrastructure Protection Plan (NIPP) Comprehensive plan and unifying structure for the government and private sector to improve protection and resiliency of critical infrastructure, including Partnership model and information sharing Roles and Responsibilities Risk management framework Authorities Integration with other plans Building a long-term program Providing resources and prioritizing investments Contributes to both steady-state risk management and incident management Drives IP’s programs and activities, and guides those of Other Federal agencies and departments State, local, tribal, and territorial governments Critical infrastructure owners and operators Produced and updated as required by Office of Infrastructure Protection (IP) Provides the overarching framework for the protection of the nation’s critical infrastructure Completed in just over two years, required tremendous amounts of coordination at all levels Builds upon the cooperative relationships previously mentioned
Critical Infrastructure Sectors Agriculture and Food Banking and Finance Chemical Commercial Facilities Commercial Nuclear Reactors, Materials, and Waste Critical Manufacturing Dams Defense Industrial Base Drinking Water and Wastewater Treatment Systems Emergency Services Energy Government Facilities Information Technology National Monuments and Icons Postal and Shipping Public Health and Healthcare Telecommunications Transportation Systems 11
Critical Infrastructure Protection Challenges Majority of critical infrastructure assets are privately-owned DHS has limited legal authority to regulate security practices of private industry (exceptions: high-risk chemical facilities, Transportation Security Administration, US Coast Guard) DHS works with industry and Federal entities, as well as State, local, tribal, and territorial governments to protect critical infrastructure Coordinated through the NIPP To help communities better protect the Nation’s assets, DHS deployed Protective Security Advisors (PSAs) throughout the country
Protective Security Advisors (PSAs) 93 PSAs and Regional Directors, including 87 field deployed personnel, serve as critical infrastructure security specialists Deployed to 74 Districts in 50 States and Puerto Rico State, local, tribal, and territorial link to DHS infrastructure protection resources Coordinate vulnerability assessments, IP products and services, and training Support response, recovery, and reconstitution efforts of States affected by a disaster Provide vital link for information sharing Assist facility owners and operators with obtaining security clearances During contingency events, PSAs support the response, recovery, and reconstitution efforts of the State(s) by serving as pre-designated Infrastructure Liaisons (IL) and Deputy ILs at the Joint Field Offices (JFO) Developed over 50,000 individual working relationships with Federal, State, local, tribal and territorial critical infrastructure protection partners
PSA Locations 14
Value of the PSA Program to You PSAs: Support comprehensive risk analyses for critical infrastructure Assist in the review and analysis of physical/technical security for critical infrastructure Convey local concerns and sensitivities to DHS and other Federal agencies Relay disconnects between local, regional, and national protection activities Communicate requests for Federal training and exercises
Protected Critical Infrastructure Information (PCII) Program The PCII Program is an important tool to encourage industry to share their sensitive critical infrastructure information Established under the Critical Infrastructure Information Act of 2002, the PCII Program protects voluntarily submitted critical infrastructure information from: Freedom of Information Act (FOIA) State and local sunshine laws Civil litigation proceedings Regulatory usage Provides private sector with legal protections and “peace of mind”
Examples of Critical Infrastructure Information (CII) Protected information defined by the CII Act includes: Threats ― Actual, potential, or threatened interference with, attack on, compromise of, or incapacitation of a critical asset Vulnerabilities ― Ability to resist threats, including assessments or estimates of vulnerability Operational experience ― Any past operational problem or planned or past solution including repair, recovery, or extent of incapacitation Any information normally available in the public domain will not be protected
Enhanced Critical Infrastructure Protection (ECIP) ECIP Initiative Identifies facilities’ physical security, security forces, security management, protective measures, information sharing, and dependencies Provides comparison across like assets and tracks implementation of new protective measures Informs facility owners/operators of the importance of their facilities as an identified high-priority infrastructure and the need to be vigilant Establishes/enhances relationships with facility owners/operators ECIP Surveys Over 1,400 ECIP surveys conducted to date Apply weighted scores to identify vulnerabilities and trends for infrastructure and sectors and conduct sector-by-sector and cross-sector vulnerability comparisons Facilitate the consistent collection of facility security information Provide information for protective measures planning and resource allocation Enhance overall capabilities, methodologies, and resource materials for identifying and mitigating vulnerabilities
ECIP Survey Data Categories Facility Information Contacts Facility Overview Information Sharing Protective Measures Assessment Criticality Security Management Profile Security Areas/Assets Additional DHS Products/Services Criticality Appendix Images Security Force Physical Security Building Envelope Delivery/Vehicle Access Control Parking Site’s Security Force IDS/CCTV Access Control Security Lighting Cyber Vulnerability Dependencies **** Comparative analysis provided
ECIP Survey Tool Web-based vulnerability survey tool that applies weighted scores to identify vulnerabilities and trends for infrastructure and across sectors Facilitates the consistent collection of security information Physical Security, Security Force, Security Management, Information Sharing, Protective Measures, Dependencies The tool allows DHS to: Identify and document critical infrastructure overall security Provide information for protective measures planning and resource allocation Facilitate government information sharing Enhance its ability to analyze data and produce improved metrics
Weighting Process and Participants Scoring for Physical Security, Security Management, and Security Force was conducted using a working group comprised of: Physical security experts Scientists Mathematicians Sector representatives Owners and operators of facilities being weighted Weights validated using a separate panel of representatives. Example: Fences Aluminum chain link fence 7 foot height With outriggers Barbed wire Fence Protective Measures Index = 71 Wood fence 6 foot height Partial clear zone Fence Protective Measures Index = 13
ECIP Deliverables Notional Information
Facility Executive Summary Executive Summary (ExSum) Provides the security director a briefing tool to easily convey information to senior leadership and decision makers. Information identifies the sector, sub-sector, segment, and sub-segment high, low, average, and facility scores. The ExSum provides the ability to rapidly convey the overall Protective Measure Index (PMI) and specific area PMIs. Notional Information
Dashboards and Information Sharing Areas individually separated into Physical Security, Security Management, Security Force, Information Sharing, and Protective Measures. Owner/Operator can make adjustments and see improvements to individual area and overall protective measure index (PMI). Greater understanding of the most significant changes and trends. Notional Information
Dashboard – Physical Security Example Notional Information
Other Products and Resources InfraGard Homeland Security Information Network (HSIN) Vulnerability Assessments Infrastructure Protection Report Series Bomb-making Materials Awareness Program TRIPwire & Security Training DHS United States Computer Emergency Readiness Team (US-CERT) DHS Daily Open Source Infrastructure Report DHS Active Shooter Documents Random Security Measures Pandemic Influenza Guidance
InfraGard InfraGard http://www.infragard.net InfraGard is an information-sharing and analysis effort serving the interests and combining the knowledge base of a wide range of members. At its most basic level, InfraGard is a partnership between the Federal Bureau of Investigation and the private sector InfraGard is an association of businesses, academic institutions, State and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the United States
Homeland Security Information Network-Critical Sectors (HSIN-CS) HSIN is DHS’s primary technology tool for trusted information sharing HSIN enables direct communication between DHS, Federal, State and local government, and infrastructure owners and operators Operated by DHS Office of Operations Coordination (OPS), HSIN is an Internet-based “portal” technology enabling encrypted communications with individually vetted members of secure “Communities of Interest (COI)” HSIN-CS leverages the HSIN system. IP contributes to the HSIN technical infrastructure and supports the unique needs of the CS program As a part of HSIN, HSIN-CS can leverage economies of scale to allow users to collaborate across “COIs” HSIN is DHS’s primary technology tool for trusted information sharing HSIN enables direct communication between DHS, federal, state and local government, and CI owners and operators Operated by DHS Office of Operations Coordination (Ops); architectural oversight by DHS/CIO HSIN is an Internet-based “Portal” technology enabling encrypted communications with individually vetted members of secure “Communities of Interest (COI)” HSIN-CS leverages the HSIN system. IPD contributes to the HSIN technical infrastructure, and supports the unique needs of the CS program As a part of HSIN, HSIN-CS is able to leverage economies of scale, and users are able to collaborate across “COIs”
Vulnerability Assessment Programs Buffer Zone Protection Program (BZPP) Buffer zone is the area outside a facility that can be used by an adversary to conduct surveillance or launch an attack A infrastructure protection grant program targeted to local law enforcement Provides funding to local law enforcement for equipment acquisition and planning activities to enhance security capabilities in protecting the highest risk critical infrastructure sites Supports the development of effective preventive/protective measures that make it more difficult for terrorists to conduct surveillance or launch attacks from the immediate vicinity of critical infrastructure Site Assistance Visit (SAV) Brings together Federal partners, State and local law enforcement, other emergency responders, and critical infrastructure owners and operators to conduct an “inside the fence” assessment Identifies critical assets, specific vulnerabilities, protective measures, and dependencies and interdependencies Provides options for consideration for improving security
Infrastructure Protection Report Series Increase awareness and improve understanding of infrastructure protection Characteristics and Common Vulnerabilities Potential Indicators of Terrorist Activity Protective Measures Common Characteristics Consequences of Events Common Vulnerabilities Surveillance Indicators Surveillance Objectives Transactional and Behavioral Indicators General Protective Measures Options Specific Protective Measures Options per HSAS Level In most cases we can provide copies. After visiting three to five sites (the number may vary depending on the complexity of the site) within each NAL sector and segment, we develop a report listing characteristics and common vulnerabilities and a report listing potential indicators of terrorist activity. The CCV and PI reports are kept in a national database and used by state and federal agencies to gain sector and segment specific knowledge. Distribute copies CV/PI/PM: Characteristics and Common Vulnerabilities (CV) reports provide insights into the common characteristics, the general vulnerabilities, and likely consequences of an attack for representative facilities in a given sector Potential Indicators of Terrorist Activity (PI) reports identify possible signs of an attack to better facilitate early detection, reporting, and prevention of terrorist activities on a sector-by-sector basis Protective Measures (PM) reports describe likely terrorist objectives, methods of attack and corresponding protective measures and their implementation in accordance with the Homeland Security Advisory System, on a sector-by-sector basis All three are available for use by law enforcement personnel upon request, and as appropriate, to private sector representatives DHS has produced reports for 142 different asset types, including: Casinos, convention centers, hotels, education facilities, office buildings, shopping malls, stadiums, theme parks, residential buildings, and other commercial sector assets
Bomb-Making Materials Awareness Comprehensive effort to educate law enforcement and private sector suppliers of materials used in the manufacture and construction of IEDs, of the potential risks associated with the sale or theft of those products Point-of-Sale Awareness Notification Processes Supply Chain Awareness Law Enforcement Training Material Facilitates partnerships between local law enforcement and private sector Encourages the retail industry to take an active role in bombing prevention efforts at little or no cost
TRIPwire and TRIPwire Community Gateway TRIPwire - online unclassified network for law enforcement having bombing prevention responsibilities to discover and share tactics, techniques, and procedures of terrorist IED use Combines expert analysis with relevant documents gathered from terrorist sources to assist law enforcement anticipate, identify and prevent IED incidents TRIPwire Community Gateway brings timely bombing prevention awareness information and analysis to the private sector with bombing prevention responsibilities Responds to increasing private sector demand for bombing prevention information and assistance Leverages content, expertise, and reputation of the existing TRIPwire system Shares information on common site vulnerabilities, potential threat indicators, and effective protective measures to the 18 critical infrastructure sectors through HSIN-CS
Risk Mitigation Training Surveillance Detection Course Provides a guideline for mitigating risks to critical infrastructure through developing, applying, and employing protective measures and the creation of a surveillance detection plan Protective Measures Provides the knowledge and skills to understand common vulnerabilities and employ effective protective measures to enhance commercial sector awareness on how to devalue, detect, deter, and defend facilities from terrorism Private Sector Counterterrorism Awareness Workshop Provides private sector security professionals with current strategies on soft target awareness, surveillance detection, and IED recognition, and outlines specific counterterrorism awareness and prevention actions that reduce vulnerability and mitigate the risk of domestic terrorist attacks Soft Target Awareness Course Provides private sector security and safety personnel terrorism awareness, prevention, and protection information IED Awareness Workshop Provides a basic awareness of IED prevention measures and planning protocols and the current technology and trends that characterize IEDs
How Can You Help? Engage with your Protective Security Advisors to facilitate protective actions and establish priorities and the need for information Assist in efforts to identify, assess, and secure critical infrastructures in your community Communicate local critical infrastructure protection related concerns Business and economic ramifications of actions Issues unique to the community
Summary Success will depend in part on the strength of our partnership Our approach to addressing the terrorism threat will be a long term, ongoing project of the highest priority This effort will require the highest degree of vigilance and dedication from all of us
For more information visit: www.dhs.gov/criticalinfrastructure