Securing the Chemical Sector:

Similar documents
The Office of Infrastructure Protection

The Office of Infrastructure Protection

The Office of Infrastructure Protection

Canadian Chemical Engineering Conference Edmonton, Alberta October 30, 2007

2008 National Ag Safety School. Richard Gupton Vice President, Legislative Policy & Counsel Agricultural Retailers Association

The Office of Infrastructure Protection

The Office of Infrastructure Protection

Chemical Facility Anti- Terrorism Standards

Chemical Facility Anti-Terrorism Standards

Chemical Facility Anti-Terrorism Standards. T. Ted Cromwell Sr. Director, Security and

RECENT DEVELOPMENT. Scott Goodman

The Office of Infrastructure Protection

Actions to Improve Chemical Facility Safety and Security A Shared Commitment Report of the Federal Working Group on Executive Order 13650

Implementation of Chemical Facility Anti-Terrorism Standards (CFATS): Issues for Congress

Understanding CFATS: What It Means to Your Business Chemical Facility Anti-Terrorism Standards John C. Fannin III, CPP, LEED AP

Implementation of Chemical Facility Anti-Terrorism Standards (CFATS): Issues for Congress

SECURITY CODE. Responsible Care. American Chemistry Council. 7 April 2011

Statement for the Record. Rand Beers Under Secretary National Protection and Programs Directorate Department of Homeland Security

EXECUTIVE ORDER Chemical Facility Safety and Security: Providing ProtecFon Reduces Risk

Implementation of Chemical Facility Anti-Terrorism Standards (CFATS): Issues for Congress

How AlienVault ICS SIEM Supports Compliance with CFATS

Exhibit A1-1. Risk Management Framework

Written Statement of. Timothy J. Scott Chief Security Officer The Dow Chemical Company

The Ohio State University. Chemical Facility Anti-Terrorism Standards (CFATS) Program

DHS Guidance for the Expedited Approval Program

Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt

The Office of Infrastructure Protection

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

Physical Security Reliability Standard Implementation

GUIDE FOR THE PREPARATION OF SANITIZED AND DERIVATIVE WORK PRODUCTS USING CHEMICAL-TERRORISM VULNERABILITY INFORMATION (CVI)

Example. Section: PS 709 Examples of Calculations of Reduced Hours of Work Last Revised: February 2017 Last Reviewed: February 2017 Next Review:

NORTH AMERICAN ELECTRIC RELIABILITY CORPORATION

The President s National Security Telecommunications. AGENCY: National Protection and Programs Directorate,

ITG. Information Security Management System Manual

Compliance with NIST

National Policy and Guiding Principles

Procedural Instructions Requesting a Transaction Cancellation in the Event of Suspected Fraud

April 2009 Unclassified // For Official Use Only

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

Cybersecurity and Data Protection Developments

Standard COM-002-2a Communications and Coordination

1. Post for 45-day comment period and pre-ballot review. 7/26/ Conduct initial ballot. 8/30/2010

Standard CIP 007 3a Cyber Security Systems Security Management

Critical Cyber Asset Identification Security Management Controls

PIPELINE SECURITY An Overview of TSA Programs

Accelerate GDPR compliance with the Microsoft Cloud

Re: Special Publication Revision 4, Security Controls of Federal Information Systems and Organizations: Appendix J, Privacy Control Catalog

ITG. Information Security Management System Manual

FRAMEWORK MAPPING HITRUST CSF V9 TO ISO 27001/27002:2013. Visit us online at Flank.org to learn more.

Federal Continuous Monitoring Working Group. March 21, DOJ Cybersecurity Conference 2/8/2011

HIPAA COMPLIANCE WHAT YOU NEED TO DO TO ENSURE YOU HAVE CYBERSECURITY COVERED

Monthly Cyber Threat Briefing

Consideration of Issues and Directives Federal Energy Regulatory Commission Order No. 791 June 2, 2014

Information Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV

Summary of FERC Order No. 791

epermits ONLINE INSPECTIONS MANAGEMENT Contractor Instructions etools.cityoflewisville.com/esuite.permits/

DHS Cybersecurity: Services for State and Local Officials. February 2017

ERO Enterprise Strategic Planning Redesign

Guideline 8: Submitting Electronic Funds Transfer Reports to FINTRAC

CYBER SECURITY POLICY REVISION: 12

HIPAA-HITECH: Privacy & Security Updates for 2015

Grid Security & NERC. Council of State Governments. Janet Sena, Senior Vice President, Policy and External Affairs September 22, 2016

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

DFARS Cyber Rule Considerations For Contractors In 2018

REQUEST FOR PROPOSALS Consultant to Develop Educational Materials for the Applied Informatics Team Training

Postal Inspection Service Mail Covers Program

DHS Election Task Force Updates. Geoff Hale, Elections Task Force

TERRORISM LIAISON OFFICER OUTREACH PROGRAM - (TLOOP)

MANUAL OF UNIVERSITY POLICIES PROCEDURES AND GUIDELINES. Applies to: faculty staff students student employees visitors contractors

Session 2: CORSIA MRV System: Monitoring of CO 2 Emissions. ICAO Secretariat

Standard CIP 007 4a Cyber Security Systems Security Management

DATA PROTECTION LAWS OF THE WORLD. Bahrain

DFARS Defense Industrial Base Compliance Information

Regulating Cyber: the UK s plans for the NIS Directive

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

IMPROVING CYBERSECURITY AND RESILIENCE THROUGH ACQUISITION

DSS in Transition RMS Pilot

WHITE PAPER- Managed Services Security Practices

Cyber Risks in the Boardroom Conference

VPAT. Voluntary Product Accessibility Template. Version 1.3

Framework for Improving Critical Infrastructure Cybersecurity

CPD Summary Guide Version:3.1

PilieroMazza Webinar Preparing for NIST SP December 14, 2017

New Brunswick 2018 Annual Implementation Plan Version 1

Cyber Security Program

FedRAMP: Understanding Agency and Cloud Provider Responsibilities

Financial Planning Institute of Southern Africa SETTING THE STANDARD. Continuous Professional Development (Cpd) Policy

Request for Information Strategies to Improve Maritime Supply Chain Security and Achieve 100% Overseas Scanning

New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines

Registration Instructions

FIJIAN ELECTIONS OFFICE SYSTEM CONSULTANCY AUDIT. Expression of Interest (EOI) (04/2017)

Union Bank s NMLS REGISTRATION GUIDE. PREVIOUSLY REGISTERED Mortgage Loan Originator (MLO)

Internal Audit Report. Electronic Bidding and Contract Letting TxDOT Office of Internal Audit

Article I - Administrative Bylaws Section IV - Coordinator Assignments

Information Systems Security Requirements for Federal GIS Initiatives

Securities and Exchange Commission. revisions to the Electronic Data Gathering, Analysis, and Retrieval System ( EDGAR ) Filer

Continuous Professional Development (CPD) Manual

Why you should adopt the NIST Cybersecurity Framework

Case 1:98-cv CKK Document Filed 06/15/2006 Page 1 of 7 IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF COLUMBIA

Quadrennial Homeland Security Review (QHSR) Ensuring Resilience to Disasters

Transcription:

Securing the Chemical Sector: An Outline of the Chemical Security Program Flexible Packaging Association January 24, 2008

Agenda!Chemical Facility Anti-Terrorism Standards (CFATS): An Overview!Appendix A!Risk Based Performance Standards (RBPS)!Chemical Security Assessment Tool (CSAT)!Chemical-terrorism Vulnerability Information (CVI)!Roll Out!CSAT Help Desk 2

Chemical Facility Anti-terrorism Standards (CFATS): Overview!Section 550 of the DHS Appropriations Act of 2007 gave the Department the authority to regulate the security of high risk chemical facilities.!dhs was given 6 months to plan, build, and implement a complex and extensive new regulatory regime.!dhs first put a proposed version of the rule out for public comment in December 2006. DHS reviewed comments received and incorporated many into the Interim Final Rule.!The DHS final chemical facility security regulatory regime the Chemical Facility Anti-Terrorism Standards (CFATS) Interim Final Rule was published on April 9, 2007, and went into effect on June 8, 2007.!CFATS is risk-based and requires covered facilities to fulfill certain risk based performance standards on security. 3

Chemicals of Interest: Appendix A!DHS will identify the universe of potentially high risk facilities using its Chemicals of Interest (COI) list or Appendix A.!A chemical facility that possesses any Appendix A chemical at or above its screening threshold quantity (STQ) must complete and submit a CSAT Top-Screen to DHS.!Appendix A was out for public comment until May 9, 2007, and DHS received thousands of comments that influenced the final Appendix A, published on November 20, 2007.!The final version of Appendix A will enable DHS to meet its mandate and also facilitate industry compliance. 4

CFATS and Risk Based Performance Standards (RBPS)!RBPS serve as the security building blocks for the CFATS program.!rbps drive the security performance at facilities in each of the four riskbased tiers.!rbps provide facilities with flexibility and allow for the use of existing measures, ideas and expertise.!rbps cover various aspects of security.!a facility only has to meet those RBPS that apply to it. 5

Chemical Security Assessment Tool (CSAT)!CSAT is the IT backbone of the CFATS program and has 3 main components.!top-screen Places a facility in a preliminary tier or determines that it is excluded from the regulation.!security Vulnerability Assessment (SVA) Assesses security measures in place that mitigate or reduce the likelihood of success of an attack on an asset.!site Security Plan (SSP) Captures specific security measures the facility has or will implement to meet the applicable risk-based performance standards (RBPS).!User Registration and the Top-Screen are now operational.!sva and SSP are being prepared for deployment.!the Personnel Surety Portal will be added to CSAT in 2008. 6

Chemical-terrorism Vulnerability Information (CVI)!The Advance Notice explained the creation of a new category of information protection, CVI, and set forth the rules governing its maintenance, handling, and disclosure.!dhs provides CVI training and certification.!all CVI materials must be appropriately marked, handled, and stored.!eligible Persons to use CVI: Facility employees Federal employees, contractors, and grantees State/local government employees!violation of CVI rules is grounds for a civil penalty and/or other enforcement or corrective action by DHS and appropriate personnel actions for Federal employees. 7

CFATS Roll Out!Phase 1 Focuses on facilities most likely to be high risk. CSCD is engaged and working with phase 1 facilities.!phase 2 began with the publication of final Appendix A All facilities with chemicals of interest at or above the STQs in final Appendix A officially start completing and submitting Top-Screens, which were due January 22, 2008. 8

CSAT Help Desk Contact Information!The CSAT Help Desk tool-free number is 1-866-323-2957 Hours of Operation are 7:00AM 7:00PM, Monday through Friday. The Help Desk is closed for Federal Holidays.!The CSAT Help Desk email address is CSAT@DHS.gov 9

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback