U.S. Department of Homeland Security Protective Security Coordination Division Pete Owen, Protective Security Advisor Brief to CA-NV-AWWA March 31, 2010
Goal for this afternoon The National Infrastructure Protection Plan The Role of the Protective Security Coordination Division How we can help members of the CA-NV-AWWA 2
The National Infrastructure Protection Plan
HSPD-7, the National Infrastructure Protection Plan, and the Water Sector-Specific Plan 4
Critical Infrastructure and Key Resources Critical Infrastructure : Agriculture and Food Key Resources Commercial Facilities Commercial Nuclear Reactors, Materials, and Waste Dams Government Facilities Banking and Finance Chemical Critical Manufacturing Defense Industrial Base Water Emergency Services Energy Information Technology Nat l Monuments & Icons Postal and Shipping Public Health & Healthcare Telecommunications Transportation Systems 5
CI in the Water Sector Raw Water Supply, Storage & Transmission Water Treatment Facilities Treated Water Storage & Distribution Systems Treated Water Monitoring Systems & Distribution Control Centers Wastewater Treatment Facilities Dam Sector: Reservoir Dam Projects 6
Sector Partnership Model Critical infrastructure protection and resiliency are the shared responsibilities of Federal, State, local, tribal, and territorial governments, regional coalitions, and the owners and operators of the Nation s CIKR NIPP outlines their roles & responsibilities Also describes the information-sharing environment & communications
Example: Water Sector Lead Federal Agency: Environmental Protection Agency SCC: Water Sector Coordinating Council (WSCC) WSCC mission: To serve as a policy, strategy, and coordination mechanism and recommend actions to reduce and eliminate significant homeland security vulnerabilities to the water sector through interactions with the Federal government.
NIPP Risk Management Framework
Security Goals for the Water Sector Sustain protection of public health and the environment. Recognize and reduce risks. Maintain a resilient infrastructure. Increase communication, outreach, and public confidence.
The Role of the Protective Security Coordination Division
PSCD Programs Everything we do is voluntary Everything we do is free We do everything in partnership with state & local agencies Everything we collect is safeguarded PCII
PSCD Programs and Initiatives Office for Bombing Prevention (OBP) DHS lead for bombing prevention activities Seeks to reduce the Nation s risk to terrorist bombing attacks Vulnerability Assessments Branch (VAB) Conducts vulnerability assessments in partnership with Federal, State, local, and private sector security partners to prevent, deter, and mitigate the risk of a terrorist attack. Field Operations Branch (FOB) Protective Security Advisors (PSAs) in all 50 States and 1 Territory
DHS Office of Bombing Prevention Coordinates national efforts Analyzes IED incidents worldwide Analyzes counter-ied requirements and capabilities Promotes information sharing and IED awareness and vigilance TRIPWire
Bomb-Making Material Awareness Program (BMAP) Developed in partnership with FBI Focus of DHS effort is training and equipping state and local law enforcement and fire fighters. Local officers conduct outreach to commercial retailers, service providers, and chemical distributors & wholesalers. Educates private sector on suspicious behavior, hazardous materials, precursor chemicals, and other bombmaking information.
DHS Vulnerability Assessments Buffer-Zone Protection Program Computer Based Assessment Tool + Site Assist Visit Regional Resiliency Assessment Enhanced Critical Infrastructure Protection visit Detail Man-hours
Protective Security Advisors (PSAs) PSA Locations Anchorage Seattle Bismarck Helena Portland Minneapolis Portland Williston Pierre Manchester Boise Milwaukee Buffalo Cheyenne Omaha Des Moines Boston Detroit Grand Rapids Albany Chicago Cleveland Pittsburgh Harrisburg Salt Lake City Denver Springfield Indianapolis Sacramento Topeka Kansas City St. Louis Northeast Philadelphia Cincinnati Dover Louisville Baltimore Washington, D.C. Charlestown San Francisco Richmond Norfolk Nashville Las Vegas Albuquerque Raleigh Memphis Oklahoma City Little Rock Los Angeles Phoenix Birmingham San Diego Atlanta Mid-Atlantic Columbia Jackson El Paso Denton Dallas Mobile Baton Rouge Houston New Orleans Tallahassee San Antonio Honolulu Gulf Coast Guam Texas Tampa Florida New Haven Newark New York City Providence U.S. Virgin Islands Miami San Juan
PSAs Who we are Link to DHS infrastructure protection resources Risk assessment Information sharing Incident support 18
Who We Are Not Grant administrators Regulators or inspectors Law enforcement 19
How We Assess Risk Risk is a function of Consequences Vulnerability & Threat DHS and our state partners: Identify and prioritize CIKR according to consequences Perform detailed vulnerability assessments of CIKR Assess threats 20
How We Share Information Push intelligence & best practices to our local partners Conduct intelligence analysis Regionally at the fusion center Reach-back to DHS Participate in hazard mitigation planning Provide local context to DHS Coordinate security training and exercises 21
Critical Infrastructure Information Act of 2002 Protects PCII from The Freedom of Information Act (FOIA), State and local disclosure laws, and Use in civil litigation PCII cannot be used for regulatory purposes PCII can only be accessed in accordance with strict safeguarding and handling requirements 22
What PSAs do as the Infrastructure Liaison during an incident or special event Conduct liaison for CIKR between DHS, state & local agencies + the private sector at the field level. Recommend CIKR priorities to the Unified Coordination Group. Provides situational awareness on CIKR to the incident managers. Support prioritization of response and restoration efforts. Leverage private-sector relationships to support response and recovery efforts. 23
How we can help members of the CA-NV-AWWA
Assessing Risk: Infrastructure Surveys aka Enhanced Critical Infrastructure Protection (ECIP) Helps DHS build the national risk picture Provides comparison to similar facilities Based on consistent, objective criteria
Vulnerability Dashboard Facility and Sector Protective Measures Index Physical Security Overall Random Security Measures
Assessing Risk: Buffer Zone Protection Program (BZPP) An infrastructure protection grant program targeted to first responders. Builds terrorism prevention and protection capabilities through planning and equipment acquisition by local law enforcement and first responders. Develops protective measures that make it more difficult for terrorists to conduct surveillance or launch attacks from the immediate vicinity of CIKR.
Assessing Risk: Site Assistance Visits (SAVs) Conducted with federal, state, and local government agencies, and CIKR owners/ operators. Identifies CIKR dependencies, interdependencies, resiliency characteristics, and regional capability gaps. Increases owner/operator awareness of vulnerabilities and provides options for enhancing protective measures. Provides detailed reports to private sector partners used to make security enhancements.
Assessing Risk: Automated Critical Asset Management System (ACAMS) Originally developed by LAPD as Archangel Now administered and funded by DHS Conducted by state in partnership with fusion centers and local law enforcement Not all states & local agencies use this Facilitates emergency planning + response Helps assess consequence + vulnerability
Cyber Assessments Cyber Security Evaluation Tool (CSET) A desktop software tool For both control systems and business/enterprise systems Guides the user through a step-bystep process Assesses cyber systems and network security practices against recognized industry standards Cyber Resiliency Review A technical assist visit Assesses key process areas of cyber security management Facilitated Q&A that identifies and substantiates cyber security performance To learn more: CSET@dhs.gov or www.us-cert.gov/control_systems/
Information Sharing Resources HSIN TRIPwire Infragard Best practices Training
Homeland Security Information Network Secure and trusted web-based platform Sensitive But Unclassified (SBU) information Used by federal, state, local, tribal, private sector Request membership via e-mail to hsin.helpdesk@dhs.gov or 1-866-430-0162 32
TRIPWire (Technical Resource for Incident Prevention) Secure, online information-sharing network Current terrorist bombing tactics, techniques, and procedures, including improvised explosive device (IED) design and emplacement. Access through HSIN Critical Sectors Community Portal
Infragard A partnership between the FBI and the private sector. An association of businesses, academic institutions, state and local law enforcement agencies, and others Dedicated to sharing information and intelligence to prevent hostile acts against the United States
Sharing Best Practices Common Vulnerabilities Potential Indicators of Terrorist Activity Protective Measures Active Shooter material Bombing prevention material All available on TRIPwire
Training Resources Surveillance Detection 3-day course Developing, applying, & employing surveillance detection protective measures Developing a surveillance detection plan Protective Measures 2-day course Provide executives & employees with the knowledge to identify vulnerabilities & select appropriate protective measures for their facility 36
The Department of Homeland Security Control Systems Security Program is offering a one-day introductory training course covering control systems cybersecurity challenges facing the nation s critical infrastructure. The course discusses the importance of securing control systems, how cyber attacks can be launched, and concepts for implementing mitigation strategies. Participants will also gain an understanding of how to start improving the cyber security posture of their control system networks. Specific topics will include: Protecting control systems from cyber attacks and why they are susceptible Risks and potential consequences of cyber attacks Common vulnerabilities in industrial control systems System exposures to attacks, various attack scenarios, and associate mitigation strategies Control System Security Program products and services available to asset owners. When: May 5, 2010 8:00 a.m. to 5:00 p.m. Training Course Introduction to Industrial Control Systems Cybersecurity Where: Saddleback Church, 1 Saddleback Way, Lake Forest, CA 92630 Who may attend: Priority registration will be given to control system and IT professionals associated with operations of critical infrastructure assets in all sectors. Cost: The course is offered at no cost. Travel and accommodations are the responsibility of each participant. Registration: Contact Pete Owen, DHS Protective Security Advisor at peter.owen@dhs.gov. http://www.us-cert.gov/control_systems/index.html May 5, 2010
Questions? Brian Keith Los Angeles CA 213-369-4932 brian.keith1@dhs.gov Donald Ray Los Angeles CA 213-200-0905 donald.ray@hq.dhs.gov Frank Calvillo Sacramento CA 916.203.8995 frank.calvillo@dhs.gov Peter Owen San Diego CA 619-733-9262 peter.owen@dhs.gov Richard Sierze San Francisco CA 415-209-3574 rick.sierze@dhs.gov Richard Stribling San Francisco CA 415-328-8341 richard.stribling@dhs.gov Gonzalo Cordova Las Vegas NV 702-271-5509 gonzalo.cordova@dhs.gov