Utilizing Terrorism Early Warning Groups to Meet the National Preparedness Goal. Ed Reed Matthew G. Devost Neal Pollard

Similar documents
Introduction to the National Response Plan and National Incident Management System

National Incident Management System and National Response Plan. Overview

The Office of Infrastructure Protection

National Preparedness System (NPS) Kathleen Fox, Acting Assistant Administrator National Preparedness Directorate, FEMA April 27, 2015

Sharing of Information & Intelligence on the Importation & Transportation of Food

Civil Air Patrol. National Incident Management System (NIMS) 2016 Refresh Lt Col Bob Ditch HQ CAP/DOSI CITIZENS SERVING COMMUNITIES

EMERGENCY SUPPORT FUNCTION (ESF) 13 PUBLIC SAFETY AND SECURITY

NATIONAL CAPITAL REGION HOMELAND SECURITY STRATEGIC PLAN SEPTEMBER 2010 WASHINGTON, DC

Overview of the Federal Interagency Operational Plans

JSC THE JUSTICE & SAFETY CENTER. Snapshot 2014

STRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government

National Preparedness System. Update for EMForum June 11, 2014

Member of the County or municipal emergency management organization

Technology Advances in FEMA Response and Recovery to Disasters

National Preparedness Goal. December 2005 D R A F T

TSA/FTA Security and Emergency Management Action Items for Transit Agencies

2 ESF 2 Communications

FEMA Update. Tim Greten Technological Hazards Division Deputy Director. NREP April 2017

Office of Infrastructure Protection Overview

Quadrennial Homeland Security Review (QHSR) Ensuring Resilience to Disasters

STATE OF CALIFORNIA HOMELAND SECURITY STRATEGY 2008

Department of Homeland Security

Section 1 Metrics: Community Adoption

Emergency Management Response and Recovery. Mark Merritt, President September 2011

Business Continuity: How to Keep City Departments in Business after a Disaster

Critical Infrastructure Protection and Suspicious Activity Reporting. Texas Department of Public Safety Intelligence & Counterterrorism Division

THE WHITE HOUSE. Office of the Press Secretary. EMBARGOED UNTIL DELIVERY OF THE PRESIDENT'S February 12, 2013 STATE OF THE UNION ADDRESS

How AlienVault ICS SIEM Supports Compliance with CFATS

Emergency Support Function #2 Communications Annex INTRODUCTION. Purpose. Scope. ESF Coordinator: Support Agencies: Primary Agencies:

The Office of Infrastructure Protection

Hazard Management Cayman Islands

Oregon Department of Justice

Homeland Security and Geographic Information Systems

Federal Emergency Management Agency

UNCLASSIFIED. September 24, In October 2007 the President issued his National Strategy for Information Sharing. This

National Policy and Guiding Principles

June 5, 2018 Independence, Ohio

Disaster Acronyms and Glossary

The Office of Infrastructure Protection

MULTI-YEAR TRAINING AND EXERCISE PLAN. Boone County Office of Emergency Management

Kenneth Brown, Facilitator

Community-Based Water Resiliency

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

STRATEGIC PLAN. USF Emergency Management

Statement for the Record

2014 Sector-Specific Plan Guidance. Guide for Developing a Sector-Specific Plan under NIPP 2013 August 2014

Domestic Nuclear Detection Office (DNDO) DNDO Overview

National Strategy for CBRNE Standards

The Bay Area Compendium of Core Capabilities

GIS in Situational and Operational Awareness: Supporting Public Safety from the Operations Center to the Field

Bundling Arrows: Making a Business Case for Adopting an Incident Command System (ICS) 2012 The Flynt Group, Inc.; All Rights Reserved. FlyntGroup.

Threat and Hazard Identification and Risk Assessment (THIRA) In Progress Review (IPR) July 2012

S&T Stakeholders Conference

Testimony. Christopher Krebs Director Cybersecurity and Infrastructure Security Agency U.S. Department of Homeland Security FOR A HEARING ON

New Madrid Earthquake Catastrophic Planning Project Overview

DHS Emergency Services Sector Presents Tools and Resources for First Responders. June 1, pm ET

STRATEGIC PLAN VERSION 1.0 JANUARY 31, 2015

Integrated Consortium of Laboratory Networks (ICLN) Brief to the NPDN National Meeting

BUILD AND MAINTAIN SAFE COMMUNITIES WITH ARCGIS ONE PLATFORM, MANY MISSIONS

Health Information Exchange. A Key Concept for Biosurveillance

National Counterterrorism Center

COUNTERING IMPROVISED EXPLOSIVE DEVICES

Health Information Exchange. A Key Concept for Biosurveillance

Good morning, Chairman Harman, Ranking Member Reichert, and Members of

Mission Statement: Cuyahoga County Department of Justice Affairs

The National Network of Fusion Center: Where We Have Been and Where We are Going

2013 STRATEGIC PLANNING SCHEDULE

Kansas City s Metropolitan Emergency Information System (MEIS)

Developing a National Emergency Telecommunications Plan. The Samoan Experience November 2012

Long-Term Power Outage Response and Recovery Tabletop Exercise

HOMELAND SECURITY GRANT PROGRAM

Science & Technology Directorate: R&D Overview

National Response Plan & Nuclear/Radiological Incident Annex. OSC Readiness Training November 17, 2004

Status Update from the Department of Transportation

Emergency Support Function #12 Energy Annex. ESF Coordinator: Support Agencies:

Mississippi Emergency Management Agency. Brittany Hilderbrand & Kamika Durr. Office Of Preparedness

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

2017 SPRING INTERNSHIP PROGRAM OPPORTUNITY

Theme: Transforming HSE Culture for a Resilient Future

National Level Exercise 2018 After-Action Findings

NEBRASKA STATE HOMELAND SECURITY STRATEGY

Mississippi Emergency Management Agency. Shawn Wise. Office Of Preparedness

Strategic Foresight Initiative (SFI)

CYBERSECURITY TRAINING EXERCISE KMU TRAINING CENTER NOVEMBER 7, 2017

TERRORISM LIAISON OFFICER OUTREACH PROGRAM - (TLOOP)

Chapter 1. Chapter 2. Chapter 3

The Office of Infrastructure Protection

April 5, Subject: DHS Multi-Agency Operation Centers Would Benefit from Taking Further Steps to Enhance Collaboration and Coordination

Homeland Security & All-Hazards Senior Advisory Committee (H-SAC)

Corporate Security & Emergency Management Summary of Submitted 2015 Budget From Rates

Cyber Security Technologies

DHS Supply Chain Activity: Cross-Sector Supply Chain Working Group and Strategy on Global Supply Chain Security

DHS S&T supports National Level Exercise 2011 using SUMMIT

Louisiana - State Analytical & Fusion Exchange (LA-SAFE)

Florida Regional Domestic Security Task Forces

NFPA 3000 (PS) Standard for an Active Shooter / Hostile Event Response (ASHER) Program IT S A BIG WORLD. LET S PROTECT IT TOGETHER.

The Office of Infrastructure Protection

Emergency Operations Center Management Exercise Evaluation Guide

DHS FEMA Region IX Response Operations

Executive Order on Coordinating National Resilience to Electromagnetic Pulses

Transcription:

Utilizing Terrorism Early Warning Groups to Meet the National Preparedness Goal Ed Reed Matthew G. Devost Neal Pollard May 11, 2005

Vision The Terrorism Early Warning Group concept fulfills the intelligence requirements outlined in Homeland Security Directive 8: Interim National Preparedness Goal. Existing and emerging TEWs can serve as a foundation for a national intelligence sharing and analysis network bringing critical information and capabilities to local jurisdictions. This paper articulates a vision for expanding the Terrorism Early Warning Group (TEW) network that meets the local and national requirements as specified in, Homeland Security Presidential Directive 8: Interim National Preparedness Goal (HSPD-8). This paper contains two core sections; the first of which demonstrates how the TEW concepts meet the requirements of HSPD-8 specifically, those associated with the Goal and in the heart of the Goal, the Target Capabilities List (TCL); the second section describing the vision for utilizing TEW Groups to enhance our national capabilities in this critical area. Introduction to the TEW Concept The TEW Group, a concept first demonstrated in Los Angeles in 1996, facilitates multidiscipline information sharing and intelligence fusion that increases the preparedness of municipal, county, tribal, and state jurisdictions, by providing a process and products that increase awareness of local terrorist threats and consequences, increase the opportunities for early warning of terrorist attack, and - in time of crisis provide operational net assessment, technical expertise reach back, and intelligence support to the incident commander. The TEW concept also contributes to national goals of homeland security, by providing an organizational model that can facilitate implementation of the National Incident Management System (NIMS), and help achieve the interim national preparedness goals directed by Homeland Security Presidential Directive 8. Domestic predictive intelligence is the foundation of TEW operations and is built on four key functions: Vulnerability Analysis, Threat Modeling, Indications and Warning, and Situation Awareness. Predictive intelligence hinges on the notion that terrorist s attacks do not occur in a single, isolated moment in time, but rather an attack is the culminating action of a series of distinct, knowable and observable activities. Getting out in front of an attack prevention requires security and law enforcement agencies to have a comprehensive understanding of the potential threat s path to violence. Achieving this understanding is the product of a detailed set of processes tied to the predictive intelligence functions. The effort highlights the activities that make up a potential threat element s course of action over time Vulnerability Analysis and Threat Modeling. These highlighted activities make up the tips and indications domain, defining the set of those things that can be observed Indications and Warning and Situation Awareness. As such, predictive intelligence provides the basis of true readiness, and DISTRIBUTION DRAFT 2/8

while emphasizing prevention; it is also a critical component of an effective response capability by providing support to incident commanders and crisis leadership. The TEW deciphers indications and warning elements and links them to operational decisions required by decisions makers to prevent, prepare or respond to a terrorist attack. The Intelligence Preparation for Operations (IPO) concept is tailored into a predictive intelligence tool that meets the needs of an Emergency Operations Center or Incident Commander preparing or responding to an act of terrorism. Through the IPO process, a TEW identifies the critical information requirements needed in order to develop a situational awareness of potential crisis events developing within their jurisdiction. The approach includes participation of subject matter experts from Law Enforcement, Fire, Health and Emergency Medical Services within the NIMS Incident Command System. TEW personnel use a Net Assessment technique that pulls together all-source and all discipline information in the effort to identify an event horizon far before an actual attack can occur. TEW Meeting the Requirement of HSPD-8 The TEW as currently established meets many of the requirements in HSPD-8. For example:! It is a multi-jurisdictional jurisdiction-wide group with the core mission to serve as the focal point for analyzing the strategic and operational information (TCL#17) needed to respond to terrorism and protect critical infrastructure (TCL#5).! In carrying out this mission, the TEW is responsible for information sharing (TCL#16), intelligence fusion (TCL# 17), detailed response planning (TCL# 25), and operational net assessment in support of NIMS incident command system (TCL# 8).! TEWs monitor trends and assess threats (TCL#15) that could result in terrorist attacks in specific jurisdictions.! TEW members evaluate media reports, information from federal, state, and local agencies, and additional open-source information (including input from local subject-matter experts and academicians) to determine threat credibility and impact (TCL# 17).! As part of the intelligence assessment, TEWs identify pre-cursor events of terrorism so that prevention and mitigation efforts can be initiated (TCL# 32).! The TEW also can serve to establish protocols to identify and distinguish those threats credible enough to warrant a response, and what level of response is required (TCL# 16). This has an added benefit of cost savings to local jurisdictions, as the TEW provides more complete information that can be used to calibrate the level of response necessary (TCL# 8), as opposed to sending a full force to every suspected incident. DISTRIBUTION DRAFT 3/8

Meeting the Target Capabilities List The figure below describes how the TEW concept meets the guidance on the specific capabilities and levels of capabilities that Federal, State, local and tribal entities will be expected to develop and maintain. The current Target Capabilities List (TCL) identifies 36 capabilities; the TEW concept being expanded to UASI cities nation-wide fully meets at least 11 of those specific capabilities. (See Figure below) TEW Groups Meeting Requirements in National Preparedness Goal Required Capabilities TEW Capability 5. Critical Infrastructure Protection A TEW collects & stores critical site data & characteristics about critical locations within a jurisdiction for use in planning or response to an incident. In collecting this information, site assessments are perform that identify weakness, requiring corrective measures. The collected information is used to build preplans that provide critical information required for an effective response to an attack. 6. Critical Resource Logistics and Distribution During a crisis, the TEW provides informational products to incident commanders to include, operational net assessment of resource requirements. Specifically this information becomes part of the TEW mission folder, provided to the Incident Commander, as he and his staff plan the response to an attack. 8. Emergency Operations Center Management The TEW provides the EOC with the impact of the attack on the operational area, gauge resource needs, monitors & assess situational status & develops courses of actions for incident resolution. The TEW concept fully supports NIMS ICS by integrating into the Plans Sections, during a response. 11. Explosive Device Response Operations Playbooks are developed by TEW Groups as guidance for responding to specific classes of threat to selected critical location. Playbooks include response to, explosive device, chemical release, & radiological event. 15. Information Collection and Threat Recognition A TEW specifically works with non-traditional & other intelligence partners, to collect & analyze information. Its indications & warning functions relies upon scanning & monitoring open source intelligence for trends & potentials and fusing other available data. The TEW provides predictive intelligence as the basis of true readiness, while emphasizing prevention. 16. Information Sharing and Collaboration Shared TEW products before & during an incident provide all responders with a common operating picture. These TEW produced products allow responders to synchronize their efforts & ensure interoperability. DISTRIBUTION DRAFT 4/8

17. Intelligence Fusion and Analysis The TEW mission is to provide the incident decision makers with actionable & analyzed information, drawn from multiple sources. TEW net assessment process produces viable courses of action for selection and execution. A TEW identifies the critical information requirements needed in order to develop as situational awareness of potential crisis events developing within a jurisdiction for use in preventing or responding to a terrorist attack. 25. Planning A TEW develops response plans for specific targets, providing responders with detailed knowledge during the planning process, knowledge that is tailored to the specific critical location. These response folders are the end state of the TEW vulnerability analysis process and represent detailed guides for the development of mission folders during a response. 26. Public Health Epidemiological Investigation and Laboratory Testing The Epi-Intel cell in the TEW Group provides the disease surveillance (human, veterinary & food surety) to the incident decision makers. This TEW cell is responsible for real-time disease surveillance and coordination with the disease investigation. 32. Terrorism Investigation and Intervention The TEW compliments the jurisdictions JTTF, as the core mission of a TEW Group is to serve as the focal point for analyzing the strategic and operational information needed to respond to terrorism and protect critical infrastructure. A terrorist attack is culminating action with distinct and observable actions. Predictive intelligence is the foundation of TEW operations, deciphering indications and warning allows security and law enforcement to intervene or prevent an attack. 35. WMD/Hazardous Materials Response and Decontamination Playbooks are developed by TEW Groups as guidance for responding to specific classes of threat to a selected critical location. Playbooks include response to a WMD device, including a chemical release, & radiological event Towards a National TEW Network Today, TEWs exist along the West Coast from San Diego to Pierce County, WA, with others emerging in Tulsa, Albuquerque, Denver, New Orleans, Miami and the National Capital Region (Washington, DC). The Office for Domestic Preparedness is sponsoring a project to expand the TEW concept to UASI cities nationwide, in hopes that those cities will establish a TEW-like activity in their own jurisdictions. The TEW concept represents a low-cost and scalable way for local jurisdictions to organize their information efficient, plan for crises, and provide their emergency responders with the intelligence needed to respond to any DISTRIBUTION DRAFT 5/8

catastrophe natural or man-made. As TEWs proliferate across the nation, their close linkages as part of a common concept will provide the foundation for a true homeland security intelligence-sharing network. Our Nation is faced with fighting an ever-changing terrorist network. The TEW concept allows local, state and federal agencies to combat the terrorist network with a vehicle for analysis of operational information needed to combat terrorism by strengthening the preparedness of local jurisdictions to prevent, protect against, respond to, and recover from terrorist attacks or major disasters. The TEW network, as it expands across the Nation will provide early detection of emerging threats and allow information sharing and collaboration within a trusted network of liked minded nodes in the major population centers, across regions and even, in some cases, at a state-wide level. It will also ensure that a multi-discipline intelligence resource is available to incident commanders and leadership prior to or in the event of a catastrophic terrorism event. As TEW Groups continue to emerge, the goal is to establish a secure information sharing and collaboration tools for TEW Groups, to provide early warning and forecasting tools, digital archiving, and virtual reach back to aid prevention and response initiatives. The existing and emerging national TEW Groups must be leveraged to help define the information sharing capabilities required to meet their requirements and those established in HSPD-8 to establish this network. This requirements definition should follow the model already used to guide R&D activities within DHS and should be driven from the bottom-up (first responders) not the top down. Conclusion The TEW concept achieves the requirements in HSPD-8 to establish measurable readiness priorities, that appropriately balance the potential threat and magnitude of terrorist attacks, major disasters, and other emergencies with the resources required to prevent, respond to and recover from them. The TEW concept fully meets 11 of the 36 target capabilities outlined in the National Preparedness Goal. The existing TEWs have repeatedly demonstrated both qualitative and quantitative performance measures of the 11 capabilities through performance of critical tasks during actual operations, training and exercises. Recommendations In order to meet the requirements of HSPD-8, the Department of Homeland Security should: - Implement the TEW concept as a national model for information sharing and intelligence fusion. - Invest in opportunities to determine how the TEW model integrates with other homeland security initiatives, such as NIMS. - Determine capability requirements for technologies that enable intelligence fusion and information sharing within and between TEW groups. These capability DISTRIBUTION DRAFT 6/8

requirements must be derived from operational requirements with a bottom-up approach similar to that utilized for the Project Responder: National Technology Plan for Emergency Response to Catastrophic Terrorism. COMMENTS OR QUESTIONS: Ed Reed Terrorism Research Center, Inc. reed@terrorism.com www.terrorism.com SOURCES FOR MORE INFORMATION: Brochure - Office for Domestic Preparedness, "Terrorism Early Warning Group Intelligence Coordination Between Federal, State and Local Agencies" FY2004 ODP Case Study - L.A. Terrorism early Warning Group SLGCP Paper - TEW Profile: "Pierce County, Washington Terrorism Early Warning Task Force" Lessons Learned Information Sharing - Best Practice Series "Local Anti-Terrorism Information and Intelligence Sharing" DISTRIBUTION DRAFT 7/8

APPENDIX A TEW SCENARIO DEMONSTRATING HOW THE TEW CONCEPT MEETS THE HSPD-8 GOALS Under Development DISTRIBUTION DRAFT 8/8

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback