Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Protective Security Coordination Division.

Similar presentations

Presentation on theme: "The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Protective Security Coordination Division."— Presentation transcript:

1 The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Protective Security Coordination Division Overview Brief

2 IP Vision and Mission  Vision - A safe, secure, and resilient critical infrastructure based on and sustained through strong public and private partnerships  Mission - Lead the national effort to mitigate terrorism risk to, strengthen the protection of, and enhance the all hazard resilience of the Nation’s critical infrastructure 2

3 Protective Security Coordination Division Mission Statement Reduce the risk of the Nation’s critical infrastructure to a terrorist attack by assessing vulnerabilities and consequences; developing, implementing and providing national coordination for protective programs; and facilitating response to and recovery from all hazards 3

4 The Role of Homeland Security  Unify a national effort to secure America  Prevent and deter terrorist attacks  Protect against and respond to threats and hazards to the Nation  Respond to and recover from acts of terrorism, natural disasters, or other emergencies  Coordinate the protection of our Nation’s critical infrastructure across all sectors 4

5 Threats May Come From All Hazards Threats May Come from All Hazards 5

6 National Response Framework 6  Guides how the Nation conducts all-hazards response  Documents the key response principles, roles, and structures that organize national response  Allows first responders, decision makers, and supporting entities to provide a unified national response

7 The Threat We will “hit hard the American economy at its heart and its core.” - Osama bin Laden 7

8 8 Homeland Security Presidential Directive 7 (HSPD-7)  Effective December 17, 2003  Specifies the following key elements of the infrastructure protection mission: – A strategy to identify, prioritize, and coordinate critical infrastructure protection – Descriptions of activities which support each element of the strategy – A summary of initiatives for sharing critical infrastructure information and for providing infrastructure threat warning data – Coordination and integration with other Federal emergency management and preparedness activities – The development of the National Infrastructure Protection Plan

9 9 Critical Infrastructure Defined  Critical Infrastructure – “Systems and assets, whether physical or virtual, so vital that the incapacity or destruction of such may have a debilitating impact on the security, economy, public health or safety, environment, or any combination of these matters, across any Federal, State, regional, territorial, or local jurisdiction.” Source: National Infrastructure Protection Plan 2009

10 10 National Infrastructure Protection Plan (NIPP)  Comprehensive plan and unifying structure for the government and private sector to improve protection and resiliency of critical infrastructure, including –Partnership model and information sharing –Roles and Responsibilities –Risk management framework –Authorities –Integration with other plans –Building a long-term program –Providing resources and prioritizing investments  Contributes to both steady-state risk management and incident management  Drives IP’s programs and activities, and guides those of –Other Federal agencies and departments –State, local, tribal, and territorial governments –Critical infrastructure owners and operators

11 Critical Infrastructure Sectors  Agriculture and Food  Banking and Finance  Chemical  Commercial Facilities  Commercial Nuclear Reactors, Materials, and Waste  Critical Manufacturing  Dams  Defense Industrial Base  Drinking Water and Wastewater Treatment Systems  Emergency Services  Energy  Government Facilities  Information Technology  National Monuments and Icons  Postal and Shipping  Public Health and Healthcare  Telecommunications  Transportation Systems 11

12 12 Critical Infrastructure Protection Challenges  Majority of critical infrastructure assets are privately-owned – DHS has limited legal authority to regulate security practices of private industry (exceptions: high-risk chemical facilities, Transportation Security Administration, US Coast Guard)  DHS works with industry and Federal entities, as well as State, local, tribal, and territorial governments to protect critical infrastructure – Coordinated through the NIPP  To help communities better protect the Nation’s assets, DHS deployed Protective Security Advisors (PSAs) throughout the country

13 13  93 PSAs and Regional Directors, including 87 field deployed personnel, serve as critical infrastructure security specialists  Deployed to 74 Districts in 50 States and Puerto Rico  State, local, tribal, and territorial link to DHS infrastructure protection resources – Coordinate vulnerability assessments, IP products and services, and training – Support response, recovery, and reconstitution efforts of States affected by a disaster – Provide vital link for information sharing – Assist facility owners and operators with obtaining security clearances  During contingency events, PSAs support the response, recovery, and reconstitution efforts of the State(s) by serving as pre-designated Infrastructure Liaisons (IL) and Deputy ILs at the Joint Field Offices (JFO)  Developed over 50,000 individual working relationships with Federal, State, local, tribal and territorial critical infrastructure protection partners Protective Security Advisors (PSAs)

14 PSA Locations 14

15 Value of the PSA Program to You  PSAs: -Support comprehensive risk analyses for critical infrastructure -Assist in the review and analysis of physical/technical security for critical infrastructure -Convey local concerns and sensitivities to DHS and other Federal agencies -Relay disconnects between local, regional, and national protection activities -Communicate requests for Federal training and exercises 15

16 16 Protected Critical Infrastructure Information (PCII) Program  The PCII Program is an important tool to encourage industry to share their sensitive critical infrastructure information  Established under the Critical Infrastructure Information Act of 2002, the PCII Program protects voluntarily submitted critical infrastructure information from: – Freedom of Information Act (FOIA) – State and local sunshine laws – Civil litigation proceedings – Regulatory usage  Provides private sector with legal protections and “peace of mind”

17 17 Examples of Critical Infrastructure Information (CII)  Protected information defined by the CII Act includes: – Threats ― Actual, potential, or threatened interference with, attack on, compromise of, or incapacitation of a critical asset – Vulnerabilities ― Ability to resist threats, including assessments or estimates of vulnerability – Operational experience ― Any past operational problem or planned or past solution including repair, recovery, or extent of incapacitation  Any information normally available in the public domain will not be protected

18 18  ECIP Initiative – Identifies facilities’ physical security, security forces, security management, protective measures, information sharing, and dependencies – Provides comparison across like assets and tracks implementation of new protective measures – Informs facility owners/operators of the importance of their facilities as an identified high- priority infrastructure and the need to be vigilant – Establishes/enhances relationships with facility owners/operators  ECIP Surveys – Over 1,400 ECIP surveys conducted to date – Apply weighted scores to identify vulnerabilities and trends for infrastructure and sectors and conduct sector-by-sector and cross-sector vulnerability comparisons – Facilitate the consistent collection of facility security information – Provide information for protective measures planning and resource allocation – Enhance overall capabilities, methodologies, and resource materials for identifying and mitigating vulnerabilities Enhanced Critical Infrastructure Protection (ECIP)

19 19 ECIP Survey Data Categories  Facility Information  Contacts  Facility Overview  Information Sharing  Protective Measures Assessment  Criticality  Security Management Profile  Security Areas/Assets  Additional DHS Products/Services  Criticality Appendix  Images  Security Force  Physical Security – Building Envelope – Delivery/Vehicle Access Control – Parking – Site’s Security Force – IDS/CCTV – Access Control – Security Lighting  Cyber Vulnerability  Dependencies **** Comparative analysis provided

20 ECIP Survey Tool  Web-based vulnerability survey tool that applies weighted scores to identify vulnerabilities and trends for infrastructure and across sectors  Facilitates the consistent collection of security information –Physical Security, Security Force, Security Management, Information Sharing, Protective Measures, Dependencies  The tool allows DHS to: –Identify and document critical infrastructure overall security –Provide information for protective measures planning and resource allocation –Facilitate government information sharing –Enhance its ability to analyze data and produce improved metrics 20

21 Weighting Process and Participants  Scoring for Physical Security, Security Management, and Security Force was conducted using a working group comprised of: –Physical security experts –Scientists –Mathematicians –Sector representatives –Owners and operators of facilities being weighted  Weights validated using a separate panel of representatives.  Example: Fences – Aluminum chain link fence – 7 foot height – With outriggers – Barbed wire –Fence Protective Measures Index = 71 – Wood fence – 6 foot height – Partial clear zone –Fence Protective Measures Index = 13 21

22 ECIP Deliverables Notional Information 22

23 Facility Executive Summary Executive Summary (ExSum) Provides the security director a briefing tool to easily convey information to senior leadership and decision makers. Information identifies the sector, sub- sector, segment, and sub-segment high, low, average, and facility scores. The ExSum provides the ability to rapidly convey the overall Protective Measure Index (PMI) and specific area PMIs. Notional Information 23

24 Greater understanding of the most significant changes and trends. Areas individually separated into Physical Security, Security Management, Security Force, Information Sharing, and Protective Measures. Owner/Operator can make adjustments and see improvements to individual area and overall protective measure index (PMI). Dashboards and Information Sharing Notional Information 24

25 Dashboard – Physical Security Example Notional Information 25

26 Other Products and Resources  InfraGard  Homeland Security Information Network (HSIN)  Vulnerability Assessments  Infrastructure Protection Report Series  Bomb-making Materials Awareness Program  TRIPwire & Security Training  DHS United States Computer Emergency Readiness Team (US-CERT)  DHS Daily Open Source Infrastructure Report  DHS Active Shooter Documents  Random Security Measures  Pandemic Influenza Guidance 26

27 InfraGard  InfraGard -http://www.infragard.net -InfraGard is an information-sharing and analysis effort serving the interests and combining the knowledge base of a wide range of members. At its most basic level, InfraGard is a partnership between the Federal Bureau of Investigation and the private sectorFederal Bureau of Investigation -InfraGard is an association of businesses, academic institutions, State and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the United States 27

28 28 Homeland Security Information Network-Critical Sectors (HSIN-CS)  HSIN is DHS’s primary technology tool for trusted information sharing  HSIN enables direct communication between DHS, Federal, State and local government, and infrastructure owners and operators  Operated by DHS Office of Operations Coordination (OPS), HSIN is an Internet-based “portal” technology enabling encrypted communications with individually vetted members of secure “Communities of Interest (COI)”  HSIN-CS leverages the HSIN system. IP contributes to the HSIN technical infrastructure and supports the unique needs of the CS program  As a part of HSIN, HSIN-CS can leverage economies of scale to allow users to collaborate across “COIs”

29 29 Vulnerability Assessment Programs  Buffer Zone Protection Program (BZPP) – Buffer zone is the area outside a facility that can be used by an adversary to conduct surveillance or launch an attack – A infrastructure protection grant program targeted to local law enforcement – Provides funding to local law enforcement for equipment acquisition and planning activities to enhance security capabilities in protecting the highest risk critical infrastructure sites – Supports the development of effective preventive/protective measures that make it more difficult for terrorists to conduct surveillance or launch attacks from the immediate vicinity of critical infrastructure  Site Assistance Visit (SAV) – Brings together Federal partners, State and local law enforcement, other emergency responders, and critical infrastructure owners and operators to conduct an “inside the fence” assessment – Identifies critical assets, specific vulnerabilities, protective measures, and dependencies and interdependencies – Provides options for consideration for improving security

30 30  Increase awareness and improve understanding of infrastructure protection Infrastructure Protection Report Series Common Characteristics Consequences of Events Common Vulnerabilities Surveillance Indicators Surveillance Objectives Transactional and Behavioral Indicators General Protective Measures Options Specific Protective Measures Options per HSAS Level Characteristics and Common Vulnerabilities Potential Indicators of Terrorist Activity Protective Measures  DHS has produced reports for 142 different asset types, including: Casinos, convention centers, hotels, education facilities, office buildings, shopping malls, stadiums, theme parks, residential buildings, and other commercial sector assets

31 31  Comprehensive effort to educate law enforcement and private sector suppliers of materials used in the manufacture and construction of IEDs, of the potential risks associated with the sale or theft of those products – Point-of-Sale Awareness – Notification Processes – Supply Chain Awareness – Law Enforcement Training Material  Facilitates partnerships between local law enforcement and private sector  Encourages the retail industry to take an active role in bombing prevention efforts at little or no cost Bomb-Making Materials Awareness

32 32  TRIPwire - online unclassified network for law enforcement having bombing prevention responsibilities to discover and share tactics, techniques, and procedures of terrorist IED use – Combines expert analysis with relevant documents gathered from terrorist sources to assist law enforcement anticipate, identify and prevent IED incidents  TRIPwire Community Gateway brings timely bombing prevention awareness information and analysis to the private sector with bombing prevention responsibilities – Responds to increasing private sector demand for bombing prevention information and assistance – Leverages content, expertise, and reputation of the existing TRIPwire system – Shares information on common site vulnerabilities, potential threat indicators, and effective protective measures to the 18 critical infrastructure sectors through HSIN-CS TRIPwire and TRIPwire Community Gateway

33 33 Risk Mitigation Training  Surveillance Detection Course – Provides a guideline for mitigating risks to critical infrastructure through developing, applying, and employing protective measures and the creation of a surveillance detection plan  Protective Measures – Provides the knowledge and skills to understand common vulnerabilities and employ effective protective measures to enhance commercial sector awareness on how to devalue, detect, deter, and defend facilities from terrorism  Private Sector Counterterrorism Awareness Workshop – Provides private sector security professionals with current strategies on soft target awareness, surveillance detection, and IED recognition, and outlines specific counterterrorism awareness and prevention actions that reduce vulnerability and mitigate the risk of domestic terrorist attacks  Soft Target Awareness Course – Provides private sector security and safety personnel terrorism awareness, prevention, and protection information  IED Awareness Workshop – Provides a basic awareness of IED prevention measures and planning protocols and the current technology and trends that characterize IEDs

34 How Can You Help?  Engage with your Protective Security Advisors to facilitate protective actions and establish priorities and the need for information  Assist in efforts to identify, assess, and secure critical infrastructures in your community  Communicate local critical infrastructure protection related concerns –Business and economic ramifications of actions –Issues unique to the community 34

35 Summary  Success will depend in part on the strength of our partnership  Our approach to addressing the terrorism threat will be a long term, ongoing project of the highest priority  This effort will require the highest degree of vigilance and dedication from all of us 35

36 For more information visit:

Download ppt "The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Protective Security Coordination Division."

Similar presentations

Ads by Google