DOCSLIB.ORG

Critical Infrastructure Threat Information Sharing Framework a Reference Guide for the Critical Infrastructure Community

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Critical Infrastructure Threat Information Sharing Framework a Reference Guide for the Critical Infrastructure Community Critical Infrastructure Threat Information Sharing Framework A Reference Guide for the Critical Infrastructure Community October 2016 CRITICAL INFRASTRUCTURE THREAT INFORMATION SHARING FRAMEWORK Page intentionally left blank. CRITICAL INFRASTRUCTURE THREAT INFORMATION SHARING FRAMEWORK Contents Quick Reference Guide for Critical Infrastructure Owners and Operators, .................................. iii Report Threats and Incidents ...................................................................................................... iii Report Suspicious Activity ...................................................................................................... iii Report Suspected or Known Cyber Incidents .......................................................................... iv Report Physical Infrastructure Incidents .................................................................................. iv Become a Partner in the “If You See Something, Say Something™” Campaign ................... iv Receive Threat Information Relevant to Your Sector ................................................................ iv Access Threat Prevention and Protection Related Training and Exercises .............................. v Executive Summary ........................................................................................................................ 1 1 Introduction ............................................................................................................................... 3 1.1 Background ......................................................................................................................... 3 1.2 Purpose and Scope .............................................................................................................. 4 1.3 Audience ............................................................................................................................. 5 1.4 Guiding Principles .............................................................................................................. 5 1.5 Development Methodology ................................................................................................ 7 2 Overview of Critical Infrastructure Security and Resilience Threat Information Sharing ....... 9 2.1 Threat Information-Sharing Process ................................................................................. 11 2.2 Types of Entities Participating in the Threat Information-Sharing Process ..................... 17 2.2.1 Local and Regional Information Sharing Hubs .......................................................... 18 2.2.2 National Information Sharing Hubs ............................................................................ 19 2.2.3 Investigative Entities ................................................................................................... 19 2.2.4 Owners and Operators Operations Centers ................................................................. 20 2.2.5 Partnerships, Alliances, and Councils ......................................................................... 20 3 Threat Information Sharing Entity Descriptions..................................................................... 21 The Domestic Security Alliance Council (DSAC) .................................................................... 22 FBI Field Offices ....................................................................................................................... 23 Federal Sector-Specific Operations Centers .............................................................................. 24 Fusion Centers (State and Major Urban Area Fusion Centers) ................................................. 25 Information Sharing and Analysis Centers (ISACs) .................................................................. 26 Information Sharing and Analysis Organizations (ISAOs) ....................................................... 27 InfraGard .................................................................................................................................... 28 Investigative and/or Intelligence Entities (Non-Public-Facing) ................................................ 29 Local and State Law Enforcement Operations Centers ............................................................. 30 National Cybersecurity and Communications Integration Center (NCCIC) ............................. 31 i CRITICAL INFRASTRUCTURE THREAT INFORMATION SHARING FRAMEWORK National Infrastructure Coordinating Center (NICC) ................................................................ 33 Office of Intelligence and Analysis (DHS I&A) ....................................................................... 34 Overseas Security Advisory Council (OSAC) ........................................................................... 35 Owners and Operators Operations Centers ................................................................................ 36 Protective Security Advisor (PSA) Program ............................................................................. 37 Sector Coordinating Councils (SCCs) ....................................................................................... 38 Sector-Specific Agencies (SSAs) .............................................................................................. 40 United States Coast Guard (USCG) – Area Maritime Security Committees (AMSC) and Waves on the Waterfront (WOW) ................................................................................................ 43 4 Use Cases ................................................................................................................................ 45 4.1 Cyber Use Case: Havex and BlackEnergy (2014) ............................................................ 45 4.1.1 Background ................................................................................................................. 45 4.1.2 Threat Information Sharing......................................................................................... 46 4.2 Physical Use Case: Metcalf Electric Substation Incident (2013) ..................................... 51 4.2.1 Background ................................................................................................................. 51 4.2.2 Threat Information Sharing......................................................................................... 51 4.3 International Use Case: Westgate Mall Attack in Nairobi, Kenya (2013) ....................... 55 4.3.1 Background ................................................................................................................. 55 4.3.2 Threat Information Sharing......................................................................................... 55 4.4 National Special Security Event (NSSE) Use Case: 2013 Presidential Inauguration ...... 60 4.4.1 Background ................................................................................................................. 60 4.4.2 Pre-Event Threat Information Sharing Activities ....................................................... 60 4.4.3 Threat Information Sharing Activities during the Event ............................................ 62 List of Acronyms .......................................................................................................................... 64 Appendix A: Federal Operations Centers, .................................................................................... 69 Appendix B: Other Threat Information Sharing Entities Not Included in Section 3.0 or Appendix A ............................................................................................................................. 74 Appendix C: Entities with Critical Infrastructure Security and Resilience Program, Policy, and Mitigation Responsibilities .............................................................................................. 77 Appendix D: Threat Information Products ................................................................................... 81 Appendix E: Threat Information Mechanisms and Sources, and Tools to Assess Threats .......... 85 Appendix F: Targeted Threat and Security Engagements ............................................................ 93 Targeted Threat and Security Engagements .............................................................................. 93 Periodic Threat and Security Engagements ............................................................................... 94 Appendix G: Use Case Information Flow Maps........................................................................... 95 ii CRITICAL INFRASTRUCTURE THREAT INFORMATION SHARING FRAMEWORK Quick Reference Guide for Critical Infrastructure Owners and Operators1, 2 Report Threats and Incidents • In an emergency, call 9-1-1, report suspicious activity and threats to federal facilities at 1- 877-4FPS-411 (1-877-437-7411) • Contact your local law enforcement agency • Report through your organization’s appropriate internal reporting process • Directly report non-emergency threats and incidents to your nearest FBI field office at https://www.fbi.gov/contact-us/field or nearest international office at https://www.fbi.gov/contact-us/legat o Report threats and crime online at https://www.fbi.gov/report-threats-and-crime o Report suspicious activity involving chemical, biological, or radiological materials, by calling (toll-free) 1-855-TELL-FBI (1-855-835-5324) o Report an online scam or email hoax by filing
Load more

Recommended publications
  • FBI Academy Training Facility A&E Study………………………………
    Table of Contents Page No. I. Overview ………………………………………………………………….............. 1-1 II. Summary of Program Changes…………………………………………….. 2-1 III. Appropriations Language and Analysis of Appropriations Language….......... 3-1 IV. Decision Unit Justification…………………………………………………... 4-1 A. Intelligence………………………………………………………………… . 4-1 1. Program Description 2. Performance Tables 3. Performance, Resources, and Strategies a. Performance Plan and Report for Outcomes b. Strategies to Accomplish Outcomes B. Counterterrorism/Counterintelligence ……………………………………… 4-14 1. Program Description 2. Performance Tables 3. Performance, Resources, and Strategies a. Performance Plan and Report for Outcomes b. Strategies to Accomplish Outcomes C. Criminal Enterprises and Federal Crimes…………………………………… 4-36 1. Program Description 2. Performance Tables 3. Performance, Resources, and Strategies a. Performance Plan and Report for Outcomes b. Strategies to Accomplish Outcomes D. Criminal Justice Services…………………………………………………….. 4-59 1. Program Description 2. Performance Tables 3. Performance, Resources, and Strategies a. Performance Plan and Report for Outcomes b. Strategies to Accomplish Outcomes V. Program Increases by Item………………………………………………… 5-1 Domain and Operations Increases Comprehensive National Cybersecurity Initiative………………………... 5-1 Intelligence Program………………………………………………….…... 5-6 National Security Field Investigations……….………………………….... 5-13 Mortgage Fraud and White Collar Crime………………………………… 5-15 WMD Response………………………………………………………..…. 5-19 Infrastructure Increases
    [Show full text]
  • Project Division
    MAGAL SECURITY SYSTEMS Focused Solutions for the World’s Security Needs Kobi Vinokur, CFO March 2020 1 / SAFE HARBOR/ Statements concerning Magal Security’s business outlook or future economic performance, product introductions and plans and objectives related thereto, and statements concerning assumptions made or expectations as to any future events, conditions, performance or other matters, are "forward-looking statements'' as that term is defined under U.S. federal securities laws. Forward-looking statements are subject to various risks, uncertainties and other factors that could cause actual results to differ materially from those stated in such statements. These risks, uncertainties and factors include, but are not limited to: the effect of global economic conditions in general and conditions affecting Magal Security’s industry and target markets in particular; shifts in supply and demand; market acceptance of new products and continuing products' demand; the impact of competitive products and pricing on Magal Security’s and its customers' products and markets; timely product and technology development/upgrades and the ability to manage changes in market conditions as needed; the integration of acquired companies, their products and operations into Magal Security’s business; and other factors detailed in Magal Security’s filings with the Securities and Exchange Commission. Magal Security assumes no obligation to update the information in this release. Estimated growth rates and other predictive statements represent Magal Security’s assumptions and expectations in light of currently available information. Estimated growth rates and other predictive statements, are based on industry trends, circumstances involving clients and other factors, and they involve risks, variables and uncertainties.
    [Show full text]
  • Water Sector Cybersecurity Brief for States
    WATER SECTOR CYBERSECURITY BRIEF FOR STATES Introduction Implementing cybersecurity best practices is critical for water and wastewater utilities. Cyber-attacks are a growing threat to critical infrastructure sectors, including water and wastewater systems. Many critical infrastructure facilities have experienced cybersecurity incidents that led to the disruption of a business process or critical operation. Cyber Threats to Water and Wastewater Systems Cyber-attacks on water or wastewater utility business enterprise or process control systems can cause significant harm, such as: • Upset treatment and conveyance processes by opening and closing valves, overriding alarms or disabling pumps or other equipment; • Deface the utility’s website or compromise the email system; • Steal customers’ personal data or credit card information from the utility’s billing system; and • Install malicious programs like ransomware, which can disable business enterprise or process control operations. These attacks can: compromise the ability of water and wastewater utilities to provide clean and safe water to customers, erode customer confidence, and result in financial and legal liabilities. Benefits of a Cybersecurity Program The good news is that cybersecurity best practices can be very effective in eliminating the vulnerabilities that cyber-attacks exploit. Implementing a basic cybersecurity program can: • Ensure the integrity of process control systems; • Protect sensitive utility and customer information; • Reduce legal liabilities if customer or employee personal information is stolen; and • Maintain customer confidence. Challenges for Utilities in Starting a Cybersecurity Program Many water and wastewater utilities, particularly small systems, lack the resources for information technology (IT) and security specialists to assist them with starting a cybersecurity program. Utility personnel may believe that cyber-attacks do not present a risk to their systems or feel that they lack the technical capability to improve their cybersecurity.
    [Show full text]
  • National Security and Local Police
    BRENNAN CENTER FOR JUSTICE NATIONAL SECURITY AND LOCAL POLICE Michael Price Brennan Center for Justice at New York University School of Law ABOUT THE BRENNAN CENTER FOR JUSTICE The Brennan Center for Justice at NYU School of Law is a nonpartisan law and policy institute that seeks to improve our systems of democracy and justice. We work to hold our political institutions and laws accountable to the twin American ideals of democracy and equal justice for all. The Center’s work ranges from voting rights to campaign finance reform, from racial justice in criminal law to Constitutional protection in the fight against terrorism. A singular institution — part think tank, part public interest law firm, part advocacy group, part communications hub — the Brennan Center seeks meaningful, measurable change in the systems by which our nation is governed. ABOUT THE BRENNAN CENTER’S LIBERTY AND NATIONAL SECURITY PROGRAM The Brennan Center’s Liberty and National Security Program works to advance effective national security policies that respect Constitutional values and the rule of law, using innovative policy recommendations, litigation, and public advocacy. The program focuses on government transparency and accountability; domestic counterterrorism policies and their effects on privacy and First Amendment freedoms; detainee policy, including the detention, interrogation, and trial of terrorist suspects; and the need to safeguard our system of checks and balances. ABOUT THE BRENNAN CENTER’S PUBLICATIONS Red cover | Research reports offer in-depth empirical findings. Blue cover | Policy proposals offer innovative, concrete reform solutions. White cover | White papers offer a compelling analysis of a pressing legal or policy issue.
    [Show full text]
  • Suspect Until Proven Guilty, a Problematization of State Dossier Systems Via Two Case Studies: the United States and China
    University of Pennsylvania ScholarlyCommons Publicly Accessible Penn Dissertations Fall 2009 Suspect Until Proven Guilty, a Problematization of State Dossier Systems via Two Case Studies: The United States and China Kenneth N. Farrall University of Pennsylvania, [email protected] Follow this and additional works at: https://repository.upenn.edu/edissertations Part of the Asian Studies Commons, Communication Technology and New Media Commons, International and Intercultural Communication Commons, and the Social Influence and oliticalP Communication Commons Recommended Citation Farrall, Kenneth N., "Suspect Until Proven Guilty, a Problematization of State Dossier Systems via Two Case Studies: The United States and China" (2009). Publicly Accessible Penn Dissertations. 51. https://repository.upenn.edu/edissertations/51 This paper is posted at ScholarlyCommons. https://repository.upenn.edu/edissertations/51 For more information, please contact [email protected]. Suspect Until Proven Guilty, a Problematization of State Dossier Systems via Two Case Studies: The United States and China Abstract This dissertation problematizes the "state dossier system" (SDS): the production and accumulation of personal information on citizen subjects exceeding the reasonable bounds of risk management. SDS - comprising interconnecting subsystems of records and identification - damage individual autonomy and self-determination, impacting not only human rights, but also the viability of the social system. The research, a hybrid of case-study and cross-national comparison, was guided in part by a theoretical model of four primary SDS driving forces: technology, political economy, law and public sentiment. Data sources included government documents, academic texts, investigative journalism, NGO reports and industry white papers. The primary analytical instrument was the juxtaposition of two individual cases: the U.S.
    [Show full text]
  • Federal Bureau of Investigation Hearing
    FEDERAL BUREAU OF INVESTIGATION HEARING BEFORE THE COMMITTEE ON THE JUDICIARY HOUSE OF REPRESENTATIVES ONE HUNDRED TENTH CONGRESS FIRST SESSION JULY 26, 2007 Serial No. 110–86 Printed for the use of the Committee on the Judiciary ( Available via the World Wide Web: http://judiciary.house.gov U.S. GOVERNMENT PRINTING OFFICE 37–010 PDF WASHINGTON : 2007 For sale by the Superintendent of Documents, U.S. Government Printing Office Internet: bookstore.gpo.gov Phone: toll free (866) 512–1800; DC area (202) 512–1800 Fax: (202) 512–2104 Mail: Stop IDCC, Washington, DC 20402–0001 VerDate 0ct 09 2002 11:11 Jul 09, 2008 Jkt 000000 PO 00000 Frm 00001 Fmt 5011 Sfmt 5011 H:\WORK\FULL\072607\37010.000 HJUD1 PsN: DOUGA COMMITTEE ON THE JUDICIARY JOHN CONYERS, JR., Michigan, Chairman HOWARD L. BERMAN, California LAMAR SMITH, Texas RICK BOUCHER, Virginia F. JAMES SENSENBRENNER, JR., JERROLD NADLER, New York Wisconsin ROBERT C. ‘‘BOBBY’’ SCOTT, Virginia HOWARD COBLE, North Carolina MELVIN L. WATT, North Carolina ELTON GALLEGLY, California ZOE LOFGREN, California BOB GOODLATTE, Virginia SHEILA JACKSON LEE, Texas STEVE CHABOT, Ohio MAXINE WATERS, California DANIEL E. LUNGREN, California WILLIAM D. DELAHUNT, Massachusetts CHRIS CANNON, Utah ROBERT WEXLER, Florida RIC KELLER, Florida LINDA T. SA´ NCHEZ, California DARRELL ISSA, California STEVE COHEN, Tennessee MIKE PENCE, Indiana HANK JOHNSON, Georgia J. RANDY FORBES, Virginia BETTY SUTTON, Ohio STEVE KING, Iowa LUIS V. GUTIERREZ, Illinois TOM FEENEY, Florida BRAD SHERMAN, California TRENT FRANKS, Arizona
    [Show full text]
  • Security Studies (SCST) 1
    Security Studies (SCST) 1 SECURITY STUDIES (SCST) SCST 2363. Intro to Homeland Security. 3 Hours. This introductory course is designed to familiarize students with the field of security studies. Topics include Surveys, threats, and challenges from terrorist attacks, to pandemics to climate change. SCST 2364. Homeland Sec Research Methods. 3 Hours. Students gain knowledge about research design and methodology. Students develop the ability to analyze and critically evaluate data, ideas, arguments, and policy. Students also hone critical thinking skills and enhance their ability to be effective consumers of data. SCST 2365. Intro to Emergency Management. 3 Hours. Students study the evolution of emergency management in the United States from early community-based response practices to the current robust national system focused on risk analysis, communications, risk prevention and mitigation, and social and economic recovery. Students examine benchmark policies, regulations, and directives that form the basis of the emergency management field. Students engage in case study research and gain exposure to current and emerging trends in emergency management domestically and internationally. SCST 2366. Introduction to Cybersecurity. 3 Hours. Students examine the problem of cybersecurity from a homeland security perspective. Students explore the diversity of threats and security measures in cyberspace from a non-technical perspective and with a focus on laws, strategies, and policies. Security issues, from crime to espionage to cyberwar, will be considered on both the micro and macro-level. SCST 2368. Transportation Security. 3 Hours. Students examine a wide range of facets that comprise the field of transportation security. As part of this course students assess the capabilities and vulnerabilities of the transportation network as well as explore the agencies and governance issues impacting transportation security.
    [Show full text]
  • Information Sharing: DHS Is Assessing Fusion Center
    United States Government Accountability Office Report to Congressional Requesters November 2014 INFORMATION SHARING DHS Is Assessing Fusion Center Capabilities and Results, but Needs to More Accurately Account for Federal Funding Provided to Centers GAO-15-155 November 2014 INFORMATION SHARING DHS Is Assessing Fusion Center Capabilities and Results, but Needs to More Accurately Account for Federal Funding Provided to Centers Highlights of GAO-15-155, a report to congressional requesters Why GAO Did This Study What GAO Found Fusion centers play a key role in The Department of Homeland Security (DHS) is helping state and major urban sharing threat information among all area fusion centers assess baseline capabilities—such as the ability to receive, levels of government and the private analyze, and disseminate threat information—and address capability gaps sector. Federal agencies support these through an annual assessment process, resources it provides to centers to centers by providing personnel, mitigate gaps, and an exercise program to evaluate capabilities in practice. funding, and other assistance. GAO Results of the 2013 annual assessment show that centers achieved an average was asked to assess how federal score of about 92 out of 100, which generally indicates that centers have policies agencies are accounting for ongoing and procedures in place to implement key information sharing activities. The support provided. scores do not reflect if these activities have resulted in specific homeland security This report addresses the extent to impacts. All 10 fusion center directors GAO contacted said that the annual which (1) DHS has helped centers assessment is a useful tool to identify capabilities and monitor progress.
    [Show full text]
  • 9/11 Report”), July 2, 2004, Pp
    Final FM.1pp 7/17/04 5:25 PM Page i THE 9/11 COMMISSION REPORT Final FM.1pp 7/17/04 5:25 PM Page v CONTENTS List of Illustrations and Tables ix Member List xi Staff List xiii–xiv Preface xv 1. “WE HAVE SOME PLANES” 1 1.1 Inside the Four Flights 1 1.2 Improvising a Homeland Defense 14 1.3 National Crisis Management 35 2. THE FOUNDATION OF THE NEW TERRORISM 47 2.1 A Declaration of War 47 2.2 Bin Ladin’s Appeal in the Islamic World 48 2.3 The Rise of Bin Ladin and al Qaeda (1988–1992) 55 2.4 Building an Organization, Declaring War on the United States (1992–1996) 59 2.5 Al Qaeda’s Renewal in Afghanistan (1996–1998) 63 3. COUNTERTERRORISM EVOLVES 71 3.1 From the Old Terrorism to the New: The First World Trade Center Bombing 71 3.2 Adaptation—and Nonadaptation— ...in the Law Enforcement Community 73 3.3 . and in the Federal Aviation Administration 82 3.4 . and in the Intelligence Community 86 v Final FM.1pp 7/17/04 5:25 PM Page vi 3.5 . and in the State Department and the Defense Department 93 3.6 . and in the White House 98 3.7 . and in the Congress 102 4. RESPONSES TO AL QAEDA’S INITIAL ASSAULTS 108 4.1 Before the Bombings in Kenya and Tanzania 108 4.2 Crisis:August 1998 115 4.3 Diplomacy 121 4.4 Covert Action 126 4.5 Searching for Fresh Options 134 5.
    [Show full text]
  • Fusion Center Privacy Policy Development
    NT O E F M JU Global Justice T S R T A I P C Information E E Sharing D Initiative United States Department of Justice DHS/DOJ Fusion Process Technical Assistance Program and Services Fusion Center Privacy Policy Development Privacy, Civil Rights, and Civil Liberties Policy Template Revised With U.S. Department of Homeland Security Grant Program Guidance Requirements April 2010 DHS/DOJ Fusion Process Technical Assistance Program and Services Fusion Center Privacy Policy Development Privacy, Civil Rights, and Civil Liberties Policy Template April 2010 To request a Word version of this template, please submit your request to [email protected]. About Global The U.S. Department of Justice’s Global Justice Information Sharing Initiative (Global) serves as a Federal Advisory Committee to the U.S. Attorney General on critical justice information sharing initiatives. Global promotes standards-based electronic information exchange to provide justice and public safety communities with timely, accurate, complete, and accessible information in a secure and trusted environment. Global is administered by the U.S. Department of Justice, Office of Justice Programs, Bureau of Justice Assistance. This project was supported by Grant No. 2008-DD-BX-K520 awarded by the Bureau of Justice Assistance, Office of Justice Programs, in collaboration with the U.S. Department of Justice’s Global Justice Information Sharing Initiative and the U.S. Department of Homeland Security. The opinions, findings, and conclusions or recommendations expressed in this publication are those of the author(s) and do not necessarily reflect the views of the U.S. Department of Justice or the U.S.
    [Show full text]
  • Characteristics of Residential Adult Learning in the Fbi National Academy Learning Environment and the Impact on Participant's
    CHARACTERISTICS OF RESIDENTIAL ADULT LEARNING IN THE FBI NATIONAL ACADEMY LEARNING ENVIRONMENT AND THE IMPACT ON PARTICIPANT’S ATTITUDE OF SATISFACTION By Thomas Catron Christenberry Dissertation Proposal submitted to the Faculty of the Virginia Polytechnic Institute and State University In partial fulfillment of the requirements for the degree of DOCTOR OF PHILOSOPHY In Human Development (Adult Learning and Human Resource Development) Committee: Dr. Marcie Boucouvalas, Chair Dr. John P. Jarvis Dr. Stephen R. Parson Dr. Letitia A. Combs September 15, 2004 Falls Church, Virginia Key Words: Residential Adult Learning, Adult Education CHARACTERISTICS OF RESIDENTIAL ADULT LEARNING IN THE FBI NATIONAL ACADEMY LEARNING ENVIRONMENT AND THE IMPACT ON PARTICIPANT’S ATTITUDE OF SATISFACTION By Thomas Catron Christenberry Dr. Marcie Boucouvalas, Chair Human Development (Adult Learning and Human Resource Development) (ABSTRACT) Using the Federal Bureau of Investigation’s (FBI) 212th session of the National Academy, a residential adult learning environment, as a case study and the 1996 research on participant’s perception of residential adult learning environments by Dr. Jean Anderson Fleming, this study examined the relationship among the characteristics (overarching themes: detachment and continuity and descriptive themes: building relationships in residence, learning in residence, and individual change in residence) and how this relationship impacts the participant’s attitude of satisfaction with the program. A 33-item Likert scale, developed by the researcher, was used to collect the data from 244 police officers and the Kropp-Verner Attitude Scale was used for measuring the overall participant attitude of satisfaction with the residential learning environment. Demographic data were also collected from the participants to provide an overall profile of the respondents and each police officer had the opportunity to respond to an open-ended question at the end of the survey.
    [Show full text]
  • Law Enforcement Intelligence: a Guide for State, Local, and Tribal Law Enforcement Agencies
    David L. Carter, Ph.D. School of Criminal Justice Michigan State University Law Enforcement Intelligence: A Guide for State, Local, and Tribal Law Enforcement Agencies November 2004 David L. Carter, Ph.D. This project was supported by Cooperative Agreement #2003-CK-WX-0455 by the U.S. Department of Justice Office of Community Oriented Policing Services. Points of view or opinions contained in this document are those of the author and do not necessarily represent the official position or policies of the U.S. Department of Justice or Michigan State University. Preface The world of law enforcement intelligence has changed dramatically since September 11, 2001. State, local, and tribal law enforcement agencies have been tasked with a variety of new responsibilities; intelligence is just one. In addition, the intelligence discipline has evolved significantly in recent years. As these various trends have merged, increasing numbers of American law enforcement agencies have begun to explore, and sometimes embrace, the intelligence function. This guide is intended to help them in this process. The guide is directed primarily toward state, local, and tribal law enforcement agencies of all sizes that need to develop or reinvigorate their intelligence function. Rather than being a manual to teach a person how to be an intelligence analyst, it is directed toward that manager, supervisor, or officer who is assigned to create an intelligence function. It is intended to provide ideas, definitions, concepts, policies, and resources. It is a primer- a place to start on a new managerial journey. Every effort was made to incorporate the state of the art in law enforcement intelligence: Intelligence-Led Policing, the National Criminal Intelligence Sharing Plan, the FBI Intelligence Program, the array of new intelligence activities occurring in the Department of Homeland Security, community policing, and various other significant developments in the reengineered arena of intelligence.
    [Show full text]