sign in sign up
<<
Home , Security

Preventing and Enhancing Security

Preventing Terrorism and Enhancing Security

Protecting the American people from terrorist threats is our founding principle and our highest priority. The Department of 's counterterrorism responsibilities focus on three goals: prevent terrorist attacks; prevent the unauthorized acquisition, importation, movement, or use of chemical, biological, radiological, and nuclear materials and capabilities within the United States; and reduce the vulnerability of critical infrastructure and key resources, essential leadership, and major events to terrorist attacks and other hazards.

Aviation Security Aviation Safety & Security Program provides hands- http://www.tsa.gov/stakeholders/programs-and- on education and covers the use of models and tools initiatives-1#Air%20Cargo%20Watch. for evaluation of security and anti-terrorism within a Air Cargo Screening Technology List-For Passenger modular format. The short courses also provide Airport Watch/AOPA Training TSA partnered with Aircraft lists the Non-Sensitive Security Information training in the methods of analysis. Short courses the Aircraft Owners and Pilots Association (AOPA) to version of the Transportation Security Administration designed for police and fire departments help develop a nationwide Airport Watch Program that Air Cargo Screening Technology List-For Passenger personnel develop safety programs that can be used in uses the more than 650,000 pilots as eyes and ears for Aircraft. The document lists the equipment that can be an emergency scenario. For more information, see observing and reporting suspicious activity. The used by air carriers, indirect air carriers, independent http://www.viterbi.usc.edu/aviation/. Airport Watch Program includes warning signs for cargo screening facilities, and shippers in the Certified airports, informational literature, and a training video Cargo Screening Program to screen for domestic and Aviation Security Advisory Committee (ASAC) to teach pilots and airport employees how to enhance outbound (of the United States) air cargo. This provides advice and recommendations for improving security at their airports. For additional information information contains Qualified, Approved, and aviation security measures to the Administrator of the including a training video, visit Waived technologies, their manufacturer, model Transportation Security Administration. The http://www.aopa.org/airportwatch/. number, and top assembly part number. This committee was initially established in 1989 following information can be found at the destruction of Pan American World Airways Airspace Waivers The Office of Airspace Waivers http://www.tsa.gov/sites/default/files/assets/pdf/In Flight 103 by a terrorist bomb. The ASAC has manages the process and assists with the review of termodal/nonssi_acstl_8_2_oct11_12.pdf. traditionally been composed of members representing general aviation aircraft operators who request to key constituencies affected by aviation security enter areas of restricted airspace. For applications for AIRBUST Program provides the general public and requirements. Subcommittees include Air Cargo, aircraft operating into, out of, within or overflying the aviation community with a forum to share International Aviation, General Aviation, -Based United States, the waiver review process includes an information on suspicious small aircraft. An AIRBUST Security, and Passenger Advocacy. For more evaluation of the aircraft, crew, passengers, and poster and pocket-sized laminated card display the information, see http://www.tsa.gov/aviation- purpose of flight. The office then adjudicates the phone number for reporting suspicious activity or security-advisory-committee. application and provides a recommendation of low-flying aircraft, 1-866-AIRBUST (1-866-247- approval or denial to the FAA System Operations 2878). This number rings directly to the CBP Air and Air Cargo Watch Program involves all aspects of the Security. For more information, see Marine Operations Center (AMOC) operations floor. supply chain reporting suspicious activity. TSA is http://www.tsa.gov/stakeholders/airspace-waivers-0 The two-sided laminated card displays drawings of collaborating with industry partners to increase or contact 571-227-2071. single-and twin-engine aircraft often used to transport security domain awareness to detect, deter, and report contraband and lists helpful information to include security threats. Air Cargo Watch materials include a Alien Flight/Flight School Training The Interim when calling. The AIRBUST poster is an 8.5x11‖ presentation, posters and a two-page guide, to Final Rule, Flight Training for Aliens and Other poster with the 1-866-AIRBUST (1-866-247-2878) encourage increased attention to potential security Designated Individuals and Security Awareness phone number. It also lists four general items of threats among several audiences. TSA encourages the Training for Flight School Employees, requires flight interest that can tip off a general aviation airport display of posters and guides in public view to better schools to ensure that each of its flight school employee or law enforcement official that a particular attain its goal of maximizing security awareness along employees who has direct contact with students aircraft or pilot may be involved in illicit activity. For the entire air cargo supply chain. For more (including flight instructors, ground instructors, chief more information, call 951-656-8000. information, see instructors and administrative personnel who have

19 Preventing Terrorism and Enhancing Security direct contact with students) receive both initial and facilities. The document constitutes a set of federally additional questions or concerns, please contact CBP recurrent security awareness training. Flight schools endorsed guidelines for enhancing at via e-mail at [email protected]. may either choose to use TSA‘s security awareness GA facilities throughout the nation. It is intended to training program or develop their own program. For provide GA airport owners, operators, and users with Recommended General Aviation Security Action more information, see guidelines and recommendations that address aviation Items for General Aviation Aircraft Operators and http://www.tsa.gov/stakeholders/training-and- security concepts, technology, and enhancements. For Recommended Security Action Items for Fixed Base exercises-0. more information, visit Operators are measures that aircraft operators and http://www.tsa.gov/stakeholders/security-programs- fixed base operators should consider when they General Aviation Secure Hotline serves as a and-initiatives. develop, implement or revise security plans or other centralized reporting system for general aviation efforts to enhance security. For more information, see pilots, airport operators, and maintenance technicians Global Supply Chain Risk Management (GSCRM) http://www.tsa.gov/stakeholders/security-directives. wishing to report suspicious activity at their airfield. Program provides recommendations to standardize Hotline phone number: 1-866-GA-SECUR (1-866- and implement risk management processes for Secure Flight enhances the security of domestic and 427-3287). acquiring information and communications international commercial air travel, while also technologies (ICT) for the federal government, and enhancing the travel experience for passengers, Certified Cargo Screening Program provides a processes to reduce the threat of attacks to federal ICT through the use of improved, uniform watchlist mechanism by which industry may achieve 100% through the supply chain. Your organization can help matching performed by TSA agents. Secure Flight also screening of cargo on passenger aircraft without with this initiative by applying sound security incorporates an expedited and integrated redress impeding the flow of commerce. Informational procedures and executing due diligence to provide process for travelers who think they have been materials include: one-page overview of CCSP, CCSF integrity and assurance through the vendor supply misidentified or have experienced difficulties in their and Chain of Custody Standards, a tri-fold brochure, chain. For more information, visit air travel. Resources available for aviation stakeholders supplemental CCSP program material with at a glance http://www.dhs.gov/files/programs/gc_123420070 include a communications toolkit, brochure, privacy program overview of the program, a quick hits 9381.shtm or contact the Global Supply Chain information, signage, and an informational video. For overview with impact of 100% screening, and Program at [email protected]. more information, visit supplemental CCSP materials. For more information, http://www.tsa.gov/stakeholders/secure-flight- see http://www.tsa.gov/certified-cargo-screening- Paperless Boarding Pass Pilot enables passengers to program, or contact the TSA Contact Center, 866-289- program or contact [email protected] or the TSA Contact download their boarding pass on their cell phones or 9673. Center, 866-289-9673. personal digital assistants. This approach streamlines the customer experience while heightening the ability User‟s Guide on Security Seals for Domestic Cargo General Aviation Maryland Three Program allows to detect fraudulent boarding passes. For more provides information on the types of security seals properly vetted private pilots to fly to, from, or information, see http://blog.tsa.gov/2009/06/tsa- available for use in securing and controlling between the three general aviation airports closest to paperless-boarding-pass-pilot.html or contact the TSA containers, doors, and equipment. While this guide is the National Capital Region. These airports are Contact Center, 866-289-9673. not intended as a precise procedure for developing a collectively known as the "Maryland Three" airports, comprehensive seal control program, it provides and include College Park Airport (CGS), Potomac Private Aircraft Travel Entry Programs The Advance information and procedures that will support the Airfield (VKX) and Hyde Executive Field (W32). Information on Private Aircraft Arriving and Departing development of a seal control program that will meet These airports are all within the Washington, DC Air the United States Final Rule requires that pilots of site-specific requirements. The ‗User‘s Guide on Defense Identification Zone and the Washington, D.C. private aircraft submit advance notice and manifest Security Seals‘ document can be obtained by accessing Flight Restricted Zone. For more information, see data on all persons traveling on board. Required this link: http://www.tsa.gov/stakeholders/security-programs- information must be submitted to CBP via an https://portal.navfac.navy.mil/portal/page/portal/N and-initiatives or contact [email protected]. approved electronic data interchange system no later AVFAC/NAVFAC_WW_PP/NAVFAC_NFESC_PP/LOC than 60 minutes prior to departure. For more KS/PDF_FILES/sealguid.pdf. General Aviation Security Guidelines are for security information, please visit enhancements at the nation's privately and publicly http://www.cbp.gov/xp/cgov/travel/. For Bombing Prevention owned and operated general aviation (GA) landing

20 Preventing Terrorism and Enhancing Security

Bomb-making Materials Awareness Program Advisor; see (BMAP) Developed in cooperation with the Federal http://www.dhs.gov/xgovt/editorial_0291.shtm for Improvised Explosive Device (IED) Search Bureau of Investigation, BMAP is designed to assist a current list. Procedures Workshop is an eight-hour Workshop local law enforcement agencies engage a wide which enhances participants‘ knowledge of spectrum of private sector establishments within their Improvised Explosive Device (IED) improvised explosive device (IED) awareness, jurisdictions that manufacture, distribute, or sell Counterterrorism Workshop is a four to eight-hour prevention measures, and planning protocols by products that contain home-made explosives (HMEs) awareness level Workshop designed to enhance the outlining specific search techniques that reduce precursor materials. BMAP outreach materials, knowledge of state and local law enforcement and vulnerability and mitigate the risk of terrorist IED provided by law enforcement to these local public/private sector stakeholders by providing attacks. The Workshop culminates in a practical businesses, help employees identify HME precursor exposure to key elements of the IED threat, application of skills during which participants chemicals and other critical improvised explosive surveillance detection methods and soft target demonstrate these search techniques while working devices (IED) components of concern, such as awareness. The Workshop illustrates baseline together as a team. Law enforcement and private electronics, and recognize suspicious purchasing awareness and prevention actions that reduce sector security personnel responsible for bomb threat behavior that could indicate bomb-making activity. vulnerabilities to counter the threat along with management planning and response should attend. To request materials or additional information, contact collaborating information sharing resources to This Workshop is designed to accommodate 40 the DHS Office for Bombing Prevention at improve preparedness. This designed approach better participants. To request training, contact your State [email protected]. enables the owners and operators of critical Homeland Security Advisor; see infrastructure to deter, prevent, detect, protect against, http://www.dhs.gov/xgovt/editorial_0291.shtm for DHS Center of Excellence: Awareness & Location of and respond to the potential use of explosives in the a current list. Explosives-Related Threats (ALERT) develops new United States. This Workshop is designed to means and methods to protect the nation from accommodate 125 to 250 participants. To request Improvised Explosive Device (IED) Threat explosives-related threats, focusing on detecting leave- training, contact your State Homeland Security Awareness and Detection) The Office of behind Improvised Explosive Devices, enhancing Advisor; see Infrastructure Protection‘s Office for Bombing aviation cargo security, providing next-generation http://www.dhs.gov/xgovt/editorial_0291.shtm for Prevention and the Commercial Facilities Sector- baggage screening, detecting liquid explosives, and a current list. Specific Agency developed the first in a series of Web- enhancing suspicious passenger identification. based trainings, Threat Awareness & Response for Sporting Events Resources include training opportunities and courses Improvised Explosive Device (IED) Recognition and and Public Venues, to be released in three 20-minute in explosives. For more information, see Detection for Railroad Industry Employees Training modules. The first Webinar, IED Threat Awareness http://www.northeastern.edu/alert/ and (CD) is an eight-hour Workshop which enhances and Detection, focuses on identifying Improvised http://energetics.chm.uri.edu. For more participants‘ knowledge of improvised explosive Explosive Devices (IEDs). The training provides information, contact [email protected]. device (IED) awareness, prevention measures, and awareness-level information for staff, management, planning protocols by outlining specific search and security to recognize, report, and react to unusual Improvised Explosive Device (IED) Awareness / techniques that reduce vulnerability and mitigate the activities and threats in a timely manner. For more Bomb Threat Management Workshop is a four-hour risk of potential IED attacks. The Workshop information, please contact the NPPD/IP Commercial Workshop which improves participants‘ ability to culminates in a practical application of skills during Facilities SSA at [email protected]. manage improvised explosive device (IED) threats by which participants demonstrate these search outlining specific safety precautions associated with techniques while working together as a team. Law Multi-Jurisdiction Improvised Explosive Device explosive incidents and bomb threats. The Workshop enforcement and private sector security personnel (IED) Security Plan (MJIEDSP) assists multi- reinforces an integrated combination of planning, responsible for bomb threat management planning jurisdiction areas in developing a detailed IED security training, exercises, and equipment acquisition in and response should attend. This Workshop is plan that integrates the assets and capabilities of order to maximize available resources. Key public and designed to accommodate 40 participants. To request multiple jurisdictions and emergency service sectors. private sector representatives knowledgeable in training, contact your State Homeland Security To request additional information, contact the DHS regional efforts should attend. This Workshop is Advisor; see Office for Bombing Prevention at [email protected]. designed to accommodate 50 participants. To request http://www.dhs.gov/xgovt/editorial_0291.shtm for training, contact your State Homeland Security a current list.

21 Preventing Terrorism and Enhancing Security

Protective Measures Course is a two-day course information, contact the DHS Office for Bombing http://www.dhs.gov/xlibrary/assets/chemsec_cfats_ designed to provide executive and employee level Prevention at [email protected]. riskbased_performance_standards.pdf. For more personnel in the public/private sector with the information, contact the CFATS Help Desk at knowledge to identify the appropriate protective Chemical Security [email protected] or 866-323-2957. measures for their unique sector. The course focuses on teaching the participants the threat analysis Chemical Facility Security: Best Practice Guide for process, terrorist methodology and planning cycle, Chemical Facility Anti-Terrorism Standards an Active Shooter Incident is a booklet that draws available protective measures, and determining which (CFATS) Chemical Facility Security Tip Line upon best practices and findings from tabletop protective measures to employ. This course is Individuals who would like to report a possible exercises to present key guidance for chemical facility designed to accommodate 75 participants. To request security concern involving the CFATS regulation at planning and training, and pose specific questions that training, contact your State Homeland Security their facility or at another facility may contact the an effective active shooter response and recovery plan Advisor; see CFATS Chemical Facility Security Tip Line. For more will answer. To obtain a copy of the guide or for more http://www.dhs.gov/xgovt/editorial_0291.shtm for information, see www.dhs.gov/chemicalsecurity or information, contact [email protected]. a current list. contact 877-FYI-4-DHS (1-877-394-4347). To report a potential security incident that has already Chemical Security Analysis Center (CSAC) provides Surveillance Detection for Law Enforcement and occurred, call the National Infrastructure Coordinating a scientific basis for the awareness of chemical threats Security Professionals is a three-day course designed Center at 202-282-9201. and the attribution of their use. The CSAC is a resource for law enforcement and private sector security that provides a centralized compilation of chemical professionals that provides participants with the Chemical Facility Anti-Terrorism Standards hazard data, using this data in an organized effort for knowledge, skills, and abilities to detect hostile (CFATS) Frequently Asked Questions assist facilities threat analytical purposes. It accomplishes this by surveillance conducted against critical infrastructure. in complying with the CFATS regulation. The FAQs providing science and technology-based quality- The course, consisting of five lectures and three are searchable and categorized to further benefit the assured information of the chemical threat to support exercises, increases awareness of terrorist tactics and user and can be found at http://csat- the unified national effort to secure the nation; serving attack history and illustrates the means and methods help.dhs.gov/pls/apex/f?p=100:1:70962511397808 as the nation‘s source of technical data and used to detect surveillance and identify suspicious 88. For more information, contact the CFATS Help information on hazardous chemicals; characterizing behavior. This course is designed to accommodate 25 Desk at [email protected] 866-323-2957. the chemical threat through hazard awareness, risk participants. To request training, contact your State assessments and analyses; advancing knowledge and Homeland Security Advisor; see Chemical Facility Anti-Terrorism Standards increase awareness of chemical security hazards to the http://www.dhs.gov/xgovt/editorial_0291.shtm for (CFATS) Presentations are used by the Infrastructure homeland and to the chemical infrastructure; and a current list. Security Compliance Division (ISCD) in discussions utilizing knowledge management techniques to with the chemical industry and those interested in provide definition and direction to identifying and TRIPwire Community Gateway (TWCG) is a web chemical security. If interested in a live presentation filling data gaps in chemical terrorism related defense portal designed specifically for the nation‘s CIKR about CFATS by ISCD personnel, or to find more posture. For more information, contact owners, operators, and private security personnel. information about such presentations see [email protected] or 410-417-0901. TWCG provides expert threat analyses, reports, and http://www.dhs.gov/files/programs/gc_122476691 relevant planning documents to help key private sector 4427.shtm or contact the CFATS at [email protected], Chemical Security Assessment Tool (CSAT) is an partners anticipate, identify, and prevent improvised 866-323-2957. online tool developed by the explosive device (IED) incidents. TWCG shares IED- Compliance Division (ISCD) to streamline the facility related information tailored to each of the 18 Chemical Facility Anti-Terrorism Standards submission and subsequent DHS analysis and CRITICAL INFRASTRUCTURE Sectors as well as a (CFATS) Risk-Based Performance Standards interpretation of critical information used to: Community Sector for educational institutions, in (RBPS) To assist high-risk chemical facilities subject preliminarily determine facility risk; assess high-risk accordance with the National Infrastructure Protection to CFATS in selecting and implementing appropriate facility vulnerability; describe security measures at Plan (NIPP). Please visit protective measures and practices to meet the DHS- high risk sites; and, ultimately track compliance with http://www.tripwire.dhs.gov. To request additional defined RBPSs, ISCD has developed a Risk-Based the CFATS program. CSAT is a secure information Performance Standards Guidance document. This portal that includes applications and user guides for document can be found at 22 Preventing Terrorism and Enhancing Security completing the User Registration, Top-Screen, information please contact the Chemical SSA at Security Vulnerability Assessment, and Site Security [email protected]. Chemical-Terrorism Vulnerability Information Plan. For more information, see (CVI) is the information protection regime authorized http://www.dhs.gov/files/programs/gc_116950148 Chemical Stockpile Emergency Preparedness by Section 550 of Public Law 109-295 to protect, 6197.shtm or contact the CFATS Help Desk at Program (CSEPP) is a partnership between FEMA and from inappropriate public disclosure, any information [email protected]. 866-323-2957. the U.S. Army that provides emergency preparedness developed or submitted pursuant to Section 550. This assistance and resources to communities surrounding includes information that is developed and/or Chemical Security Compliance Assistance Visit the Army‘s chemical warfare agent stockpiles. For submitted to DHS pursuant to the Chemical Facility (CAV) Requests are provided by the Infrastructure more information, see Anti-Terrorism Standards (CFATS) regulation which Security Compliance Division (ISCD) upon request by http://www.fema.gov/about/divisions/thd_csepp.sh implements Section 550. See Chemical Facility Anti-Terrorism Standards (CFATS)- tm. http://www.dhs.gov/files/programs/gc_118183554 covered facilities. CAVs are designed to provide in- 7413.shtm. For more information, contact the CFATS depth knowledge of and assistance to comply with Chemical Sector Industrial Control Systems (ICS) Help Desk at [email protected] 866-323-2957. CFATS. For more information, see Security Resource DVD The chemical industry, in http://www.dhs.gov/files/programs/gc_124723587 partnership with DHS, has collected a wealth of Infrastructure Protection Sector-Specific Tabletop 0769.shtmor contact [email protected]. cybersecurity information to assist owners and Exercise Program (IP-SSTEP), Chemical Sector operators in addressing ICS security. The DVD Tabletop Exercise (TTX) The IP-SSTEP Chemical Chemical Security Summit The NPPD/IP‘s Chemical contains a wide-range of useful information, Sector TTX is an unclassified and adaptable exercise Sector Specific Agency (SSA) co-hosts the annual including: ICS training resources; existing standards; developed to create an opportunity for public and Chemical Sector Security Summit with the Chemical reporting guidelines; cybersecurity tabletop exercises; private critical infrastructure stakeholders and their Sector Coordinating Council (SCC). The Summit and the National Cyber Security Division‘s Cyber public safety partners to address gaps, threats, issues, consists of workshops, presentations, and discussions Security Evaluation Tool. The DVD is available for free and concerns identified in previous exercises and their covering current security regulations, industry best upon request. For more information or to obtain a after-action processes. The TTX allows participants an practices, and tools for the Chemical Sector. Designed copy of the DVD, please contact the NPPD/IP opportunity to gain an understanding of issues faced for industry professionals throughout the Chemical Chemical SSA at [email protected]. prior to, during, and after a terrorist threat/attack and Sector, there is also broad representation from the the needed coordination with other entities, both chemical stakeholder community, including senior Chemical Sector Security Awareness Guide The private and government, regarding their facility. It DHS officials, congressional staff, and senior purpose of this document is to assist owners and also contains everything needed for a company or government officials. Topics covered at the Summits operators in their efforts to improve security at their facility to conduct a Homeland Security Exercise and include: an overview of Chemical Facility Anti chemical facility and to provide information on the Evaluation Program (HSEEP) compliant TTX. For Terrorism Standards (CFATS); harmonization of the security threat presented by explosive devices and more information, please contact the NPPD/IP various chemical regulations; cyber security, state and cyber vulnerabilities. For more information, please Chemical SSA at [email protected]. local issues, and transportation security. Summits also contact the NPPD/IP Chemical SSA at include pre-Summit Demonstrations and post-Summit [email protected]. Know Your Customer DHS and the FBI cooperated to workshops. For more details on the Summit, please create a flyer for use as a communication tool for visit www.dhs.gov/chemicalsecuritysummit or Chemical Sector Training Resources Guide The chemical companies‘ marketing, sales, purchasing and contact the NPPD/IP Chemical SSA at guide contains a list of free or low-cost training, web- product stewardship personnel, who could encounter [email protected]. based classes, seminars, and documents that are suspicious inquiries about poisonous chemicals and routinely available through one of several component gases either directly or indirectly. The flyer strongly Chemical Sector Classified Briefing The Chemical agencies within DHS. The list was compiled to assist encourages chemical companies, suppliers, SSA sponsors a classified briefing for cleared industry facility security officers to train their employees on manufacturers, customers, distributors, and representatives twice a year. The intelligence industry best practices, physical and cybersecurity transportation service providers to continue increasing community provides briefings on both physical and awareness, and emergency management and response. employee awareness of these in their cyber threats, as well as other topics of interest for For more information, please contact the NPPD/IP organization, reviewing management practices for chemical supply chain professionals. For more Chemical SSA at [email protected]. sensitive materials, and reporting suspicious activities.

23 Preventing Terrorism and Enhancing Security

For more information or to obtain a copy of the flyer, information, please contact the NPPD/IP Chemical SSA please contact the Chemical SSA at at [email protected]. Automated Critical Asset Management System [email protected]. (ACAMS) Web-Based Training provides federal, Web-Based Chemical Security Awareness Training state, local first responders, emergency managers, and Monthly Chemical Sector Suspicious Activity Calls Program The training program is an interactive tool Homeland Security officials with training on the use The Chemical SSA and Oil and Natural Gas Subsector available free to chemical facilities nationwide to and functionality of the ACAMS tool. Completion of host a monthly unclassified threat briefing and increase security awareness. The training is designed training is required in order to access information suspicious activity reporting teleconference for for all facility employees, not just those traditionally within ACAMS. For more information, contact chemical facility owners, operators and supply-chain involved in security. Upon completion, a certificate is [email protected]. professionals. To participate, apply for access to HSIN awarded to the student. To access the training, please where call-in information is posted to the Chemical visit https://chemicalsecuritytraining.dhs.gov/. For Critical Infrastructure Asset Protection Technical Portal. This briefing is scheduled for the fourth more information, please contact the NPPD/IP Assistance Program (CAPTAP) is a weeklong course Thursday of every month at 11:00AM EDT. For more Chemical SSA at [email protected]. designed to assist state and local law enforcement, first information, contact the Chemical SSA at responders, emergency managers, and other [email protected]. Who‟s Who in Chemical Sector Security This homeland security officials understand the steps document describes the roles and responsibilities of necessary to develop and implement a comprehensive Security Seminar & Exercise Series for Chemical different DHS components with relation to Chemical CIKR protection program in their respective Industry Stakeholders This is a collaborative effort Security. For more information, or to obtain the jurisdiction. The course includes the processes, between the DHS Chemical SSA and industry report, please contact the NPPD/IP Chemical SSA at methodologies, and resources necessary to identify, stakeholders such as state chemical industry councils, [email protected]. assess, prioritize, and protect CIKR assets, as well as state homeland security offices, industry trade those capabilities necessary to prevent and respond to associations and state emergency management Critical Infrastructure – Multiple incidents, should they occur. Through a partnership agencies. The intent of the program is to foster with the National Guard Bureau (NGB), the U.S. Army communication between facilities and their local Sectors Research, Development and Engineering Command emergency response teams by encouraging (RDECOM), and the DHS Office of Infrastructure representatives to share their insight, knowledge, and Active Shooter Resources include a desk reference Protection (IP) Infrastructure Information Collection experiences during a facilitated tabletop exercise. The guide, a reference poster, and a pocket-sized reference Division (IICD), this service also provides web-based exercise is catered towards the specific interests of the card to address how employees, managers, training and instructor-led training on Protected Critical organizing entity and can include a wide-variety of staff, and human resources personnel can mitigate the Infrastructure Information (PCII) and the use of the topics and security scenarios such as an active shooter, risk of and appropriately react in the event of an active Automated Critical Asset Management System a hostage situation, a suspicious package, or a Vehicle shooter situation. The desk reference guide, pocket (ACAMS) and Integrated mapping and geospatial tool. Borne improvised explosive device (VBIED). For card and poster are available on the following For more information, see more information or to obtain a list of scheduled websites, also available in Spanish translation. www.dhs.gov/files/programs/gc_1195679577314.s events, please contact the NPPD/IP Chemical SSA at http://www.dhs.gov/xlibrary/assets/active_shooter_ htm or contact [email protected]. [email protected]. poster.pdf, http://www.dhs.gov/xlibrary/assets/active_shooter_ Critical Infrastructure Protection and Resilience Voluntary Chemical Assessment Tool (VCAT) VCAT booklet.pdf, Toolkit is intended to be a starting point for small and is a secure, web-based application and self-assessment http://www.dhs.gov/xlibrary/assets/active_shooter_ medium sized businesses to integrate infrastructure tool originally designed for use by the chemical pocket_card.pdf, protection and resilience into preparedness, risk industry. The tool allows owners and operators to http://www.dhs.gov/xlibrary/assets/active-shooter- management, business continuity, emergency identify their facility‘s current risk level using an all- poster-spanish.pdf, management, security, and other related disciplines. hazards approach. VCAT facilitates a cost-benefit http://www.dhs.gov/xlibrary/assets/active-shooter- For more information, contact analysis by allowing users to select the best pocket-spanish.pdf. For more information, please [email protected]. combination of countermeasures and contact the Commercial Facilities SSA at mitigation strategies to reduce overall risk. For more [email protected]. 24 Preventing Terrorism and Enhancing Security

Critical Infrastructure Learning Series The Learning situation in the workplace. The TTX is broken up into Series allows NPPD/IP to provide information and Critical Infrastructure Sector Snapshots provide a three modules: the pre-incident phase, including online seminars on current and emerging critical quick look at SOPD sectors and generally contain recognizing potential warning signs of workplace infrastructure topics to critical infrastructure owners sector overviews; information on sector partnerships; violence; the incident and response phase; and the and operators, government partners and others. information on critical infrastructure protection issues assessment phase. The TTX will focus discussion on Register for updates at and priority programs. For more information, see how to limit escalation and reduce the threat of http://www.dhs.gov/ciwebinars. http://www.dhs.gov/xlibrary/assets/nipp_annrpt.pd violent behavior, but in the event that an incident f. For more information, contact [email protected]. does occur, it also addresses how facilities can work Critical Infrastructure Partnership Advisory Council with their employees, and public and private partners Supply Chain Working Group (SCWG) The SCWG Cross-Sector Active Shooter Security Seminar and to ensure they are prepared and able to recover from was established to serve as a Government and industry Exercise Workshop This is a one-day workshop an event as quickly as possible. For more information, forum to discuss the existing and evolving supply designed to be applicable for any sector for general please contact the Sector Outreach and Programs chain risks to the Communications Sector. The awareness of how to respond to an active shooter Division at [email protected]. SCWG‘s objective is to enhance Government‘s incident. The workshop will enhance awareness of an awareness of industry transactions of interest and best active shooter event by educating participants on the FoodSHIELD is a Web-based system for practices relevant to telecommunications supply chain history of active shooter events; describing common communication, coordination, community-building, risk management. Through this voluntary behavior, conditions, and situations associated with education, and training among the nation‘s food and information sharing framework, SCWG members aim active shooters. The intent of the program is to foster sectors. FoodSHIELD enables real-time to develop a program that addresses Federal communication between critical infrastructure owners response and decision making by facilitating Government concerns for and and operators and local emergency response teams by collaborations between public health and food primary mission essential function integrity, while discussion of interoperability, communications, and regulatory officials at the local, state, and federal delivering valuable information and guidance to best practices for planning, preparedness and response levels. FoodSHIELD currently has registered private sector partners. For more information, contact during a facilitated tabletop exercise. For more participation from labs and regulatory agencies in all [email protected]. information or to obtain a list of scheduled events, 50 states. As a rapidly maturing infrastructure, more please contact the Sector Outreach and Programs than 190 workgroups actively use FoodSHIELD to Critical Infrastructure Resource Center is an online Division at [email protected]. plan, coordinate, and develop new strategies for food tool designed to build awareness and understanding of defense and protection. More than 64,000 minutes are the scope and efforts of all of the18 critical The Cutting Edge Tools Resilience Program Website logged each month using our core webinar infrastructure sectors. Each sector page provides Sector was created under the platform of the DHS Science capabilities allowing easy collaboration amongst goals, priorities, protective programs, and initiatives, and Technology Directorate‘s High Performance and stakeholders and participants across the sector. and other resources, as reflected in the latest Sector- Integrated Design Program to improve the security Impressively, many of these workgroup participants Specific Plans and Sector Web pages. To access the and resilience of our Nation's buildings and represent different agencies and states providing for Resource Center: infrastructure. The website has manuals, software and the first time true collaboration and coordination http://training.fema.gov/EMIWeb/IS/IS860a/CIRC/i tools to better prepare buildings and infrastructure to capabilities across federal and state boundaries. For ndex.htm. recover from manmade and natural disaster events more information, please visit www.foodshield.org. such as explosive blasts; chemical, biological, and Critical Infrastructure Training Module provides an radiological (CBR) agents; floods; hurricanes; DHS Center of Excellence: Global Terrorism overview of the National Infrastructure Protection Plan earthquakes, and fires. For more information see Database is an open-source database including (NIPP) and critical infrastructure Annex to the www.dhs.gov/bips. information on terrorist events around the world from National Response Framework. The module is 1970 through 2011 (with additional updates planned available upon request in PowerPoint format with Dealing with Workplace Violence Tabletop Exercise for the future). In addition to the GTD, the world‘s instructor and participant guides and can be easily (TTX) The Office of Infrastructure Protection‘s (IP) largest unclassified dataset on terrorism incidents, the integrated into existing training programs. A Spanish Sector Outreach and Programs Division has developed START consortium makes many other datasets version is also available. To request the training the Dealing with Workplace Violence Tabletop available to advance research and analysis on the module, contact [email protected]. Exercise (TTX) that focuses on an active-shooter topics of terrorism, counterterrorism, and community

25 Preventing Terrorism and Enhancing Security resiliency. For more information, see http://www.youtube.com/playlist?list=UUpkaznWj_ guidance and assistance are needed. For more www.start.umd.edu/gtd and 9PIVgO0BRKXu8w&feature=plcp. information, contact FEMA-Private- http://www.start.umd.edu/start/data_collections/ or [email protected] or [email protected]. [email protected]. Expert Judgment and Probability Elicitation consists of methodologies and tools for elicitation of expert National Infrastructure Advisory Council (NIAC) DHS Center of Excellence: Training Programs judgments and probabilities that are often required in provides advice to the President, through the Secretary related to the Human Causes and Consequences of the quantification of risk and decision models related of Homeland Security, on the security of the critical Terrorism are customized training programs for to terrorist threats. This is the case when data is infrastructure sectors and their information systems. professional audiences. Training modules explore such inconclusive or there is controversy about how The Council is composed of a maximum of 30 topics as global trends in terrorist activity, impact of evidence should be interpreted. For more members, appointed by the President from private counterterrorism efforts, terrorist activity in specific information, see industry, academia, and state and local government. regions/countries, terrorist target selection and http://create.usc.edu/research/Expert Judgment For more information, see www.dhs.gov/niac. weapon choice, nature of terrorist organizations, and Elicitation Methods.pdf or contact planning resilient communities. Modules and [email protected]. Nonprofit Security Grant Program provides funding programs can be delivered in a range of modes, support for target-hardening activities to nonprofit including in-person seminars or mini-courses, or The Joint Counterterrorism Awareness Workshop organizations that are at high risk of a terrorist attack online programs. The cost of a program varies Series (JCTAWS) is a nationwide initiative designed and are located within one of the specific UASI- dependant on the level of customization and the mode to improve the ability of local jurisdictions to prepare eligible urban areas. It is also designed to promote of delivery. For more information, see for, protect against, and respond to complex coordination and collaboration in emergency http://www.start.umd.edu/start/ or coordinated terrorist attacks. JCTAWS, held across the preparedness activities among public and private [email protected]. country, brings together Federal, state, and local community representatives, state and local participants representing law enforcement, fire, government agencies, and Citizen Corps Councils. DHS Center of Excellence: National Consortium for emergency medical services, communication centers, For more information, visit the Study of Terrorism and Responses to Terrorism private sector and non-governmental communities to http://www.fema.gov/government/grant/nsgp or (START) advances science-based knowledge about the address this type of threat. The workshop is designed contact [email protected] 800-368-6498. human causes and consequences of terrorism as a to emphasize tactical operational response, medical leading resource for security professionals. START will care under fire, hospital surge and treatment for an NPPD/IP SOPD Critical Infrastructure Sector provide security professionals with objective data and incident more commonly seen on the battlefield than Snapshots, Fact Sheets and Brochures These two- the highest quality, data-driven research findings in an urban setting. Specifically, the workshop page snapshots provide a quick look at each of the terrorism and closely related asymmetric threats, underscores the need for a whole community eighteen sectors and generally contain sector counterterrorism and community resiliency in an response and aims to: review existing preparedness, overviews; information on sector partnerships; critical effort to ensure that homeland security policies and response and interdiction plans, policies, and infrastructure protection challenges; and priority operations reflect these understandings about human procedures related to a complex coordinated terrorist programs. For more information, see behaviors. For more information, see attack; improve situational awareness and encourage http://www.dhs.gov/files/programs/gc_118916894 www.start.umd.edu or information sharing among all stakeholders in the 8944.shtm.‖ [email protected]. event of a complex coordinated terrorist attack; and identify and share best practices and lessons learned NPPD/IP Training Page The landing page provides DHS YouTube Critical Infrastructure Videos A for tactical response and medical preparedness. After links to a wide array of cross-sector and sector-specific number of short video webisodes are available on the each JCTAWS, the host city receives a summary report. no-cost training programs and resources which are DHS YouTube Channel. The webisodes include Joint The report includes key findings from the workshop; available to private sector partners. The Web-based Operations Centers, Critical Infrastructure addresses the city‘s capability gaps and potential and classroom courses provide government officials Interdependencies, Special Event Preparedness, Critical mitigation strategies; and provides a list of resources and critical infrastructure owners and operators with Infrastructure Protection and Reducing Vulnerabilities. to address the gaps. The JCTAWS interagency planning the knowledge and skills needed to implement critical DHS YouTube Channel: Resource Guide SOPD group (NCTC/DHS/FBI) conducts a follow-up infrastructure protection and resilience activities. Current: 18 Sept 2012 meeting with each city to determine if further Access the Training Programs for Infrastructure

26 Preventing Terrorism and Enhancing Security

Partners Page on DHS.gov: Critical Manufacturing Cybersecurity Tabletop please contact the NPPD/IP Critical Manufacturing SSA http://www.dhs.gov/files/training/training-critical- Exercise In partnership with Critical Manufacturing at [email protected]. infrastructure-partners.shtm. Sector Coordinating Council members and the DHS National Cyber Security Division (NCSD) exercise Commercial Facilities Protective Security Advisors (PSAs) are program, the Critical Manufacturing SSA has DHS/NPPD/IP infrastructure security experts developed a cybersecurity tabletop exercise to deployed across the country who serve as the link highlight potential cybersecurity vulnerabilities. This Active Threat Recognition for Retail Security between state, local, tribal, territorial, and private exercise is divided into two modules focusing on Officers This 85-minute presentation discusses signs sector organizations and DHS infrastructure protection threats to business systems and industrial control of potential criminal and terrorist activity; types of resources. PSAs assist with ongoing state and local systems. This unclassified tabletop exercise is easily surveillance; and suspicious behavioral indicators. To critical infrastructure and key resources security deployable and can be administered by an access the presentation, please register at: efforts, coordinate vulnerability assessments and organization‘s IT personnel. For more information, https://connect.hsin.gov/attrrso/event/registration.h training, support incident management, and serve as a please contact the Critical Manufacturing SSA at tml. After submitting the short registration vital channel of communication between private [email protected]. information to include setting a password of your sector owners and operators of CIKR assets and DHS. choice, you will receive an email confirmation with Private sector owners and operators interested in Critical Manufacturing Security Conference The instructions for logging in to view the material. Also contacting their PSA should contact Critical Manufacturing Security Conference features includes One-pager/factsheet. For more information, [email protected] or 703-235-9349. various vendors and presenters pertinent to the please contact the Commercial Facilities SSA at manufacturing arena. Designed for industry [email protected]. Science and Technology Directorate Career professionals throughout the sector, this event Development Grants (CDG) Program provides provides an important opportunity for Critical Commercial Facilities Sector Pandemic Planning competitive awards to support undergraduate and Manufacturing Sector security partners to engage in Documents These are three informational products graduate students attending institutions, including the meaningful dialogue and share ideas to enhance sector for use by public assembly sector stakeholders Centers for Excellence, which have made a security. For more information, contact detailing key steps and activities to take when commitment to develop Homeland Security-related [email protected]. operating during a pandemic influenza situation, a Science, Technology, Engineering, and Mathematics process tracking and status template, and a checklist of (HS-STEM) curricula and fields of study. These two Critical Manufacturing Partnership Road Show This recommendations for H1N1 response plan competitive programs provide educational support, program provides Critical Manufacturing Sector development. The products were created in internships, and employment avenues to highly members an opportunity to participate in onsite visits partnership with International Association of Venue qualified individuals to enhance the scientific to various DHS locations. The visits include briefings Manager's Academy for Venue Safety and Security. For leadership in areas important to DHS. DHS requires on current threats to the U.S., including to the Critical more information, please contact the Commercial supported students to serve one 10-week summer Manufacturing Sector and related infrastructure. For Facilities SSA at [email protected]. internship and one year in an approved HS-STEM more information, email venue. Student and scholar researchers perform work [email protected]. DHS Retail Video: "What's in Store - Ordinary at more than 28 DHS-affiliated venues including the People/Extraordinary Events" The Department of S&T Directorate, national laboratories, and DHS SOPD/TSA Joint Exercise Program This program Homeland Security's, Infrastructure Protection‘s Components such as the United States Coast Guard allows Critical Manufacturers to develop advanced Partnership and Outreach Division, Office for and the Office of Intelligence and Analysis (I&A). For tabletop exercises that determine gaps and mitigate Bombing Prevention and the Commercial Facilities more information, visit vulnerabilities in their respective transportation supply Sector-Specific Agency created a multimedia training http://www.grants.gov/search/search.do?mode=VIE chains within the U.S. and cross border (particularly video for retail employees of commercial shopping W&oppId=60714. Canada and Mexico). This is a combined program venues to alert them of the signs of suspicious with the Transportation Security Administration (TSA) behavior in the workplace. The video is intended to Critical Manufacturing with support from TSA‘s Intermodal Security Training both highlight suspicious behavior, as well as and Exercise Program (ISTEP). For more information, encourage staff to take action when suspicious behavior is identified. The video can be viewed at http://www.dhs.gov/multimedia/list?media_type=vi 27 Preventing Terrorism and Enhancing Security deo&year_filter[value][year]=&month_filter[value][y venues/sports leagues organizations at their facilities. indicators of workplace violence; the actions one ear]=&month_filter[value][month]=&title=&items_p In addition to the exercise scenario and slide should take to prevent and prepare for potential active er_page=25. For more information, please contact the presentation, users will find adaptable invitational shooter incidents; how to manage an active shooter NPPD/IP Commercial Facilities SSA at communication tools, as well as the after action report incident. This course also features interactive [email protected]. template and participant surveys which will assist in knowledge reviews, a final exam, and additional incorporating change and developing improvement resources. A certificate is given to participants who DHS Sports Leagues/Public Assembly Video: “Check plans accordingly. The Retail/Lodging and Sports complete the entire course. The training may be It! How to Check a Bag” Designed to raise the level of Leagues/Outdoor Venues SSTEPs will allow accessed on the Federal Emergency Management awareness for front line facility employees by participants the opportunity to gain an understanding Agency Emergency Management Institute Web site: highlighting the indicators of suspicious activity, this of issues faced prior to, during, and after a terrorist http://training.fema.gov/EMIWeb/IS/IS907.asp. For video provides information to help employees threat/attack and the coordination with other entities, more information about Office of Infrastructure properly search bags in order to protect venues and both private and government, regarding a specific Protection training courses, please contact: patrons across the country. For more information, facility. For more information, please contact the [email protected] . please contact the NPPD/IP Commercial Facilities SSA NPPD/IP Commercial Facilities SSA at at [email protected]. [email protected]. IS-912 Retail Security Awareness: Understanding the Hidden Hazards This online training increases Evacuation Planning Guide for Stadiums This IS-906 Workplace Security Awareness This online awareness of persons involved in commercial retail product was developed to assist stadium owners and training provides guidance to individuals and operations of the actions they can take to identify and operators with preparing an Evacuation Plan and organizations on how to improve security in the report suspicious purchases or thefts of products that determining when and how to evacuate, conduct workplace. The course promotes workplace security could be used in terrorist or other criminal activities. shelter-in-place operations, or relocate stadium practices applicable across all 18 critical infrastructure The course provides an overview of steps to identify spectators and participants. For more information, sectors. Threat scenarios include: Access & Security and monitor high-risk product inventories and contact [email protected]. Control, Criminal & Suspicious Activities, Workplace reporting suspicious activities to law enforcement Violence, and Cyber Threats. The training may be agencies. The course is designed for retail managers, Hotel and Lodging Advisory Poster This poster was accessed on the Federal Emergency Management loss prevention specialists, risk management created for all staff throughout the U.S. Lodging Agency Emergency Management Institute Web site: specialists, product managers, sales associates and Industry to increase awareness regarding a property‘s http://training.fema.gov/EMIWeb/IS/IS906.asp. For others involved in retail operations. The training may potential to be used for illicit purposes, suspicious more information about Office of Infrastructure be accessed on the Federal Emergency Management behavior and items, and appropriate actions for Protection training courses, please contact: Agency Emergency Management Institute Web site: employees to take if they notice suspicious activity. [email protected]. http://training.fema.gov/EMIWeb/IS/IS912.asp. For The poster was designed in tandem with the more information about Office of Infrastructure Commercial Facilities SCC and the Lodging Subsector IS-907 Active Shooter: What You Can Do This Protection training courses, please contact: and is available at online training provides guidance to individuals, [email protected]. http://www.dhs.gov/xlibrary/assets/ip_cikr_hotel_a including managers and employees, so that they can dvisory.pdf. For more information, please contact the prepare to respond to an active shooter situation. The Lodging Video: “No Reservations: Suspicious NPPD/IP Commercial Facilities SSA at course is self-paced and takes about 45 minutes to Behavior in Hotels” is designed to raise the level of [email protected]. complete. This comprehensive cross-sector training is awareness for hotel employees by highlighting the appropriate for a broad audience regardless of indicators of suspicious activity, this video provides Infrastructure Protection Sector-Specific Table Top knowledge and skill level. The training uses information to help employees identify and report Exercise Program (SSTEP) for the Commercial interactive scenarios and videos to illustrate how suspicious activities and threats in a timely manner. Facilities Retail/Lodging Subsectors and Sports individuals who become involved in an active shooter For more information, contact the Commercial Leagues/Public Assembly Subsectors These tools are situation should react. Topics within the course Facilities SSA at [email protected]. unclassified, adaptable and immediately deployable include: the actions one should take when confronted exercises which focus on information sharing which with an active shooter and responding law Mountain Resorts and Outdoor Events Protective can be utilized by retail/lodging and outdoor enforcement officials; how to recognize potential Measures Guides These guides are a compilation of

28 Preventing Terrorism and Enhancing Security materials shared by industry leaders which are Risk Self-Assessment Tool for Stadiums and Arenas, Threat Detection & Reaction for Retail & Shopping intended for reference and guidance purposes only. Performing Art Centers, Lodging, Convention Center Staff This 20-minute presentation is intended They provide an overview of protective measures that Centers, Racetracks, and Theme Parks The Risk Self for Point-of-Sale staff, but is applicable to all can be implemented to assist owners and operators of Assessment Tool (RSAT) is a secure, Web-based employees of a shopping center, mall, or retail commercial facilities in planning and managing application designed to assist managers of public facility. It uses case studies and best practices to security at their facilities or at their events, as well as assembly facilities with the identification and explain suspicious behavior and items; how to reduce examples of successful planning, organization, management of security vulnerabilities to reduce risk the vulnerability to an active shooter threat; and the coordination, communication, operations, and to their facilities. The RSAT application uses facility appropriate actions to take if employees notice training activities. For more information, please input in combination with threat and consequence suspicious activity. The presentation can be viewed contact the Commercial Facilities SSA at estimates to conduct a comprehensive risk assessment on the HSIN-CS Commercial Facilities portal at [email protected]. and provides users with options for consideration to https://connect.hsin.gov/p21849699/. For more improve the security posture of their facility. It is also information, contact the Commercial Facilities SSA at Protective Measures Guide for U.S. Sports Leagues accompanied by a Fact Sheet/Brochure. For more [email protected]. This Protective Measures Guide provides an overview information, please contact the NPPD/IP Commercial of best practices and protective measures designed to Facilities SSA at [email protected] or Dams Security assist sports teams and owners/operators of sporting [email protected]. event venues with planning and managing security at their facility. The Guide provides examples of Sports Venue Bag Search Procedures Guide This Active and Passive Vehicle Barriers Guide (Dams successful planning, organization, coordination, guide provides suggestions for developing and Sector) This guide provides owners/operators with communication, operations, and training activities implementing bag search procedures at sporting event information on a variety of active and passive vehicle that result in a safe sporting event experience. For venues hosting major sporting events. The purpose for barriers, and properly designing and selecting vehicle more information, please contact the Commercial establishing bag search procedures is to control items barrier systems. For more information, please contact Facilities Sector-Specific Agency at which are hand carried into the sports venue. The bag the NPPD/IP Dams SSA at [email protected]. [email protected]. search procedures should be a part of the venue‘s over all Security Plan and should be tested and evaluated as Common Risk Model for Dams (CRM-D) describes a Protective Measures Guide for the U.S. Lodging stated in the Security Plan. The actual implementation model for estimating risk to dams and navigation Industry Produced in collaboration with the American of bag search procedures and level of search detail will locks located across the United States. The model was Hotel & Lodging Association (AH&LA), the Protective depend upon the threat to the venue as determined by funded and guided by the United States Army Corps Measures Guide for the U.S. Lodging Industry offers the venue‘s security manager. For more information, of Engineers (USACE) and is currently being options for hotels to consider when implementing please contact the Commercial Facilities SSA at developed as a on-line tool through ANL as a part of protective measures. This guide provides an overview [email protected]. the Dams Sector Analysis Tool (DSAT). The model of threat, vulnerability, and protective measures incorporates commonly used risk metrics that are designed to assist hotel owners and operators in Sports Venue Credentialing Guide This guide designed to be straightforward, transparent, and planning and managing security at their facilities. For provides suggestions for developing and mathematically defensible. The methodology was more information, please contact the Commercial implementing credentialing procedures at sporting piloted in the second half of 2011 at nearly 20 Facilities Sector-Specific Agency at event venues that host professional sporting events. different USACE facilities. For more information, [email protected]. The purpose for establishing a credentialing program please contact the Dams SSA at [email protected]. is to control and restrict access to a sports venue, and Retail and Shopping Center Advisory Poster helps provide venue management with information on Comprehensive Facility Reports (CFR). These train retail employees on the recognition of suspicious those who have access. Credentialing can also be used reports on Dams Sector critical assets support the behavior and how to report it. For more information, to control and restrict vehicle movement within a characterization of critical assets, operational contact the Commercial Facilities SSA at venue. For more information, please contact the characteristics, and regional interdependency [email protected]. Commercial Facilities SSA at [email protected]. information. By using a standard template across the sector, the CFR takes direct advantage of existing information available from dam safety and inspection

29 Preventing Terrorism and Enhancing Security reports. For more information, contact the Dams SSA approach can serve as an effective all-hazards industrial control systems across the Dams Sector in at [email protected]. preliminary prioritization scheme. It is also order to enhance the sector‘s understanding and accompanied by Fact Sheet/Brochure. For more management of cyber risks; facilitate the identification Consequence-Based Top Screen Fact Sheet This fact information, please contact the NPPD/IP Dams SSA at of practical risk mitigation solutions; promote sheet provides information pertaining to the [email protected]. information sharing; and improve sector-wide Consequence-Based Top Screen (CTS) methodology, awareness of cyber security concerns. For more including how it was developed, its primary purpose, Dams Sector Consequence-Based Top Screen (CTS) information, please contact the NPPD/IP Dams SSA at and the Web-based tool with which it is Reference Guide The user-guide provides [email protected]. implemented. For more information, see information on the methodology, how it was http://www.dhs.gov/files/programs/gc_126054188 developed, its primary purpose, and the Web-based Dams Sector Security Awareness Guide This is a 2284.shtm or contact the NPPD/IP Dams SSA at tool with which it is implemented. For more non-FOUO version of the Dam Sector Security [email protected]. information, please contact the NPPD/IP Dams SSA at Awareness Handbook for distribution to [email protected]. owners/operators. The guide is available at Dams and Energy Sector Interdependency Study http://www.damsafety.org/media/documents/Down Examines the interdependencies between two critical Dams Sector Crisis Management Handbook Provides loadableDocuments/DamsSectorSecurityAwarenessGui infrastructure sectors—Dams and Energy—with a owners/operators with information relating to de_508.pdf. For more information, please contact the particular emphasis on the variability of weather emergency response and preparedness issues; includes NPPD/IP Dams SSA at [email protected]. patterns and competing demands for water, which recommendations for developing emergency action determine the amount of water available for plans and site recovery plans. The handbook is Dams Sector Security Awareness Guide – Levees This hydroelectric power generation. For more available at guide assists levee owners in identifying security information, please contact the Dams SSA at http://www.damsafety.org/media/Documents/Secur concerns, coordinating proper response, and [email protected]. ity/DamsSectorCrisisManagementHandbook.pdf. For establishing effective partnerships with local law more information, please contact the NPPD/IP Dams enforcement and first responder communities. For Dams Sector Analysis Tool (DSAT) is an integrated SSA at [email protected]. more information, please contact the Dams SSA at data management system and dams-specific analysis [email protected]. tool that establishes an integrated analysis gateway for Dams Sector Exercise Series (DSES) is an annual all Dams Sector-related tools and information, which Dams Sector exercise series conducted in collaboration Dams Sector Suspicious Activity Reporting Fact allows for a single source for data input and analysis. with public and private sector stakeholders in order to Sheet This fact sheet provides information regarding In addition, DSAT provides access to simplified dam identify, analyze, assess, and enhance regional the online Suspicious Activity Reporting tool within break flood inundation analysis capabilities through preparedness and disaster resilience, using multi- the HSIN-CS Dams Portal that was established to the Decision Support System for Water Infrastructural jurisdictional discussion-based activities involving a provide sector stakeholders with the capability to Safety (DSS-WISE), developed by the National Center wide array of public and private stakeholders. For a report and retrieve information pertaining to for Computational Hydroscience and Engineering at given region, this collaborative process is based on a suspicious activities that may potentially be associated the University of Mississippi. For more information, particular scenario that serves as the triggering event with pre-incident surveillance, and those activities contact the Dams SSA at [email protected]. to analyze impacts, disruptions, critical related to the exploration or targeting of a specific interdependencies, and stakeholder roles and critical infrastructure facility or system. For more Dams Sector Consequence-Based Top Screen (CTS) responsibilities. The discussion-based process is information, please contact the Dams SSA at Tool The purpose of the CTS methodology is to executed under the framework provided by the [email protected]. identify critical facilities within the Dams Sector (e.g., Homeland Security Exercise and Evaluation Program. those high-consequence facilities, the failure or For more information, contact the Dams SSA at Dams Sector Tabletop Exercise Toolbox (DSTET) – disruption of which could be potentially associated [email protected]. This tool was developed to assist sector stakeholders in with the highest possible impact among sector assets). planning and conducting a security-based tabletop By focusing on potential consequences and Dams Sector Roadmap to Secure Control Systems exercise that is compliant with the Homeland Security decoupling the analysis from the threat and provides a comprehensive framework and Exercise and Evaluation Program. Multiple videos and vulnerability components of the risk process, the CTS recommended strategies focused on the protection of examples are included as part of the tool for use

30 Preventing Terrorism and Enhancing Security during the exercise as ―scene-setters.‖ The toolbox Estimating Loss of Life for Dam Failure Scenarios information please contact the Dams SSA at includes several modules, which can be tailored to Provides information describing the loss of life [email protected]. accommodate specific needs at a given facility. The estimation approaches most commonly used in the toolbox will assist owners and responders in U.S. and Canada, and discusses their advantages and Protective Measures Handbook (FOUO) assists Dams reviewing information sharing and coordination limitations. For more information, please contact the Sector owners/operators in selecting protective activities when dealing with a security incident and Dams SSA at [email protected]. measures addressing the physical, cyber, and human supports the identification of potential opportunities elements; includes recommendations for developing for improvement, thus enhancing overall incident IS-870 Dams Sector: Crisis Management Overview site security plans. For more information, contact the response planning. The toolbox includes planner is Web-based training focused on information Dams SSA at [email protected]. instructions, facilitator briefing slides and handbook, provided within the Dams Sector Crisis Management situation manual, sample invitation letters, sample handbook. To access this course visit: Security Awareness for Levee Owners Brochure This feedback forms, and exercise reference materials. For http://training.fema.gov/EMIWeb/IS/is870.asp. For brochure provides succinct information on more information, please contact the NPPD/IP Dams more information, please contact the NPPD/IP Dams surveillance indicators and incident reporting. The SSA at [email protected]. SSA at [email protected]. brochure is available at http://www.dhs.gov/dams- sector-publications-training-and-resources. For more Dams Sector Waterside Barriers Guide Provides IS-871 Dams Sector: Security Awareness (FOUO) information, please contact the NPPD/IP Dams SSA at owners/operators with information on waterside This Web-based training focuses on information [email protected]. barriers and their use, maintenance, and effectiveness; provided within the Dams Sector Security Awareness elements that must be carefully taken into handbook. To access this course visit: Security Awareness Handbook (FOUO) assists Dams consideration when selecting waterside barriers. For http://training.fema.gov/EMIWeb/IS/is871.asp. For Sector owners/operators in identifying security more information, please contact the NPPD/IP Dams more information, please contact the NPPD/IP Dams concerns, coordinating proper response, and SSA at [email protected]. SSA at [email protected]. establishing effective partnerships with local law enforcement and first responder communities. For Dams Sector Web-Based Training Fact Sheet IS-872 Dams Sector: Protective Measures (FOUO) more information, contact the Dams SSA at provides a brief description and access information for This Web-based training focuses on information [email protected]. the various web-based training tools developed by the provided within the Dams Sector Protective Measures Dams Sector. For more information, contact the Dams handbook. To access this course visit: Suspicious Activity Reporting Fact Sheet provides SSA at [email protected]. http://training.fema.gov/EMIWeb/IS/is872.asp. For information regarding the online Suspicious Activity more information, please contact the NPPD/IP Dams Reporting tool within the HSIN-CS Dams Portal that Emergency Preparedness Guidelines for Levees: A SSA at [email protected]. was established to provide sector stakeholders with the Guide for Owners and Operators Assists public and capability to report and retrieve information private stakeholders that have responsibilities as Dams Sector Personnel Screening Guide for Owners pertaining to suspicious activities that may potentially owners or operators in managing levees, floodwalls, and Operators Provides information that assists be associated with pre-incident surveillance, and those pumping stations, and any other components of flood owners/operators in developing and implementing activities related to the exploration or targeting of a risk management systems. For more information, personnel screening protocols appropriate for their specific critical infrastructure facility or system. For please contact the Dams SSA at [email protected]. facilities. For more information, please contact the more information, contact the Dams SSA at NPPD/IP Dams SSA at [email protected]. [email protected]. Estimating Economic Consequences for Dam Failure Scenarios provides information describing the Physical Security Measures for Levees Brochure Suspicious Activity Reporting Tool is a standardized economic consequence estimation approaches most provides information on physical security measures means by which critical infrastructure stakeholders can commonly used in the U.S., and discusses their that a levee owner could employ and the factors report suspicious or unusual activities to the advantages and limitations. For more information, affecting the selection of those measures. The government via sector portals on the Homeland please contact the Dams SSA at [email protected]. brochure is available at http://www.dhs.gov/dams- Security Information Network-Critical Sectors (HSIN- sector-publications-training-and-resources. For more CS). Reports submitted to the tool are reviewed by the National Infrastructure Coordinating Center

31 Preventing Terrorism and Enhancing Security

(NICC), shared with appropriate government Foreign Animal Diseases to the United States. For virus, like the 2009 H1N1 flu, might have on their recipients, redacted and posted to HSIN-CS. Email more information, see http://fazd.tamu.edu/ or operations, and the importance of a written plan for [email protected] to request access to HSIN-CS. http://www.ceezad.org or contact guiding businesses through a possible pandemic. For [email protected]. more information, see Security Awareness for Levee Owners Brochure http://www.flu.gov/professional/business/smallbiz. provides information on surveillance indicators and DHS Center of Excellence: National Center for Food html, or contact [email protected]. incident reporting. For more information, see Protection and Defense (NCFPD) establishes best https://www.dhs.gov/files/programs/gc_12838780 practices, develops new tools, and attracts new Sector-Specific Pandemic Influenza Guides NPPD/IP 65033.shtm or contact the Dams SSA at researchers to prevent, manage and respond to food developed sector-specific guides for pandemic [email protected]. contamination events. Resources include: Food and influenza for the Chemical, Commercial Facilities, Agriculture Criticality Assessment Tool (FAS-CAT); Dams, Emergency Services, and Nuclear Sectors. For Food Safety and Influenza FoodSHIELD, a web-based system for communication, more information, please contact the NPPD/IP Sector coordination, community-building, education, and Outreach and Programs Division at training among the Nation‘s food and agriculture [email protected]. DHS Center of Excellence: Center for Advancing sectors; Global Chronology of Incidents of Chemical, Microbial Risk Assessment (CAMRA), co-led by Biological, Radioactive and Nuclear Attacks from Hazardous Materials Michigan State University and Drexel University and 1961-2005; Mass Production of Detection and established jointly with the U.S. Environmental Neutralizing Antibodies; Food Protection and Food Transportation Security Protection Agency, fills critical gaps in risk Safety and Defense Graduate Certificate Programs; Risk assessments for decontaminating microbiological Communication, Message Development/Evaluation Federal Motor Carrier Safety Administration: Guide threats — such as plague and anthrax — answering and Training; decontamination protocols; and the question, ―How Clean is Safe?‖ Resources include: to Developing an Effective Security Plan for the Regulatory, Policy, Technical, and Practical Issues Highway Transportation of Hazardous Materials is a Water mixing and pathogen dilution models; dose related to Contaminated Food Disposal. For more response models for Category A bioterror agents; and tool that motor carriers transporting hazardous information, see http://www.ncfpd.umn.edu/ or materials can use in developing a security plan as the Knowledge Warehouse, an online repository of contact [email protected]. microbial risk assessment information highlighting required by the U.S. Department of Transportation in their HM-232 rulemaking [1]. It is designed to connections between projects. For more information, DHS Pandemic Influenza Impact on visit http://camra.msu.edu or email [email protected]. provide motor carriers with (a) sufficient background Communications Network Study and Best Practices to understand the nature of the threats against evaluates the potential impact on the communications DHS Center of Excellence: National Center for hazardous materials transportation; (b) the means to infrastructure in the event of a pandemic influenza in identify the vulnerabilities to those threats; and (c) an Zoonotic and Animal Disease Defense (ZADD) the U.S. The study examines potential conducts research to protect against the introduction approach to address the vulnerabilities. For more communications and information technology issues information, see of high-consequence foreign animal and zoonotic during a pandemic and identifies industry and diseases into the United States, with an emphasis on http://www.tsa.gov/stakeholders/documents-and- government recommendations on how to better reports-0. Contact the TSA Highway and Motor prevention, surveillance, intervention and recovery. prepare the nation to handle these challenges. The Resources include Emergency Response Support Carrier offices at [email protected]. study is available at System; Animal Health Network; Courses on Foreign http://www.ncs.gov/library/pubs/Pandemic%20Co Animal and Zoonotic Diseases, Public and Private Hazmat Motor Carrier Security Action Item mms%20Impact%20Study%20(December%202007).p Training (SAIT) Program addresses the TSA sector Awareness Materials, Field Guide to Handling df. For more information, contact [email protected]. Contaminated Animal and Plant Materials, Mass recommended security actions that were developed for the hazmat transportation industry. For more Livestock Carcass Management workshop, Specialists Planning for 2009 H1N1 Influenza: A Preparedness in Foreign Animal and Zoonotic Diseases, an Avian information, see Guide for Small Business DHS, the Centers for http://www.tsa.gov/stakeholders/trucking-hazmat. Influenza Study Curriculum, a Guide to Developing an Disease Control (CDC), and the Small Business Animal Issues Emergency Management Plan, The Or contact TSA Highway and Motor Carrier Division, Administration developed this guide to help small [email protected]. Biosecurity Research Institute (BRI) and a compilation businesses understand what impact a new influenza of materials pertaining to the Economic Impact of 32 Preventing Terrorism and Enhancing Security

Hazmat Motor Carrier Security Self-Assessment IEDs, how to respond to suspicious objects and how http://www.tsa.gov/stakeholders/trucking-hazmat or Training Program addresses the requirements to work with responding agencies in the event an IED contact [email protected]. contained in 49 Code of Federal Regulations (CFR), is discovered or detonated on company property. The Part 172.802, which requires motor carriers that DVD incorporates interactive quizzes that can be used Highway ISAC The TSA Trucking Security Program transport placarded amounts of hazardous materials to by pipeline companies to test employees‘ knowledge funds the First Observer ™ domain awareness develop a plan that adequately addresses security risks at the end of each module. For more information, program as well as a Call-Center and Information related to the transportation of hazardous materials. contact [email protected]. Sharing and Analysis Center (ISAC). The Highway Training materials can be found at ISAC creates products and bulletins and e-mails them http://www.tsa.gov/stakeholders/trucking-hazmat. DHS Center of Excellence: National Transportation to a distribution list from TSA Highway and Motor Contact TSA Highway and Motor Carrier Division at Security Center of Excellence (NTSCOE) is Carrier and the First Observer program. For more [email protected]. comprised of seven institutions: University of information, contact www.firstobserver.com. Connecticut, Tougaloo College, Texas Southern Hazmat Trucking Guidance: Highway Security- University, Rutgers - The State University of New Homeland Security Information Network (HSIN) - Sensitive Materials (HSSM) Security Action Items Jersey, Long Island University, University of Arkansas, Highway and Motor Carrier Portal is part of the (SAIs) provide security measures for implementation and San José State University. The NTSCOE addresses Critical Sector section of the HSIN system (HSIN-CS). by motor carriers transporting Tier 1HSSM and Tier 2 all aspects of transportation security including Membership to the portal is provided once vetted by HSSM. The security practices are voluntary to allow identification of existing and emerging threats, portal administrators. For more information, contact highway motor carriers to adopt measures best suited development of new technologies for resilient [email protected] 866-430-0162. to their particular circumstances. For more infrastructure, establishment of national transportation information, see security policies, training of transportation Intermodal Security Training and Exercise Program http://www.tsa.gov/stakeholders/trucking-hazmat or professionals, and development of undergraduate and (I-STEP) supports TSA‘s Office of Security Policy and contact [email protected]. graduate education to build and maintain a quality Industry Engagement (OSPIE) Modal Security transportation security workforce of the future. For Managers with exercises and training. The program is Pipeline and Hazardous Materials Safety more information, see designed to support all transportation security partners Administration: Risk Management Self-Evaluation http://www.ntscoe.uconn.edu/ or contact with security objectives and training that has clear and Framework (RMSEF) provides a basic framework for [email protected]. consistent performance measures. For more managing risk as part of the hazardous materials information, see http://www.tsa.gov/i-step or transportation process. RMSEF is a tool for all parties First Observer ™ Training TSA provides funding for contact [email protected] 571-227-5150. (regulators, shippers, carriers, emergency response the First Observer ™ program under the Trucking personnel, etc.) to look at their operations and Security Program grant. The First Observer ™ website Laminated Security Awareness Driver Tip Card consider how they assess and manage risk. For more has online training modules for trucking, school contains the following topics: bus operator alerts; information, see buses, law enforcement, cargo, hazmat, highway hijacking; evacuating the vehicle; awareness and what http://www.phmsa.dot.gov/hazmat/risk/rmsef or workers, among others. You can log on to the to look for; and possible chemical/biological contact [email protected] website for training at: weapons. For more information, see http://www.firstobserver.com/training/home.php or http://www.tsa.gov/stakeholders/documents-and- Land Transportation and contact or [email protected] 888-217- reports-0 or contact [email protected]. 5902. Pipeline Land Transportation Antiterrorism Training Highway and Motor Carrier Awareness Posters Program (LTATP) is an effort by the Federal Law Countering IEDs Training for Pipeline Employees is include Motorcoach Awareness Posters for terminals: Enforcement Training Center to enhance knowledge, a DVD-based training program to familiarize pipeline ―Watch for Suspicious Items‖ and ―Watch for skills, and capabilities of law enforcement and security company employees and contractors with the threat Suspicious Behaviors‖ for terminals as well as a School officials to prevent acts of terrorism. Through a posed by Improvised Explosive Devices (IEDs). This Transportation Employee Awareness poster. For more curriculum focused on surface transportation security, DVD employs four modules that familiarize viewers information, see this five-day program provides the participants with with the threat posed by IEDs, how to spot potential tools to protect the land transportation infrastructure, 33 Preventing Terrorism and Enhancing Security including rail, mass transit and bus operations, and Security website at most importantly passengers and employees. For http://www.tsa.gov/stakeholders/training-and- Transportation Security Grant Program (TSGP) more information, see exercises. For more information contact the Pipeline provides security grants to transit systems, intercity http://www.fletc.gov/training/programs/counterterr Security Division at [email protected]. bus companies, freight railroad carriers, ferries, and orism-division/land-transportation-antiterrorism- the trucking industry to help protect the public and training-program-ltatp or contact: FLETC- Protecting Pipeline Infrastructure: The Law the nation‘s critical transportation infrastructure. The [email protected]. Enforcement Role is a DVD intended to enhance the grants support high-impact security projects that have law enforcement community‘s understanding of a high efficacy in reducing the most risk to our On the Tracks Rail Sabotage Awareness and pipeline systems and their security issues. The DVD nation‘s transportation systems. For more Reporting (DVD & Poster) Training to provide those provides a basic understanding of how pipeline information, see responsible for the safety and security of our rail systems function, the principle products they http://www.fema.gov/government/grant/tsgp/ or system with information on the nature of rail sabotage transport, and includes a discussion of the threats and contact [email protected], 800-368-6498. threats and the necessary steps to take in safeguarding vulnerabilities to pipelines. The primary audience for against its execution. The video addresses where to this DVD is local, state, and federal law enforcement, Transportation Sector Network Management look for potential sabotage threats, the categories of federal security partners, and others involved with Highway and Motor Carrier Division Annual Report threats to be on alert for, and the steps to take in infrastructure security. Viewers should come away TSA Highway and Motor Carrier Division publishes an reporting objects or activities that appear out of the with a better understanding of the typical measures Annual Report and posts the document on the ordinary. This information reinforces the important taken to protect pipelines and actions they can take to following website role of front-line employees, who have firsthand assist pipeline operators during times of heightened http://www.tsa.gov/sites/default/files/assets/pdf/In knowledge and experience working in the field every security alert. For more information and to request a termodal/hwmc_annual_report_2006.pdf. day, in helping to deter a terrorist attack on the rail copy, see http://www.tsa.gov/stakeholders/pipeline- system. For more information, contact security TSA Counterterrorism Guides are designed for [email protected]. highway transportation security partners in the Safeguarding America‟s Transportation System trucking, highway infrastructure, motorcoach, and Operation Secure Transport (OST) is security Security Guides are available for highway passenger school transportation industries. These guides are awareness training for the over-the-road bus industry. security motorcoach personnel, private and contract small flip-charts containing the following topics: pre- The training program will be available on CD and carrier company employees, Owner-Operator incident indicators; targets; threats to highway; insider online. The training modules will be broken down Independent Drivers Association (OOIDA) members, threat; cloned vehicle; hijacking prevention; into the following categories: driver; maintenance; school transportation industry personnel, tank truck suspicious packages; information on explosive terminal employees; management; and crisis response. carrier employees, and truck rental company devices; prevention/mitigation; security planning; For more information, see employees. You can access the guides by clicking on security inspection checklist; security exercises; http://www.tsa.gov/stakeholders/motorcoach or ―Documents and Reports‖ on the main Highway and chemical/biological/nuclear/radiological incidents; contact [email protected]. Motor Carrier page at www.tsa.gov/highway. For and federal, state and local POCs. You can contact TSA more information, contact [email protected]. HMC to order a copy, pending available inventory at Pipeline Security Awareness for the Pipeline [email protected]. Industry Employee Training CD and Brochures are a School Transportation Security Awareness (STSA) security awareness trainings centered on heightening training provides school bus drivers, school Maritime Security pipeline employee awareness of suspicious activity administrators, and staff members with information and their importance in keeping our Nation's pipeline that will enable them to effectively identify and report system secure. To further enhance the information perceived security threats, as well as the skills to America‟s Waterways Watch is a combined effort of contained in the pipeline security awareness training appropriately react and respond to a security incident the U.S. Coast Guard and its Reserve and Auxiliary CD, TSA produced the brochures ―Pipeline Security should it occur. For more information, see components to enlist the active participation of those who live, work or play around America's waterfront Awareness for Employees‖ and ―Good Neighbors! A http://www.tsa.gov/stakeholders/school- Pipeline Security Neighborhood Watch.‖ The CD and transportation-security-awareness, or contact areas. For more information, see http://aww.aww- brochures may be requested on the TSA Pipeline [email protected]. sp.com/Americas_Waterway_Watch/Home.html or

34 Preventing Terrorism and Enhancing Security contact [email protected] 877-24WATCH (877-249- security measures as outlined in their approved Forecasting Tool, In-Situ Scour Evaluation Probe, 2824). security plans. The Maritime Security (MARSEC) Level MUNICIPAL Critical Infrastructure Decision Support (of which there are three) is set by the Commandant Tool, and Youth Coping Response Inventory Tool. For Area Committees and Area Contingency Plans of the Coast Guard to reflect the prevailing threat more information, visit (ACPs) improve coordination between federal, state environment to marine elements of the national http://coastalhazardscenter.org/. and local authorities and industry, and strengthen on- transportation system. For more information, see scene response to the discharge of oil and hazardous https://homeport.uscg.mil/mycg/portal/ep/home.d DHS Center of Excellence: Center for Maritime, materials. Each USCG Sector Commander has a port o. Island, & Remote/Extreme Environment Security homepage on the USCG Homeport website; interested (MIREES) is led by the University of Hawaii in prospective partners should check their respective port Area Maritime Security Plans (AMSPs) are exercised Honolulu for maritime and island security and Stevens page on Homeport for contact information. Many annually through the Coast Guard‘s Area Maritime Institute of Technology in Hoboken, N.J., for port HSCs also have their own state or locally-sponsored Security Training and Exercise Program (AMSTEP) security. The MIREES strengthens maritime domain websites, maintained separately from USCG These interagency, multi-jurisdictional exercises awareness and safeguards populations and properties Homeport. All U.S. critical ports have Area encourage important interaction among maritime unique to U.S. islands, ports, and remote and extreme Committees and Area Contingency Plans. See the stakeholders, including AMSCs, and enable effective environments. For more information, see AMSC, Area Committee and HSC postings at cooperation and preparation for maritime security http://cimes.hawaii.edu/ and https://homeport.uscg.mil/mycg/portal/ep/home.d contingencies. AMSTEP exercises help stakeholders http://www.stevens.edu/csr/ or contact o. maintain and evaluate their ability to implement the [email protected]. jointly developed AMSPs. Stakeholders include Federal Area Maritime Security Committees (AMSCs) were agencies, State, local, territorial and tribal Industry Risk Analysis Model (IRAM) is an established under Title 33 CFR Part 103, July 2003, governments, and private sector partners, and may unclassified version of the Maritime Security Risk for the following purposes: 1) identify critical port include facility and vessel security personnel. For Analysis Model (MSRAM). IRAM is available to infrastructure and operations; 2) identify risks, more information, see industry partners to conduct a local risk assessment of threats, vulnerabilities and consequences; 3) develop https://homeport.uscg.mil/mycg/portal/ep/home.d their own facilities and vessels applying the same and implement strategies to mitigate risks; 4) develop o. criteria employed by USCG Port Security Specialists and implement a process for continuously evaluating (PSS) with MSRAM. IRAM provides a baseline risk port security; and, 5) advise and assist the USCG The Coast Guard Journal of Safety at Sea is the voice analysis capability for owners/operators and assists in Captain of the Port (in the role of Federal Maritime of the Coast Guard Marine Safety and Security Council rank ordering terrorism-related targets/scenarios, Security Coordinator) in developing, reviewing and and is published quarterly with over 30,000 copies evaluating owner/operator security impact on risk, updating the local Area Maritime Security Plan. For mailed out for each issue. The audience includes a and developing management strategies to reduce risk. more information, see large segment of the private maritime industry IRAM is managed by the MSRAM program manager. http://www.uscg.mil/hq/cg5/cg544/amsc.asp, population, including retired officers, fishing vessel For more information, contact [email protected] http://www.law.cornell.edu/cfr/text/33/103.305, captains, river pilots, ocean scientists, marine or engineers, tug/tow boat operators, shipping Harbor Safety Committees, or similar bodies, are a https://homeport.uscg.mil/mycg/portal/ep/home.d executives, insurance operators, and maritime lawyers. cooperative means to inform mariners about vessel o. Issues of Proceedings are available to the public at traffic hazards and to reduce the risk of navigation www.uscg.mil/proceedings. incidents. They may be established by local Area Maritime Security Plans (AMSPs) are agreements, chartered by States, or organized by other coordination and communication plans that align all DHS Center of Excellence: Coastal Hazards Center of maritime stakeholders. Harbor Safety Committees levels of government (Federal, State, tribal, territorial, Excellence (CHC) performs research and develops frequently include participation from their respective and local) and private industry port partners to education programs to enhance the Nation‗s ability to Captain of the Port. Some States require their Harbor prevent, protect against, respond to, and initial safeguard populations, properties, and economies Safety Committees to deliver safety plans and identify recovery from a transportation security incident. The from catastrophic natural disasters. Resources include safety concerns to their respective lead state agencies. 43 AMSPs cover each of the Nation‘s Captain of the Disaster Response Intelligent System (DRIS), Coupled Members of Harbor Safety Committees typically Port Zones. Facilities and ports must implement Wave/Storm Surge Prediction Model, Storm Surge include representatives from the shipping industry,

35 Preventing Terrorism and Enhancing Security fishing industry, tug operators, vessel pilots, TSA Port & Intermodal Security Division at Port Security Grant Program is a sustainable, risk- recreational boaters, marine patrols, government, and [email protected] or 571-227-3556. based effort to protect critical port infrastructure from public or private environmental organizations. For terrorism, particularly attacks using explosives and more information, see the AMSC, Area Committee and Maritime Security Risk Analysis Model (MSRAM) is non-conventional threats that could cause major HSC postings at a terrorism risk management tool and process used to disruption to commerce. The PSGP provides grant https://homeport.uscg.mil/mycg/portal/ep/home.d conduct scenario-based risk assessments against critical funding to port areas for the protection of critical port o then select ―Ports and Waterways,‖ or visit infrastructure, key assets, and targets within each US infrastructure from terrorism. For more information, www.harborsafetycommittee.blogspot.com. Coast Guard Captain‘s of the Port area of visit http://www.fema.gov/port-security-grant- responsibility. The execution of the MSRAM process program or contact [email protected] 800-368-6498. HOMEPORT is the primary on-line means of is built upon the assessments and judgments made by communicating alerts, announcements and other Coast Guard field commanders across the country in The Port State Information Exchange (PSIX) system information from the Coast Guard field units to their close partnerships with regional Area Maritime contains vessel specific information derived from the partners, including the private sector. Homeport also Security Committees, which include maritime United States Coast Guard's Marine Information Safety provides public and protected community-of-interest industry security professionals. The resultant and Law Enforcement System (MISLE). The chat and interactive information between partners. extensive national dataset contains risk evaluations of a information contained in PSIX represents a weekly Specific Homeport Topics Include: containers, wide array of scenarios for all of the significant assets snapshot of Freedom of Information Act (FOIA) data domestic vessels (U.S. flag vessels), environmental, operating in the U.S. maritime domain. MSRAM on U.S. flag vessels, foreign vessels operating in U.S. facilities, incident management and preparedness, offers a dynamic analysis interface capable of waters, and Coast Guard contacts with those vessels. investigations (maritime casualties and incidents), generating tailored results and supports operational, Information on open cases or cases pending further International Port Security Program, marine safety, tactical and strategic decisions. For more information, action is considered privileged information and is maritime domain awareness and information sharing, contact [email protected]. excluded from the PSIX system until the relevant cases maritime security, and waterways, are complete and closed. PSIX can be accessed at the regulations/administrative adjudications, vessel National Vessel Movement Center (NVMC) following link: standards, counter-piracy, Port Security Advisors, provides the maritime industry with a means to http://cgmix.uscg.mil/PSIX/Default.aspx Maritime Transportation Security Act (MTSA), Marine submit a Notice of Arrival and a Notice of Departure, Safety Center, Mariner Credential Verification, and which fulfills USCG and the Customs and Border Transportation Worker Identification Credential Mariner Credential Application Status. For more Protection requirements. For more information, see (TWIC) is a security program designed to ensure that information, see http://www.nvmc.uscg.gov or contact individuals who pose a security threat do not gain https://homeport.uscg.mil/mycg/portal/ep/home.d [email protected] 800-708-9823 or 304-264- unescorted access to secure areas of the Nation's o. 2502. maritime transportation system. The credential is a biometric card that ensures only vetted workers can Maritime Passenger Security Courses address topics Port Interagency Information Sharing Assessment enter without an escort to secure transportation areas. to improve passenger vessel employee security consists of a recurring process of interviews with The TWIC Program is jointly administered by TSA and awareness in their operating environments and to Coast Guard Sector personnel and selected federal, the U.S. Coast Guard. For more information, see increase the effectiveness of their responses to state, local personnel, and private partners who http://www.tsa.gov/stakeholders/transportation- suspicious items and persons that they might participate in joint maritime planning, prevention, worker-identification-credential-twic%C2%AE, or encounter. Courses available include: ―Security response and recovery missions. Port Interagency contact 866-347-8942. Awareness For Passenger Vessel Employees‖, Information Sharing reports are currently only ―IED/VBIED Recognition and Response for Passenger released to the participants, although a publicly- U.S. Coast Guard Auxiliary is the uniformed Vessels and Terminals‖, ―Crowd Control for Passenger releasable version of the report is under consideration volunteer component of the United States Coast Vessels and Terminals‖, ―Maritime Terrorism and for 2012. To schedule participation in next year‘s Guard. The Auxiliary conducts safety patrols on local Hijacking Situations‖, ―Terminal and Shipboard annual interviews, please contact the study team at waterways, assists the Coast Guard with homeland Evacuation‖, and ―Basic Screening Procedures for [email protected]. security duties, teaches boating safety classes, conducts Maritime Transportation Security‖. To order, contact free vessel safety checks for the public, and performs many other support activities. The Auxiliary has

36 Preventing Terrorism and Enhancing Security members in all 50 states, Puerto Rico, the Virgin Homeland Security Information Network – Public regions hosting special security events. For more Islands, American Samoa and Guam. For more Transit Portal (HSIN-PT) has been integrated into information, contact [email protected]. information, visit http://www.cgaux.org/. the HSIN network to provide one stop security information sources and outlets for security Mass Transit Employee Vigilance Campaign The U.S. Coast Guard National Maritime Center (NMC) advisories, alerts and notices. Membership to the ―NOT ON MY SHIFT‖ program employs issues Merchant Mariner Credentials (MMC) to fully Public Transit portal is provided once vetted by portal professionally-designed posters to emphasize the qualified U.S. mariners, approves and audits training administrators. For more information, contact essential role that mass transit and passenger rail programs and courses offered by mariner training [email protected]. employees play in security and terrorism prevention organizations throughout the U.S., and provides in their systems. Adaptable templates enable each information about merchant mariner records. For Intercity Passenger Rail Grant Program creates a transit agency to tailor the product to its operations by more information, see http://www.uscg.mil/nmc or sustainable, risk-based effort to protect critical surface including the system logo, photographs of their own contact NMC Customer Service Center 888-IASKNMC transportation infrastructure and the traveling public agency‘s employees at work, and quotes from the (1-888-427-5662). from acts of terrorism, major disasters and other senior leadership, law enforcement and security emergencies within the Amtrak rail system. For more officials, or frontline employees. The personalized U.S. Coast Guard Navigation Center supports safe information, visit http://www.fema.gov/transit- approach has proven effective in gaining employees‘ and efficient maritime transportation by delivering security-grant-program or contact [email protected] attention and interest, supporting the participating accurate and timely maritime information, vessel 800-368-6498. transit and rail agencies‘ efforts to maintain vigilance monitoring system support and Global Position for indicators of potential terrorist activity. TSA System (GPS) augmentation signals that permit high- Keep the Nation‟s Railroad Secure Brochure assists designs the posters based on the preferences of the precision positioning and navigation. For additional railroad employees to recognize signs of a potential particular mass transit or passenger rail agency. For information, see http://www.navcen.uscg.gov/. terrorist act. It is to be used in conjunction with a more information contact railroad company‘s existing security policies and [email protected]. Vessel Documentation (for US Flag Vessels) The procedures and may be modified to display the National Vessel Documentation Center facilitates company‘s emergency contact information for ease of Mass Transit Security and Safety Roundtables TSA, maritime commerce and the availability of financing, reference. For more information, contact the Federal Transit Administration (FTA), and FEMA while protecting economic privileges of U.S. citizens [email protected]. co-sponsor the annual Transit Security and Safety through the enforcement of regulations, and provides Roundtables, bringing together law enforcement a register of vessels available in time of war or Mass Transit and Passenger Rail - Bomb Squad chiefs; security directors and safety directors from the emergency to defend and protect the United States of Response to Transportation Systems Through nation‘s 60 largest mass transit and passenger rail America. See http://www.uscg.mil/hq/cg5/nvdc/. training and scenario-based exercises, this program agencies; Amtrak; and federal security partners to For more information call 800-799-8362 or 304- expands regional capabilities to respond to a threat or discuss terrorism prevention and response challenges 271-2400 (7:30 a.m. to 5:00 p.m. Eastern Time). incident involving a suspected explosive device in and to work collaboratively in developing risk mass transit and passenger rail systems. For more mitigation and security enhancement solutions. The Mass Transit and Rail Security information, contact [email protected]. Roundtables also provide a forum for agency safety and security officials to share effective practices and Mass Transit and Passenger Rail - Field Operational develop relationships to improve coordination and Homeland Security Information Network (HSIN) – Risk and Criticality Evaluation (FORCE) is a threat- collaboration. For additional information, contact Freight Rail Portal has been designed to provide based, risk-managed protocol that evaluates threat, [email protected]. consistent, real time information sharing capabilities vulnerability, and consequence from a variety of in an integrated, secure, web-based forum to vantage points, focusing primarily on the rail and bus Mass Transit Security Training Program Guidelines coordinate and collaborate directly with our security properties but also surveying intermodal and is a focused security training initiative under the partners. Membership to the Freight Rail portal is interdependent critical infrastructure and key Transit Security Grant Program (TSGP) in February provided once vetted by portal administrators. For resources. It is also adaptable to assist with new start- 2007. The resulting Mass Transit Security Training more information, contact [email protected], up properties about to come online or transit agencies Program provides guidelines to mass transit and [email protected], or 866-430-0162. with aggressive future expansion initiatives as well as passenger rail agencies on the types of training to be

37 Preventing Terrorism and Enhancing Security provided by category of employee. For more Homeland Security. DNDO is the primary entity in objective and reliable data set on the performance of information, visit the U.S. government for implementing domestic commercially available radiation detection and http://www.tsa.gov/stakeholders/building-security- nuclear detection efforts for a managed and identification equipment that was collected against the force-multipliers or contact coordinated response to radiological and nuclear requirements set forth by national and international [email protected]. threats, as well as integration of federal nuclear consensus standards. For more information, contact forensics programs. Additionally, DNDO is charged [email protected]. Mass Transit Smart Security Practices is a with coordinating the development of the global compilation of smart security practices drawn from nuclear detection and reporting architecture, with The Joint Analysis Center (JAC) Program provides the results of the comprehensive security assessments partners from federal, state, local, and international an interagency coordination mechanism and central completed under the Baseline Assessment for Security governments and the private sector. DNDO will also monitoring point for the Global Nuclear Detection Enhancement (BASE) program. This compilation develop, acquire, and support the domestic nuclear Architecture (GNDA), maintains situational awareness fosters communication nationally among security detection and reporting system. DNDO‘s Commercial across the GNDA – to include status of radiological professionals in mass transit and passenger rail to First Initiative will facilitate this by shifting the focus and nuclear (rad/nuc) detection assets, visibility into expand adoption of effective practices, tailored as from government development of materiel solutions the status of rad/nuc alarms, awareness of rad/nuc- necessary to each agency operating environment. For to a commercial first approach that will leverage related incidents and events, data, and trend analyses more information, contact industry innovation and facilitate the deployment of supporting GNDA operations. The JACCIS, an [email protected]. detection equipment to DHS components and federal, Information Technology (IT) system specifically state, and local stakeholders. For more information, developed to support JAC operations, is a secure web Motorcoach Guidance: Security and Emergency see application and database which supports alarm Preparedness Plan (SEPP) is a guideline and template www.dhs.gov/xabout/structure/editorial_0766.shtm adjudication, analysis, information sharing, and that you may use in developing a SEPP. The steps or contact [email protected]. reporting for the Global Nuclear Detection involved in this process include an evaluation of Architecture (GNDA) by DNDO and its mission current security procedures, an identification of The GRaDER® Program was established to meet a partners. Through its relationship to the National Labs threats and vulnerabilities to your operation, and the congressional mandate for a program to evaluate and members of the IC Community, the JAC Program development of policies and procedures to effectively radiological and nuclear detection technology. The provides technical expertise toward specific address deficiencies. For more information, see GRaDER® program provides objective and reliable requirements of DNDO to include the development of http://www.tsa.gov/sites/default/files/publications/ performance testing information to federal, state and classified annexes for architectural studies; creation of pdf/grants/6th_2009_ibsgp_security_emergency_pre local stakeholders for radiological and nuclear GNDA visualization tools; operations support activities paredness_plan_template.pdf or contact detection equipment tested against consensus and and the ongoing development and execution of red [email protected]. technical capability standards to assist them in making teaming and assessment activities. For more informed radiological and nuclear detection information, see Rail Security Rule Overview On November 26, equipment procurements. Visit http://www.dhs.gov/xabout/structure/editorial_076 2008, DHS published a regulation governing security http://www.dhs.gov/GRaDER for further 6.shtm. in the freight rail industry. The regulation not only information or email [email protected]. affects freight railroads, but their customers as well. Monthly Unclassified Threat Briefing The NPPD/IP This presentation provides a high-level overview of The Illicit Trafficking Radiation Assessment Nuclear SSA holds an unclassified security the Rail Security Rule and information regarding the Program+10 (ITRAP+10), is a partnership between teleconference for nuclear facility owners and requirements of the regulation. For more the Domestic Nuclear Detection Office (DNDO) and operators, plant managers, and security professionals information, contact the Freight Rail Branch at the European Commission‘s Joint Research Center on the first Wednesday of every month. The [email protected]. (EC/JRC) in Ispra, Italy. ITRAP +10 is designed to teleconference provides the opportunity for the assist National organizations to effectively detect Department of Homeland Security‘s Office of Nuclear Security radiological materials, whether during the Intelligence and Analysis and Office for Bombing importation, exportation, or shipment in transit. Prevention to brief the Nuclear Sector on significant ITRAP+10 provides federal stakeholders and their changes to the threat environment, results of recent The Domestic Nuclear Detection Office (DNDO) is a governmental and commercial partners with an open, terrorism investigations, and other reported suspicious jointly staffed agency within the Department of 38 Preventing Terrorism and Enhancing Security incidents and for the Industrial Control Systems Cyber are developed as suggested practices and must be used http://www.fema.gov/about/divisions/thd_repp.sht Emergency Response Team (ICS-CERT) to brief the in conjunction with, and subordinate to, legal, m. Nuclear Sector on recent cyber alerts and advisories. regulatory, and industry standard processes that are The teleconference also covers significant changes to established within and recognized by the Nuclear Training, Exercise, and Assistance (TE&A) Program the threat environment, results of recent terrorism Sector and its industry and government members. For TE&A consists of three separately managed but heavily investigations, and other reported suspicious more information, please contact the NPPD/IP integrated programs and embodies the Domestic incidents. For more information, please contact the Nuclear SSA at [email protected]. Nuclear Detection Office‘s (DNDO) principal efforts NPPD/IP Nuclear SSA at [email protected]. to develop the most effective operational Radiological Nuclear Sector Overview introduces readers to the and Nuclear Detection (RND) practices throughout National Nuclear Forensics Expertise Development Nuclear Reactors, Materials, and Waste Sector. It the Global Nuclear Detection Architecture (GNDA). Program (NNFEDP) aims to provide a stable includes facts, roles and responsibilities, and sector TE&A, working in collaboration with its federal, state, foundation from which to develop and sustain the initiatives and activities. For more information, local, and tribal partners, as well as industry and the nuclear forensics workforce. This interagency contact [email protected]. national laboratories, identifies best practices and program is dedicated to maintaining a vibrant develops the appropriate training and exercise academic pathway from undergraduate to post- Nuclear Sector Security Awareness Guide This materials to ensure standards-based application of doctorate study in disciplines directly relevant to document will assist Nuclear Sector owners and these practices in the field. The Training Program nuclear forensics, such as radiochemistry, operators in their efforts to improve security at their works to break down approved operational concepts geochemistry, nuclear physics, nuclear engineering, facility, reaffirm awareness of the security risks to the into teachable tasks, conditions, and standards at materials science, and analytical chemistry. The sector, and provide a list of activities or actions that appropriate echelons of the GNDA. Through this NNFEDP promotes a unique interdisciplinary they can take to reduce that risk. For more process, it develops training products and systems approach that encourages collaboration among information, please contact the NPPD/IP Nuclear SSA required to meet desired standards, and it makes them academic programs, universities, and the DOE national at [email protected]. available to users enabling them to meet their GNDA- laboratories. Initiatives include undergraduate based responsibilities. The Exercise Project develops outreach and scholarships; graduate fellowships, Nuclear Sector Voluntary Security Programs Fact Homeland Security Exercise Evaluation Program internships, and mentoring; post-doctorate Sheet provides a listing of select voluntary protection (HSEEP) compliant, operational exercise templates fellowships; university education awards; and junior and resilience products and initiatives in the sector. tailored specifically for the GNDA and for federal, state faculty awards. For more information, see For more information, contact and local programs. The Exercise Project develops http://scuref.org, [email protected]. exercises standards designed to ensure operational http://www.dhs.gov/blog/2012/08/28/supporting- concepts are put to rigorous and realistic examination. next-generation-nuclear-forensic-scientists or contact Open Access to ANSI N42 Series Standards DNDO This standards-based approach serves as an RND [email protected]. sponsors the Institute of Electrical and Electronics exercise force multiplier that improves the overall Engineers (IEEE) to provide copies of the ANSI N42 domestic exercise efficiency and consistency across the Nuclear Sector Classified Threat Briefing The radiation detection standards free of charge to anyone GNDA. The Assistance Program is designed to provide NPPD/IP Nuclear SSA coordinates both regularly who wants a copy. Visit the web site to obtain the guidance to GNDA partners on how to plan, develop, scheduled and incident-specific classified briefings for latest published version of one of the sponsored manage, evaluate, and sustain a RND program. As cleared sector partners. For more information, please standards is: http://standards.ieee.org/about/get/ such, it works directly with federal, state, local, and contact the NPPD/IP Nuclear SSA at tribal multi-jurisdictional, multi-disciplinary policy [email protected]. Radiological Emergency Preparedness Program makers, program managers, operational (REP) helps to secure the health and safety of citizens administrators, and subject matter experts to design Nuclear Sector Information Sharing Standard living around commercial nuclear power plants. REP and implement RND programs and enhance detection Operating Procedure (SOP) This document is is responsible for review and final approval of all capabilities as a means to implement the GNDA. To designed to enhance the effectiveness of voluntary neighborhood radiological emergency plans. The REP accomplish this, the Assistance Program provides a information coordination and distribution among program is a leader in areas of policy guidance, system of standardized processes and a suite of members of the Nuclear Sector Information Sharing planning, training, public education and preparedness scalable tools which allow state and local agencies to Environment (ISE). The information-sharing processes for nuclear power plants. For more information, visit develop, implement, and enhance their own

39 Preventing Terrorism and Enhancing Security radiological and nuclear detection programs. These critical to an effective security program. The 17 sectors and sub-sectors; and establish sector baseline tools provide comprehensive guidance for Planning, Action Items cover a range of areas including security security survey scores. Private sector owners and Organizing, Equipping, Training, and Exercise program management and accountability, security and operators interested in an ECIP Visit should contact (POETE) Operations. In other words, they provide a emergency response training, drills and exercises, [email protected] or 703-235-9349. structure for the administration of a domestic public awareness, protective measures for the National preventive RND program and are intended to allow Terrorism Alert System threat levels, physical security, DHS Center of Excellence: Risk Analysis and federal, state, local, and tribal agencies develop and personnel security, and information sharing and Decision Support with: Homeland Security implement tailorable, scalable programs while staying security. The TSA Transportation Security Inspectors- Analysis, Modeling, Integrated, Secured true to the framework of the GNDA. For more Surface conduct security assessments under the Environment and Repository for Decision Support information, see Baseline Assessment for Security Enhancement (BASE) (HS-ANALISER) . HS-ANALISER (formerly the Risk http://www.dhs.gov/xabout/structure/editorial_076 program that evaluate the posture of mass transit and Analysis Workbench (RAW)) is the National Center 6.shtm. passenger rail agencies in the Action Items in a for Risk and Economic Analysis of Terrorism Events comprehensive and systematic approach to elevate (CREATE) software system and decision-support tool Who‟s Who in DHS Nuclear Sector Infrastructure baseline security posture and enhance security that allows policy/decision-makers, analysts and Protection This product describes the roles and program management and implementation. The researchers to share homeland security risk-focused responsibilities of DHS components as they relate to results of the security assessments inform computing tools, models, data, analysis, and results. the Nuclear Sector. For more information, please development of risk mitigation programs and resource For more information, see contact the NPPD/IP Nuclear SSA at allocations, most notably security grants. For more http://create.usc.edu/2008/05/the_risk_analysis_wo [email protected]. information, visit rkbench_ra_2.html or contact http://www.tsa.gov/stakeholders/advancing- [email protected]. Physical Security Assessment security-baseline or contact [email protected]. Regional Resiliency Assessment Program (RRAP) is Tools a cooperative, DHS-led assessment of specific critical Design-Basis Threat (DBT): An Interagency Security infrastructure and regional analysis of the surrounding Based Assessment Tool (CBAT) is a cross- Committee Report (FOUO) is a stand-alone threat infrastructure, including key interdependencies. platform tool that integrates 360 degree geospherical analysis to be used with the Physical Security Criteria for Private sector owners and operators interested in video, geospatial and aerial imagery of facilities, Federal Facilities: An ISC Standard. The DBT document receiving more information on the RRAP should surrounding areas, routes, and other areas of interest establishes a profile of the type, composition, and contact [email protected]. with a wide variety of other facility data, including capabilities of adversaries. For more information, see evacuation plans, vulnerability assessments, standard http://www.dhs.gov/files/committees/gc_1194978 Regional Resiliency Assessment Program (RRAP) operating procedures, and schematic/floor plans. By 268031.shtm or contact [email protected]. Discussion Based Exercises These exercises are integrating this disparate data, the CBAT provides a offered to those jurisdictions participating in the comprehensive visual guide of a site that assists facility Enhanced Critical Infrastructure Protection (ECIP) RRAP. The core component of these efforts will be a owners and operators, local law enforcement, and Visits are conducted by Protective Security Advisors capstone Tabletop Exercise (TTX) delivered in emergency response personnel to prepare for and (PSAs) in collaboration with critical infrastructure approximately the one-year post-Resiliency Analysis respond to an incident. This resource is protected at owners and operators to assess overall facility security delivery timeframe. The core objective of this TTX the Protected Critical Infrastructure Information (PCII) and increase security awareness. ECIP Visits are will be to determine changes to a and For Official Use Only (FOUO) level and is augmented by the Infrastructure Survey Tool (IST), a jurisdiction‘s/sector‘s overall Resiliency Baseline due available to vetted private sector critical infrastructure web based tool that provides the ability to collect, to the implementation of suggested protective owners and operators with a demonstrated need to process, and analyze ECIP survey data in real time. measures highlighted by the RRAP process. In the know. For more information, contact Data collected during an ECIP visit is consolidated in intervening year, Readiness works with the RRAP [email protected]. the IST and then weighted and valued, which enables exercise planning team to deliver other requested DHS to develop ECIP metrics; conduct sector-by-sector preparatory activities, such as workshops, to help Comprehensive Security Assessments and Action and cross-sector vulnerability comparisons; identify shape the capstone TTX. For more information, please Items encompass activities and measures that are security gaps and trends across critical infrastructure 40 Preventing Terrorism and Enhancing Security contact the Sector Outreach and Programs Division at more information, contact infrastructure issues. Each Daily Report is divided by [email protected]. [email protected] or 703-235-9349. the critical infrastructure sectors and key assets defined in the National Infrastructure Protection Plan. For Sector-Specific Tabletop Exercise Program (SSTEP) Protecting, Analyzing, & Sharing more information, see This tool allows critical infrastructure partners to http://www.dhs.gov/files/programs/editorial_0542. develop interactive, discussion-based exercises for Information shtm or contact [email protected] 202-312-3421. their communities of interest, be it at the sector or a facility level. The SSTEP allows users to leverage pre- Automated Critical Asset Management System DHS Center of Excellence: National Center for built exercise templates and tailor them to their (ACAMS) is a secure, web-based portal developed in Visualization and Data Analytics (CVADA) creates communities‘ specific needs in order to assess, partnership with state and local communities and the the scientific basis and enduring technologies needed develop, and update plans, programs, policies and State, Local, Tribal, Territorial Government to analyze massive amounts of information from procedures within an incident management functional Coordinating Council (SLTTGCC). ACAMS is designed multiple sources to more reliably detect threats to the area. For more information, please contact the Sector to help state and local governments build critical security of the Nation, its infrastructures and to the Outreach and Programs Division at infrastructure protection programs in their local health and welfare of its populace. These new [email protected]. jurisdictions and implement the National technologies will also improve the dissemination of Infrastructure Protection Plan (NIPP). ACAMS both information and related technologies. Co-led by Site Assistance Visits (SAVs) Site Assistance Visits are provides a set of tools and resources that help law Purdue University and Rutgers University, available non-regulatory risk-informed vulnerability enforcement, public safety, and emergency response educational opportunities are geared towards assessments that assist critical infrastructure owners personnel collect, prioritize, analyze, and visualize educating the next generation of homeland security and operators in identifying vulnerabilities, protective critical infrastructure to prepare, prevent, respond, professionals with initiatives that span the entire measures, planning needs, and options for and recover from an attack, natural disaster, or career development pipeline, ranging from K-12 consideration to increase protection from, and emergency. ACAMS is provided at no cost for state and programs through undergraduate and graduate level resilience to, a wide range of hazards. Following the local use and is protected from public disclosure work, to professional education and training. For assessment, DHS provides owners and operators with through the Protected Critical Infrastructure more information, see a SAV report, protected as PCII. SAVs enhance critical Information (PCII) program. For more information, http://www.purdue.edu/discoverypark/vaccine/ and infrastructure owners‘ and operators‘ overall see www.dhs.gov/ACAMS or contact http://www.ccicada.org/ or contact capabilities and resources for identifying and [email protected] 866-634-1958. [email protected]. mitigating vulnerabilities, detecting and preventing terrorist attacks, and responding to and recovering Critical Infrastructure Information Notices are DHS Geospatial Information Infrastructure (GII) is from all-hazards events. Private sector critical intended to provide warning to critical infrastructure a body of geospatial data and application services built infrastructure owners and operators interested in owners and operators when a particular cyber event or to meet common requirements across the DHS receiving more information on SAVs should contact activity has the potential to impact critical mission space. OneView [email protected]. infrastructure computing networks. This document is (https://gii.dhs.gov/oneview) is a lightweight, web- distributed only to those parties who have a valid based geographic visualization and analysis that Special Event and Domestic Incident Tracker ―need to know,‖ a direct role in securing networks or provides a method for individual users to access and (SEDIT) is a web-based tool used by field-deployed systems that enable or support U.S. critical interact with all GII services. The GII also maintains personnel to enhance steady state, special event, and infrastructures. Access is limited to a secure portal the DHS Earth KML service, which provides domestic incident support capabilities. SEDIT utilizes (https://portal.us-cert.gov) and controlled authoritative infrastructure data and various static and security and resilience data from Enhanced Critical distribution list. For more information, contact the dynamic situational awareness feeds in standard Infrastructure Protection security surveys and Site US-CERT Secure Operations Center at soc@us- geographic information system (GIS) data formats to Assistance Visits to calculate a Baseline Risk for each cert.gov; 888-282-0870. authorized Homeland Security Information Network critical infrastructure. Integrating reported (HSIN) users at the federal, state, and local levels and vulnerabilities, consequences, and threat ratings, the Daily Open Source Infrastructure Report is collected within the private sector. For more information, Baseline Risk allows for the prioritization of the each weekday as a summary of open-source published contact [email protected]. Nation‘s critical infrastructure and key resources. For information concerning significant critical 41 Preventing Terrorism and Enhancing Security

DHS Open Source Enterprise Daily and Weekly Homeland Security Information Network-Critical Information Sharing Snapshot This two-page Intelligence Reports provide open source Sectors (HSIN-CS) HSIN-CS is the primary snapshot describes the Information Sharing information on several topics of interest. The information-sharing platform between the critical Environment (ISE). The ISE is designed to improve following are currently available open source reports: infrastructure sector stakeholders. With a library of the overall effectiveness of information sharing The DHS Daily Digest Report, The DHS Daily Cyber products that increases on an average of every 2 between and among federal, state, local, tribal, and Report, The DHS Daily Human Trafficking and hours, HSIN-CS enables federal, state, local and private territorial governments and the private sector. To Smuggling Report, The DHS Daily Terrorism Report, sector critical infrastructure owners and operators to enable the protection of critical infrastructure, the and The DHS Weekly Weapons and Munitions communicate, coordinate, and share sensitive and Department of Homeland Security established an Trafficking and Smuggling Report. These reports may sector-relevant information to protect their critical information-sharing network that is guided primarily be accessed on the Homeland Security Information assets, systems, functions and networks, at no charge by the National Infrastructure Protection Plan (NIPP) Network (HSIN) or private sector partners may to sector stakeholders. To request access to HSIN-CS, and works in coordination with the efforts of the request that they be added to distribution by e- please contact [email protected]. When Federal ISE. For more information, see mailing [email protected] with requesting access, please indicate the critical http://www.dhs.gov/xlibrary/assets/NIPP_InfoShari subject line reading ―Request DHS Daily [name] infrastructure sector to which your company belongs ng.pdf. Report‖. and include your name, company, official email address, and supervisor‘s name and phone number. Infrastructure Data Taxonomy (IDT) Critical Food and Agriculture Sector Criticality Assessment infrastructure and their elements can be described and Tool (FASCAT) is a web-based tool used to identify “If You See Something, Say SomethingTM” categorized in various ways, which can result in specific systems-based criteria, unique for the Food Campaign In July 2010, the Department of Homeland inconsistent communication and hinder timely and Agriculture Sector and utilized for Homeland Security (DHS) launched its national ―If You See decision-making within the homeland security Infrastructure Threat and Risk Analysis Center data call Something, Say SomethingTM‖ public awareness community. To prevent such problems, DHS uses an submissions and identification of infrastructure critical campaign – a simple and effective program to raise Infrastructure Data Taxonomy to enable transparent systems for industry owners and operators. For more public awareness of indicators of terrorism and violent and consistent communication about Critical information, see www.foodshield.org, or contact crime, and to emphasize the importance of reporting infrastructure between government and private sector [email protected]. suspicious activity to the proper state and local law partners with its structured terminology. The enforcement authorities. The campaign was originally Infrastructure Data Taxonomy allows its users to Homeland Security Information Network (HSIN) is used by New York‘s Metropolitan Transportation designate an asset as belonging to a particular group, a web-based knowledge management tool designed to Authority (MTA), which has licensed the use of the and then apply additional, associated taxonomy levels increase collaboration between federal, state, local, slogan to DHS for anti-terrorism and anti-crime to detail the specifics of the asset and describe its tribal, territorial, private sector, and international efforts. For more information, see functions. For more information, see entities. It provides a reliable and secure system for http://www.dhs.gov/files/reportincidents/see- http://www.dhs.gov/files/publications/gc_1226595 information sharing between partners engaged in the something-say-something.shtm. 934574.shtm or visit https://taxonomy.iac.anl.gov/ homeland security mission. HSIN is composed of to use this tool or contact: [email protected]. many diverse compartments called Communities of Interest enhances security by (COI). Each COI is designed and maintained by its improving authentication for persons to enable Infrastructure Information Collection System own administrators. HSIN is a secure system and seamless and secure interactions among federal, state, (IICS) is a secure, web-based application designed to access to compartments is granted by invitation only. local, and private sector stakeholders ensuring that provide authorized users with the ability to easily A single user may be invited to multiple COIs they have comprehensive, real-time, and relevant access, search, retrieve, visualize, analyze, and export depending on their need to access that information. information. Through this research, financial and infrastructure data originating from multiple disparate Applications can be obtained by sending a request to other private sector businesses are able to streamline sources through a single interface. The IICS enables [email protected]. For more information, and strengthen the identity verification process access to infrastructure-related data that is owned and visit www.dhs.gov/hsin or contact the HSIN Help reducing the risks of identity fraud. For more managed by IP through the Infrastructure Data Desk: 1-866-430-0162; [email protected]. information, please contact SandT-Cyber- Warehouse as well as infrastructure-related data from [email protected]. various other federal, state, and local infrastructure

42 Preventing Terrorism and Enhancing Security protection mission partners. For more information, basis, with additional sessions as threat developments Protected Critical Infrastructure Information (PCII) contact [email protected]. may warrant. For more information, contact Program is an information sharing resource designed [email protected]. to facilitate the flow and exchange of critical INFOGRAMs The Emergency Management & infrastructure information (CII) between the private Response-Information Sharing & Analysis Center National Information Exchange Model (NIEM) sector, DHS and federal, state, tribal and local (EMR-ISAC) was established to provide information Program is a federal, state, local and tribal interagency government entities. Private sector entities can services that support the infrastructure protection and initiative providing a national approach and common voluntarily submit their CII to the PCII Program for resilience activities of all Emergency Services Sector vocabulary for information exchange. NIEM has a use in federal, state and local critical infrastructure (ESS) departments, agencies, and organizations robust training curriculum that is accessible both in protection efforts. Information about the PCII (public and private) nation-wide. InfoGrams contain the classroom and on-line. The primary audience for Program, including the CII Act of 2002, the Final Rule four short articles issued weekly about Critical the NIEM Training Program is executives, project and and the implementing regulation as well as the PCII Infrastructure Protection (CIP) and Critical program managers, architects and technical Program Procedures Manual can be found at Infrastructure Resiliency (CIR) trends and implementers within federal, state, local, tribal and www.dhs.gov/pcii. For additional information, developments. To acquire a no-cost subscription to private entities. Additional information on the contact [email protected] or 202-360-3023. EMR-ISAC information, send an e-mail request to training courses and NIEM can be obtained by visiting [email protected]; to inquire about the practice of www.NIEM.gov or e-mailing [email protected]. Suspicious Activity Reporting for Critical CIP or CIR within an ESS organization, call 301-447- Infrastructure Tool This tool is a standardized means 1325. National Science and Technology Council (NSTC) by which critical infrastructure stakeholders can report Subcommittee on Biometrics and Identity suspicious or unusual activities to the government via Intelligence and Analysis Private Sector Partnership Management (BIdM) encourages greater sector portals on the Homeland Security Information Program provides private sector businesses, groups, collaboration and sharing of information on biometric Network-Critical Sectors (HSIN-CS). Reports and trade associations with tailored threat briefings to activities among government departments and submitted to the tool are reviewed by the National meet their security information needs. Additionally, agencies; commercial entities; state, regional, and Infrastructure Coordinating Center (NICC), shared the office creates intelligence products that are posted international organizations; and the general public. with appropriate government recipients, redacted and on the Homeland Security Information Network- For more information, see posted to HSIN-CS. To request access to HSIN-CS, Critical Sectors (HSIN-CS) portal for use by pre- http://www.biometrics.gov/nstc/Default.aspx or please contact [email protected]. cleared critical infrastructure owners and operators. contact [email protected]. For more information, see www.dhs.gov/hsin. To SOPD Classified Threat Briefings SOPD coordinates request access to HSIN-CS, e-mail [email protected]. The Nationwide Suspicious Activity Reporting both regularly scheduled and incident-specific When requesting access, please indicate the critical (SAR) Initiative (NSI) Program Management Office classified briefings for cleared sector partners. For infrastructure sector to which your company belongs (PMO) initiated operations in March 2010 with the more information, contact Sector Outreach & and include your name, company, official e-mail challenge of ensuring that regardless of where in the Programs Division at [email protected]. address, and supervisor‘s name and phone number. country suspicious activity is reported, these potential For more information, contact indicators of terrorist activity can be analyzed and Surveillance Detection Awareness on the Job is a 90- [email protected] or call 202- compared to other SAR information nationwide. The minute interactive web presentation designed to raise 282-9881. NSI incorporates the informal processes that awareness of suspicious behaviors that might indicate traditionally exist within law enforcement agencies potential surveillance activities. This virtual Joint DHS/FBI Classified Threat and Analysis into the standards, policies, and processes developed production offers cross-sector examples of suspicious Presentations provide classified intelligence and by the NSI that allow law enforcement agencies to activities and behaviors and provides information to analysis presentations to mass transit and passenger easily share information with the critical partners that help identify and report such behaviors in a timely rail security directors and law enforcement chiefs in need it to help prevent potential terrorist attacks. For manner. The webinar features a moderated roundtable more than 20 metropolitan areas simultaneously more information, see discussion of five diverse examples of surveillance and through the Joint Terrorism Task Force network http://nsi.ncirc.gov/default.aspx. detection, as well as information about the resources secure video teleconferencing system. The briefings available for timely reporting of suspicious activities. occur on an approximately quarterly to semi-annual The live webinar is available for download on

43 Preventing Terrorism and Enhancing Security

Homeland Security Information Network-Critical information, please contact the Commercial Facilities tribal organizations as well as critical infrastructure Sectors (HSIN-CS). For more information, contact SSA at [email protected]. owners/operators. Operational and demonstration [email protected]. pilot programs have been on-going in multiple TSA Alert System is an emergency notification alert locations throughout the United States. For more Technical Resources for Incident Prevention system for highway and motor carrier security information about UICDS and to download the free (TRIPwire) is the DHS 24/7 online, collaborative, partners. The system is capable of sending a message software development kit, go to: www.uicds.us. information-sharing network for bomb squad, law via phone, e-mail or SMS (text) based on the person‘s enforcement, and other first responders to learn about priority contact preference. Contact TSA to become a U.S. Coast Guard Maritime Information eXchange current terrorist improvised explosive device (IED) TSA Alert subscriber at [email protected]. (“CGMIX”) makes U.S. Coast Guard (USCG) tactics, techniques, and procedures. The system maritime information available on the public internet combines expert analyses and reports with relevant Unified Incident Command and Decision Support in the form of searchable databases. Much of the documents, images, and videos gathered directly from (UICDS) is a national ―middleware foundation‖ information on the CGMIX website comes from the terrorist sources to assist law enforcement to designed to support information sharing for the USCG Marine Information for Safety and Law anticipate, identify, and prevent IED incidents. To National Response Framework and the National Enforcement (MISLE) information system. For more request additional information, contact DHS Office for Incident Management System, including the Incident information, see http://cgmix.uscg.mil/. Bombing Prevention at [email protected] or view Command System. UICDS middleware is transparent https://www.tripwire.dhs.gov/IED/appmanager/IED to system operators during operations and requires no Virtual USA (vUSA) integrates technologies, Portal/IEDDesktop?_nfpb=true&_pageLabel=LOGIN. special training. UICDS is owned by the federal methodologies, and capabilities for sharing and government and available at no-cost. It is built around collaborating using public, multi-jurisdictional, and The Evolving Threat: What You Can Do Webinar data standards and the National Information Exchange private sector information for the purpose of discusses analysis of the latest intelligence analyzed by Model. UICDS enables information sharing across protecting lives, property, and the environment. the DHS Office of Intelligence and Analysis (I&A), and domains, roles, hazards, echelons and applications. vUSA is improving emergency response by ensuring consists of a brief synopsis of evolving threats, UICDS allows information sharing between disparate, that practitioners at all levels have immediate access to followed by a protective measures presentation. proprietary emergency management applications. the information they need to make decisions, when Additionally, the protective measures portion of the UICDS users share what, when and with whom they they need it. More information can be found at webinar is available at want in accordance with existing or emerging sharing www.firstresponder.gov. https://connect.HSIN.gov/p55204456. For more agreements. Users of UICDS are emergency managers and incident commanders in Federal, state, local and

44