Name of School: Department: program



Download 185.45 Kb.
Page2/3
Date conversion21.02.2016
Size185.45 Kb.
1   2   3

http://www.dhs.gov/files/programs/gc_1156877184684.shtm.

Department of Justice. Critical Infrastructure and Key Resources (CI): Protection Capabilities for Fusion Centers. 2008. http://www.it.ojp.gov/default.aspx?area=nationalInitiatives&page=1181.

U.S Gov’t Accountability Office GAO-10-41, Information Sharing: Federal Agencies Are Sharing Border and Terrorism Information with Local and Tribal Law Enforcement Agencies, but Additional Efforts Are Needed, (2009),

http://www.gao.gov/new.items/d1041.pdf.


  1. Additional Recommended Reading:


Boin, Arjen and Smith, Denis. "Terrorism and Critical Infrastructures: Implications for Public-Private Crisis Management," Public Money & Management 26(5) (2006): 295-304. http://papers.ssrn.com/sol3/papers.cfm?abstract_id=937085.
U.S. Gov’t Accountability Office GAO-10-895, Public Transit Security Information Sharing: DHS Could Improve Information Sharing through Streamlining and Increased Outreach, (2010), http://www.gao.gov/new.items/d10895.pdf.



Kunreuther, Howard. “Interdependent Disaster Risks: The Need for Public-Private Partnerships.” In Building Safer Cities: The Future of Disaster Risk, edited by Alcira Kreimer,MargaretArnold and Anne Carlin, 83-87. Washington, DC: International Bank for Reconstruction and Development, 2003. http://www.bvsde.paho.org/bvsacd/cd46/cap6-interde.pdf.

5. Research Paper Topics Due

Turn in the proposed research paper topic at the beginning of class per the instructions at the beginning of the syllabus.


Lesson 6 Topic: Public-Private Partnership Information Sharing

1. Lesson Goals/Objectives:

  • Explain how information is shared within and across the critical infrastructure sectors under the NIPP.

  • Describe the role of the SCCs and subordinate Information Sharing Working Groups in support of critical infrastructure and resilience information sharing.

  • Describe the role of the DHS IP Partnership Programs and Information Sharing (PPIS) Branch in facilitating government-private partnership governance as well as Secretariat support for the GCCs and SCCs.

  • Describe the role of CIPAC in enabling cross sector information sharing, protection, and coordination.

  • Explain how the 24 x 7 NICC, NCCIC and the Homeland Security Information Network (HSIN) – Critical Sector (CS) system support the operation of the information sharing process within and among the critical infrastructure sectors.

  • Describe the role of State and local EOCs in facilitating information sharing in the context of natural disasters and non-terrorist manmade threats and hazards.


2. Discussion Topics:

  • What is the role of each SCC’s Information Sharing Working Group in establishing the process for each critical infrastructure sector?

  • How are critical infrastructure sector recipients and/or HSIN-CS subscribers identified?

  • Who develops and maintains each critical infrastructure sector’s distribution list?

  • What are the roles of trusted intermediaries like Trade Associations and ISACs in extending the distribution lists?

  • Who develops and maintains the Cross Sector critical infrastructure Leadership distribution list known as the Executive Notification Service (ENS) list?

How is the ENS used to convene an emergency conference call or Webinar when there has been a major terrorist threat\attack or the national threat level is about to change? Give an example as described in the NIPP.

  • How do the critical infrastructure sectors and the NICC distinguish between routine and crisis information sharing and communications? How is that distinction reflected in their mode of interaction?

  • How does CIPAC promote and support cross sector information sharing? Give examples.

  • What arrangements have State and Local Fusion Centers made to share their sensitive and Law Enforcement Sensitive (LES) information with critical infrastructure sector entities within their jurisdiction? Do critical infrastructure sector entities have a physical or virtual presence in Fusion Centers? Should they?

  • If Intelligence is obtained at the Federal level that there is a credible facility-specific, asset-specific, or system-specific threat, how is that Intelligence communicated to the critical infrastructure owners and operators?


3. Required Reading:

The White House. National Strategy for Information Sharing. 2007.



http://georgewbush-whitehouse.archives.gov/nsc/infosharing/index.html.
U.S. Department of Homeland Security. NIPP 2013, Partnering for Critical Infrastructure Security and Resilience. 2013, pp. 1-4, appendices A-B. http://www.dhs.gov/sites/default/files/publications/NIPP%202013_Partnering%20for%20Critical%20Infrastructure%20Security%20and%20Resilience_508_0.pdf.
ISAC Council. The Role of ISACs in Private/Public Sector CIP. 2009.

http://www.isaccouncil.org/images/ISAC_Role_in_CIP.pdf.


U.S. Gov’t Accountability Office GAO-04-780, Critical Infrastructure Protection: Improving Information Sharing With Infrastructure Sectors, (2004), http://www.gao.gov/new.items/d04780.pdf.

U.S. Department of Homeland Security. Charter of the Critical Infrastructure Partnership Advisory Council (CIPAC). 2010. http://www.dhs.gov/xlibrary/assets/cipac/cipac_charter.pdf.


U.S. Gov’t Accountability Office GAO-08-636T, Homeland Security: Federal Efforts are Helping to Address Some Challenges Faced by State and Local Fusion Centers, (2008), http://www.gao.gov/products/GAO-08-636T.

U.S. Gov’t Accountability Office GAO-10-972, Information Sharing: Federal Agencies Are Helping Fusion Centers Build and Sustain Capabilities and Protect Privacy, but Could Better Measure Results, (2010), http://www.gao.gov/products/GAO-10-972.



Lesson 7 Topic: Derailed: A Case Study of the 2001 Howard Street Tunnel Fire

Today’s class includes an in-class analysis of the 2001 Howard Street Tunnel freight train derailment. Prior to class, please read the case narrative and complete Exercise 1.


1. Lesson Goal(s)/Objective(s):

  • Identify and assess affected sectors, assets, and stakeholders in the face of a critical infrastructure incident.

  • Apply critical infrastructure security and resilience information sharing methods, processes, and systems.


2. Discussion Topics:

  • See “Key Questions” and “Analytic Value Added” sections in Case Study Narrative.


3. Required Reading:

Derailed: A Case Study of the 2001 Howard Street Tunnel Fire, http://cip.gmu.edu/wp-content/uploads/2013/06/Derailed-Learner-Version.pdf.


Lesson 8 Topic: Information Sharing Lifecycle
1. Lesson Goals/Objectives:

  • Explain the six phases of the information sharing lifecycle, as well as how they relate to one another:

    • Requirements;

    • Collection/Storage;

    • Analysis;

    • Production;

    • Dissemination;

    • Feedback and Update

  • Explain how SCCs, the ISACs, and critical infrastructure owners and operators participate in the requirements, collection, dissemination, and feedback phases.

  • Explain how standing information needs (SINs) are developed.

  • Analyze the roles and responsibilities of DHS/ I&A in collecting and disseminating intelligence from the IC as well as from DHS Law Enforcement components, and how they interact with State and local Fusion Centers throughout the information sharing life cycle.

  • Describe the roles and responsibilities performed by the DHS/NICC across the information sharing life cycle during steady-state operations and incidents.


2. Discussion Topics:

  • Why is the information sharing lifecycle a cyclical versus linear process?

  • What roles do SCCs and critical infrastructure sector members play in the requirements phases for both information and intelligence? Cite statutes or directives where the private sector is given a role in the intelligence requirements phase. Give examples of events in which SCCs and/or critical infrastructure sector members have implemented that role.

  • What is the role of the SSA in the information sharing lifecycle?

  • What roles do SCCs and critical infrastructure sector members have in the feedback phase for both information and intelligence? Give examples of events in which SCCs and/or critical infrastructure sector members have implemented that role.

  • What contribution do you think DHS organic Law Enforcement components such as U.S. Immigration and Customs Enforcement (ICE), Border Patrol, Transportation Security Administration (TSA), and U.S. Coast Guard can make to the Intelligence collection efforts of the DHS/Intelligence and Analysis Directorate?

  • What roles do critical infrastructure owners and operators have in the collection phase, particularly concerning the preparation and submittal of Suspicious Activity Reports (SARs)? Do you feel that SARs represent ‘dots’ that should be connected to other dots by the IC and Law Enforcement? How can SARs ultimately result in better critical infrastructure security and resilience?

  • Regarding the dissemination phase, compare and contrast the centralized DHS headquarters model to the decentralized and distributed State and Local Fusion Center model. Do you feel that critical infrastructure owners and operators need both kinds of models, and if so, why?


3. Required Reading:
Riegner, S. Information Model for the Federal Aviation Administration's Airway Facilities Organization. The MITRE Corporation. 1994. (Request MITRE Reports WP94W0000001 AC146 Box 439).
U.S. Air Force. Requirements Development and Processing. 1999. http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA405037.
U.S. Department of Homeland Security. Secretary Napolitano Announces Rail Security Enhancements, Launches Expansion of ‘See Something, Say Something’ Campaign. 2010.

http://www.dhs.gov/ynews/releases/pr_1278023105905.shtm.


U.S. Department of Homeland Security, Office of Intelligence & Analysis. Strategic Plan Fiscal Year 2011- Fiscal Year 2018. 2011. http://www.dhs.gov/xlibrary/assets/ia-fy2011-fy2018-strategic-plan.pdf.
U.S. Department of Homeland Security. Office of Intelligence and Analysis Mission. http://www.dhs.gov/xabout/structure/gc_1305220817809.shtm.
4. Case Study Reflection Papers Due

Turn in your case study reflection paper at the beginning of class per the instructions at the beginning of the syllabus.


Lesson 9 Topic: Information Sharing Products

1. Lesson Goals/Objectives:

  • Explain how HSIN supports the Critical Infrastructure ISE.

  • Describe the basic functionality of the HSIN-CS platform, how it aligns with user-generated requirements, and the various forms of trusted access and user verification common to the HSIN-CS system.

  • Discuss the protocols and techniques used to develop information sharing products and the variety of types of products posted on HSIN-CS, to include:



Tactical Products

  • Daily Open Source Infrastructure Report

  • Suspected Terrorist Threats (Joint Intelligence Bulletins)

  • Physical Threats

  • Cyber Threats and Vulnerabilities

  • Terrorist Tactics and Techniques

  • Spot Reports (Incidents)

  • Natural Disaster Situation Reports (SITREPS)

  • Natural Disaster CI Damage Forecasts


Strategic Products

  • Sector-Specific Threat Assessments

  • Sector-Specific Risk Assessments

  • Homeland Security Assessments

  • National Risk Estimates




  • Analyze the information sharing strategies, programs, networks, systems, and processes used by other Federal departments such as DOJ that have applicability to the Critical Infrastructure ISE.


2. Homework:

Develop a critical infrastructure security and resilience information sharing product and its associated transmittal cover sheet. Choose one of the following elevated terrorist threat conditions for researching retrospectively. The product should be prepared as if the event has not yet happened. In other words, learners are permitted to do “Monday morning quarterbacking” in preparing the product.



Event

Date(s)

Hurricane Andrew

August 17, 1992

U.S. postal system anthrax attacks

October 2001 and beyond

London transportation system bombings

July 7 and 21, 2005

Hurricane Katrina

August 29, 2005

Aviation threat level increase to Orange (liquid explosives)

August 10, 2006

Christmas Day Aviation bomb attempt

December 25, 2009

FEDEX and UPS Aviation cargo bombs

October 29, 2010

Joplin, Missouri Tornados

May 22, 2011 (late afternoon)

Japan Earthquake and Tsunami

March 11, 2011

Hurricane Irene

August 28, 2011

Hurricane Sandy

October 30, 2012

Event

Date(s)

U.S. postal system anthrax attacks

October 2001 and beyond

London transportation system bombings

July 7, 21 2005

Aviation threat level increase to Orange (liquid explosives)

August 10, 2006

Christmas Day Aviation bomb attempt

December 25, 2009

FEDEX and UPS Aviation cargo bombs

October 29, 2010

The product should warn of the threat at least 24 hours before the date given in the table above. The product should be as specific as possible about the nature of the threat without being unrealistically specific in terms of the precise time and location of the attack and tactics employed. The product should recommend protective strategies and measures for the affected critical infrastructure sectors to take and describe what the government is doing to protect affected critical infrastructure. Learners should research and draw upon any terrorist risk assessments for the affected sectors available in the public domain. A transmittal sheet (cover page) should accompany the product stating who in DHS originated the product (e.g., DHS/Intelligence & Analysis or DHS/Transportation Security Administration), which sectors it should go to, and the date and time it should be transmitted. The product should be labeled with a (simulated) handling caveat such as For Official Use Only (Simulated) or Law Enforcement Sensitive (Simulated). The product and transmittal sheet are due one week from the date of this lesson (taking any holidays into account).



3. Discussion Topics:

  • Why is it necessary to vet subscribers before granting them access to the Homeland Security Information Network - Critical Sector?

  • How are subscribers alerted that a new product has been posted to the HSIN-CS or to one of the sector-specific portals?

  • Why is HSIN-CS not used by all sectors for information dissemination? What are the draw backs to HSIN-CS use?

  • Do you feel that the range of tactical and strategic products listed above cover the critical infrastructure security and resilience needs of most critical infrastructure owners and operators? If so, why? If not, why not?


4. Required Reading:
Federal Bureau of Investigation. InfraGard Program. http://www.infragard.net/.
Department of Justice. Global Justice Information Sharing Initiative. http://www.it.ojp.gov/global.
Haimes, Yacov Y. “Risk of Terrorism to Cyber-Physical and Organizational-Societal Infrastructures,” Public Works Management & Policy 6(4) (2002): 231-40. http://pwm.sagepub.com/content/6/4/231.full.pdf+html.
Lesson 10 Topic: Sharing of Sensitive and Classified Information

1. Lesson Goals/Objectives:

  • Explain the various levels of classified and sensitive information.

  • Describe the difference in legal status and penalties associated with unauthorized disclosure of classified and sensitive information.

  • Assess the private sector’s role in maintaining sensitive and/or classified information.

  • Explain how SBU and classified information can create barriers to sharing and discuss how these barriers can be overcome.


2. Discussion Topics:

  • What are some of the authorized methods for sharing classified threat information with Sector Coordinating Council members?

  • How can classified threat information be shared quickly with critical infrastructure owners and operators in the field who possess clearances?

  • Is there a clear process within the intelligence community to prepare “tear lines” that can be shared with the general critical infrastructure community? Do these tear lines still contain useful or actionable information that will benefit the critical infrastructure community?

  • What can a cleared private sector partner actually do with classified information? How can classified threat information that is shared with the Chief Security Officer at a company’s headquarters be used to protect infrastructure in the field?

  • What role can State and local Fusion Centers play in sharing classified information with CI owners and operators in their jurisdiction?

  • Does DHS have authority and procedures to certify critical infrastructure facilities (e.g., a national Trade Association) for the receipt, storage, review, discussion, and destruction of classified information?

  • Why is “need-to-know” a necessary condition in addition to having the appropriate clearance for receipt of classified information?

  • What is the expected outcome of the new Intelligence Community dictum “responsibility to share”? Do you believe it will achieve its expected outcome?

  • Did the WikiLeaks event during December 2010 cause a ‘chill’ in information sharing (a shift back from “responsibility to share” to “need-to-know”)? What new guidance or security controls were issued as a result?

  • If you were the President of the United States or a high ranking member of Congress what proposal would you make to streamline and improve the timeliness of classified information sharing with critical infrastructure owners and operators in the field?

  • Do you think it is accurate to characterize critical infrastructure owners and operators in the field as front line defenders of our nation’s critical infrastructure and therefore justified in receiving classified intelligence information?

  • How will the new designation of Controlled Unclassified Information as applied to various types of sensitive but unclassified enhance the ability to share that sensitive but unclassified information?


3. Required Reading:

Exec. Order No. 12,958. Classified National Security Information, as Amended. 2003. http://www.archives.gov/isoo/policy-documents/eo-12958-amendment.html.



Exec. Order No. 13,292. Further Amendment to Executive Order 12,958, as Amended,

Classified National Security Information. 2003. http://www.fas.org/sgp/bush/eoamend.html.




1   2   3


The database is protected by copyright ©essaydocs.org 2016
send message

    Main page