January 19, 2006 InfoGram

This InfoGram will be distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. For further information, contact the Emergency Management and Response - Information Sharing and Analysis Center (EMR-ISAC) at (301) 447-1325 or by email at emr-isac@fema.dhs.gov.

OPSEC Enhances CIP

As part of their critical infrastructure protection (CIP) practices, the EMR-ISAC encourages Emergency Services Sector (ESS) departments and agencies to implement Operations Security (OPSEC) when planning and executing response and recovery operations. OPSEC is a necessary discipline to protect sensitive but unclassified information and activities, which are susceptible to adversary surveillance and information collection behaviors.

There are several areas where ESS organizations are vulnerable to the scrutiny of domestic and transnational terrorists. This pertains particularly to sensitive information, which generally includes matters about personnel, equipment, structures, operations, plans, and training. Therefore, emergency responders should consider eliminating potential vulnerabilities and protecting internal critical infrastructures with the following (not inclusive) actions:

• Prohibit the presence of cell phones and related communication tools in sensitive areas.
• Remove sensitive information from websites and all other information sharing venues.
• Refuse discussion of sensitive matters on unsecured communication devices.
• Shred all planning documents no longer needed regardless of perceived sensitivity.
• Stop leaving sensitive documents unattended inside vehicles.
• Ensure access to networks and databases is limited to only those with the need to know.
• Avoid the discussion of sensitive matters in unsecured areas.
• Screen all information that is released to the public through any medium.

Remember that the al Qaeda training manual states: "at least 80% of valuable target information can be collected using publicly available sources." For more information regarding the practice of OPSEC in support of CIP, see the Interagency Operations Security Support Staff (IOSS) website at http://www.ioss.gov. Alternatively, contact the IOSS at ioss@radium.ncnc.mil or 443-479-4677.

CIP Reflection Time

America has enjoyed the absence of terrorism since 9/11/01. Nevertheless, this relative peace has been continuously disrupted by several natural disasters in the past five years. Lessons learned from these catastrophes-including 9/11-moved many Emergency Services Sector (ESS) departments and agencies to alter plans, policies, procedures, operations, and training. With limited time and resources, countless first responder organizations avoided mediocrity, practiced critical infrastructure protection (CIP), and improved their capabilities to respond, operate, and succeed in an all-hazards environment.

The EMR-ISAC suggests that this New Year is an excellent time for genuine reflection regarding what has been accomplished by ESS organizations to enhance the protection of their internal critical infrastructures (i.e., personnel, physical assets, communication/cyber systems). It should be understood by ESS leaders, owners, and operators that organizational survivability, continuity, and response-ability depend on how well vulnerabilities have been eliminated, and how well internal critical infrastructures have been protected against all hazards.

Throughout 2006, the EMR-ISAC will continue to collect and analyze CIP information, and disseminate relevant matters to the ESS leadership in support of federal government initiatives. Using these weekly InfoGrams, periodic CIP Bulletins, and occasional CIP (For Official Use Only) Notices, the EMR-ISAC should aid reflection efforts and promote the practice of CIP by ESS organizations nationwide. In return for this free service, the EMR-ISAC asks only that ESS departments and agencies report suspicious activities and threats to their critical infrastructures to the National Infrastructure Coordinating Center at Voice: 202-282-9201, Fax: 703-487-3570, or E-Mail: nicc@dhs.gov.

Railroad Provides Responder Training Materials

CSX Transportation (CSXT), the principal operating company of Florida-based CSX Corporation, provides training and emergency planning materials to emergency response agencies at no charge.

CSXT operates the largest railroad in the eastern United States: a 22,000-mile rail network that links markets in 23 states, the District of Columbia, and two Canadian provinces. The EMR-ISAC learned that CSXT's shipments of hazardous materials increased 50 per cent in the last decade to 518,000 railcar loads in 2004.

This railroad corporation offers the following to Emergency Services Sector (ESS) members:

• Community Awareness Emergency Planning Guide helps emergency managers and response agency leaders plan for and respond to incidents that involve railroad property or equipment. A reference guide for decision makers, it augments existing plans and operating procedures.
• Emergency Response to Railroad Incidents Self-Study Guide is a training and reference document for preparing for incidents that involve railroad property or equipment. Containing information about railroad safety, incident planning, and initial response procedures, railroad equipment and personnel, it includes a trainee quiz for grading and certificate issuance. (A copy should be ordered for each anticipated training attendee.) It is a companion to the Emergency Response to Railroad Incidents Self-Study Video, also available from CSXT.

The materials are provided free only to response agencies located in the states in which CSXT operates. Responders associated with agencies west of the Mississippi, in Wisconsin, or any other area not served by CSXT, should contact the railroad company operating in their jurisdiction.

Visit http://csxhazmat.kor-tx.com to order the training materials.

Radioactive Materials Transportation Planning

The EMR-ISAC learned that the U.S. Department of Energy (DOE), a high-visibility shipper of radioactive materials, addresses preparedness issues for nonclassified-nonweapons radioactive materials through its Transportation Emergency Preparedness Program (TEPP).

TEPP integrates transportation and emergency preparedness activities to provide a coordinated approach to managing the response concerns of Emergency Services Sector (ESS) members and state, tribal, and local officials along shipping corridors affected by DOE shipments.

TEPP consists of an array of free, downloadable planning tools: a model needs assessment, model planning annex, model initial response procedures (hazmat incident response, EMS care provider procedure, medical examiner/coroner procedures, radioactive material or multiple hazmat decontamination, and first responder procedure for transport accidents involving radiological material), and "drills in a box," seven scenarios and materials for preparing and conducting tabletop drills and exercises for transportation incidents. The tools can be applied universally to other HazMat planning.

TEPP is implemented on a regional basis, with a TEPP Coordinator (who provides technical assistance) designated for each of DOE's eight Regional Coordinating Offices. Their names and telephone contact information are available at the TEPP website, where the training materials can be downloaded: http://web.em.doe.gov/otem/program.html.

Additional program information is available by contacting Ella McNeil (301) 903-7284 or Ella.McNeil@em.doe.gov.