May 25, 2006 InfoGram

This InfoGram will be distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. For further information, contact the Emergency Management and Response - Information Sharing and Analysis Center (EMR-ISAC) at (301) 447-1325 or by email at emr-isac@fema.dhs.gov.

Critical Infrastructure Protection: A Review

The weekly InfoGram prepared by the Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) encourages the protection of local critical infrastructures by the leaders, owners, and operators of Emergency Services Sector (ESS) departments and agencies. Specifically, the InfoGrams promote the nation-wide protection of ESS personnel, physical assets, and communication/cyber systems (i.e., critical infrastructures). The major reasons for allocating scarce resources to protect local critical infrastructures are to ensure the survivability, continuity, and response-ability of America's first responders.

Although the government and people of the United States recognize the criticality and indispensability of the ESS, many emergency organizations remain partially vulnerable to degradation or destruction by man-made (e.g., secondary devices) or natural disasters. The EMR-ISAC learned that inadequate resources frequently explain the existence of these vulnerabilities. In fewer instances, the weaknesses perpetuate because of insufficient planning and training. Unfortunately, it is predictable that these common deficiencies will continue to challenge the ingenuity, creativity, energy, and perseverance of ESS leadership.

Events in World and American History should remind local decision-makers to endure and achieve higher levels of critical infrastructure protection (CIP) with their limited resources. For example, failure to protect the critical infrastructures of the Roman Empire was a major reason for its collapse. More recently, the Allied Forces were victorious during World War II because they attacked the enemy's critical infrastructures. Finally, though the Department of Homeland Security does not possess any specific or credible information to confirm their allegations, intelligence and security specialists assert that transnational terrorists will target American critical infrastructures in the near future. Therefore, it is prudent that critical infrastructure leaders such as the chief officers of the emergency services get serious about eliminating local vulnerabilities and practicing the discipline of CIP.

More Cyber and Computer Warnings

In the 18 May InfoGram, The Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) reaffirmed that computers are an integral part of the Emergency Services Sector (ESS). Thousands of sector organizations depend on computers and cyber networks for day-to-day operations. This week, the EMR-ISAC learned of more computer and network vulnerabilities having the potential to disrupt or degrade ESS services to respective communities.

National news media reported the recent theft of electronic data files containing the critical information of over 36.5 million individuals. The files were supposedly stolen from the private residence of an employee who was not authorized to take the information home. This incident should remind ESS leaders to prepare and enforce a strict policy regarding the handling and disposition of department or agency critical information. The EMR-ISAC recommends that removal of organizational information from the work site must occur only by exception and with official approval.

The EMR-ISAC also learned that discarded and recycled computer hard drives are being discovered with increasing frequency containing critical organizational and operational information still intact. In other words, the hard drives of small and large organizations were not completely erased before disposal or recycling. To avoid this type of exposure of critical information, the US-CERT suggests completely destroying the hard drives before any discarding or recycling.

Another Look at Mutual Aid Agreements

Mutual aid agreements provide an important source of 24 x 7 assistance for Emergency Services Sector (ESS) departments and agencies, and particularly during seasons of the year having increased natural hazards. The Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) continues to research the status and advantages of mutual aid agreements because of the critical infrastructure protection (CIP) benefits for agreeing organizations.

Recently, the EMR-ISAC learned about those larger response organizations that are parties to mutual aid agreements with much smaller departments and agencies. Occasionally, the larger organizations find themselves and their community's taxpayers supplying services at a rate much higher than ever anticipated and for periods of time that can extend for years. In this situation, local officials become concerned that the responders of their larger entity are threatened both by overexposure to dangerous incidents in general and the recurring responsibility of taking the lead role when helping less experienced organizations. Additionally, the strain on the physical infrastructure-apparatus and equipment-can be costly, especially when on a long-term basis.

Because of the potential effects on local critical infrastructures, it may be appropriate for response organizations to consider such issues when initially entering into a mutual aid agreement or during any revision. The EMR-ISAC also recommends consideration of the following elements of an agreement:

• Anticipates changing circumstances that could overburden certain parties to it.
• Contains checks and balances to guide an acceptable percentage of monthly calls to render mutual aid.
• Ensures the agreement can be revised as frequently as necessary.

The EMR-ISAC supports the value and necessity of mutual aid agreements, and encourages Emergency Services Sector organizations to protect their own critical infrastructures when creating agreements and becoming parties to them.

2006 Hurricane Season

With the 2006 Hurricane Season beginning on 1 June, the Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) collected the following brief discussion points for consideration by responder organizations in concert with state emergency management agencies.

• Ensure local response plan terminology and procedures are consistent with the National Response Plan (NRP), and bring state emergency support functions in line with the 15 Emergency Support Functions (ESFs) within the NRP.
• Identify critical infrastructure facilities in risk areas (e.g., hospitals, emergency operations centers, 9-1-1 call centers, etc.) that would need generators and other equipment and supplies. At the same time, designate distribution points for essential supplies for quick delivery.
• Review the statewide mutual aid agreement to check for level of participation, ensure coverage for high-risk areas, and to verify officials responsible for coordinating the transfer of resources and deployment of personnel.
• Share solutions and ideas with other state emergency agencies. For example, this summer some states will incorporate the use of their human services information and referral telephone systems (e.g., 211, 311) in their emergency response planning.
• Reconfirm that responder organizations have standard contact information for all employees as well as specific evacuation-related contact information.