This InfoGram will be distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. For further information, contact the Emergency Management and Response - Information Sharing and Analysis Center (EMR-ISAC) at (301) 447-1325 or by email at emr-isac@fema.dhs.gov.
A recent inquiry by the Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) indicates that hundreds of communities (including their emergency departments and agencies) still lack sufficient resources to effectively protect their indispensable personnel, physical assets, and communication/cyber systems. Additionally, there is ample evidence that local emergency managers and the chief officers of emergency organizations persevere in the struggle to do more with less. For these reasons the EMR-ISAC continues to recommend the implementation of the Critical Infrastructure Protection (CIP) Action Process.
The CIP Action Process was developed to ensure scarce resources (e.g., money, time, people, and materials) are applied exclusively to those internal infrastructures that really need protection. Utilization of the process should reduce to the absolute minimum the infrastructures that genuinely require protective measures. A synopsis of this time-efficient and resource-restrained process follows for those who are new to this valuable and user-friendly methodology:
Rationale: Because of the reality of scarce resources, all efforts should focus only on those infrastructures and key assets that are truly threatened. Although most may be threatened by man-made and/or natural disasters, it is quite possible that some are not. Therefore, there should be no expenditure of limited resources on that which is not credibly threatened.
Rationale: In order to promote a time-efficient and resource-restrained approach to critical infrastructure protection, identify the vulnerabilities (i.e., weaknesses) of only credibly threatened infrastructures. Precious resources should not be spent on analyzing the vulnerabilities of non-threatened internal infrastructures.
Rationale: Conduct a risk assessment only for those infrastructures that are both threatened and vulnerable. No energy and resources should be invested in infrastructures that are not threatened and vulnerable. Therefore, the practitioner will only consider the risks involved in doing either something (i.e., risk is unacceptable) or nothing (i.e., risk is acceptable) about threatened and vulnerable internal infrastructures.
Rationale: Risk should be considered unacceptable when the degradation or loss of an infrastructure will have catastrophic results (i.e., survivability, continuity of operations, and mission accomplishment will be terminated). When the practitioner determines that risk is unacceptable, it is appropriate to apply limited resources to effect measures protecting the specific (risk-adverse) internal infrastructures.
For consultation regarding the CIP Action Process, email the EMR-ISAC or call 301-447-1325.
There are three concepts that the Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) frequently uses when discussing the discipline of critical infrastructure protection (CIP): threat, vulnerability, and risk. Two of these terms (threat and risk) are occasionally used incorrectly in the spoken and written word throughout the Emergency Services Sector (ESS). Therefore, to enhance the comprehension and application of these concepts by ESS CIP practitioners, the EMR-ISAC offers the following definitions seen in the Department of Homeland Security 2006 National Infrastructure Protection Plan:
The Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) has observed that vehicle and apparatus thefts continue to plague first responder organizations throughout the nation's Emergency Services Sector (ESS). These thefts often result in serious damage and an occasional disruption in services. Therefore, the EMR-ISAC notes that when the vehicular component of their internal critical infrastructures is degraded, ESS departments and agencies face a greater challenge attempting to remain fully "response-able."
Typical response activities take place under fast-paced, stress-filled conditions in situations where emergency vehicles and apparatus cannot be visually monitored for periods of time. Theft records substantiate that thieves, the mentally unstable, substance-impaired individuals, pranksters, and other persons exploit the unattended and/or unsecured status of responder vehicles to steal, "borrow," or test-drive (e.g., joyride). Emergency vehicles that feature keyless ignition systems are easier theft targets because "hot wiring" is unnecessary.
Recently, a teenager easily started a large, extremely expensive fire apparatus using its mechanical buttons and drove away while firefighters were engaged indoors. The young driver later failed to negotiate a turn, landed the truck sideways, and slid a short distance. With repair costs close to the price of a new rig, city officials struggle with the dilemma of whether to repair or replace the damaged 44-foot- long vehicle. Regardless, until a decision is made, the apparatus is unavailable.
Unofficial research indicates that emergency vehicles are stolen more often during shift changes, and while idling near hospital emergency rooms and at incident scenes. Records also show that perpetrators have even forced their way into unoccupied stations to "liberate" emergency vehicles and apparatus. While the thefts themselves are a crime against responder organizations, the long-term consequences include the degradation of physical infrastructure and monetary losses no emergency organization can afford. Considering this ongoing problem, the EMR-ISAC suggests ESS leaders, owners, and operators review their standard operating procedures and guidelines to promote practices that eliminate vulnerabilities and protect their vehicles and apparatus from thievery.
The Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) strives to offer critical infrastructure protection (CIP) related information regarding no-cost, relevant training resources for the Emergency Services Sector (ESS). Consistent with this quest, the EMR-ISAC learned that the Center for Public Health Preparedness (CPHP) of the State University of New York at Albany features an e-Learning Center with offerings useful for the infrastructure protection, safety, and preparedness of the ESS.
The CPHP is part of a national network of Centers for Public Health Preparedness funded by the Centers for Disease Control and Prevention. The goal of the network is to improve the capacity to respond to current and emerging public health threats with a focus on bioterrorism and infectious disease outbreaks.
Among the courses available is Hazmat Transportation Incidents: Using the Emergency Response Guidebook (ERG2004). The ERG is a tool used by emergency responders to identify hazardous materials and to ascertain self-protection guidance. The one-hour course introduces the Guidebook and provides a practical exercise for ERG use. It can also be used for refresher training as needed.
In addition to various cyber courses, many of which offer continuing education credits, free training DVDs of archived webcasts are available. The archive repository contains more than 30 webcasts on topics that include agroterrorism, crisis communications, chemical exposure assessment, coordinating community response, and mass evacuation to rural communities, along with handout materials, transcripts, evaluations, and post-tests. DVDs and streaming webcasts of special on-campus programs are made available, such as the August 2006 Emergency Preparedness: Preventing Zoonotic Disease Transmission. During this particular webcast veterinary health workers and responders reviewed the Incident Command System, the role of veterinarians in disease outbreaks, and the impact of zoonotic diseases on human populations.
Given the broad range of free training resources at the CPHP's e-Learning Center, especially those that offer life-saving information for the response community, the EMR-ISAC encourages a review of the course materials. Links to the archived webcasts and supporting materials can also be seen at the e-Learning Center.
The U.S. Fire Administration/EMR-ISAC does not endorse the organizations sponsoring linked websites, and does not endorse the views they express or the products/services they offer.
This INFOGRAM may contain copyrighted material that was not specifically authorized by the copyright owner. EMR-ISAC personnel believe this constitutes "fair use" of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond "fair use," you must obtain permission from the copyright owner.
DHS and the FBI encourage recipients of this document to report information concerning suspicious or criminal activity to DHS and/or the FBI. The DHS National Operation Center (NOC) can be reached by telephone at 202-282-9685 or by email at NOC.Fusion@dhs.gov.
The FBI regional phone numbers can be found online at www.fbi.gov/contact/fo/fo.htm
For information affecting the private sector and critical infrastructure, contact the National Infrastructure Coordinating Center (NICC), a sub-element of the NOC. The NICC can be reached by telephone at 202-282-9201 or by email at NICC@dhs.gov.
When available, each report submitted should include the date, time, location, type of activity, number of people and type of equipment used for the activity, the name of the submitting company or organization, and a designated point of contact.
Weekly INFOGRAM's are now available as an RSS Feed. More Information »
Last Reviewed: Historical Document
Happy New Year! Add this resolution to the top of your list: test all home smoke alarms each month - starting today! January 1, 2013 @ 10:04 AM ET
U.S. Fire Administration, 16825 S. Seton Ave., Emmitsburg, MD 21727 | USNG: 18SUJ00529652
(301) 447-1000 Fax: (301) 447-1346 Admissions Fax: (301) 447-1441
