InfoGram 20-07: May 24, 2007

This InfoGram will be distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. For further information, contact the Emergency Management and Response - Information Sharing and Analysis Center (EMR-ISAC) at (301) 447-1325 or by email at emr-isac@fema.dhs.gov.

Emergency Services Sector-Sector Specific Plan

Federal government documents verify that Emergency Services Sector (ESS) departments and agencies are a critical infrastructure of the United States, because they form the Nation’s first line of defense for preventing and mitigating man-made and natural disasters. The Department of Homeland Security (DHS) recognizes that sector entities are an invaluable National asset to provide timely, coordinated all-hazards emergency preparedness and response, while ensuring the confidence of the citizens they serve.

Therefore, for the benefit of the ESS nationwide, the DHS released this week the May 2007 Emergency Services Sector—Sector Specific Plan (SSP). The SSP, in conjunction with the National Infrastructure Protection Plan (NIPP), provides the unifying Federal structure for the integration of ESS protection efforts into a single National program. The NIPP provides an overall framework for integrating programs and activities currently underway in the sector, as well as for new and developing infrastructure protection efforts. The SSP details how the Federal government envisions the ESS applicability to the overall risk management framework outlined in the NIPP.

The SSP describes an endeavor that will require resources and coordination from Federal, State, local, and tribal governments; the private sector; and nongovernmental organizations to achieve the prioritization of protection initiatives and investments across the ESS. This prioritization will support Federal actions to ensure resources are applied where they provide most benefit for mitigating risk by reducing vulnerabilities, deterring threats, and minimizing the consequences of attacks and other incidents. It encourages a similar risk-based allocation of resources within states, municipalities, and the private sector.

Because of the sensitivity of the SSP, it has been designated “For Official Use Only” (FOUO). Only those sector leaders granted access to FOUO documents disseminated by the Emergency Management and Response—Information Sharing and Analysis Center (EMR-ISAC) can download the SSP at: https://www.disasterhelp.gov/suite. It is highlighted at the top center channel of the DisasterHelp.gov secure home page under Emergency Services Sector Documents. To view the document will necessitate a current username and password. If your password expired from non-use in the last 90 days, recommend using the Lost Password functionality. However, if you forgot your username, then call the DHelp Service Desk at 800-451-2647, where there are technical specialists to assist with most difficulties.

Homegrown Terrorism: Threat to Critical Infrastructures

American counterterrorism officials say they are uncovering more homegrown radicals inside the United States who operate autonomously and lack formal ties to al Qaida. Those independent qualities combined with their abilities to plot on the Internet and organize attacks make them difficult to find and disrupt. Considering the recent arrests in New York, Georgia, California, Connecticut, and New Jersey, the Emergency Management and Response—Information Sharing and Analysis Center (EMR-ISAC) understands that the threat to National critical infrastructures is real and a successful attack is possible.

To assist the personnel of the Emergency Services Sector to protect themselves, their organizations, their response-ability, and their communities, the EMR-ISAC offers the following simple signs of terrorism extracted from counterterrorism sources:

• Surveillance. Monitoring or recording activities such as response times of the emergency services.
• Seeking Information. Inquiring about community critical infrastructures (e.g., energy facilities, water treatment systems, telecommunication nodes, chemical plants).
• Tests of Security. Driving past or penetrating a sensitive area, monitoring a police radio frequency, or observing emergency responses to their probes and trial runs.
• Acquiring Supplies. Buying explosives, weapons, ammunition, fertilizers, chemicals, military or police uniforms and equipment.
• People Who Don’t Belong. Acting suspicious or don’t fit in because of demeanor, clothing, or the unusual questions asked.
• Deploying Assets. Assuming positions to execute a terrorist attack.

If any of these signs are present, immediately report the details to local law enforcement and the National Infrastructure Coordinating Center (NICC) at 202-282-9201, Fax: 703-487-3570, E-Mail: nicc@dhs.gov.

COOP Planning: Another Perspective

In its continuing effort to report on issues affecting the critical infrastructure protection (CIP) and resilience of Emergency Services Sector (ESS) organizations, the Emergency Management and Response—Information Sharing and Analysis Center (EMR-ISAC) examined recent presentations by emergency management consulting firms regarding continuity of operations (COOP) planning. The analysis of COOP planning materials indicated that the task does not have to be very complicated. One source stated “it may only take a day or so to think things through.”

The EMR-ISAC learned that before drafting a COOP plan, ESS departments and agencies should thoroughly evaluate the risks caused by man-made, natural, and accidental disasters. The evaluation should identify the greatest threats to ESS assets, and the essential resources and training needed to minimize or eliminate these threats. Also, prior to writing the document, it is preferable to forge relationships with other local and regional infrastructure stakeholders to guarantee resource sharing during a catastrophe.

Multiple sources clarify that quality COOP planning will include the following additional actions to ensure the continuity of emergency services during a major calamity:

• Outlining the essential functions of the ESS organization.
• Determining the mission critical tasks.
• Delegating authority for tasks and a chain of succession.
• Finding alternate operating facilities.
• Reconciling interoperable physical assets and communication/cyber systems.
• Backing up important assets and systems.
• Protecting vital records and databases.
• Scheduling to exercise and test the plan.
• Revising the plan to correct weaknesses found during testing.
• Establishing contacts with secondary providers to allow for options.

More Lessons Learned from Recent Disasters

After reviewing a study about disaster response operations sponsored by the National Memorial Institute for the Prevention of Terrorism (MIPT), the Emergency Management and Response—Information Sharing and Analysis Center (EMR-ISAC) gleaned several insights applicable to Emergency Services Sector departments and agencies. The MIPT report reveals that there are several lessons learned repeatedly, incident after incident, which are not hazard-specific, but arise at events of all types.

Considering that the same lessons are being relearned, the EMR-ISAC offers the following edited MIPT recommendations that continue to appear in after-action reports:

• Develop trust and relationships before an incident occurs.
• Finalize formal support and aid agreements with other agencies.
• Commit to a regional approach to learning and exercises.
• Plan tailored exercises with defined goals.
• Train and exercise realistically.
• Make exercising progressive, going from a few easier tasks to many difficult ones.
• Focus on learning as a central objective of training and exercise programs.
• Take a disciplined approach to reviewing lessons and revising practices.
• Create a reliable process for updating and training on plans.
• Identify and make 90% of the decisions before the event occurs.