This InfoGram will be distributed weekly to provide members of the Emergency Services Sector with information concerning the protection of their critical infrastructures. For further information, contact the Emergency Management and Response - Information Sharing and Analysis Center (EMR-ISAC) at (301) 447-1325 or by email at emr-isac@fema.dhs.gov.
Receive InfoGrams and Bulletins by Email
Last month, the Government Accountability Office (GAO) released its study regarding the cybersecurity of critical infrastructure sectors. The GAO Highlights (PDF, 1 Mb) explained that each national critical infrastructure (e.g., the Emergency Services Sector) relies on networked computers and systems, which make them susceptible to cyber-based risks.
The Emergency Management and Response—Information Sharing and Analysis Center (EMR-ISAC) recognizes that the emergency services are dependent on an assortment of assets and systems to execute mission-essential tasks. These include databases, communications equipment, control systems, navigation systems, management systems, security systems, etc. The efficacy of the aforementioned (e.g., computer aided dispatch, alarm systems, geospatial systems, radio and telecommunications services, etc.) is critical to the survivability, continuity, and response-ability of Emergency Services Sector (ESS) departments and agencies.
In this New Year, ESS entities face a broad variety of cyber risks. These risks make emergency operations vulnerable to accidental or deliberate disruption before and during responses to man-made and natural disasters. An article in PC Advisor listed the following common security exploits or threats identified by the GAO and abbreviated by the EMR-ISAC for the awareness of ESS organizations:
See the following sites for helpful information to prevent or mitigate the above listed threats:
An article at Fire Engineering.com discussed that the community of Novato in California has been plagued by 50 arson fires in recent days. Although all the blazes have been quickly doused, the Novato Deputy Fire Chief said the fires could have been deadly or caused serious damage. Another article at the WashingtonPost.com reported that a man confessed to a string of New Year’s Day arson attacks at a cultural center and four other sites in New York City. In this case, there were no injuries and only little damage to most sites.
According to the U.S. Fire Administration’s National Fire Incident Reporting System data and the National Fire Protection Association, an estimated average of over 300,000 intentional fires are reported to fire departments in the United States each year. These fires cause needless injuries to nearly 8,000 firefighters and civilians, and an estimated $1.1 billion annually in direct property loss.
When reviewing the National Arson Awareness Week Media Kit (PDF, 2.2 Mb), the Emergency Management and Response—Information Sharing and Analysis Center (EMR-ISAC) learned that arson destroys more than buildings. It can trigger the loss of jobs, business revenue, tax dollars, and a decrease in property values. This heinous crime is particularly devastating because "it can rob a community of its valuable assets, lives, and property."
Additional arson facts, prevention information, and deterrence projects such as the Arson Watch Program can be seen in the media kit mentioned above, and also at the U.S. Fire Administration Arson website.
The administrator of the Los Angeles County Office of Emergency Management explained in an EmergencyManagement.com article "the importance of bringing everyone to the table—government, nonprofit, and community partners—when creating plans and thinking about disaster preparedness."
The Emergency Management and Response—Information Sharing and Analysis Center (EMR-ISAC) understands emergency managers must actively engage the private sector in the nation’s disaster preparedness. Therefore, the EMR-ISAC reviewed a study conducted by the National Research Council, which ascertained that the implementation of the following actions helps to make public-private partnerships feasible and sustainable:
The Federal Emergency Management Agency Public-Private Partnerships website contains partnership models, templates, and tools. More information about effectively involving local, tribal, territorial, state, federal, academic, nonprofits, faith-based, and other private partners can be found in the recently released document: "A Whole Community Approach to Emergency Management: Principles, Themes, and Pathways for Action."
The Department of Homeland Security (DHS) defines "critical infrastructure" as "systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, nation public health or safety, or any combination of those matters." Energy, water, information technology, financial services, and emergency services are some examples of national critical infrastructures on which our nation depends.
Critical infrastructures are also found in states, counties, and local municipalities that rely upon an array of physical assets, functions, and systems to maintain operations and the services expected by citizens. Local elected leaders, emergency managers, chief officers of the emergency services, and other infrastructure stakeholders are aware that their communities cannot survive without the protection of their critical assets and communication/cyber systems.
The Emergency Management and Response—Information Sharing and Analysis Center (EMR-ISAC) assembled the following 2012 recommendations from multiple DHS sources for the preparedness consideration of local infrastructure stakeholders:
Consult the National Infrastructure Protection Plan for additional information regarding the protection of local critical infrastructures.
The U.S. Fire Administration/EMR-ISAC does not endorse the organizations sponsoring linked websites, and does not endorse the views they express or the products/services they offer.
This INFOGRAM may contain copyrighted material that was not specifically authorized by the copyright owner. EMR-ISAC personnel believe this constitutes "fair use" of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond "fair use," you must obtain permission from the copyright owner.
DHS and the FBI encourage recipients of this document to report information concerning suspicious or criminal activity to DHS and/or the FBI. The DHS National Operation Center (NOC) can be reached by telephone at 202-282-9685 or by email at NOC.Fusion@dhs.gov.
The FBI regional phone numbers can be found online at www.fbi.gov/contact/fo/fo.htm
For information affecting the private sector and critical infrastructure, contact the National Infrastructure Coordinating Center (NICC), a sub-element of the NOC. The NICC can be reached by telephone at 202-282-9201 or by email at NICC@dhs.gov.
When available, each report submitted should include the date, time, location, type of activity, number of people and type of equipment used for the activity, the name of the submitting company or organization, and a designated point of contact.
Weekly INFOGRAM's are now available as an RSS Feed. More Information »
Last Reviewed: January 12, 2012
Happy New Year! Add this resolution to the top of your list: test all home smoke alarms each month - starting today! January 1, 2013 @ 10:04 AM ET
U.S. Fire Administration, 16825 S. Seton Ave., Emmitsburg, MD 21727 | USNG: 18SUJ00529652
(301) 447-1000 Fax: (301) 447-1346 Admissions Fax: (301) 447-1441
January 12, 2012 InfoGram