Infogram
February 19, 2004
NOTE: This INFOGRAM will be distributed weekly to provide members of the emergency management and response sector with information concerning the protection of their critical infrastructures. It has been prepared by NATEK Incorporated for the Emergency Preparedness and Response Directorate. For further information, contact the Emergency Management and Response - Information Sharing and Analysis Center (EMR-ISAC) at (301) 447-1325 or by e-mail at emr-isac@dhs.gov.
CIP Process Synopsis
The Emergency Management and Response-Information Sharing and Analysis Center (EMR-ISAC) research indicates that hundreds of communities and their fire and emergency medical services still lack sufficient resources to effectively protect their indispensable personnel, physical assets, and communication systems. Additionally, there is ample evidence that local emergency managers and fire/EMS chief officers persevere in the struggle to do more with less. For these reasons the EMR-ISAC continues to recommend the implementation of the Critical Infrastructure Protection (CIP) Process.
The CIP Process was developed to ensure scarce resources (e.g., money, time, people, and materials) are applied exclusively to those infrastructures and key assets that really need protection. Utilization of the process should reduce to the absolute minimum the infrastructures and key assets that genuinely require protective measures. A synopsis of this time-efficient and resource-restrained process follows for those who are new to this valuable and user-friendly methodology:
- Identify critical infrastructures and key assets that are credibly threatened by all hazards.
Rationale: Because of the reality of scarce resources, all efforts should focus only on those infrastructures and key assets that are truly threatened. Although most may be threatened by man-made and/or natural disasters, it is quite possible that some are not. Therefore, there should be no expenditure of limited resources on that which is not credibly threatened.
- Determine the vulnerabilities of those critical infrastructures and key assets that are credibly threatened.
Rationale: In order to promote a time-efficient and resource-restrained approach to critical infrastructure protection, identify the vulnerabilities (i.e., weaknesses) of only credibly threatened infrastructures and key assets. Precious resources should not be spent on analyzing the vulnerabilities of non-threatened infrastructures and key assets.
- Assess the risks of degradation or loss of those critical infrastructures and key assets that are credibly threatened and vulnerable.
Rationale: Conduct a risk assessment only for those infrastructures and key assets that are both threatened and vulnerable. No energy and resources should be invested in infrastructures and key assets that are not threatened and vulnerable. Therefore, the practitioner will only consider the risks involved in doing either something or nothing about threatened and vulnerable infrastructures and key assets.
- Apply protective measures for those critical infrastructures and key assets where risk is unacceptable.
Rationale: Risk should be considered unacceptable when the degradation or loss of an infrastructure or key asset will have catastrophic results; i.e., survivability, continuity of operations, and mission accomplishment will be terminated. When the practitioner determines that risk is unacceptable, it is appropriate to apply limited resources to effect measures protecting the specific (risk-adverse) infrastructure or key asset.
For technical assistance with the process, see the CIP Process Job Aid at: http://www.usfa.dhs.gov/subjects/emr-isac/cipc-jobaid.shtm. For consultation, contact the EMR-ISAC at 301-447-1325, or at emr-isac@dhs.gov.
Situational Awareness: A CIP Necessity
Law enforcement authorities throughout the United States receive intermittent reports regarding suspicious activities. Occasionally, the incidents may pertain to an individual or individuals who have attempted to impersonate emergency first responders. Although few in number, these attempts should elicit caution and situational awareness by first response departments, because impersonation is a tactic that has been used by al Qaeda operatives around the world. Furthermore, counterterrorism specialists teach that impostors from extremist groups endeavor to penetrate organizations to conduct deception activities, which conceal a planned terrorist attack.
To reduce or eliminate the risk of subterfuge by an adversary, many emergency departments have begun issuing identification (ID) cards to employees. Some of these organizations have initiated ID card programs in a low cost manner by using existing mechanisms such as those at the local schools and colleges. Others have pursued a cost-effective regional approach by purchasing an ID card machine for use by all the departments within a given region or county. Security experts write that any ID card program should be comprehensively and efficiently executed to include all department personnel regardless of where the ID cards are made.
The ruses and ploys of domestic and transnational terrorists cannot be degraded or defeated by a quality ID card program alone. All the leaders and personnel of an organization must supplement any protective measures with outstanding situational awareness. Perpetual vigilance for suspicious persons and activities in all situations and circumstances will significantly enhance the protection of a department's critical infrastructures.
Safety and Force Protection: CIP Multipliers
The EMR-ISAC encourages first responders to give much consideration to safety and force protection when responding to all incidents or crime scenes. Too many lessons-learned over the years remind firefighters and emergency medical personnel to avoid getting caught up in an emergency and feel the need to rush in. These lessons teach that the best ways to eliminate the injury or loss of personnel-the most precious of critical infrastructures-are to repeatedly train and practice checking for several indicators of danger at a scene: crime in progress, fighting or loud voices, domestic violence, intoxicants, weapons, psychiatric emergency, barricaded suspect, etc. When these indicators are present, then firefighters, EMTs, and paramedics must be habituated to wait for the arrival of the police to provide force protection.
The EMR-ISAC further suggests that when first responders are caught up in an emergency they potentially jeopardize their own survival as well as any victims present at the scene. By becoming excessively focused on the incident and victims, they may degrade the mission and cause a disruption of operations. This helps to explain why safety and force protection promote survivability, continuity of operations, and mission success. They are CIP multipliers when the need for one and/or the other is suspected or desired.
Emergency Response to Terrorism Job Aid
The Department of Homeland Security's Federal Emergency Management Agency announced the availability of the new Emergency Response to Terrorism Job Aid (Version 2) to assist emergency response personnel in identifying a possible terrorist/WMD incident and implementing initial response and recovery actions. The document includes both tactical and strategic issues to assist all first responders, including line personnel, unit officers, and initial incident commanders.
The Emergency Response to Terrorism Job Aid is not a training manual. It is expected and assumed that personnel using these materials already have the appropriate training and experience to address the identified tactics. This Job Aid should serve as a reminder for those who already have completed the appropriate level of tactical and strategic training, such as the Emergency Response to Terrorism courses developed by the U.S. Fire Administration for classroom and self-study.
To see and download a complete copy of the Emergency Response to Terrorism Job Aid, go to: www.usfa.dhs.gov/fire-service/c-terror/download-jobaid.shtm.
FAIR USE NOTICE
This INFOGRAM may contain copyrighted material that was not specifically authorized by the copyright owner. EMR-ISAC personnel believe this constitutes "fair use" of copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use copyrighted material contained within this document for your own purposes that go beyond "fair use," you must obtain permission from the copyright owner.
Reporting Notice
DHS and the FBI encourage recipients of this document to report information concerning suspicious or criminal activity to DHS and/or the FBI. The DHS National Operation Center (NOC) can be reached by telephone at 202-282-9685 or by e-mail at NOC.Fusion@dhs.gov.
The FBI regional phone numbers can be found online at www.fbi.gov/contact/fo/fo.htm
For information affecting the private sector and critical infrastructure, contact the National Infrastructure Coordinating Center (NICC), a sub-element of the NOC. The NICC can be reached by telephone at 202-282-9201 or by e-mail at NICC@dhs.gov.
When available, each report submitted should include the date, time, location, type of activity, number of people and type of equipment used for the activity, the name of the submitting company or organization, and a designated point of contact.
Weekly INFOGRAM's are now available as an RSS Feed. More Information »
This is an archived historical document.
U.S. Fire Administration, 16825 S. Seton Ave., Emmitsburg, MD 21727
(301) 447-1000 Fax: (301) 447-1346 Admissions Fax: (301) 447-1441