Archive

Archive for the ‘U.S. Department of Homeland Security’ Category

CRS — Implementation of Chemical Facility Anti-Terrorism Standards (CFATS): Issues for Congress (August 12, 2014)

August 26, 2014 Comments off

Implementation of Chemical Facility Anti-Terrorism Standards (CFATS): Issues for Congress (PDF)
Source: Congressional Research Service (via Federation of American Scientists)

The Department of Homeland Security (DHS) implements the Chemical Facility Anti-Terrorism Standards (CFATS) regulations, which regulate security at high-risk facilities possessing more than certain amounts of one or more chemicals of interest. Facilities possessing more than the specified amount must register with DHS through this program (a process known as the Top- Screen) and perform security-related activities. The DHS identifies a subset of high-risk chemical facilities from among those that register. These high-risk chemical facilities must submit a security vulnerability assessment, which DHS uses to confirm their high-risk designation, and a site security plan, which DHS then reviews and authorizes. The DHS also inspects and approves high-risk chemical facilities for adherence to their submitted site security plans. It also later inspects for compliance with these plans following DHS approval. The DHS regulates approximately 4,000 facilities under this program and is in the process of implementing the regulatory requirements for security vulnerability assessment, site security planning, and inspection.

About these ads

DHS OIG — Implementation Status of the Enhanced Cybersecurity Services Program

August 20, 2014 Comments off

Implementation Status of the Enhanced Cybersecurity Services Program (PDF)
Source: U.S. Department of Homeland Security, Office of Inspector General

The National Protection Programs Directorate (NPPD) is primarily responsible for fulfilling the DHS national, nonͲlaw enforcement cybersecurity missions. Within NPPD, the Office of Cybersecurity and Communications is responsible for the implementation of the Enhanced Cybersecurity Services program. Our overall objective was to determine the effectiveness of the Enhanced Cybersecurity Services program to disseminate cyber threat and technical information with the critical infrastructure sectors through commercial service providers.

NPPD has made progress in expanding the Enhanced Cybersecurity Services program. For example, as of May 2014, 40 critical infrastructure entities participate in the program. Additionally, 22 companies have signed memorandums of agreement to join the program. Further, NPPD has established the procedures and guidance required to carry out key tasks and operational aspects of the program, including an inͲdepth security validation and accreditation process. NPPD has also addressed the privacy risk associated with the program by developing a Privacy Impact Assessment. Finally, NPPD has engaged sector-specific agencies and government furnished information providers to expand the program, and has developed program reporting and metric capabilities to monitor the program.

Although NPPD has made progress, the Enhanced Cybersecurity Services program has been slow to expand because of limited outreach and resources. In addition, cyber threat information sharing relies on NPPD’s manual reviews and analysis, which has led to inconsistent cyber threat indicator quality.

CRS Insights — 2014 Quadrennial Homeland Security Review: Evolution of Strategic Review (August 6, 2014)

August 13, 2014 Comments off

2014 Quadrennial Homeland Security Review: Evolution of Strategic Review (PDF)
Source: Congressional Research Service (via Federation of American Scientists)

In June 2014, The Department of Homeland Security (DHS) reported the second iteration of the Quadrennial Homeland Security Review (QHSR) to Congress. The QHSR is a “comprehensive examination of the homeland security strategy of the Nation, including recommendations regarding the longterm strategy and priorities of the Nation for homeland security.”

The quadrennial homeland security review is a process in which DHS examines the nation’s homeland security strategy; the report provides an explanation of this process. Neither the review process nor the report to Congress is a strategy, instead the 2014 QHSR (both the process and report) are part of the constant reevaluation of the nation’s homeland security and part of the process by which the combined National and Homeland Security Staff develops the next iteration of the national security strategy. In 2010, the Obama Administration combined the national and homeland security strategies with its 2010 issuance of the National Security Strategy.

Originally Congress, in Section 904 of the Homeland Security Act of 2002 (HSA), tasked the National Homeland Security Council and staff to assess homeland security objectives, commitments, and risks. Additionally, the council was to oversee and review homeland security policies.

DHS OIG — Domestic Nuclear Detection Office Has Taken Steps To Address Insider Threat, but Challenges Remain

August 1, 2014 Comments off

Domestic Nuclear Detection Office Has Taken Steps To Address Insider Threat, but Challenges Remain
Source: U.S. Department of Homeland Security, Office of Inspector General

We reviewed the efforts of the Domestic Nuclear Detection Office (DNDO) to address the risk posed by trusted insiders. Our objective was to assess DNDO’s progress toward protecting its information technology assets from threats posed by its employees, especially those with trusted or elevated access to sensitive, but unclassified information systems or data.

Steps are underway to address and mitigate the insider risk at DNDO. Specifically, the Department of Homeland Security (DHS) Acting Under Secretary of Intelligence and Analysis established an Insider Threat Task Force to develop a program to address the risk of insider threats for DHS, including DNDO. In addition, the DHS Office of Intelligence and Analysis has detailed a counterintelligence officer to DNDO to help mitigate espionage‐related insider risks. The DHS Office of Intelligence and Analysis routinely briefs DNDO on counterintelligence awareness, including insider threat indicators. In addition, DNDO provides security awareness training to its employees and contractors regarding security‐related topics that could help prevent or detect the insider risk. In September 2013, the DHS Office of the Chief Security Officer began a comprehensive vulnerability assessment of DNDO assets, which includes identifying insider risks and vulnerabilities. The DHS Security Operations Center monitors DNDO information systems and networks to respond to potential insider based incidents. Finally, the DHS Special Security Programs Division handles and investigates security incidents, including those types attributed to malicious insiders.

Additional steps to address the insider risk at DNDO are required. Specifically, DNDO needs to implement insider threat procedures, upon receipt of policy issued by the DHS Office of the Chief Information Officer (OCIO) that defines roles and responsibilities for addressing insider risks to unclassified networks and systems. DNDO also needs to provide documentation that clearly shows the effectiveness of controls or processes in place to detect and respond to unauthorized data exfiltration from DNDO unclassified information technology assets via email services provided by the DHS OCIO.

DNDO can strengthen processes and controls for its own technology infrastructure. They can disable portable media ports on controlled information technology assets where there is no legitimate business need. DNDO can apply critical security patches to these assets and perform periodic security assessments of controlled sites to identify any indication of unauthorized wireless devices or connections to DHS networks.

DHS OIG — Oversight of Unaccompanied Alien Children

July 31, 2014 Comments off

Oversight of Unaccompanied Alien Children (PDF)
Source: U.S. Department of Homeland Security, Office of Inspector General
From press release (PDF):

The Office of Inspector General (OIG), Department of Homeland Security (DHS), today issued the first of a series of reports on conditions at detention centers being used to temporarily house unaccompanied alien children.

The report is based on 87 unannounced site visits conducted by OIG agents from July 1-16 at 63 detention centers in Texas, Arizona and California, largely operated by Customs and Border Protection. The OIG’s oversight of the detention centers is ongoing and reports will be issued monthly.

The OIG’s findings are contained in a memorandum from Inspector General John Roth to Homeland Security Secretary Jeh C. Johnson.

OIG Agents checked the sites for sanitation, availability of medical care, food services and other factors. Sites and their staff were found to be largely in compliance with rules and regulations. Some problems were identified, including children requiring treatment for communicable diseases and DHS employees who have become ill from contact with their charges.

Fire/EMS Department Operational Considerations and Guide for Active Shooter and Mass Casualty Incidents

July 23, 2014 Comments off

Fire/EMS Department Operational Considerations and Guide for Active Shooter and Mass Casualty Incidents (PDF)
Source: U.S. Fire Administration

This guide is a fire and emergency medical services (EMS) resource that can be used to support planning and preparation for active shooter and mass casualty incidents. These complex and demanding incidents may be well beyond the traditional training and experience of the majority of firefighters and emergency medical technicians. The U.S. Fire Administration offers this guide as one source of many available for the public safety community, but it takes into consideration the diverse local service levels available across America. In developing the guide, we consulted with individuals and groups engaged in fire and pre-hospital emergency medical services, law enforcement, and hospital medical and trauma care. We also consulted with public safety organizations and numerous federal agencies.

U.S. Naturalizations: 2013

July 10, 2014 Comments off

U.S. Naturalizations: 2013
Source: U.S. Department of Homeland Security

Naturalization is the process by which U.S. citizenship is conferred upon foreign citizens or nationals after fulfilling the requirements established by Congress in the Immigration and Nationality Act (INA). After naturalization, foreign-born citizens enjoy nearly all the same benefits, rights and responsibilities that the Constitution gives to native-born U.S. citizens, including the right to vote. This Office of Immigration Statistics Annual Flow Report presents information on the number and characteristics of foreign nationals aged 18 years and over who were naturalized during FY 2013.

Follow

Get every new post delivered to your Inbox.

Join 898 other followers