Homeland Security Watch

News and analysis of critical issues in homeland security

April 17, 2015

Friday Free Forum

Filed under: General Homeland Security — by Philip J. Palin on April 17, 2015

William R. Cumming Forum

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print
  • LinkedIn

19 Comments »

Comment by Justyna Gromadzka

April 17, 2015 @ 12:45 am

For this week’s forum I would like to examine how technology has changed the crime of identity theft. Technological advances have greatly changed the landscape of identity theft. Technology can be seen as a double edge sword since it can help to decrease the occurrence of identity theft but also makes the crime easier for criminals to carry out. With the creation of the internet, various crimes became much easier for criminals to carry out. Years ago, identity thieves had to obtain paper copies of documents in order to gather one’s information. Unlike today, where everything is stored electronically and identity thieves can simply hack a database that holds the personal information of hundreds. Frank Abagnale, career importer and fraud artist, said, “Technology means that what I did 40 years ago is 4,000 times easier to do today (CIPPIC, 2007, p.17). It has been determined that the internet provides anonymity, lack of physical jurisdiction, and facilities speedy fund transfers between various parts of the world (Kirk, 2014, p.2). These are factors that make identity theft so appealing to criminals since it is relatively easy to do, with some technical skill, and difficult for authorities to catch and prosecute.

Technological advances can also be utilized to aid in combating the growing crime of identity theft. There are a variety of antivirus softwares available for purchase that protects your computer from breaches. Additionally, using firewalls can prevent hackers from gaining access into your computer and stealing your personal information. Encryption software which “uses keys to lock and unlock data while it’s being transmitted over the internet, so that only the intended recipient can view the data” can further protect your information (Washington, 2005, p.7). Biometrics can also be used to securely store your information and ensure only authorized individuals have access to it. “Biometrics is a type of authentication that uses individually unique physical attributes such as: fingerprints, iris/retina, facial structure, speech, facial thermograms, hand geometry and written signatures” (Washington, 2005, p.7). The above described measures are available due to technological advances and can significantly increase the protection and security of sensitive personal information.

CIPPIC (2007) Identity Theft: Introduction and Background. CIPPIC Working Paper No.1 (IDTheft Series). Ottawa: Canadian Internet Policy and Public Interest Clinic. Retrieved from https://cippic.ca/sites/default/files/bulletins/Introduction.pdf

Kirk, D. (2014). Identifying Identity Theft. The Journal of Criminal Law, 78(6), 448-450.

Washington, R. (2005). Identity Theft: Imitation Isn’t the Sincerest Form of Flattery. SANSInstitute. Retrieved from http://www.sans.org/reading-room/whitepapers/privacy/identity-theft-imitation-sincerest-form-flattery-1635

Comment by William R. Cumming

April 17, 2015 @ 8:07 am

Continuing my series on Presidential Executive Orders that reflect a federal government that works as opposed to one that is dysfunctional I add the following:

“Executive Order 13603 of March 16, 2012

National Defense Resources Preparedness

By the authority vested in me as President by the Constitution and the laws of the United States of America, including the Defense Production Act of 1950, as amended (50 U.S.C. App. 2061 et seq.), and section 301
of title 3, United States Code, and as Commander in Chief of the Armed Forces of the United States, it is hereby ordered as follows:

PART I—PURPOSE, POLICY, AND IMPLEMENTATION

Section 101. Purpose. This order delegates authorities and addresses national defense resource policies and programs under the Defense Production Act of 1950, as amended (the ‘‘Act’’).

Sec. 102. Policy. The United States must have an industrial and technological base capable of meeting national defense requirements and capable of contributing to the technological superiority of its national defense equipment
in peacetime and in times of national emergency. The domestic industrial and technological base is the foundation for national defense preparedness.
The authorities provided in the Act shall be used to strengthen this base and to ensure it is capable of responding to the national defense needs of the United States.

Sec. 103. General Functions. Executive departments and agencies (agencies) responsible for plans and programs relating to national defense (as defined in section 801(j) of this order), or for resources and services needed to
support such plans and programs, shall:

(a) identify requirements for the full spectrum of emergencies, including essential military and civilian demand;. . . ”

The DPA is under the oversight of the Congressional Banking Committees and not the Armed Forces Committees. Why? Going back to WWI the USA decided NOT to turn its entire economy over to its military. Thus, the undefined in statute or this executive order “the essential civilian economy” was to be maintained. Nazi Germany e.g. ended up demobilizing portions of its armed forces after Albert Speer realized that the civilian economy was starved for workers and unable to produce needed weapons.

Again neither the statute nor Executive Order defines the term “national security.”

TO BE CONTINUED:

Comment by William R. Cumming

April 17, 2015 @ 8:53 am

CONTINUING THE EXTRACT FROM THE EO:

Sec. 103. General Functions. Executive departments and agencies (agencies) responsible for plans and programs relating to national defense (as defined
in section 801(j) of this order), or for resources and services needed to support such plans and programs, shall:

(a) identify requirements for the full spectrum of emergencies, including essential military and civilian demand;
(b) assess on an ongoing basis the capability of the domestic industrial and technological base to satisfy requirements in peacetime and times of national emergency, specifically evaluating the availability of the most critical resource and production sources, including subcontractors and suppliers, materials, skilled labor, and professional and technical personnel;
(c) be prepared, in the event of a potential threat to the security of the United States, to take actions necessary to ensure the availability of adequate resources and production capability, including services and critical
technology, for national defense requirements;
(d) improve the efficiency and responsiveness of the domestic industrial base to support national defense requirements; and
(e) foster cooperation between the defense and commercial sectors for research and development and for acquisition of materials, services, components, and equipment to enhance industrial base efficiency and responsiveness.”

Note that some discussion of the “essential civilian economy” is almost nowhere to be found. Some argue, as do I that Senator Harry Truman’s expertise on defense production and mobilization led to enactment of the DPA in 1950.

An interesting historical discussion is Jim Lacey’s 2011
book KEEP FROM ALL THOUGHTFUL MEN–How U.S. Economists Won World War II helping to describe the policy of protecting the “essential civilian economy”.

The first great statute helping to define post-WWII civil/military interface was the NATIONAL SECURITY ACT OF 1947, AS AMENDED.

PLEASE NOTE HOW LITTLE THAT KEY STATUTE IS DISCUSSED BY ACADEMICS OR OTHERS IN BOOK OR ARTICLE FORM.

AND NOTE THAT THE NSA OF 1947 MANDATES THAT THE PRESIDENTS OF THE USA INTEGRATE MILITARY, FOREIGN, AND DOMESTIC POLICY TO PROTECT THE NATIONAL SECURITY OF THE USA. N.B. again the term NATIONAL SECURITY undefined in the NSA OF 1947.

But perhaps of interest is that outside of the COMMUNICATIONS ACT OF 1934 several key military/civil statutes were enacted in 1950-51 that in some form still exist.

The DPA was extended or another 5 years in the fall of 2013.

The Civil Defense Act of 1950 [now supplanted] Public Law 920 of the 81st Congress gave recognition to the realities of the Atomic era. Made all-hazards in Public Law 103-160 after almost 45 years of debate that statute, with oversight of the Armed Services, gave primacy to the military post-attack. But note that most of the civilian agencies created pursuant to that act were civil not military agencies, and even today protection of the civilian population of the US is note high on the list of a war fighting DoD that prefers to spend its bucks on offensive weapons, conventional and nuclear.

And then of course there was the Disaster Relief Act of 1950, Public Law 875 of the 81st Congress, enacted to have avoid to enacting disaster by disaster legislation.

Comment by William R. Cumming

April 17, 2015 @ 8:57 am

IT IS VERY IMPORTANT TO HAVE ANYONE WORKING IN THE HS/EM FIELD UNDERSTAND THE INDIVIDUAL DELEGATIONS UNDER THE DPA BY THE PRESIDENT TO THE INDIVIDUAL DEPARTMENTS AND AGENCIES.

Do you?

Try on the national supply of blood e.g.!

Comment by Philip J. Palin

April 17, 2015 @ 9:08 am

Bill: Let me offer an assertion/question and see what you do with it: The DPA establishes wide legal authority for the government to direct the economy for “national defense requirements”. Authority is entirely different from competence or capability. Claiming the authority — without competence or capability — could easily make a bad situation worse.

Comment by Chris Kears

April 17, 2015 @ 3:39 pm

For this week’s post, I wanted to address two vital technologies that provide many benefits to our homeland security enterprise. These technologies include unmanned aerial vehicles (UAVs) and radio frequency identification (RFID) and should continue to be integrated nationwide.

UAV Technology

According to Thompson II (2013), unmanned aerial vehicles (UAVs), or drones, are “aircraft that do not carry a human operator and are capable of flight under remote control or autonomous programming. An unnamed aircraft system (UAS) is the entire system, including the aircraft, digital network, and personnel on the ground. Drones can range from the size of the insect – sometimes called nano drones or micro UAVs – to the size of a traditional jet” (p. 2). In the past, drones have been successful in their attempt to target and kill suspect members of Al Qaeda and its affiliates (Thompson II, 2013). In today’s ever-changing threat environment, their purpose could be used for other security measures, such as commercial and law enforcement activities within our homeland. UAVs can assist ground surveillance in protecting our nation’s critical infrastructure from terrorist activity that has been ascending over the past decade.

UAV technology can be utilized on American soil to enhance our national security in numerous ways. The Department of Homeland Security (DHS) has already been adopting UAV technology to protect its national preparedness goal (Thompson II, 2013). Utilizing UAV technology benefits DHS tremendously because it allows them to police the nation’s borders and deter border access from unauthorized aliens, criminals, and terrorists; as well as countering the importation of smuggled weapons, drugs, and other contraband into our homeland. With the authorization from Federal Aviation Administration (FAA), the Customs and Border Protection’s (CBP’s) Office of Air and Marine (OAM) is utilizing UAVs to support several agencies, which include:

Federal Bureau of Investigation (FBI)
Federal Emergency Management Agency
Bureau of Land Management
Department of Defense (DOD)
Immigration and Customs Enforcement (ICE)
U.S. Secret Service
Texas Rangers
U.S. Forest Service
National Oceanic and Atmospheric Administration (NOAA)
(DHS, 2012)

In addition, these agencies are also collaborating with numerous local police departments, state and private colleges, and small cities and towns to strengthen security protocol (Thompson II, 2013).

According to DHS (2012), OAM personnel supported the agencies listed above for numerous reasons. These reasons include:

Providing NOAA with videos of dams, bridges, levees, and riverbeds where flood zones can be most vulnerable
Providing FEMA with video and radar images of flood zones
Providing surveillance over a suspected smuggler’s tunnel
Providing radar mapping, or overlying radar images taken a few days apart, to show changes in location of flood zones; which is useful for the National Guard in deploying high-water vehicles and sandbags to areas that are most needed
Discussions with another country on the use of unmanned aircraft at the request of the State Department
Testing new technology which strengthens the U.S. Army
Establishing a quarterly forum to share lessons learned from the Air Force and other DHS agencies
(DHS, 2012)

With today’s ever-changing threat environment findings ways to damage our nation’s critical infrastructure, there is a great deal of pressure placed on the homeland security enterprise to find new technologies to counter these threats; which stakeholders believe they have found with the implementation from UAVs. According to Thompson II (2013), the FAA “predicted that 30,000 unmanned aircraft could be flying in U.S. skies in less than 20 years” (p. 2). There are many benefits to UAV technology; however, this technology has generated much concern that it violates the fourth amendment. Congress has addressed that FAA must implement a comprehensive plan to safely integrate civil unmanned aircraft systems into the national airspace system. While successful integration is recommended, it is vital that FAA acknowledges the main limitations, such as how it will affect the privacy in homes, public places, and warrantless searches?

RFID Technology

According to DHS (2006), Radio Frequency Identification (RFID) technology “tags communicate information by radio wave through antennae on small computer chips attached to objects so that such objects may be identified, located, and tracked. The fundamental architecture of RFID technology involves a tag, a reader (or scanning device), and a database. A reader scans the tag (or multiple tags simultaneously) and transmits the information on the tag(s) to a database, which stores the information” (p. 3). RFID is nothing new; as it has been around for decades and is one of the leading automatic identification technologies utilized today (DHS, 2006). These tags can be used on objects and vehicles, and even people; which the homeland security enterprise has been adopting to track persons of interest. Private sectors and public communities have also adopted RFID technology, in order to track material for their inventories so that it is well organized.

There are two major benefits with RFID technology. First, the quality and speed of information to transfer is more efficient when transmitting identification data by radio when compared to manual transcription (DHS, 2006). This saves a great deal of time and is more appealing for technological development. In a society that is constantly challenged by new threats, time is extremely valued and cannot be wasted; therefore, RFID technology allows for information to be tracked in a quicker manner. Second, RFID is relatively low in cost. With RFID being time and cost efficient, this technology offers a more-attractive method for tracking than its alternatives.

In retrospect, RFID technology has a similar limitation as UAV technology; in the sense that it can violate civil liberties and raise privacy concerns (DHS, 2006). Tracking people can violate the fourth amendment and right to keep information private. For example, DHS talks about how RFID can tag people and have their information being shared without them even knowing it. DHS (2006) states that “it can be disempowering and unfair to collect certain types of information about people without their knowledge. Doing so prevents people from taking steps to conceal information they might prefer not to share. Human identification using RFID has serious potential to deprive people of notice that potentially highly specific, detailed information about them is being collected” (p. 8). Moreover, both UAV and RFID technology has their benefits but how can they be successfully utilized without interfering with the privacy and rights of the American people. The spectrum of emerging technology and civil liberties must meet in the middle and not be on opposite sides of the spectrum if successfully implementation is going to keep both parties satisfied; as well as safe from the ever-changing threat of today’s society.

References:

DHS. (2006). The Use of RFID for Human Identification. Retrieved from https://www.dhs.gov/xlibrary/assets/privacy/privacy_advcom_12-2006_rpt_RFID.pdf

DHS. (2012). CBP’s Used of Unmanned Aircraft Systems in the Nation’s Border Security. Retrieved from http://www.oig.dhs.gov/assets/Mgmt/2012/OIG_12-85_May12.pdf

Thompson II, R. M. (2013). Drones in Domestic Surveillance Operations: Fourth Amendment Implications and Legislative Responses. Retrieved from https://www.fas.org/sgp/crs/natsec/R42701.pdf

Comment by Colton Strano

April 17, 2015 @ 5:58 pm

For this week’s post, I would like emphasize the difference between cyber attacks, cyber warfares and cyber criminality/hackivist. Terrorism has changed our country because of its psychological effects of increased fear. With terrorist groups planning new and improved ways to diminish America’s resiliency and the constantly upgrading world of technology, Cyber attacks set the stage for the new and improved terrorist attacks to follow. An example of a cyber attack was the Stuxnet virus found in the Iran nuclear power plant. This virus infiltrated the computer systems of this power plant via usb thumb drive and virtually checked every program running to find a specific target, the cooling rod systems. The virus was undetected for years and gathered intelligence and information on this powerplant without any outside knowledge. The virus was found and terminated without the chance to harm any systems or programs, but the opportunities missed would have had catastrophic consequences for neighboring towns and the safety of all nuclear power plants around the world. Terrorism is very easy to spot and accuse for, but it seems to be a running trend that no one definition of terrorism is accepted universally, let alone cyber terrorism. To better understand cyber terrorism, we must compare and contrast the differences and similarities of cyber warfare, cyber terrorism, and cyber crime. Each prong of cyber terrorism overlaps but also is unique in its own way.

Cyber Warfare

US government security expert Richard A. Clarke, in his book Cyber War, defines “cyberwarfare” as “actions by a nation-state to penetrate another nation’s computers or networks for the purposes of causing damage or disruption.” The Economist describes “cyberwarfare” as ‘the fifth domain of warfare'” (Cyberwar and Cyberterrorism). It can be noticed that cyber warfare follows the same guidelines as normal warfare, penetrating another nation’s defenses on purpose and causing damage, but instead of using military forces, they use computers. Each of the different cyber attacks (cyber warfare, cyber terrorism, cyber crime) have their own aspects that make them different from each other, but also similarities that blur the lines that separate these attacks.

Cyber Terrorism

Cyber terrorism has received the most amount of attention mainly because of the name “Cyber Terrorism” it automatically pops into people’s minds that it is a form of terrorism. I found three different definitions of cyber terrorism that are similar but each to their own. “According to NATO (2008), cyberterrorism is “a cyber attack using or exploiting computer or communication networks to cause sufficient destruction to generate fear or intimidate a society into an ideological goal.” Another definition of cyberterrorism is provided by the US National Infrastructure Protection Centre, a part of the Department for Homeland Security: “a criminal act perpetrated through computers resulting in violence, death and/or destruction, and creating terror for the purpose of coercing a government to change its policies” (Wilson, 2003). “Mark Pollitt (1997) special agent for the FBI, offers a working definition: “Cyberterrorism is the premeditated, politically motivated attack against information, computer systems, computer programs, and data which result in violence against noncombatant targets by sub national groups or clandestine agents… Thus, use of information technology and means by terrorist groups and agents constitute cyber-terrorism” (Krasavin, 2002). With this kind of attack, the goal is not to steal money or identities, but to inflict fear and bring about chaos in society. The goal of these attacks is what sets them apart from the other cyber attacks.

Cyber Criminality/Hacktivist

Cyber Crimes are those that we have seen so much in the news of hackings to banks or a newspaper or magazine leaks photos that they were not allowed to. Cybercrimes are defined as: “Offences that are committed against individuals or groups of individuals with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm to the victim directly or indirectly, using modern telecommunication networks such as Internet and mobile phones. Such crimes may threaten a nation’s security and financial health (Wilsker). Cyber crimes deal mostly with hacking into a corporation or company and stealing information to gain money or access to money. The objective of these crimes is to gain money or material items to better benefit the group orchestrating the attack or a single person, not an organization. An easy way to separate cyber crimes from the other cyber attacks is the “use of information technology and means by terrorist groups and agents constitute cyber-terrorism. Other activities, so richly glamorized by the media, should be defined as cyber crime. (Krasavin, 2002).

Compare/Contrast
After researching the different definitions and acquiring a basic knowledge of the different cyber attacks, “it is first important to note that no single definition of the term “terrorism” has yet gained universal acceptance. Additionally, no single definition for the term “cyber terrorism” has been universally accepted. Also, labeling a computer attack as “cyber terrorism” is problematic, because it is often difficult to determine the intent, identity, or the political motivations of a computer attacker with any certainty until long after the event has occurred” (Cyberwar and Cyberterrorism). These attacks are obviously similar in the means that they all are conducted with or by computers via the internet or certain networks. The aspects that set them apart are the fine details of: Who and Why? Depending on who conducts the attacks could determine between cyber warfare if it is an international incident; cyber terrorism determining if it is a terrorism organization; or cyber crimes if it is a single person or handful of people stealing money. Why these attacks are conducted can determine whether a cyber crime, mainly aiming to steal money or access to money; to inflict fear and chaos into society would be an act of cyber terrorism; or military purposes to attack another nation and purposely cause damage and destruction as cyber warfare. Each attack is just as devastating than the next because of the impact they all have on society.

References
Cyberwar and Cyberterrorism. (n.d.). Retrieved from Tech and Law Center: http://www.techandlaw.net/areas-of-interest/cyberwar-and-cyberterrorism

Kostadinov, D. (2012, December 21). Cyberterrorism Defined (as distinct from “Cybercrime”). Retrieved from INFOSEC Institute : http://resources.infosecinstitute.com/cyberterrorism-distinct-from-cybercrime/

Krasavin, S. P. (2002). What is Crime-terrorism? Retrieved from Computer Crime Research Center (CCRC): http://www.crime-research.org/library/Cyber-terrorism.htm

Wilsker, I. (n.d.). CYBER CRIME, CYBER TERRORISM, CYBER WAR. 1-64.

Comment by William R. Cumming

April 17, 2015 @ 7:55 pm

Thanks to Justnay, Colton, and Chris for excellent comments.

And Phil the DPA does not, like the tax code does, pick winners and losers or allow the federal government to reorganize the economy. It just allows the government to have priority of delivery for existing contracts [become first in line] for certain nation needs. DPAS!

It does in Title III allow some support for what I call experimental production and research.

Comment by William R. Cumming

April 17, 2015 @ 7:59 pm

Apologies to Justyna and Chris for misspelling of names.

Comment by Drew Buffalino

April 17, 2015 @ 10:26 pm

For this week’s Friday Free Forum I want to talk about interoperability in homeland security. Interoperability is defined as, “…the ability to share information between systems and applications in meaningful ways.” (Hunt, 2013). In other words, it is the sharing and collaboration of systems and networks of police, fire, EMS, state, local and federal governments, the private sector and the public in order to develop greater communications capabilities. It is a part of emergency management’s “whole community approach” to greater security and preparedness. Organizations and different sectors of society all operate across multiple fronts and rarely do they ever communicate, or even have the ability to communicate, on a grand scale. The push for interoperability works to provide this overall ability of mass communication and collaboration.

Three ways in which this occurs is through technical interoperability (the physical technologies that allow for communication and to simply send information), syntactic interoperability (an aspect that allows for messages to be received, read, and for the information to be communicated), and semantic interoperability (where the entire approach comes to incorporate an aspect of understanding in the messages communicated, i.e. where the message came from and why it was sent) (Hunt, 2013). Developing these methods of communication allows for the best use of technology. And stepping into the innovation of semantic interoperability provides for greater understanding and efficient information sharing during critical times of emergency. Interoperablility is crucial to the Homeland security mission. As the threats continue to widen, especially in the cyber domain, interoperability will become more and more important. Initiatives such as the Presidents Executive Order promoting cyber security, pushes for stakeholders to improve the information sharing between public and private sectors for the sake of critical infrastructure protection. In order for this to be done interoperibility needs to be applied. Understanding this concept is the first step towards creating a unified command and whole community approach to the threats the U.S. faces today and in the near future.

References

Hunt, G [Real-Time Innovations (RTI) TV]. (2013, June 28). Interoperability In 2 minutes [Video file]. Retrieved from

https://www.youtube.com/watch?x-yt-ts=1422411861&x-yt-cl=84924572&v=iKF_W8emgRE

Comment by William R. Cumming

April 18, 2015 @ 8:00 am

Great comment Drew and this problem first discussed post 9/11/2001 by Juliette Kayyem and others in a Belfer Center published report in 2002.

Comment by William R. Cumming

April 18, 2015 @ 8:06 am

And Phil one post script on the DPA. That statute offers formal exemption from the Antitrust laws in the concept of VOLUNTARY AGREEMENTS with oversight by the Antitrust Division of DoJ.

This authority was identified by the PCCIP report issued in September 1997 for the issue of cyber security.

PCCIP=PRESIDENT’S COMMISSION ON CRITICAL INFRASTRUCTURE PROTECTION

Wondering if this report is available virtually and linked?

Comment by William R. Cumming

April 19, 2015 @ 9:39 am

PRESIDENT’S COMMISSION ON
CRITICAL INFRASTRUCTURE PROTECTION

October 13, 1997

P.O. BOX 46258, WASHINGTON, DC 20050-6258

The President
The White House
Washington, DC 20500

Dear Mr. President:
It is a privilege to forward the report of the President’s Commission on Critical Infrastructure Protection, Critical Foundations.

You asked us to study the critical infrastructures that constitute the life support systems of our nation, determine their vulnerabilities and propose a strategy for
protecting them into the future. I believe our report does this.

There is no doubt that our critical infrastructures are the best in the world—largely the result of the tremendous efficiency and global reach made possible by incorporation of our rapidly advancing information and communication technology. In fact, we found all our infrastructures
increasingly dependent on information and communications systems that cris-cross the nation and span the globe.

That dependence is the source of rising vulnerabilities and, therefore, it is where we concentrated our effort.
We found no evidence of an impending cyber attack which could have a debilitating effect on the
nation’s critical infrastructures. While we see no electronic disaster around the corner, this is no
basis for complacency. We did find widespread capability to exploit infrastructure vulnerabilities. The capability to do harm—particularly through information networks—is real; it is growing at an alarming rate; and we have little defense against it.

Because the infrastructures are mainly privately owned and operated, we concluded that critical infrastructure assurance is a shared responsibility of the public and private sectors. The only sure path to protected infrastructures in the years ahead is through a real partnership between infrastructure owners and operators and the government.
Consequently, in addition to our recommendations
about improving our government’s focus on infrastructure assurance in the Information Age, you will find some recommendations for collaborative public and private organizational arrangements that challenge our conventional way of thinking about government and private sector interaction.

Thank you for the opportunity to serve our nation on this Commission, and for the chance to work with a talented and patriotic group of Commissioners and staff from both government and the private sector.

Respectfully,
Robert T. Marsh

Comment by William R. Cumming

April 19, 2015 @ 9:40 am

IMO this report remains of significance and wonder what a search of the Academic literature would show about it?

Comment by William R. Cumming

April 19, 2015 @ 9:42 am

Is Social Media critical infrastructure for democracy?

Comment by William R. Cumming

April 20, 2015 @ 11:49 am

I believe over 25 so-called NATIONAL STRATEGIES EXIST! IMO these are largely irrelevant and provide largely unknown significance to PRACTIONERS of HS and others. I do find of interest when they are cited by academics and analyzed or discussed in writing by those academics.

Here are a few [and they may have been updated or even rescinded and I missed it] and wondering if links exist discussing them? Of course if Journals like JHSEM {Journal Of Homeland Security and Emergency Management–Berkeley Electronic Press] and HSDJ are searchable perhaps that could be provided.

Do others finds these documents of continuing significance?

FBI National Information Sharing Strategy
Foundation to shape and implement information sharing initiatives with the FBI’s many partners.
Publish Date: 2011

National Disaster Recovery Framework Final 2013

National Security Strategy
Concerns for the national security of the United States and how the administration plans to deal with them.
May 2010

National Intelligence Strategy of the United States of America
Understanding of the counterterrorism challenge and the importance of the challenges we face in the cyber domain and from counter intelligence threats.
August 2009

National Disaster Housing Strategy Released
Release Number: FNF-09-001
Release Date: January 2009

Safe at Home
A National Security Strategy to Protect the American Homeland, the Real Central Front
This document calls for the reevaluation of homeland security policies, published by Center for American Progress.
February 2008

The National Strategy For Homeland Security
Strategy to guide, organize, and unify our Nation’s homeland security efforts.
October 2007

Strategy to Enhance International Supply Chain Security
The overall strategic structure in which United States cargo security programs.
July 2007

National Strategy for Combating Terrorism
Strategy for combating terrorism, it has been both a battle of arms and a battle of ideas.
September 2006

A National Strategy for Integrated Public Warning Policy and Capability
The goal of this report is to develop consensus on a national vision and specific goals for improving all-hazard warning systems at the Federal, state and local levels.
Published by Partnership for Public Warning
May 16, 2003

The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets
Strategy for protecting critical infrastructures and key assets from further terrorist exploitation.
February 2003

The National Strategy to Secure Cyberspace
Framework for protecting cyberspace that is essential to our economy, security, and way of life.
February 2003

Comment by William R. Cumming

April 20, 2015 @ 11:54 am

National Disaster Recovery Framework

Main Content
The National Disaster Recovery Framework is a guide that enables effective recovery support to disaster-impacted States, Tribes, Territorial and local jurisdictions. It provides a flexible structure that enables disaster recovery managers to operate in a unified and collaborative manner. It also focuses on how best to restore, redevelop and revitalize the health, social, economic, natural and environmental fabric of the community and build a more resilient Nation.

The National Disaster Recovery Framework is consistent with the vision set forth in theNDRF Graphic with varying seals – National Disaster Recovery Framework – Recovery Support Functions and Coordinating Agencies – Learn more Presidential Policy Directive (PPD)-8, National Preparedness, which directs FEMA to work with interagency partners to publish a recovery framework. It is the first framework published under the Presidential Policy Directive reflecting the core recovery capabilities by supporting operational plans as an integral element of a National Preparedness System. It is a first step toward the PPD-8 objective to achieve a shared understanding and a common, integrated perspective across all mission areas—Prevention, Protection, Mitigation, Response, and Recovery—in order to achieve unity of effort and make the most effective use of the Nation’s limited resources.

For the first time, the National Disaster Recovery Framework defines:

core recovery principles,
roles and responsibilities of recovery coordinators and other stakeholders,
a coordinating structure that facilitates communication and collaboration among all stakeholders, guidance for pre- and post-disaster recovery planning and;
the overall process by which communities can capitalize on opportunities to rebuild stronger, smarter and safer.
The National Disaster Recovery Framework introduces six new Recovery Support Functions that provide a structure to facilitate problem solving, improve access to resources, and foster coordination among State and Federal agencies, nongovernmental partners and stakeholders. Each Recovery Support Function has coordinating and primary Federal agencies and supporting organizations that operate together with local, State and Tribal government officials, nongovernmental organizations (NGOs) and private sector partners.

The National Disaster Recovery Framework presents three positions that provide focal points for incorporating recovery considerations into the decision making process and monitoring the need for adjustments in assistance where necessary and feasible throughout the recovery process. Those positions are Federal Disaster Recovery Coordinator (FDRC), State or Tribal Disaster Recovery Coordinators (SDRC or TDRC) and Local Disaster Recovery Managers (LDRM).

Last Updated: 02/13/2015 – 16:46

Comment by William R. Cumming

April 20, 2015 @ 12:19 pm

Note Bene!

PKEMRA 2006 effective March 31,2007 mandates a NATIONAL DISASTER RECOVERY STRATEGY. Although released earlier in draft [perhaps accidentally?] the STRATEGY has yet to appear but instead a FRAMEWORK released in final 8 years later. Perhaps a distinction without a difference but if so why change the statutory LABEL?

SEC. 682. NATIONAL DISASTER RECOVERY STRATEGY.

(a) IN GENERAL.—The Administrator, in coordination with the
Secretary of Housing and Urban Development, the Administrator of the Environmental Protection Agency, the Secretary of Agriculture, the Secretary of Commerce, the Secretary of the Treasury,the Secretary of Transportation, the Administrator of the Small Business Administration, the Assistant Secretary for Indian Affairs of the Department of the Interior, and the heads of other appropriate
Federal agencies, State, local, and tribal government officials (including through the National Advisory Council), and representatives of appropriate nongovernmental organizations shall develop,
coordinate, and maintain a National Disaster Recovery Strategy to serve as a guide to recovery efforts after major disasters and emergencies.

(b) CONTENTS.—The National Disaster Recovery Strategy
shall—

(1) outline the most efficient and cost-effective Federal
programs that will meet the recovery needs of States, local
and tribal governments, and individuals and households
affected by a major disaster;

(2) clearly define the role, programs, authorities, and
responsibilities of each Federal agency that may be of assistance
in providing assistance in the recovery from a major disaster;

(3) promote the use of the most appropriate and cost effective building materials (based on the hazards present in an area) in any area affected by a major disaster, with the goal of encouraging the construction of disaster-resistant buildings; and

(4) describe in detail the programs that may be offered
by the agencies described in paragraph (2), including—

(A) discussing funding issues;

(B) detailing how responsibilities under the National
Disaster Recovery Strategy will be shared; and

(C) addressing other matters concerning the cooperative
effort to provide recovery assistance.

(c) REPORT.—
(1) IN GENERAL.—Not later than 270 days after the date
of enactment of this Act, the Administrator shall submit to
the appropriate committees of Congress a report describing
in detail the National Disaster Recovery Strategy and any
additional authorities necessary to implement any portion of the National Disaster Recovery Strategy.
(2) UPDATE.—The Administrator shall submit to the appropriate committees of Congress a report updating the report submitted under paragraph (1)—

(A) on the same date that any change is made to
the National Disaster Recovery Strategy; and

(B) on a periodic basis after the submission of the
report under paragraph (1), but not less than once every
5 years after the date of the submission of the report
under paragraph (1).

WOULD ONE ARGUE CONGRESS HAS BEEN OBEYED?

Comment by William R. Cumming

April 20, 2015 @ 5:42 pm

CORRECTION: Appears the final NDRF published in September 2013 and not updated since.

RSS feed for comments on this post. TrackBack URI

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>