Homeland Security Watch

News and analysis of critical issues in homeland security

April 24, 2015

Friday Free Forum

Filed under: General Homeland Security — by Philip J. Palin on April 24, 2015

William R. Cumming Forum

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print
  • LinkedIn

13 Comments »

Comment by William R. Cumming

April 24, 2015 @ 11:00 am

Friday and commenting remotely from D.C.area.Saw a movie trailer for new one coming out this summer. Good graphics and entitle EARTHQUAKE I think. Great scene of tsunami swallowing GOLDEN GATE BRIDGE.

Well the

Comment by Drew Buffalino

April 24, 2015 @ 6:43 pm

William that sounds like a good movie to check out, certainly in terms of emergency management. It reminds me of the movie “The Day After Tomorrow” that included a lot of extreme weather events and extreme possibilities associated with climate change. For my post this Friday I wanted to discusses the current cyber security regulations being placed on the private sector and whether or not they ideally beneficial for resiliency.

The famous French philosopher, politician, and economist Frédéric Bastiat discusses the seen and unseen causes and effects of habits, institutions, economics and law in his writings titled That Which is Seen, and That Which is Not Seen. His theory on unintended consequences, though over one hundred and fifty years old, still resonates today and is applicable to homeland security. In his republished works on the matter he states:

“In the economic sphere an act, a habit, an institution, a law produces not only one effect, but a series of effects. Of these effects, the first alone is immediate; it appears simultaneously with its cause; it is seen. The other effects emerge only subsequently; they are not seen; we are fortunate if we foresee them.” (Bastiat, 2011, p. 12).

As laws and executive orders are made they intends to affect the private sector in a positive way. The initial intentions are immediate and seek to improve the present threat environment. However, when developing these laws and orders the unseen effects are most times not taken into consideration. In using Bastiat’s lens to look at the present situation of the cyber domain new aspects become clear.
The cyber security market is more then capable of delivering advanced products to companies and the people. Government, the private sector and individuals alike are in a position where they can utilize these products for a greater defensive posture, however, this presently does not occur on a holistic level. Concerns in cyber security have risen as to the safety of the consumer and of the “critical infrastructure” that the U.S. depends on. In response to these concerns, government feels a response is required that implements immediate affects so citizens’ bank accounts, identities, information and way of life are secured. Immediate actions are materialized through regulations and legislation in the form of the National Cybersecurity and Critical Infrastructure Protection Act of 2014 and the President’s EO. However, in enacting these broad forms of legislation, branches of government fail to take into consideration the unseen affects their actions have and how recent legislation may affect the future of the private sector’s cyber security market.
The way the free market works is similar to a fluctuating wave. As demand grows it is met by supply and ultimately the wants of the consumer are fulfilled. This process can be immediate or take time to develop. Currently, companies do not see a need for cyber security because of the fact that they do not see a lost in profit, their customers maintain faith in them, or their customers also do not see a need for cyber security. They act in ways that leave them and the consumers vulnerable to attack and retain few consequences in doing so. Although some may see this as a negative occurrence that must be fixed, it is simply the nature of the way the market works.
At the moment, companies do not have a positive cost/benefit analysis of cyber security because they have yet to lose customers over the issue. However, as the threats in cyber security continue to grow consumers will become more informed. New information will drive a consumer demand for an increase in cyber security for their personal protection. Those companies who fail to instill cyber security for the sake of their consumers will soon realize that their customers lose faith in them and see risk in using their services. Consequently, individuals will be shifting their investments into companies that offer proper cyber security methods to protect them, and in turn properly secured companies will rise. Those corporations who offer cyber security will benefit from the switch and those who do not will ultimately fail. This natural flow allows corporations to learn from their mistakes and it is, however, stifled by legislation forcing the use of cyber security through laws and executive orders. It disrupts the flow of consumers focus and fails to allow corporations to learn from their misdeeds, resulting in a reduced motivation to foresee future threats.

References

Bastiat, F. (2001). What is Seen and What is Not Seen. Ideas on Liberty. Retrieved from
http://fee.org/files/doclib/bastiat0601.pdf

Comment by Justyna Gromadzka

April 24, 2015 @ 6:43 pm

For this week’s forum I would like to discuss the card technology that will improve the security of in-store transactions. As a part of the Obama administration’s Buy Secure initiative, the President signed an Executive Order that would improve the security of a consumer’s financial transactions (White House, 2014, p.1). This order served as the first step in the new Buy Secure initiative which will take “critical steps to protect consumers’ financial security and improve confidence in the marketplace” (Zients, 2014, p.1). As Zients states, The Executive Order itself will help by assisting victims of identity theft, improving the government’s payment security as a customer and a provider, and accelerating the transition to stronger security technologies and the development of next-generation payment security tools” (2014, p.1). One of largest ways that the Executive Order will improve the security of consumer financial information is by utilizing a “Chip and Pin” technology for credit, debit, and other payment cards in the United States (Zients, 2014, p.1).

Magnetic strip cards are highly vulnerable to credit fraud since they only require the card to be swiped for the transaction to be completed. EMV, commonly know as “Chip and Pin”, cards are more secure then the traditional magnetic strip cards. They are much harder to counterfeit and even when identity thieves gain access to card information they can not use it. This technology allows for cards with embedded microchips, rather than magnetic strips. Additionally, when using a “Chip and Pin” card an individual is required to provide a personal identification number (PIN) in order to complete a transaction. The process is similar to that off an ATM card. In order to utilize this technology in the United States, new cards have to be issued by banks and payments terminals must be upgraded. New machines and software have to be installed in stores so that these cards can be used (Weise, 2015). Merchants are not required to make the switch but then they take on liability for possible fraud (Weise, 2015). The new cards will continue to have magnetic strips to allow for their use in places that do not have readers for the “Chip and Pin” technology.

These cards are new in the United States, however, countries in Europe and Canada have been using “Chip and Pin” cards for years now. In those countries, the technology has already considerably cut down payment fraud (White House, 2014, p.1). According to a report by the Federal reserve Bank of Kansas City, these cards can reduce credit card fraud in the United States by 40 percent (Weise, 2015). Throughout this year, retailers and finacial institutions have been upgrading to this technology. However, the technology will probably be more present in the fall (Johnson, 2014). In October of 2015 liability laws change regarding credit card fraud (Weise, 2015). The new liability laws will hold merchants who have not adopted to this new technology liable for the loses as opposed to the banks which were traditionally liable (Johnson, 2014). However, if your financial institution does not provide you with a “Chip and Pin” card by that deadline, they will continue to hold liability for losses incurred by credit fraud.

Johnson, S. (2014). Coming Next Fall: More Chip and Pin Cards in the U.S. U.S. News. Retrieved from http://money.usnews.com/money/personal-finance/articles/2014/10/28/coming-next-fall-more-chip-and-pin-cards-in-the-us

Weise, E. (2015). Coming to a shop near you: Chip and Pin cards. USA Today. Retrieved from http://www.usatoday.com/story/tech/2015/01/06/chip-and-pin-credit-cards-computer-security/21008389/

The White House. (2014). FACT SHEET: Safeguarding Consumers’ Financial Security. Office of the Press Secretary. Retrieved from https://www.whitehouse.gov/the-press-office/2014/10/17/fact-sheet-safeguarding-consumers-financial-security

Zients, J. (2014). The President’s BuySecure Initiative: Protecting Americans from Credit Card Fraud and Identity Theft. White House Blog. Retrieved from https:// http://www.whitehouse.gov/blog/2014/10/17/protecting-americans-credit-card-fraud-and-identity-theft

Comment by Citizen Joe

April 24, 2015 @ 7:35 pm

This week for my reading suggestion pertaining to “Uranium” as a valued national asset of the Republic and related to Homeland Security:

https://www.fas.org/sgp/crs/RL32631.pdf

Citizen Joe
“Main Street USA”

Comment by Ally M

April 24, 2015 @ 8:05 pm

For this week’s post I would like to discuss the threat of climate change when it comes to homeland security. While this is a global threat it is interesting on how it is also a threat to homeland security. This means that the homeland security community has to create strategies to approach the threat of global warming. With the most recent addition of the Worldwide Threat Assessment the threat of global warming is called extreme weather events. There is empirical evidence that suggests that there is a general warming trend that could affect the weather and ecosystems in which we live. This will intensify the impacts on all human beings throughout the world. The warmer atmosphere, wetter in some areas while drier in others, is consistent will the increasing amount of greenhouse gases that are located in the atmosphere. This menace can affect other threats such as food, water, and energy supplies. If these areas are affected it then leads to health issues and a major impact on the economy. These temperature, while more prominent in the Artic, create persistent droughts which have greatly impacted agricultural productivity. The changes in climate can also create intense storms such as typhoons, hurricanes, and tornadoes. Through past experiences this nation understands the impact that these storms can have on its people and infrastructure (Office of the Director of National Intelligence, 2014). If this trend continues it can become a tremendous issue for future generations.

The threat of climate change has also recently been discussed in the revised National Security Strategy that came out early this year in 2015. This document is about prioritizing the efforts of the homeland security community to address the top strategic risks to the interests of the United States, this includes climate change. It urges that climate change is a growing threat to our national security because it is directly contributing to more natural disasters, refugee flows, and conflicts over basic natural resources. The United States is leading the effort both at home and with the international community to confront this global challenge. This nation is working diligently to reduce the amount of greenhouse gas emissions that it produces. Through the Climate Action Plan the nation attempts to reach its goal of reducing the level of emissions by 26-28% that was recorded in 2005. Through partnerships with the states and private utilities this nation works to cut the amount of carbon pollution that the power plants across the nation emit into the air. At the same time this nation must strengthen its resilience and address all vulnerabilities to the potential climate impacts (White House, 2015).

When compared to such threats as terrorism, climate change might not seem like the priority at this moment in time. However, this threat cannot be pushed aside because of the potential impacts that it can have on the entire world in the near future. This is a threat that needs to continue to be at the forefront of the efforts of the homeland security community. In an effort to reduce the threat of climate change the homeland security community needs to work directly with the people. Through a public awareness campaign future projects can be discussed while preventative measures can be created and implemented. Even the little things can help save the future from this threat. The people need to know exactly what it is they can do that can save the world for their children and children’s children.

Office of the Director of National Intelligence (2014). Worldwide Threat Assessment of the U.S. Intelligence Community. Statement for the record: Senate Select Committee on Intelligence. Given by DNI James R. Clapper. January 29, 2014. http://www.dni.gov/files/documents/ Intelligence%20Reports/2014%20WWTA%20%20SFR_SSCI_29_Jan. pdf

Office of the President (2015). National Security Strategy. http://www.whitehouse.gov/sites/default/files/docs/2015_national_security_strategy.pdf

Comment by William R. Cumming

April 25, 2015 @ 5:00 pm

Thanks for comments. Turns out the movie title is SAN ANDREAS and will be released May 29th, and Claire Rubin pointed out that the FIRE SERVICE liked the TOWERING INFERNO when few departments were equipped for highrise fires.

Comment by William R. Cumming

April 26, 2015 @ 10:27 am

P.S. The Earthquake Hazards Reduction Act of 1977 was enacted in the face of soon-to-be successful earthquake prediction.

That did not happen, at least not yet. But the 1977 statute also mandated that the federal Executive Branch develop, implement, and operate a plan to respond and recover from a catastrophic earthquake.

That PLAN was published in the Federal Register in 1987 and morphed into a NATURAL HAZARDS PLAN and then in May 1992 a
Federal Response Plan.

Now no detailed plan exists but there are various frameworks.

Good luck and good night!

Comment by William R. Cumming

April 28, 2015 @ 8:53 am

NEPAL will demonstrate that response and recovery is fundamental to governance but few there or elsewhere will understand this principle.

The Chinese may have the world’s best understanding of this principle. American leadership does not.

COULD ANY DHS OFFICIAL EXPLAIN HOW 50,000 DEAD, 500,000 INJURED AND 5 MILLION HOMELESS WOULD BE HANDLED?

NADA IMO!

Comment by William R. Cumming

April 29, 2015 @ 9:46 am

I will be commenting this coming Friday May 1st on the FFE on CIP the second most important mission assigned DHS from its beginning.

I will identify how and why DHS has failed in that important mission.

Also 80% of student comments on FFE have dealt with surveillance and cyber security the FIRST CHILD of CIP!

Comment by Vicki Campbell

April 29, 2015 @ 1:43 pm

I couldn’t agree more, Bill – ALL 4 PHASES of Emergency Management are absolutely fundamental to government (at least that was what I was taught in my MPA program). I would however add that not only are they essential to good governance, they have nothing to do with national security in any meaningful sense of the term, and trying to lump them both together under the concept of “homeland security” via DHS, whose structure and organization represents an administrative animal that simple does not appear in nature, has been one of the bigger governmental mistakes in U.S. history – and has served neither very well.

Comment by Vicki Campbell

April 29, 2015 @ 3:26 pm

….especially given that the major national security agencies aren’t even in DHS, and the core components of EM were broken up and scattered to disparate agencies outside FEMA (where is mitigation again?….)

Comment by William R. Cumming

April 30, 2015 @ 4:05 pm

Some recent additions to the FAS/FEMA page!

National Disaster Recovery Framework: Strengthening Disaster Recovery for the Nation, September 2011

FEMA’s Public Assistance Grant Program: Background and Considerations for Congress, Congressional Research Service, April 16, 2015

Critical Infrastructures: Background, Policy and Implementation, Congressional Research Service, February 21, 2014

Comment by William R. Cumming

April 30, 2015 @ 4:07 pm

Again the FAS/FEMA webpage at:

http://www.fas.org/irp/agency/dhs/fema index.html

RSS feed for comments on this post. TrackBack URI

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>