Search:  

 Blog     e-Newsletter       Resource Library      Directories      Webinars
AFCEA logo
 

homeland defense

Cyber and Physical Protection Go Together

February 26, 2013
By George I. Seffers

Homeland Security Conference 2013 Show Daily, Day 1

All too often, cyber and physical protection are considered separately, when really they go hand-in-hand, according to experts speaking at the first day of the AFCEA Homeland Security Conference in Washington, D.C., February 26, 2013. The conference opened with a half-day of conversation about hackers, terrorists and natural disasters and addressed concerns involving both physical infrastructure and the cyber environment for all kinds of attacks, be they physical, virtual or even natural in origin.

Richard Puckett, chief security architect for GE, drove home the point that physical infrastructure, such as power plants, have a cyber component. “People want to be able to walk around a power plant with an iPad. They want to attach remotely to these systems, because it is an incredibly powerful and attractive tool. It’s very visceral to them,” he said. “What we’re concerned about as we see those increased patterns of connectedness is how to protect that.”

Puckett emphasized that the relationship between cybersecurity and physical infrastructure was a focus of government and military, noting that the term "cyber" means a lot of different things to different people and for the private sector was more connotative of personal and financial cybersecurity.

Paige Atkins, vice president of cyber and information technology research, Virginia Tech Applied Research Corporation, said that part of the problem is that cyber is a sometimes difficult concept. “Cyber is a little harder for us to understand and grasp because it is not as graphic," she said. "In my personal experience, the cyber-physical area is underappreciated and not fully understood.”

Storms Teach Important Lessons About Infrastructure Protection

February 26, 2013
By George I. Seffers

Senior leaders in both industry and government have learned their lessons from major storms, such as Katrina and Sandy, and are working together to improve the nation’s ability to bounce back from natural disasters.

As a member of the Critical Infrastructure Protection panel at AFCEA’s Homeland Security conference in Washington, D.C., William Bryan, deputy assistant secretary for infrastructure security and energy restoration, reported that in the aftermath of Sandy, a major storm that wreaked havoc in the Northeast, industry and government senior leaders worked closely to solve problems.

He added, however, that after the 9/11 attacks, “A lot of time, a lot of money, a lot of energy was spent on physical protection—gates, guards and guns, bio-readers at facility entrances and crash barriers and on and on and on. None of that worked during Katrina. The money invested by industry to protect their facilities did nothing to protect against the storm. So, the nation started looking at the concept of resilience,” he said. He added that the recently signed presidential directive addresses resilience.

NIST Seeks Industry Information for Cybersecurity Framework

February 26, 2013
By George I. Seffers

The National Institute of Standards and Technology (NIST) released a request for information on Tuesday, February 26, for the cybersecurity framework demanded by the recent White House executive order.

Speaking on the cybersecurity panel at the AFCEA Homeland Security Conference in Washington, D.C., on Tuesday, Jeff Voas, a NIST computer scientist, said he received his first briefing on the executive order about a week ago and NIST already has begun putting together working groups. The request for information process should be concluded in about 45 days. “We’re only a week or two into this,” Voas said.

The panel included Darren Ash, deputy executive director for corporate management and chief information officer for the U.S. Nuclear Regulatory Commission, which regulates the civilian use of nuclear power. Ash said that most nuclear power plants in this country were built decades ago in an analog environment, whereas more recent applications to build nuclear facilities are grounded in a digital environment.

“We know that cyber is important. What we expected and required of these licensees was to establish their plans on how to address cyber,” Ash said. “What’s important is what we do with it.” Recent nuclear license requirements have been accepted, he reported, and just this fiscal year, the commission has begun to inspect the cybersecurity capabilities to ensure they are meeting the requirements.

Richard Puckett, chief security architect for GE, argued that the term “cyber” is too vague, meaning different things to different sectors. To private sector clients, for example, cyber refers to protection of credit card numbers and other personal information, whereas government and military customers are more concerned with the cyber activities of other nation states and the protection of critical infrastructure.

Hotels Hot Target for Terrorists

February 26, 2013
By George I. Seffers

The hotel industry has seen a greater increase in terrorist attacks than any other industry in recent years, according to Alan Orlob, vice president of global safety and security for Marriott International. Orlob offered a first-hand account of the attacks on two hotels in Jarkarta, Indonesia, in 2009.

Orlob, the luncheon keynote speaker at the AFCEA Homeland Security Conference in Washington, D.C., was staying at a Ritz Carlton hotel, which is owned by Marriott, at the time of the attack.

He said that as he stepped out of the shower, he heard at an explosion at the hotel across the street. “I looked out my window, and I could see the front of the JW Marriott, and I saw smoke coming out of the back and people running,” he said. Moments later, another explosion occurred at the Ritz Carlton.

“I followed the broken glass and the destruction into the restaurant. I don’t know how many of you have been involved in improvised explosive device attacks, but it tears clothes off people and separates extremities. That’s what I was seeing that morning,” he said. “I remember feeling that sense of anger that morning.”

Orlob said he studies the tactics, techniques and procedures used by terrorists, and he offered lessons learned, including training first responders to decide which victims should be treated first, only evacuating a building if the evacuation area has been cleared first and ensuring evacuation plans are current.

Diving for Port Security

February 20, 2013
By George I. Seffers

The Long Beach Police Department dive team adopts new homeland security equipment.

The Long Beach, California, police department dive team is now using a newly acquired search and recovery system to help protect the local port, shipping lanes and critical infrastructure.

The Long Beach Police Department (LBPD) dive team has an atypical and varied mission along the port and in the city waterways. “We have the law enforcement responsibility as well as the homeland security mission, mostly dealing with the Port of Long Beach and protecting the port against any type of terrorist threat or action,” says Sgt. Steve Smock, LBPD dive team supervisor. “Everything that the police do on land, we do underwater.”

The mission can include body recovery after a shipping accident or searching for underwater mines attached to ships or piers. The LBPD works with U.S. Customs and Border Protection to search for and confiscate narcotics or other contraband being smuggled into the country. Additionally, the port is a potential terrorist target for several reasons, including the shipping lanes and some of the cargo coming into port.

“We have all these different wharfs and piers that these ships come up to and tie to. A good example is the oil exchange terminals where the oil container ships come in and offload their oil. These are, for obvious reasons, very sensitive. We do a lot to make sure that nobody gets in there to tamper with anything,” the sergeant states.

Face Time Benefits Small and Large Businesses

February 15, 2013
By Maryann Lawlor

AFCEA’s Small Business team is hosting a partnership symposium during the AFCEA Homeland Security Conference that features one-on-one meetings between large companies and small businesses to determine partnering potential.

Customs and Border Protection Agency Eyes the Cloud

February 1, 2013
By George I. Seffers

The U.S. agency responsible for customs and border protection has suffered from an unreliable infrastructure and network downtimes but already is seeing benefits from a fledgling move to cloud computing. Those benefits include greater reliability and efficiency and lower costs.

Customs and Border Protection’s (CBP’s) priorities include moving the agency to cloud computing and adopting greater use of mobile devices. The CBP Cloud Computing Environment (C3E) moves the agency away from a number of stovepipe platforms. “In the past, we’ve run about every kind of platform that’s out there. We are a large IBM mainframe legacy shop. We use a lot of AIX Unix and also Solaris Unix, so we’ve even got different flavors of Unix out there, and then obviously, big Windows farms,” reveals Charlie Armstrong, CBP chief information officer and assistant commissioner for the office of information and technology. “This new environment that we’re moving to collapses a lot of that down into a single environment and loses all of the mainframe, and it gets us out of building environments from scratch.”

Armstrong describes CBP as being in the early stages of its move to the cloud, but the agency already is seeing benefits, he says. He compares creating a computing environment to building cars. “Building an environment with yesterday’s approach was like going to the car dealership, buying all the parts and having to put the car together yourself. Now, what we’re trying to do is to buy a fully integrated product that allows us to stand up environments quicker and also improve performance,” he explains.

The Future of 
First Responder
 Communications

February 1, 2013
By Rita Boland

Public safety personnel are standing at the beginning of a new era in communications as plans unfurl to create a nationwide broadband network dedicated to their needs. With many questions yet to be resolved, organizations must contend with making the right choices for today even as they prepare to take advantage of advanced future offerings.

The Nationwide Public Safety Broadband Network will be based on a single, national network architecture and is intended to help police, firefighters, emergency medical service professionals and other public safety officials perform their jobs better. The First Responder Network Authority (FirstNet), an independent authority under the National Telecommunications and Information Administration (NTIA), will hold the spectrum license for the network along with responsibility to build, deploy and operate it, in consultation with federal, state, tribal and local public safety entities and other key stakeholders. “The burden is on FirstNet to bring public safety a robust and rich network that meets responders’ needs, and this must be done in a manner that’s very cost effective,” says Sam Ginn, chairman of the FirstNet Board. “That’s our goal and mission, and we intend to succeed for public safety.”

Better Visibility for Border Security

February 1, 2013
By Rita Boland

U.S. officials tasked with securing routes into and out of the country are beginning to employ a technology that will pull together disparate information in a way that could save their lives or the lives of others. Though it was not designed exclusively for agents trying to control international movements, these personnel are early adopters, using the system to prevent illicit goods, undesirable persons or rampant violence from making its way over national boundaries.

The Global Information Network Architecture (GINA) is a system of systems that draws in information from many stovepiped sources regardless of their coding or programming. Originally, GINA was developed through a Cooperative Research and Development Agreement (CRADA) with the Naval Postgraduate School (NPS) and Xslent LLC Technologies. The work since has transferred to a CRADA between Big Kahuna Technologies LLC and the U.S. Army Corps of Engineers Engineering Research and Development Center. The NPS now works with GINA through a version licensed to the U.S. government or through a standing contract with Big Kahuna Technologies for the DOD [Defense Department] Information Assurance Certification and Accreditation Process version.

GINA employs a hybrid methodology that leverages model-based architecture and component-based development—two major approaches to contemporary software development. According to a paper titled “GINA: System Interoperability for Enabling Smart Mobile System Services in Network Decision Support Systems,” written by project personnel, both approaches aim at reducing, if not eliminating, the amount of coding required to develop a system.

Power Grid Study Cites “Inherent Vulnerability” to Terrorist Attack, Natural Disaster

November 29, 2012
By Max Cacas

A newly released study on America’s electrical power transmission system strongly suggests that the government and industry take steps to safeguard it from shortcomings that make it vulnerable to things such as terrorist attack and acts of nature. Potential solutions will require not only ingenuity and technology, but investment and political decisiveness.

Pages

Subscribe to RSS - homeland defense