Responding to an emergency is just as crucial—and as technically complicated as—preventing one. Members of the final panel for the DHS 2012 Information Technology Industry Day discussed the importance of communications capabilities to mitigate the effects of a manmade or natural disaster and restore normalcy to an area.

Damon Penn, assistant administrator, National Continuity Programs Directorate , FEMA, related that restoring communications so that disaster victims can contact their families can help in two ways. First, family members can pick up victims and take them to a safer location. Second, the ability for victims to contact family members via phone means one less call first responders need to make or accept during critical response hours.

Penn pointed out that, in addition to resilient communication capabilities, first responders desperately need technologies that can assist in other stages of disaster operations. “The most difficult and important solutions are needed in the assessment stage,” he stated. Speaking directly to industry attendees, he added, “Anything you can to do make it easier would be good.”

Holding up their smartphones, many of the panelists recommended that the entire approach to finding technical solutions that can be used in responding to and immediately after a disaster strike may be better served with a new business model. Rather than trying to predict requirements and going through a long acquisition process, perhaps reaching out to the innovators who create apps would be a more efficient process.

“The apps approach solved problems you didn’t know you had. People with solutions come to you,” Penn pointed out. For example, shoppers didn’t know they needed an easier way to compare prices until someone developed an app that enables them to do it from their smartphone, he illustrated.

One of the most devastating disasters in recent time was the oil spill in the Gulf  in April 2010, but it yielded many valuable lessons learned, Capt. James Cash, USCG, said. The maritime domain is so vast that it is nearly impossible to monitor it entirely all the time. However, homeland security, military and commercial would all benefit from a common operational picture (COP). The challenge is to create one that would exist solely on classified networks yet allow the government to share COP information over unclassified networks with other organizations assisting in disaster recovery. In addition, the Coast Guard itself needs the ability to be resilient, Capt. Cash added. For example, while Rescue 21 equipment was designed to stay up and running during the peak of a natural disaster, some obvious but not planned-for occurrences—such as a tree falling across a power line—caused unexpected problems. As a result, the Coast Guard has put into place a back-up communications satellite system to ensure continued communication capabilities.

Although not claiming victory, the U.S. Department of Homeland Security (DHS) has made some serious headway in improving cybersecurity, according to panelists discussing the topic at the DHS 2012 Information Technology Industry Day in Washington, D.C. Experts said the threats have not disappeared but rather have changed, and various DHS agencies have been learning how to better handle them.

Alma Cole, chief systems security officer, U.S. Customs and Border Protection, described today’s cyberthreats in a way the other panelists agreed with. In previous years, some of the most serious cyberconcerns revolved around malicious activity from personnel within an organization. Although that threat cannot be ignored, new network activity tracking capabilities are helping to keep that threat in check to some degree. And although hactivists may embarrass organizations in the public forum, today one of the largest threats is silent—those hackers who creep into networks to steal intellectual property or identification.

But with a few years of tracking hacking beneath their belts, the DHS cybersecurity experts have put into place a number of solutions to help protect national infrastructure—both cyber and physical. Concepts of operations have been developed and central security control centers have been put into place. Both of these enable the DHS and its agencies to know what’s going on across networks and what to do when suspicious activity is suspected or a breach occurs. In addition, today’s capabilities provide forensics, which enables cybersecurity personnel to understand what happened and how to address the vulnerabilities.

“We also have been able to get critical analysts to map out how people have been trying to attack our networks,” Cole added. “And then, they are able to figure out how to stop them.”

While this news is mostly good, Dave Epperson, chief information officer, National Protection and Programs Directorate, pointed out that the volume of data these capabilities produce has become a challenge. He called for cyber visualization tools that are more specific than the “green, amber, red” and “trending” capabilities available today. Creating such tools is “tough to do,” Epperson admitted, and he added that it is difficult even to describe the specific capability needed, but he said he will know it when he sees it.

Members of the two morning panels at the DHS 2012 Information Technology Industry Day hammered home the need all DHS agencies have for information sharing and information security within a mobile environment.

In addition to constrained budgets—a topic that all the panelists said was unnecessary to mention yet spoke about extensively—the agencies continue to face slow processes to put these capabilities into place. Among the hurdles that continue to surface are slow certification and accreditation processes, barriers to entrance for industry and exit from contracts for government, and management of authoritative data sources.

Every chief information officer (CIO) must treat each dollar as if it’s the last one they have to spend on IT, panelists agreed. This means that they are no longer interested in gadgets but rather capabilities that feature economical operating and management in the future. In addition, companies that come to the table with metrics about return on investment are those that DHS’ CIOs are most likely to pay close attention to and seek the dollars to “prime the pump” for a purchase despite diminishing budgets.

CIOs from the DHS emphasized that their information sharing about companies’ solutions has improved immensely during the past several years. As a result, they are able to build on each others’ purchases, saving time and dollars that can be invested in areas that have had to do without in the past.

Rear Adm. Robert Day, USCG, CIO, U.S. Coast Guard, perhaps summed up the budget issues best: “In fiscal year 2012, the ‘nice-to-haves’ have gone away; in fiscal year 2013, the ‘should haves’ are going away; in fiscal year 2014, the ‘must haves’ will go away. This progression is one that worries all the CIOs as they wonder if they’ll have the revenue they need to address future threats,” he added.

Richard Spires, chief information officer, U.S. Department of Homeland Security (DHS), kicked off DHS Industry Day by declaring that it is time to find the balance between the IT needs of individual DHS agencies and leveraging IT throughout the department as a whole. The department needs to take a “shared first” approach to commodities and then look at unique technologies needed by the individual agencies.

Although the DHS on the whole has not always completed IT projects on time and on budget, Spires said that the council has set up centers of excellence that help determine how to assist the agencies achieve success. Robert Foster, acting CIO, Immigration and Customs Enforcement (ICE), added that the centers enable the agencies to tap into a central repository to meet individual IT needs from an enterprise level, and he called for increasing the number of centers.

Spires led a panel comprising the department’s CIO council, including Margie Graves, deputy CIO, who said that one of this year’s focus areas will be “as a service” offerings, including email, SharePoint and testing new IT capabilities not only throughout the development process but also during the roll-out process.

Leveraging department resources across the agencies that comprise the DHS will be increasing important as each organization grows its mission. For example, Rear Adm. Robert Day, USCG, CIO, pointed to the data collected after the April 2010 Deepwater Horizon oil spill in the Gulf Coast—18 terabytes of it. If the DHS did not have the capability to efficiently process and analyze that plethora of data, the Department of Justice would not have the evidence it needs for the subsequent law suits and holding BP accountable for the clean-up.

Panelists agreed that, despite the benefits, challenges exist in moving toward an enterprise-wide infrastructure. Among the most common challenges are legacy applications, the need for agile development and testing, and new acquisition approaches that enable agencies to purchase capabilities in small chunks rather than through huge contract commitments.

Protecting any nation’s citizens and institutions is difficult under any circumstances, but today’s economic limitations make this task even more challenging. Government and business leaders will meet at the Ronald Reagan International Trade Center February 28 to March 1 to tackle this topic during AFCEA International’s 11th annual Homeland Security conference.

Conference discussion topics include cloud computing, cyberwar, procurement, wireless broadband and social media. Small businesses’ interaction with the U.S. Department of Homeland Security (DHS) also will be explored.

Speakers and panelists include Jim Flyzik, president, The Flyzik Group; Peter Tseronis, chief technology officer, U.S. Department of Energy; Cathy Lanier, chief of police, District of Columbia; and Bruce Walker, acting vice president, homeland security, Northrop Grumman Information Technology.

Although the first day of DHS IT strategy sessions is not affiliated with the AFCEA conference, coverage of the sessions will be featured on the Coverage and Collaboration: Homeland Security 2012 Web page.

The U.S. Department of Homeland Security and the Defense Advanced Research Projects Agency have called upon industry to develop a low-cost and secure communications, network management and situational awareness system for the U.S. military, public safety agencies and commercial clients. The solution must enable remote and secure mission-based communications with or without cloud connectivity. The goal is to design a technology with both military and security applications that offers real-time information regardless of the infrastructure and equipment first responders or military members use. Under a two-year agreement, SRI International and Covia Labs will develop the enhanced capabilities for communications devices such as smartphones. In the long term, the companies plan to design a low-cost solution that features the seamless formation of secure teams across different military and public safety agencies.

Situational awareness that borders on command and control (C2) may be necessary to protect vulnerable networks in the nation’s critical infrastructure. The threat to these increasingly complex industrial control systems will require more than just commercial off-the-shelf security solutions, according to a panel of experts at TechNet Asia-Pacific 2011 in Honolulu.

Rear Adm. Paul Becker, USN, the U.S. Pacific Command (PACOM) J-2, warned that the proliferation of control systems, coupled with a lack of network situational awareness, are prime opportunities for cybermarauders. In calling for C2 of networks, he noted that while nation-states appear to be the only cyberthreat with the ability to attack the nation’s infrastructure, organized crime now is able to develop or hire hacker talent.

Bryan Richardson, a critical infrastructure security expert with Sandia National Laboratories, stated that the good situational awareness tools that the infrastructure needs largely must be customized specialty solutions, although some could come from traditional information technology sources. Sandia has performed many assessments, so it understands the different types of systems and what needs to be done for them, Richardson said.

David Rolla of the Hawaiian Electric Company added that a good network situational awareness tool must be able to weed out legitimate security threats from natural disasters or even overzealous marketing events. His company is trying to put in place a holistic system that protects the entire network from start to finish.

The new technologies that are enabling elements of the critical infrastructure to operate more efficiently also are making them more vulnerable to devastating cyberattacks. Advanced mobile connectivity and supervisory control and data acquisition (SCADA) systems have created fertile ground for cybermarauders to target key aspects of the infrastructure a number of ways.

These were the findings of a panel comprising a number of experts from Hawaii and the U.S. Pacific Command (PACOM) at TechNet Asia-Pacific 2011 in Honolulu. Rear Adm. Paul Becker, USN, the PACOM J-2, described how the use of SCADA industrial control systems was a primary threat to the infrastructure. These systems are the focus of malevolent hackers, whose growing sophistication has increased the likelihood that they will be able to launch a devastating attack.

David Rolla of the Hawaiian Electric Company elaborated on how the SCADA threat has grown. Companies such as his have trended toward more integrated and more sophisticated control systems, and greater interconnectedness means more interdependency. The need for a communications infrastructure, which requires external communication links, also has increased vulnerabilities. Where the threat used to be broad-based—such as simple denial of service—it now takes the form of highly targeted attacks focused on a single entity, Rolla said. “We’re coming to a point where there is no such thing as a trusted source,” he warned.

Tasked with patrolling millions of square miles of water over vast ocean distances, the U.S. Coast Guard is looking to augment its surveillance forces with unmanned air vehicles (UAVs). These craft would serve to alert cutters to what lies over the distant ocean horizon.

Rear Adm. Charles W. Ray, USCG, the commander of the 14th Coast Guard District, told the final breakfast audience at TechNet Asia-Pacific 2011 how the vast area of responsibility across the Pacific Ocean tasks Coast Guard operations. Many isolated islands and atolls are U.S. territory, and their fish-rich waters constitute more than a million square miles of U.S. exclusive economic zones. The Coast Guard needs a persistent presence in these waters, and UAVs can help fill that need, the admiral said.

Adm. Ray called for an inexpensive UAV that can provide that over-the-horizon presence. He added that while the Coast Guard does not have a program of record for UAVs, it is partnering with Customs and Border Patrol on its Predator program in the hopes of developing a maritime version. It also is following the U.S. Navy’s development of UAVs, the admiral noted.

The Air Force and Arlington County, Virginia, are taking preventative measures against hackers such as the ones that recently attacked Sony, costing them over $170 million. It’s not just money at risk for government networks, however.

The Air Force has the lead for the Next Generation Airspace and lead for the Department of Defense. Arlington County, which collaborates extensively with the department on many levels, has undertaken continuous monitoring and risk analysis and is currently evaluating its supervisory control and data acquisition (SCADA) systems.

Maj. Gen. Edward L. Bolton Jr., USAF, director of cyber and space operations, office of the DCS for ops, plans and requirements, led a discussion with B.G. Ranck Jr., director of warfighter systems integration at the office of the Secretary of the Air Force, and Mark Orndorff, PEO for Information Assurance and NETOPS for DISA at the AFCEA D.C. chapter’s cyber security luncheon on May 20 describing the Air Force’s approach.

Gen. Bolton asked everyone in the audience to say at what level they thought we should protect. The audience answered that we should protect “every link at every level.”

He also suggested that Air Force’s biggest issue with communications is the “lack of transportability” of the equipment and parts driven by its inability to interoperate between stovepiped systems. He described a soldier as having to carry a pack with three computers, multiple batteries, and multiple wires in order to communicate.

According to Bolton, the Air Force will focus on three main areas: capabilities, employment, and people. He also stated that the Air Force will change the discussion from aircraft allocation to “what information do I need vs. how many airplanes do I have in the air?” It also maintains that, “every airman must have a certain understanding of cyber.”

The Defense Department envisions a joint architecture and joint services information-sharing requirement that is not specific to a particular agency that promotes interoperability and information sharing across previously discrete domains. In keeping with this vision, the Air Force will migrate away from the plethora of often proprietary and stove-piped systems and transition to a single standards-based network. These systems often do not interoperate with other systems both in and outside of the Air Force. The Air Force will channel the resulting savings into building operational capability.

Gen. Bolton also asked the defense contracting community to help the Air Force by not perpetuating proprietary and controlled environments and boxing the Air Force into a technology or proprietary solution.

Though the panel focused primarily on the network and interoperable systems, it did not address the issue of SCADA systems, which are an integral part of Air Force and Defense Department infrastructure. We often don’t realize that our traffic lights, transportation systems, bridges, dams, power systems, water treatment plants and other systems contain digital information vulnerable to attack and theft even though they are not a part of other network systems.

Arlington County has undertaken an initiative to evaluate its SCADA systems and mitigate any risks found. In a public forum, Chief Information Security Officer David Jordan mentioned an article that described how U.S. officials who initially were going to conduct a public forum to discuss the risk of SCADA systems quietly decided the risk was too great to bring it to the public’s attention and cancelled the forum. “We started with the critical infrastructure systems; those connected to the network and are conducting other evaluations according to priority. SCADA systems are vital in the support of day-to-day life in a city,” Jordan stated.

But there are other important systems not directly under the control of the jurisdiction or the Federal Government; such as local phone switching center operating systems, cable, and wireless broadband operating systems and their related command and control networks, he continued.

The Defense Department would do well to conduct similar analyses across the Defense Department, if these are not already under way.