DHS disaster practice makes perfect (kinda)

 

Connecting state and local government leaders

The Homeland Security Department is getting better at running drills that train a wide variety of government officials how to respond to terrorist attacks and that polish interoperable communications. But in other areas, it's still being criticized for inadequate preparations.

The Homeland Security Department is getting better at running drills that train a wide variety of government officials how to respond to terrorist attacks and that polish interoperable communications. But in other areas, it's still being criticized for inadequate preparations.As DHS carried out two major drills last month, the department got whipsawed by a coalition of corporate CEOs for poor cyberattack readiness and needled by an IT vendor over disaster relief IT preparations.The department carried out a three-day tabletop exercise that simulated attacks by terrorists using weapons of mass destruction on Washington and on a fictional West Coast port called LandPort. In a separate drill, called Grecian Firebolt, Army units tested communications links among military units and the Federal Emergency Management Agency.But the three-day drill, known as TopOfficials 4 Command Center Exercise, or TopOff 4 for short, apparently did not include a prominent cybercomponent, according to department officials and documents describing the simulation.'A large portion of this exercise was devoted to assuring that the government would be able to achieve continuity of operations [during a major terrorist attack],' DHS undersecretary for preparedness George Foresman said at the press conference concluding the exercise.On the same day as the DHS press conference, the Business Roundtable, an association of corporate chief executive officers whose companies collectively have $4.5 trillion in revenues and 10 million employees, denounced federal COOP plans for a cyberattack.'Our nation's Internet and cyberinfrastructure serve as a critical backbone for the exchange of information vital to our security and our economy, but our analysis has exposed a significant weakness that could paralyze the economy following a disaster,' according to a statement by Edward B. Rust Jr., chairman and CEO of State Farm Insurance Cos. and head of the roundtable's cybersecurity task force.'If there's a cyberdisaster, there is no emergency number to call and no one in place to respond, because our nation simply doesn't have the kind of coordinated plan in place that we need to restart and restore the Internet,' Rust said.The business organization pointed to three problems with national preparedness for a cyberattack:DHS did not have any immediate response to the Business Roundtable report.'If our nation is hit by a cyber-Katrina that wipes out large parts of the Internet, there is no coordinated plan in place to restart and restore the Internet,' said roundtable president John J. Castellani.The department has been working on cyberattack issues via acting NCSD director Andy Purdy since it lost its permanent chief more than a year ago.On another front, a major vendor of authentication technology said FEMA hasn't completed contract negotiations for a system to authenticate the identity of disaster benefits recipients.Foresman said his organization was reviewing all of its contracts. He expressed confidence that the department would be able to authenticate the identities of disaster aid applicants.Without a functioning authentication system, FEMA runs the risk of widespread benefits fraud of the kind that led to last year's outlandish and widely reported misuse of relief funds for hardcore entertainment rather than the hardcore unemployed.Foresman said TopOff 4 would generate an after-action report. 'This will not be a report that will sit on a shelf gathering dust,' Foresman said.But he said the drill had not led DHS to conclude that it needed to reallocate any grant money to respond to threats or preparedness needs that the simulation had uncovered. And his fellow press conference speaker, John Miller, the FBI's assistant director for public affairs, said the information gained in the exercise had not prompted the bureau to adjust the training or deployment of its special agents.DHS runs large-scale TopOff exercises in odd-numbered years. In 2006, an off year, DHS is running a smaller-scale CPX, or command post exercise.'Companies and trade associations participated in the simulated national emergency either as a tabletop exercise called a TTX or a Command Post Exercise known as a CPX,' according to a memo issued by the Real Estate Information Sharing and Analysis Council.Earlier TopOff exercises have brought dozens of agencies together to respond to simulated disease outbreaks and chemical gas attacks by terrorists.The separate communications interoperability exercise, Grecian Firebolt, involved FEMA personnell and Army Signal Corps units. It combined the efforts of the disaster agency with work by the Army's 311th Theater Signal Command in a drill that set up voice, data and video network services for Army units deployed in areas from Massachusetts to California, the Army said.Grecian Firebolt involved more than 500 military personnel at different times, according to command spokeswoman Jo Hoots.'In today's world, you often see the Army and federal emergency agencies working together,' said Maj. Gen. Donna Dacier, commander of the Signal Corps unit, in a statement. 'When a real disaster strikes, the lines of communication must open quickly and stay open.'Dacier added that the Grecian Firebolt exercise, centered at Fort Dix, N.J., provided an opportunity to test the interoperability of Army and FEMA radios, compare command and control practices, design systems infrastructure and strengthen agency coordination.Grecian Firebolt also supported four other military exercises spread across several states and involved several other Signal Corps units.One key Signal Corps unit in Grecian Firebolt was the Delaware National Guard's 261st Signal Brigade. Hoots noted that the Delaware unit specializes in setting up interoperable communications hubs for civilian and military networks at disaster sites.

TRAINING GROUND: DHS personnel simulated a terrorist attack during the recent TopOff 4 exercise.

Rick Steele

CEO group says feds not ready for cybercalamity


















  • Poor early warning: The report cited problems with the ability to detect Internet attacks and measure their severity.

  • Tangled lines of command and control: Government and private groups responsible for restoring the Internet after a major attack haven't planned well for joint action, so they cooperate poorly.

  • Scanty funding: The organizations responsible for putting the Internet back online have been shortchanged; for example, DHS' National Cyber Security Division targets too little funding at cyberrecovery.












Authentication system











Military exercises













X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.