DHS IG Report: DHS’ role in fusion centers

The DHS Office of Inspector General issued a report last week on “DHS’ Role in
State and Local Fusion Centers”.  The report was issued in response to a request from U.S. Representative Bennie G. Thompson, Chairman of the House Committee on Homeland Security.

The report reviews successes and challenges in detail, and makes 7 recommendations.  The DHS Office of Intelligence and Analysis (DHS I&A) is the organization in DHS responsible for fusion centers, and the report states that I&A agreed with all 7 recommendations, and “has proposed plans and taken action that, once fully implemented, will reduce a number of the deficiencies…identified.”

Here’s a summary of the recommendations:

  1. Improve responses to Requests for Information, and identify designated points-of-contact between I&A and fusion centers for information needs.
  2. Expand training courses, including adding additional course locations (not just Washington D.C.), and exploring online training.
  3. Integrate all relevant I&A division roles and responsibilities into the fusion center program.
  4. Review and increase assignments of DHS staff to fusion centers.
  5. Develop measurable performance standards for the fusion center program, and justify continued costs.
  6. Improve interconnectivity among the multiple unclassified and classified information systems used to share and obtain information from fusion centers.
  7. Explore funding options and identify sufficient resources for the fusion center program.  This includes providing staff to the State and Local Program Office to oversee and manage the program.

Regardless of intent, whether or not any of these recommendations are implemented will ultimately come down to funding.  To this end, recommendations #4 (increase DHS staff assigned to fusion centers), #6 (improve interconnectivity among systems), and the 2nd half of #7 (providing staff to oversee and manage the program) are probably the least likely to be implemented in the near future.  But expect funds for some or all of these to be requested in the DHS FY2010 budget.

Advertisements

DHS lessons learned from Mumbai attacks

DHS Under Secretary Charles Allen (DHS Office of Intelligence and Analysis) testified last week before the Senate Committee on Homeland Security and Governmental Affairs, discussing both the lessons DHS learned from the November terrorist attacks in Mumbai, and the information sharing efforts of DHS with regard to the attacks.

Although committee testimony can sometimes be a bit dry, Allen’s testimony is relatively short and offers some insight into DHS policy direction, so you may want to read it.  Here are some highlights:

Prevention and Deterrence:

  • Previously disrupted plots (and previously identified targets) may resurface.
    • Reducing security protection leaves attackers an opening, no matter how much time has passed since the intial threat.
  • A determined and innovative adversary will make great efforts to find security vulnerabilities and exploit them.
    • Think like attackers to identify our weak points before they exploit them.
  • Security must be unpredictable for the adversary, but predictably responsive to those it is meant to protect.
  • Target knowledge was paramount to the effectiveness of the attack.
    • DHS is working on programs to help detect pre-attack surveillance.
  • “Low tech” attacks can achieve terrorist strategic goals-and can be dramatically enhanced by technology enablers.
    • Note: The attackers may have used wireless devices from hostages to monitor and interfere with the response against them.

Response and Recovery

  • Response to a similar terrorist attack in a major U.S. urban city would be complicated and difficult.
  • A unified command system is of paramount importance if governments are to respond to terrorist attacks quickly and effectively.
  • Public-private interactions are crucial and must be developed before an incident occurs.
  • Threat Information must be quickly and accurately conveyed to the public.
    • But he stressed DHS has procedures and practices to balance this with the need to ensure attackers can’t use the information to further their attack goals.
  • Training exercises that integrate lessons learned are critical.
    • Future national exercises will include Mumbai-style attacks.
  • We must protect the attack sites to collect intelligence and evidence to identify the perpetrators.
    • Proper evidence collection must be incorporated into training, planning, and response.

Note: Several reports were cited in the testimony, almost all marked For Official Use Only (FOUO), so they’re not available to link to.  If you would like access to any of these reports, I suggest you either contact your local fusion center or information sharing center, or contact I&A directly (they may point you to a regional organization that can properly vet you as having legitimate need to see the document).

Final Note: Controlling Wireless Information

Use of wireless devices by attackers is already being targeted from a technology standpoint (The NYPD expressed interest in jamming or intercepting wireless signals at the same hearings).  I expect this to become a hot topic, and I expect it to be addressed from an infrastructure & policy standpoint as well (giving responders some measure of control of private wireless infrastructure during an attack).  A combination of both would be necessary to deny attackers information they could use without interfering with the wireless information responders need, so watch for some policy debate on this issue.