|Jane Holl Lute|
Jane Holl Lute, the Deputy Secretary of DHS, appeared before a House Homeland Security subcommittee on April 29 to describe the process by which her department prepared its first-ever quadrennial review, and the conclusions that DHS reached as a result of that time-consuming process.
Unfortunately for Lute, even before she began her testimony, she was rapped on the knuckles by Rep. Chris Carney (D-PA), the chairman of the subcommittee on management investigations and oversight, as well as Rep. Bennie Thompsn (D-MS), the chairman of the overall homeland security committee, for what both lawmakers viewed as unacceptable tardiness in the department’s submission of its Quadrennial Homeland Security Review (QHSR).
Carney was also unhappy with what was omitted from the QHSR, even though the requirements were statutorily mandated in the Implementing Recommendations of the 9/11 Commission Act of 2007.
“Missing was a description of the interagency cooperation, preparedness of Federal response assets, infrastructure, budget plan, and other elements of the homeland security program,” grumbled Carney.
Chairman Thompson acknowledged that, despite the missed deadline, he was pleased with the QHSR because it establishes a “strategic framework.”
“In particular, the QHSR describes critical homeland security threats, hazards, global challenges and trends, such as: the high consequence of weapons of mass destruction; the ongoing concerns regarding Al Qaeda and other terrorist network; the potential for cyber attacks; and the impact of pandemics, major accidents and natural hazards,” observed Thomson in his opening remarks.
Thompson didn’t hesitate to recite a laundry list of problems at DHS that, in his view, the QHSR didn’t address satisfactorily -- “Staff shortages in its acquisition workforce; a financial management system that has never received a clean audit; a personnel system that is outsourced to large private sector corporations; procurements that proceed without proper oversight; and inadequate physical and technical capabilities.”
Lute acknowledged that certain mandated information and analyses were not included in the QHSR document itself, but promised that a follow-on document, which she called a “Bottom-Up Review,” or BUR, would try to explain how DHS will align its “programmatic activities and organizational structure with the broader mission sets and goals identified in the QHSR.” She said the results of that Bottom-Up Review will be reflected in President Obama’s budget request for fiscal year 2012, which will become public in approximately February 2011.
Rather than act as a specific budget document or prioritization of individual tasks, the QHSR was intended to set broad principles and outline overarching goals for the nation’s approach to homeland security, explained Lute.
She identified five broad “missions” that “capture the universe of activities required to achieve homeland security”:
( 1 ) Preventing Terrorism and Enhancing Security;
( 2 ) Securing and Managing Our Borders;
( 3 ) Enforcing and Administering our Immigration Laws;
( 4 ) Safeguarding and Securing Cyberspace
( 5 ) Ensuring Resilience to Disasters
These broad principles, Lute said, were arrived at after inputs were received from hundreds of homeland security-related associations, other stakeholders, more than 40 position papers, and 3,000 comments from members of the public, submitted as part of the department’s “online National Dialogues.”
When a journalist asked NYC Police Commissioner Ray Kelly at a May 2 press conference, “Do propane tanks need to be registered in any way?” the Commissioner was not entirely correct when he answered, “I don’t believe they have to be registered. No.”
In fact, when they are used in New York City, liquefied petroleum gases – also known as LP gases, LPG or bottled gas, the most common of which are propane and butane – obtaining permits is required in certain instances, and it must be stored in portable cylinders.
“Cylinders must be approved for use by the Federal Department of Transportation,” explains a set of study materials prepared by the New York Fire Department. “Cylinders must be re-tested every five years. The Certificate of Fitness holder is responsible for checking the retest date and having the cylinder inspected, on time, by the [LPG] supplier.”
Of course, a would-be terrorist may not feel duty-bound to check the fitness of two propane tanks he is planning to detonate in Times Square.
In some circumstances, the individual or organization using a propane tank must first obtain a permit from the City of New York. For example, if the propane tank will be used to operate a “tar kettle” – which heats tar before it is used at a construction site – a permit is required. “This permit is issued by the Fire Commissioner,” says the FDNY’s study materials. “The permit is valid for one year.”
Another example is a forklift truck that is powered by LP gas. “A permit must be obtained to use a forklift in public areas,” says the FDNY. “The permit is issued by the Fire Commissioner.”
These permits are required because “LP Gas is highly explosive when it accumulates in one area,” says the fire department. “Combustible materials must be located at least 10 feet away from any LP Gas appliance or cylinder.”
Of course, the potential safety threat inherent in propane, and other combustible gases and chemicals, has long been understood by security officials. Even so, propane was treated as something of a special chemical when DHS prepared its Chemical Facility Anti-Terrorism Standards (CFATS). Because many small farmers and other agricultural organizations use propane in relatively small quantities on a regular basis – and because of the strong support from the National Propane Gas Association, DHS “clarified” its final rules back in 2008, so as to specifically exempt many smaller users of propane from the necessity of completing lengthy security assessment forms issued by DHS. These exemptions were described in an article published by GSN: Government Security News in March of 2008.
“NPGA has approximately 2,800 retail marketer members that operate over 8,000 bulk storage facilities,” said the propane gas association in a December 2009 letter to the U.S. Department of Labor. “Conservatively, there are at least 40 million propane gas cylinders that are primarily used in residential applications, such as outdoor grills and barbecues. Another 10 million tanks/cylinders are estimated in use in retail, farm, construction, forklifts and kitchens/restaurants applications.”
The bottom line: In theory, there are more requirements for registration and permits for using propane tanks in New York City than Commissioner Kelly may have realized, but there are also tens of millions of propane tanks being used across the country, and DHS has not been overly zealous in gathering security information from many of these smaller users.
As hundreds of thousands of protesters took to the streets on May 1 to demonstrate against the newly-signed immigration enforcement law in Arizona, as well as the absence of any new immigration “reform” legislation in Congress, DHS is preparing to launch a new online searchable database in June that would enable family members – as well as police officers – to determine whether any individual is being detained in an Immigration and Customs Enforcement (ICE) facility anywhere in the U.S.
The new Web tool, which is scheduled to be deployed next month, is intended to enable family members and attorneys to locate an alleged illegal immigrant at a specific detention facility, arrange for his or her bond, or deposit money in that detainee’s account to help pay for their telephone or commissary services, according to a notice that will be posted in the Federal Register on May 3 by the DHS privacy office.
However, the same database could be accessed by police officers or other local law enforcement employees -- in Arizona or elsewhere -- who wish to determine the immigration and detention status of a particular individual. Among the nine categories of individuals covered by this new database, are, says the DHS notice, “Personnel of other agencies who assisted or participated in the arrest or investigation of an alien, or who are maintaining custody of an alien.”
The new service will be called the ICE Online Detainee Locator System, or ODLS.
“Currently, members of the public must contact a DRO [Office of Detention and Removal Operations] field office by phone to determine the location of a detainee,” explains the DHS notice. “With the deployment of this automated system, the public will be able to locate detainees more quickly and efficiently through an online query.”
Members of the public or law enforcement agents will be able to search the database by entering either the individual’s full name or Alien Registration Number (known as an A-Number), plus the person’s country of birth.
“ODLS only contains information about individuals who are currently in ICE custody or were previously detained by ICE within the past 60 days,” explains the DHS privacy notice. If a local police officer were to arrest an individual for alleged speeding, loitering, driving under the influence, or shoplifting, to name just a few examples, that officer might find it convenient to quickly determine whether the arrested individual had been in ICE custody anytime during the past 60 days.
The online query will generate one of three possible answers: “No records found,” which means there was no match in the database; “In Custody,” in which case it will display the detention facility where the person is being held, that facility’s Web site and full contact information; or “Not In Custody,” which means the person was released from ICE custody within the last 60 days.
One of the primary purposes of this ICE database is to “support the identification, apprehension, and removal of individuals unlawfully entering or present in the United States in violation of the Immigration and Nationality Act,” says the DHS notice.
The information in the database, which is considered Unclassified, will be stored at ICE headquarters in Washington, DC, at ICE field offices and at detention facilities across the country.
The public is invited to comment on this proposed new online query capability by June 2 by visiting www.regulations.gov and citing docket number DHS-2010-0031.
Further information is available from Lyn Rahilly, a DHS privacy officer, at 703-732-3300.
|Who will govern?|
A recent white paper published by Lockheed Martin Cyber Security Alliance -- a division of Lockheed Martin Corp., of Bethesda, MD -- and Market Connections, Inc, of Fairfax, VA, discovered that when it comes to cloud computing the government has made little headway.
“Widespread lack of awareness and misunderstanding,” as well as “significant trust and governance questions” remain among government officials, who are far less likely then their civilian peers to know about or be using cloud computing software.
The report concludes, “The awareness, trust and security issues that have limited federal government adoption of cloud computing appear to be more perceptual than prohibitive.”
Even those members of the government who are involved with cyber security and information technology sectors had only a basic understanding of cloud computing and even more were unsure what their specific agencies were doing to implement cloud platforms.
Still, the report finds, “The adoption of cloud-based solutions is growing. Increased awareness and understanding of cloud computing can pave the way for more adoption, as respondents who are familiar with cloud computing tend to pursue its inherent benefits.”
And with a growing foothold in the government -- “Cloud computing is currently one of the fastest growing trends in all of IT,” the report states -- the expansion of the marketplace will assuredly be the future for clouds.
Lockheed discovered that one of the most important issues for government officials considering cloud computing is the lack of governance. But Thomas Krafft, director of marketing at Objectivity Inc., a cloud computing company based in Sunnyvale, CA, believes the marketplace will resolve these, and other, cloud computing concerns.
“Who should govern cloud computing?” Krafft said in an exclusive interview with GSN: Government Security News. “That is a tough question. I would have to defer to the marketplace. The standards in government for security already exist. There are audits and paper trails that govern compliance. So, the free market will decide if specific cloud platforms support individual agencies’ needs. It’s self-regulating; if you can’t support the user’s needs, the product won’t be used.”
“Cloud computing platforms are relatively new,” added Krafft. “But it’s been precisely because of the input and feedback from organizations like the government that cloud companies are improving security.
“The marketplace in the past six to 12 months is really listening and responding as quickly as the market does, which is significantly quicker then what the government can do. You really can see the growth at a pretty fast click.”
To download the full findings of the report, visit http://www.lockheedmartin.com/data/assets/isgs/documents/CloudComputingWhitePaper.pdf
At the 2010 ASIS NYC Security Solutions Expo at the Jacob Javits Center on April 30, GSN: Government Security News spoke exclusively with a member of the Pentagon Police Department who talked about the monumental task of protecting the Defense Department’s headquarters.
“It is a very rewarding job providing protection for the top brass at the Department of Defense” said officer Michael Massarotti. “25,000 occupants are in and out of the building over the course of a 24 hour period, so the job keeps you very busy.”
Massarotti also spoke about the challenges that the Pentagon police department faces each day.
“Working in an environment that is so large is like being a police officer in a big city. There is always the threat of workplace violence, people can snap at any time. But we also address more common problems like medical emergencies and crime.
“Counter intelligence is also a huge concern of ours,” he added. “You could be walking by just about anyone and they could or could not be a spy. And we will always have ‘the insider threat.’ With so many people in the facility, anyone could be a potential danger. Individuals could be attempting to take classified or sensitive materials off the property, so we are always enforcing information security.
“But the threat of terrorism,” Massarotti noted, “is always among our most pressing priorities. We really fight a mixture of threats everyday. But we never forget that the Pentagon is among the most favored targets for terrorists.”
Massarotti also addressed the recent violence that occurred at the Pentagon almost two months ago.
“As we have seen in March, the lone wolf has always been a threat. The lone wolf is the most difficult to track. For instance, the March shooter drove all the way across country to the Pentagon. He even did surveillance on the building the day prior. He walked up like everyone else, dressed very nicely, from the Metro station and he tried to breach security by pretending to have a Pentagon building pass. Instead, he pulled out two handguns and starting shooting
“Thank goodness no one was seriously injured,” Massarotti remarked. “Pentagon police handled the situation and they quickly neutralized the threat. We did exactly as we were trained to do. We kept the civilians safe, kept the top brass safe and we kept the building safe.”
“We never know what might happen so we always remain vigilant,” Massarotti told GSN. “We are a proactive police force. We do everything we can to protect that building.
“We are protecting those who protect our nation and that is a huge motivation for us everyday.”
The Gov 2.0 Expo, which will be held in Washington, DC, from May 25-27, will bring together the best and brightest to discuss innovative new ideas and technologies that can improve and enhance the functioning of government.
Dr. Mark Drapeau, director of innovative social engagement at Microsoft, Inc., said he is thrilled to be co-hosting the 2010 conference.
“The event is all about taking the knowledge from Silicon Valley and other non-traditional places for technology and having a conversation and demonstration with government decision makers to move forward and make a more collaborative participatory and transparent government,” Drapeau told GSN: Government Security News in an exclusive interview.
“A number of highlights in this year’s program pertain to security issues,” he added.
“One keynote speaker, Price Floyd, is head of public affairs at the Department of Defense (DoD). He will be talking and answering questions about how DoD is more transparent and collaborative with the pubic, in addition to addressing how DoD is using new media.”
“We will also have Alec Ross, who is the senior advisor for innovation at the State Department (DoS).”
Some of the other attendees and speakers who will address security concerns include the U.S. Intelligence Community's Chris Rasmussen, former Defense Intelligence Agency (DIA) analyst Matthew Burton and current DIA technical project manager Steve Willet, Carmen Medina of the Central Intelligence Agency (CIA), who will explore the latest trends in cloud computing and security, and Andy Bonillo who serves as a member of the U.S. Secret Service’s Cyber Intelligence Section.
For more information or to register for the event visit http://www.gov2expo.com/.
America is a big country, with a lot of airports, and a lot of air travelers. But who would have guessed that in order to train and certify its baggage-sniffing canines, the Transportation Security Administration (TSA) would need to acquire as many as 12,000 pieces of used luggage each year.
But, according to a recently issued Request For Quotation, that’s exactly what TSA requires -- a a maximum of 12,000 pieces of “used soft and hard case luggage/baggage” annually, which “must be in good working order,” says the RFQ. “Working zippers, intact undamaged handles, and wheels, where applicable.”
TSA is planning to procure this luggage for the use by dogs who are part of the National Explosives Detection Canine Team Program (NEDCTP) and the Federal Air Marshal Service. Typically, when the NEDCTP deploys dogs for use by local police departments, it encourages the police to solicit free luggage from the local airport or airlines. However, because the luggage to train the sniffing dogs will be used on behalf of TSA – and TSA oversees those airports and airlines – the agency decided not to seek free donations.
“TSA regulates Airports and Airlines, therefore, it would be a conflict of interest to solicit free or donated luggage/baggage items,” says the RFQ, which was posted online on April 28.
Instead, TSA envisions a 100 percent small business set-aside award, in which the agency will establish one or more Blanket Purchase Agreements to purchase luggage from small companies during a five-year period, with a total ceiling value of $800,000.
In the technical requirements portion of the RFQ, TSA notes that each piece of luggage should contain no more than five articles of clothing, but should definitely contain “toiletry items that would fit in a standard Shaving Kit/toiletry bag,” which it insists must not be leaking or broken.
The baggage will be delivered to locations throughout the continental U.S., as well as “OCUNUS” locations, such as Alaska, Guam, Hawaii and Puerto Rico.
Prospective vendors have until May 24 to submit their proposals and price quotations.
Further information is available from TSA’s Brandon Prindle at 571-227-3003 or [email protected].
The Defense Department’s human resources office plans to award a sole source contract to ARES Corp., of Burlingame, CA, to supply its AVERT software, which will be used by the Pentagon’s Antiterrorism Force Protection Office to perform a wide variety of security and vulnerability assessments.
The software, whose official name is Automatic Vulnerability Evaluation for Risks of Terrorism, “Computes the probability of a successful attack or intrusion and identifies the most effective path(s) that an adversary will use to penetrate security,” says a product description prepared by ARES.
A user in DoD could model any physical attack by terrorists, visualize the security breaches, quantify the existing risks in mathematical terms, and then measure the effectiveness of proposed security improvements.
In a notice announcing its intention to award the sole source contract, the Defense Human Resources Activity (DHRA), a unit of DoD that reports to the under secretary of defense for personnel and readiness, said it expects six tasks to be performed by ARES: (1) supply its AVERT software, (2) maintain its product with software updates and technical support, (3) train DHRA users in vulnerability assessment modeling, data library development and interpreting results, (4) develop models for locations with DHRA employees, (5) provide engineering analysis support for security and vulnerability assessments, and (6) provide structural engineering analysis, threat analysis and other technical support.
“In 1999, while working with the U.S. Department of Defense (DoD), on risk assessments for the F-15, F-16, and B-2 bomber, ARES recognized the need for a software tool that would objectively quantify the risks of intentional acts,” says the company’s descriptive literature.
“ARES developed AVERT through Small Business Innovative Research (SBIR) grants supported by the DoD. In its present state, AVERT can realistically model threats to critical sites from the land, sea, and air, while taking into account diversions, weapons, vehicles and multiple adversaries and targets.”
AVERT is a PC-based program that models terrorist attacks in a graphical 3-D interface. Taking into account various threat conditions — on world, regional, and site-specific level -- the software reviews a range of attack paths, delivery systems, and transport routes against the effectiveness of existing and potential countermeasures.
“Its powerful ‘what–if’ analysis capability quantifies precisely the reduced vulnerability when security is enhanced in the form of added barriers, security patrols, and detection devices,” says the ARES product literature.
|Video surveillance on iPad|
In a dazzling demonstration of video surveillance, Christopher Gettings – President and CEO of videoNEXT Network Solutions, Inc. of Chantilly, VA – wowed an audience at New York’s Paley Center for the Media on April 29, with an incredible array of video surveillance software, all of which is fully compatible for mobile viewing on an iPhone or iPad.
Gettings spoke at a Tekserve-sponsored event entitled, “Your Business on a Mac: The Future of Video Surveillance,” that also included presentations from Apple and IP camera supplier Axis Communications. During his presentation, Gettings showed the audience how videoNEXT software allows users to monitor just about anything and everything -- from office kitchens to parking spaces -- on commonly used Web browsers like Safari, Firefox and Explorer.
Some of the more innovative aspects of the videoNEXT system included:
A geospatial interface that utilizes Google Earth software to locate cameras as well as individuals accessing the system from mobile devices;
Intelligent and scalable archiving that automatically erases video segments in which no action occurs to more efficiently utilize storage capacity;
Abandoned object and removed object detection that allows the software to analyze when something has changed within the environment under surveillance;
A diverse array of camera specific algorithms that allows users to automatically create, for instance, tripwires in a room that will alert the user to the coming or going of individuals in a given space. Other algorithms include measures that alert to the speed, size, number and type of targets in a given area;
Detailed event logs that can be organized by access control events, such as card swipe associations or cash register transactions;
The ability to have more than 40 users simultaneously viewing the surveillance system from multiple remote browsers spread out over any size area without any system degradation;
Touch screen camera control from any computer, creating a virtual mobile control room.
VideoNEXT provides surveillance solutions to a diverse clientele roster that includes the U.S. Army, U.S. Air Force, U.S. Navy, U.S. Coast Guard as well as the Department of Defense, the Department of Homeland Security, the Bureau of Prisons, the Intelligence Community, the United Nations, the Washington, DC police department and the Austin, TX, airport, to name a few.
Mission 500, a non-profit organization that partners with World Vision and is dedicated to serving the needs of children and communities in crisis, raised another $18,600 at Expo Seguridad Mexico, which was held April 20-22 in Mexico City.
During the opening evening cocktail reception, Samsung, the host and sponsor of the event, donated a 42-inch LCD TV for a raffle, according to a press statement issued by the expo organizers. Local Samsung staff helped sell tickets and $1,100 was raised. The winner was freelance consultant Charles Villareal.
The following evening, Expo Seguridad hosted its annual awards dinner, which was attended by more than 240 people. The dinner raised another $10,000, and an iPad was auctioned off for $1,500 to Ricardo Guzman of Inalarm. During the show, the organizers sold ESM merchandise such as shoulder bags, caps, portfolios and pens, which raised another $1,000.
On April 23, the day after the show, Alan Forman, president of Altronix, and Glenn Patrizio, director of sales for LRG International, joined George and Andrea Fletcher to visit a World Vision project in Tulpetlac, about 45 minutes from downtown Mexico City. The local community center helps to support mothers and children who live in an area where many of the homes have no water or electricity. At the community center, secretarial, computer, sewing and beauty classes are held for woman looking to find ways to earn a living. Children also come to the center to learn arts and crafts, play and receive basic medical attention.