Introduction to the Department of Homeland Security
Gregory Allen
Abstract
The Department of Homeland Security (DHS) has set the framework and best practices for all security professionals. This chapter outlines different parts of the DHS organization and the importance of each area of homeland security risk management. Central to this policy are the premises that security partners can most effectively manage risk by working together and that management capabilities must be built, sustained, and integrated with federal, state, local, tribal, territorial, nongovernmental, and private sector homeland security partners. Although successful integration requires implementation across the entire homeland security enterprise, the DHS plays an essential role in leading the unified effort to manage risks to the nation from a diverse and complex set of hazards, including acts of terrorism, natural and human-made disasters, pandemics, cyber attacks, and transnational crime.
Keywords
Department of Homeland Security (DHS); Central Intelligence Agency (CIA); Federal Bureau of Investigation (FBI); Transportation Security Administration (TSA); Risk Analysis and Management for Critical Asset Protection (RAMCAP); asset characterization; threat characterization; consequence; vulnerability; threat; risk; Homeland Security Act of 2002; Homeland Security Presidential Directives (HSPD); National Incident Management System (NIMS); Federal Emergency Management Agency (FEMA); National Continuity Policy
Introduction
The Department of Homeland Security (DHS) has set the framework and best practices for all security professionals. This chapter outlines different parts of DHS and the importance of each area of homeland security risk management. According to the Homeland Security Risk Management Doctrine:
…In May 2010, the Secretary of Homeland Security established a Policy for Integrated Risk Management (IRM). Central to this policy is the premise that security partners can most effectively manage risk by working together, and that management capabilities must be built, sustained, and integrated with Federal, state, local, tribal, territorial, nongovernmental, and private sector homeland security partners. While successful integration requires implementation across the entire homeland security enterprise, the Department of Homeland Security (DHS) plays an essential role in leading the unified effort to manage risks to the Nation from a diverse and complex set of hazards, including acts of terrorism, natural and manmade disasters, pandemics, cyber attacks, and transnational crime.1
Homeland Security Platform
Before learning about risk itself, it is a good idea to understand how everything is placed together to form the mindset of risk analysis and organizational security. Terrorism has been around for at least hundreds, if not thousands, of years, and we have all read about terrorist attacks around the world and the destruction caused and lives they have taken. But not until the 1993 World Trade Center bombing did Americans realize that terrorism could be directed against us and even occur on our own soil. This definitely should have been a wakeup call; however, it was not until the September 9/11 bombings that we realized that international terrorism is as much of a threat as domestic terrorism. Intelligence agencies across the world failed to protect us, and nearly 3000 lives were taken in an act that should have been prevented.
More lives would have been lost if it were not for Rick Rescorla, director of security for Morgan Stanley, who made employees working in the Twin Towers at the World Trade Center practice an emergency evacuation plan on a monthly basis, for years prior to the attack. His forethought singlehandedly saved all of his employees’ lives, yet he died in the attacks. At least one person tried to be prepared for such a horrific event.
As a result of this event, we realized not only that our intelligence community was not prepared to protect our nation but also that our law enforcement community had not been informed of the terrorist activity leading up to the attacks.
The 19 terrorists involved in the bombings had performed their own due diligence regarding soft and hard areas to attack that would make an immediate impact on this country without being noticed. We discovered that the terrorists lived in the Las Vegas, Nevada, area for months in hopes of attacking the city and placing stress on the city’s financial sector. However, they learned that Las Vegas was an expendable money city, and an attack would not be financially crippling. During this time, terrorists were stopped by local and state police for traffic violations, but there was no hint of any terrorist activity or movement. The 9/11 attack could have been stopped if our intelligence community had obtained information on these activities. However, this was not the case, and the attacks showed other countries our vulnerabilities and incapability to handle such events on our own soil.
The U.S. DHS was created and founded on November 25, 2002, in response to the 9/11 attacks. This agency’s purpose is to protect the homeland of the United States and U.S. territories. DHS is one of the most important agencies in the country because it is responsible for responding to terrorist attacks, natural disasters, and man-made accidents. Before the attacks on 9/11, most of the U.S. population believed that we were unbeatable and unaffected by attacks occurring in other countries. The 9/11 attacks opened many Americans’ eyes—and the federal government’s—to our vulnerability.
The DHS was created to thwart further attacks on the United States and its territories. Before 9/11, most local, state, and federal agencies did not communicate with each other to share information about illegal activities, let alone terrorists’ movements. These were agencies such as the Central Intelligence Agency (CIA); Federal Bureau of Investigation (FBI); and Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF). Prior to 9/11 limited information was shared between agencies on terrorist activities or the collaboration of terrorist investigations. If more information would have been shared the likelihood of the 9/11 attacks may not have occurred.
The DHS was put into place as an effort to centralize all information-sharing initiatives from agencies, such as the FBI, CIA, ATF, and other defense agencies within the United States. The intent was to defend our borders more effectively against further attacks. Some have questioned the effectiveness of DHS because we have not had another foreign terrorist attack on US soil, but others suggest this is due to the presence of this department and that it has worked to plan.
The American people have noticed some inconsistencies in the DHS approach to national security (e.g., changes in the Transportation Security Administration [TSA] procedures). However, changes are constantly being made in the hopes of seeing examples of proper protection of this nation. Although our efforts need to be accurate 100% of the time, a terrorist attack only has to be right once for a disaster to occur.
Risk Analysis and Management for Critical Asset Protection
Another framework to address is Risk Analysis and Management for Critical Asset Protection (RAMCAP). RAMCAP is used for risk analysis and management associated with terrorist attacks on critical infrastructure assets. RAMCAP provides users with a consistent and sound methodology to identify, analyze, qualify, and communicate the various characteristics and impacts terrorists may use to identify targets and methods of attack. This process is primarily used to identify security vulnerabilities but it also provides methods to evaluate what can be done to improve these weaknesses.
RAMCAP is simple, yet transparent, and an effective tool to help our nation’s critical infrastructure sectors, whether public or private. It allows us to compare and contrast risks at any level or in any sector and is adaptable to the strengths and weaknesses presented. It looks at alternative pathways to achieve objectives needed for a positive result. This process can be used by business owners and operators to assess the consequences and vulnerabilities related to terrorist attacks on their infrastructures. It can also give them the guidance to assess and evaluate risk through a common framework, and it provides an efficient mechanism to both the public and private sectors to report risks to DHS. This reporting is an important issue because it gives the baseline for risk assessment and the tools needed to protect our critical infrastructure. These efforts will foster the development and distribution of more refined methods for improving the quality and consistency of risk assessment.
If we look back, even before the 9/11 attacks, risk analysis methods were used in the past; however, after the attacks, they were used even more but not to the extent that we had expected. Both the public and private sectors have used RAMCAP based on the aspects of applying risk to terrorism and homeland security. The RAMCAP methods were developed for the application of protecting our critical infrastructure by using a general and broad-based approach.
RAMCAP has both a qualitative and quantitative framework and is intended to incorporate a cooperative effort with both the public and private sectors. Each partner, no matter what the level, has different goals, and by working together, each participant has information that is valuable to the others. No sector is in the position to know all of another’s vital information, even that which is important to risk assessment. The same goes for any facility or system in understanding the intentions or capabilities of a terrorist movement. By working together and sharing information and knowledge through the use of RAMCAP, participants are able to achieve their goals. At any time, RAMCAP can assist with all different types of processes needed to gain the results important to a terrorist movement.
RAMCAP is comprised of six interrelated steps of analysis. They are as follows.
Asset Characterization and Screening
Asset characterization and screening is analysis of a facility’s or system’s operational process for the identification of critical assets and hazards while performing a preliminary evaluation of a terrorist act.
Threat Characterization
Threat characterization is the identification of specific and general aspects of a terrorist attacks on a given target. DHS has compiled a set of baseline threats that are evaluated for each asset or system. Known threats are formed by the collaborative activities of law enforcement agencies and intelligence organizations that are in charge of understanding the means, methods, and motivations of terrorists. This evaluation is based on the various types of threats that are present. These partners can then apply these threats to the facility or system based on knowledge of those assets. Not all threats result in the formation of assets.
Consequence Analysis
Consequence analysis is the identification of the worst consequences that could be generated by a certain threat. This step looks at facility and system design, layout, and operations to identify the types of consequences that could result. These consequences can be qualified as financial costs, as well as fatalities and injuries. They can also cause psychological impacts and effects on our nation.
Vulnerability Analysis
Vulnerability analysis is the determination of the likelihood of a successful attack by using certain threats on an exact asset. This process involves the evaluation of security capabilities, countermeasures, and mitigation in the effort to lessen the probability of a successful attack.
Threat Assessment
Threat assessment involves two steps. The first is the evaluation of asset attractiveness and a full threat assessment. This asset assessment is perceived to give value to terrorist attacks on a given facility or system and the value of deterrence on that target. These assessments are made by the owner or operators of that target. The threat assessment is conducted by DHS as it looks at how attractive a target is and at terrorists’ capabilities and intent.
Risk Assessment
Risk assessment is a systematic and comprehensive evaluation of previously developed data that was gathered for a specific facility or system. The partners create a foundation for the selection of strategies and tactics to defend against terrorism on any level.
Risk management is a deliberate process of understanding risk and making a decision on implementing a plan to achieve an acceptable level of risk at a cost. Risk management includes identification, evaluation, and the control of risk to the level of accepted value.
Many assets are considered critical to DHS and those organizations that are required to follow federal compliance policies are required to complete a vulnerability assessment. This depends on a conditional risk assessment that an attack will occur. All data are gathered and evaluated for possible deterrence of future potential attacks. From this process, DHS has the information needed to effectively allocate proper resources for risk reduction of terrorism on a national scale.
Homeland Security Act of 2002
The primary purposes of the creation of the Homeland Security Act were to prevent terrorist attacks within the United States, reduce the vulnerability of the United States to terrorism, and minimize the damage and assist with the recovery from any attack on our soil.
Based on the Homeland Security Act of 2002, Congress created a standalone entity to unify our national homeland security efforts. DHS was created through 22 different agencies within the federal government. Shortly after the 9/11 attacks, Tom Ridge was appointed the first director of DHS as the office coordinated efforts in protecting our country through a comprehensive strategy against terrorism and other attacks. DHS officially opened its doors on March 1, 2003. On February 15, 2005, former DHS Secretary Michael Chertoff initiated a Second Stage Review to evaluate DHS’s operations, policies, and procedures. More than 250 members of the organization and 18 action teams contributed to the effort. The teams also worked with public and private sector partners, which resulted in a significant reorganization of the department.
In 2010, Secretary Janet Napolitano completed the first ever Quadrennial Homeland Security Review, which created a more unified, strategic framework for homeland security missions and goals. When this occurred, DHS conducted a bottoms-up review to align all departments with the missions and goals that had been put into place. With this review, all of the public and private sector partners were brought together for a better understanding of a unified approach to national security, with the primary purpose of protecting our homeland.
Homeland Security Presidential Directives
Homeland Security Presidential Directives (HSPD) are issued by the presiding president on issues regarding homeland security. There are presently three directives affecting the role of our emergency response system. The following are some of the 25 directives that have been issued:
1. HSPD-5: The Management of Domestic Incidents establishes a single, comprehensive National Incident Management System (NIMS) and National Response Framework.
2. HSPD-7: Critical Infrastructure Identification, Prioritization and Protection requires federal agencies to coordinate the protection of crucial infrastructure and other key resources. For example, the Environmental Protection Agency (EPA) is responsible for our drinking water and water treatment systems.
3. HSPD-8: National Preparedness directs the federal government’s agencies and departments to be prepared and able to respond to national direct attacks where they occur in the United States. The Federal Emergency Management Agency (FEMA) provides assistance when needed.
4. HSPD-9: Defense of United States Agriculture and Food establishes a national policy to defend the agriculture and food system against terrorist attacks, disasters, or any other emergency that may occur. The EPA and other federal agencies are tasked with developing and enhancing intelligence operations, focusing on the agriculture, food, and water sectors. Surveillance and monitoring systems are put into place for the development of effective countermeasures.
5. HSPD-10: Biodefense for the 21st Century involves coordination with federal agencies in developing strategies and guidelines for response to and recovery from biological weapons attacks.
6. HSPD-12 is a policy for a Common Identification Standard for Federal Employees and Contractors. This is a process whereby a standard is set for secure and reliable identification processes for federal employees and contractors.
7. HSPD-14: Domestic Nuclear Detection coordinates efforts to protect our nation against dangers from nuclear and radiologic materials.
8. HSPD-20: The National Continuity Policy was established as a national policy on the continuity of our nation’s agencies and operations after an emergency. Federal agencies need to have a continuity of operations plan in place.
9. HSPD-23: The Cyber Security Initiative requires federal agencies to monitor cyber activity against federal agencies’ computer systems and to plan efforts to eliminate sources of hostile actions.