[House Hearing, 108 Congress]
[From the U.S. Government Publishing Office]
DEPARTMENT OF HOMELAND SECURITY'S
INFORMATION ANALYSIS AND INFRASTRUCTURE
PROTECTION BUDGET PROPOSAL FOR
FISCAL YEAR 2005
=======================================================================
JOINT HEARING
of the
SUBCOMMITTEE ON INTELLIGENCE AND
COUNTERTERRORISM
and
SUBCOMMITTEE ON INFRASTRUCTURE
AND BORDER SECURITY
before the
SELECT COMMITTEE ON HOMELAND SECURITY
HOUSE OF REPRESENTATIVES
ONE HUNDRED EIGHTH CONGRESS
SECOND SESSION
__________
MARCH 4, 2004
__________
Serial No. 108-39
__________
Printed for the use of the Select Committee on Homeland Security
Available via the World Wide Web: http://www.access.gpo.gov/congress/
house
__________
U.S. GOVERNMENT PRINTING OFFICE
22-589 WASHINGTON : 2005
_________________________________________________________________
For sale by the Superintendent of Documents, U.S. Government
Printing Office Internet: bookstore.gpo.gov Phone: toll free
(866) 512-1800; DC area (202) 512-1800 Fax: (202) 512-2250 Mail:
Stop SSOP, Washington, DC 20402-0001
SELECT COMMITTEE ON HOMELAND SECURITY
Christopher Cox, California, Chairman
Jennifer Dunn, Washington Jim Turner, Texas, Ranking Member
C.W. Bill Young, Florida Bennie G. Thompson, Mississippi
Don Young, Alaska Loretta Sanchez, California
F. James Sensenbrenner, Jr., Edward J. Markey, Massachusetts
Wisconsin Norman D. Dicks, Washington
W.J. (Billy) Tauzin, Louisiana Barney Frank, Massachusetts
David Dreier, California Jane Harman, California
Duncan Hunter, California Benjamin L. Cardin, Maryland
Harold Rogers, Kentucky Louise McIntosh Slaughter, New
Sherwood Boehlert, New York York
Lamar S. Smith, Texas Peter A. DeFazio, Oregon
Curt Weldon, Pennsylvania Nita M. Lowey, New York
Christopher Shays, Connecticut Robert E. Andrews, New Jersey
Porter J. Goss, Florida Eleanor Holmes Norton, District of
Dave Camp, Michigan Columbia
Lincoln Diaz-Balart, Florida Zoe Lofgren, California
Bob Goodlatte, Virginia Karen McCarthy, Missouri
Ernest J. Istook, Jr., Oklahoma Sheila Jackson-Lee, Texas
Peter T. King, New York Bill Pascrell, Jr., North Carolina
John Linder, Georgia Donna M. Christensen, U.S. Virgin
John B. Shadegg, Arizona Islands
Mark E. Souder, Indiana Bob Etheridge, North Carolina
Mac Thornberry, Texas Ken Lucas, Kentucky
Jim Gibbons, Nevada James R. Langevin, Rhode Island
Kay Granger, Texas Kendrick B. Meek, Florida
Pete Sessions, Texas
John E. Sweeney, New York
John Gannon, Chief of Staff
Stephen DeVine, Deputy Staff Director and General Counsel
Thomas Dilenge, Chief Counsel and Policy Director
David H. Schanzer, Democrat Staff Director
Mark T. Magee, Democrat Deputy Staff Director
Michael S. Twinchek, Chief Clerk
(II)
?
Subcommittee on Intelligence and Counterterrorism
Jim Gibbons, Nevada, Chairman
John Sweeney, New York, Vice Karen McCarthy, Missouri
Chairman Edward J. Markey, Massachusetts
Jennifer Dunn, Washington Norman D. Dicks, Washington
C.W. Bill Young, Florida Barney Frank, Massachusetts
Harold Rogers, Kentucky Jane Harman, California
Christopher Shays, Connecticut Nita M. Lowey, New York
Lamar Smith, Texas Robert E. Andrews, New Jersey
Porter Goss, Florida Eleanor Holmes Norton, District of
Peter King, New York Columbia
John Linder, Georgia James R. Langevin, Rhode Island
John Shadegg, Arizona Kendrick B. Meek, Florida
Mac Thornberry, Texas Jim Turner, Texas, Ex Officio
Christopher Cox, California, Ex
Officio
______
Subcommittee on Infrastructure and Border Security
Dave Camp, Michigan, Chairman
Kay Granger, Texas, Vice Chairwoman Loretta Sanchez, California
Jennifer Dunn, Washington Edward J. Markey, Massachusetts
Don Young, Alaska Norman D. Dicks, Washington
Duncan Hunter, California Barney Frank, Massachusetts
Lamar Smith, Texas Benjamin L. Cardin, Maryland
Lincoln Diaz-Balart, Florida Louise McIntosh Slaughter, New
Robert W. Goodlatte, Virginia York
Ernest Istook, Oklahoma Peter A. DeFazio, Oregon
John Shadegg, Arizona Sheila Jackson-Lee, Texas
Mark Souder, Indiana Bill Pascrell, Jr., New Jersey
John Sweeney, New York Charles Gonzalez, Texas
Christopher Cox, California, Ex Jim Turner, Texas, Ex Officio
Officio
(III)
C O N T E N T S
----------
Page
STATEMENTS
The Honorable Dave Camp, a Representative in Congress From the
State of Michigan, and Chairman, Subcommittee on Infrastructure
and Border Security............................................ 32
The Honorable Loretta Sanchez, a Representative in Congress From
the State of California, and Ranking Member, Subcommittee on
Infrastructure and Border Security............................. 4
The Honorable Jim Gibbons, a Representative in Congress From the
State of Nevada, and Chairman, Subcommittee on Intelligence and
Counterrorism.................................................. 1
The Honorable Karen McCarthy, a Representative in Congress From
the State of Missouri, Ranking Member, Subcommittee on
Intelligence and Counterrorism................................. 2
The Honorable Christopher Cox, a Representative in Congress From
the
State of California, and Chairman, Select Committee on Homeland
Security....................................................... 26
The Honorable Jim Turner, a Representative in Congress From the
State of Texas, Ranking Member, Select Committee on Homeland
Security....................................................... 6
The Honorable Robert E. Andrews, a Representative in Congress
From the State of New Jersey................................... 35
The Honorable Norman D. Dicks, a Representative in Congress From
the State of Washington........................................ 45
The Honorable James R. Langevin, a Representative in Congress
From the State of Rhode Island................................. 61
The Honorable Sheila Jackson-Lee, a Representative in Congress
From the State of Texas
Prepared Statement............................................. 8
The Honorable John Shadegg, a Representative in Congress From the
State of Arizona............................................... 37
The Honorable Christopher Shays, a Representative in Congress
From the State Connecticut..................................... 32
The Honorable Louise McIntosh Slaughter, a Representative in
Congress From the State of New York............................ 8
The Honorable John E. Sweeney, a Representative in Congress From
the State of New York.......................................... 44
WITNESS
General Libutti, Under Secretary, Information Analysis and
Infrastructure Proection, Department of Homeland Security
Oral Statement................................................. 10
Prepared Statement............................................. 13
APPENDIX
Material Submitted for the Record
Questions Submitted from the Honorable James R. Langevin......... 61
Questions Submitted from the Honorable Sheila Jackson-Lee........ 56
Questions Submitted from the Honorable John Shadegg.............. 49
Questions Submitted from the Hororable Mac Thornberry............ 50
THE DEPARTMENT OF HOMELAND
SECURITY'S INFORMATION ANALYSIS AND
INFRASTRUCTURE PROTECTION BUDGET
PROPOSAL FOR FISCAL YEAR 2005
----------
Thursday, March 4, 2004
House of Representatives,
Subcommittee on Intelligence
and Counterterrorism,
and
Subcommittee on Infrastructure
and Border Security,
Select Committee on Homeland Security,
Washington, DC.
The joint subcommittee met, pursuant to call, at 10:00
a.m., in Room 2318, Rayburn House Office Building, Hon. Jim
Gibbons presiding.
Present: Representatives Gibbons, Camp, Shays, Shadegg,
Sweeney, Cox (Ex Officio), McCarthy, Sanchez, Markey, Dicks,
Slaughter, Andrews, Pascrell, Langevin and Turner (Ex Officio).
Mr. Gibbons. I see that a quorum is present. The
Subcommittee on Intelligence and Counterterrorism and the
Subcommittee on Infrastructure and Border Security will come to
order.
The subcommittees are meeting jointly today to hear
testimony on the Department of Homeland Security's proposed
fiscal year 2005 budget for information analysis and
infrastructure protection. Let me indicate that I will be
chairing the first part of this hearing and that Chairman Dave
Camp will be chairing the second half after he wraps up some
other additional important work that he has over at the Ways
and Means Committee.
I would ask unanimous consent that members' statements be
included in the hearing record and encourage members of the
subcommittees to submit their opening statements for the
record.
I now recognize myself for an opening statement.
Under Secretary Libutti, thank you for being here today. I
would like to start by commending you on your hard work and
dedication to protecting our homeland and preserving our
freedoms. You have had and continue to have a difficult and
complex task.
Today's hearing is part of a series focusing on various
aspects of the Department of Homeland Security's budget
submission for fiscal year 2005. Today we are here to, first,
review the 2005 budget plans for the IAIP or Information
Analysis and Infrastructure Protection; second, to ensure that
the Department is making optimal progress and fulfilling its
responsibilities under the Homeland
Security Act and; finally, to examine the directorate's
concurrent initiatives and future plans.
The Information Analysis and Infrastructure Protection
piece of the budget accounts for $864 million of the
Department's $33.8 billion budget. This represents an increase
of $30.2 million over the fiscal 2004 budget enacted levels.
One of the principal objectives behind the Department of
Homeland Security is to facilitate the analysis of threats
against the homeland and for future acts of terrorism; and IAIP
is the very core of this capability. The IAIP Directorate is
charged with identifying and assessing current and future
threats to the homeland, mapping those threats against our
vulnerabilities, issuing timely warnings and taking action to
protect the U.S. homeland. This is a long-term project with
long-term implications for America's security.
While the Department is continuing to focus on our long-
term needs, the Terrorist Threat Integration Center is working
with the Department to compile all-source intelligence and
distribute information in a timely manner. The Department of
Homeland Security must be a full partner in this endeavor, and
I know we are all interested in hearing how your relationship
with TTIC is progressing.
As part of your opening statement, I appreciate it if you
would speak to the relationship with TTIC along with how the
recently announced Homeland Security Information Network will
interact with TTIC and the Homeland Security Operations Center.
It is important, as we conduct our oversight
responsibilities over the Department that Congress continues to
provide you with the resources and legal authorization you need
to secure and defend America, and that is why we are here
today. I look forward to hearing your comments.
The chairman will now recognize the ranking member of the
Subcommittee on Intelligence and Counterterrorism, Ms. McCarthy
of Missouri, for her opening statement. Ms. McCarthy.
Ms. McCarthy. Thank you, Mr. Chairman; and I would request
that members who arrive before Mr. Libutti begins his testimony
be able to speak.
Mr. Gibbons. The chairman sees no problem with that, so
long as they recognize that the committee's standards are that
they have opportunity for an opening statement, which if they
don't present an opening statement that time will be included
in their time for questioning.
Ms. McCarthy. Yes, sir. I appreciate that, Mr. Chairman. I
thank you, and I thank the Secretary.
We are pleased that you are here, and we are anxious for
you to take us through the $865 million budget submission for
Information Analysis and Infrastructure Protection Directorate.
As ranking member, Jim Turner, has noticed in recent
statements, the Directorate's real-time ability to assess
threats to the homeland and identify existing vulnerabilities
in our infrastructure is an area we would like you to speak to
this morning.
We are interested in hearing about ongoing efforts to
improve the depth and breadth of intelligence analysis at the
Directorate as well as the connectivity among all key units
across government doing similar analysis.
Where are the existing gaps and weaknesses? What can our
committee do to help your leadership solve these problems
rapidly in authorizing legislation that we expect to pass and
enact later this year? And what is the time frame within the
coming fiscal year for showing results?
Hopefully, you will cover all of this ground this morning.
Mr. Secretary, it would also be my hope that you cast light
on what is being done to speed the issuing of information
warnings and advisories to State and local officials and to
improve the quality of those communications so that businesses,
schools, churches and families across America have the best
guidance in hand from the Federal Government when the threat
level rises.
Secretary Ridge's announcement last week of a new
initiative, the Homeland Security Information Network, hits us
in the right direction by creating a comprehensive, computer-
based counterterrorism communication system in all the 50
States and the 50 major urban areas.
The Department has the right idea to strengthen the quality
and flow of threat information, and now we have to assure that
that is sufficient and that there is follow-through.
If there is one universality from constituent groups that I
hear from, it is the need for the DHS to provide timely and
actionable information sharing between Federal agencies and
State and local agencies. They look to the Department for
reliable and accurate information concerning terrorist threats
in local communities all across our country.
Tim Daniel, the Director of the State of Missouri Office of
Homeland Security, tells me that information sharing needs to
go both ways. When Missouri State and local officials have
information concerning possible terrorist activities, they need
to know not only who to contact at the Federal level but also
that their State information will be considered in a timely
way.
The feedback loop is still under construction, and I would
welcome your wisdom, Mr. Secretary, on how best to complete
this loop.
Since we are primarily focused today on dissecting the
budget, it would be helpful to have a clear understanding of
how many dollars are dedicated toward information sharing with
localities and communities. The Homeland Security Operations
Center is receiving a big plus up of funds, $10 million, in
part to undergird the implementation of national systems for
information sharing, and I would appreciate you sharing with
this committee a Directorate-wide breakdown of how funds are
actually expended for information sharing purposes.
It would also be useful to hear a broader explanation of
where and how time is lost in the process of forwarding
important real-time intelligence threat information to first
responders. The first responders in the Fifth District of
Missouri and all around the U.S. need timely and actionable
information from the Federal Government.
Mr. Secretary, share your plans on enhancing communication
at all levels and working to provide our local communities with
the resources they need to respond in emergency situations. I
hope you will provide more information on this topic so the
committee has a better sense of how to fix this nationwide
dilemma.
A separate policy matter slow to develop involves IAIP
information analysis and completing that comprehensive threat
and vulnerability assessment and to guide spending priorities.
In releasing our one-year anniversary report last week, the
committee emphasized the need to have this blueprint in place,
regardless of the cost, by October 1 of this year; and I would
simply like to reiterate that point with you, our distinguished
panelist. How realistic is that goal, Mr. Secretary?
Let me close by emphasizing the deep appreciation I have
for the work you are doing, Mr. Secretary. Protecting the
homeland is a mammoth responsibility, given the many different
avenues that exist for attacking our infrastructure, but we are
supportive of your intentions, efforts and long-term goals and
will continue as a good-faith partner in helping you close the
security gaps facing our Nation and communities.
Thank you, Mr. Chairman, I yield back.
Mr. Gibbons. Thank you, Ms. McCarthy.
The Chair recognizes once again that the chairman of the
Subcommittee on Infrastructure and Border Security will submit
his opening remarks for the record.
Mr. Gibbons. We would now turn to the ranking minority
member of the Subcommittee on Infrastructure and Border
Security, Ms. Sanchez of California, for her opening remarks.
Ms. Sanchez. Thank you, Mr. Chairman, and thank you, Mr.
Secretary, for appearing before us today.
Because of the broad scope of the IAIP Directorate, I am
pleased that both the members of the Intelligence and
Counterterrorism and the Infrastructure and Border Security
Subcommittees are here today. You probably have one of the most
difficult charges in the whole area of homeland security, but a
lot of us don't have a very good idea of how you are structured
and what is going on and what you are really doing, and I think
that is one of the reasons why you are here before us today,
because we are trying to find some answers.
To date, we still don't have a comprehensive study of the
Nation's critical infrastructure to determine where our
weaknesses lie, and I think that only after such an assessment
can we really, as Members of Congress, decide how to put
priorities forward and where to put the resources that we need
so that we can ensure that chemical plants and electrical grids
and water treatment plants and all our other critical
infrastructure is protected.
You can imagine how disappointed I am to see in the budget
there are only two areas in your Directorate that experience a
cut in funding this year, and that would be the threat--from
the levels of last year, and that would be threat determination
and assessment of $6.3 million and infrastructure vulnerability
and risk assessment, $12.6 million. Yet, at the same time, the
Homeland Security Department says that it will have a database
with a prioritized list of critical infrastructure by the end
of this year.
The last time that I spoke with Robert Liscouski, the
Assistant Secretary For Infrastructure Protection who works for
you, he told me that he would be surprised if a risk assessment
could be done within 5 years. That is what he said in front of
our subcommittee. That time I and other members of the
subcommittee impressed upon him the seriousness and the
importance of the endeavor, because I do believe that it is
really the beginning of what we need in order for us to do our
job to commit--and I told him to please commit resources and
personnel to get that going.
That was last autumn. I would like to hear from you what
work is being done on that important issue, and I don't think
that we can make correct decisions until we get that done.
It is probably the most important thing you have to do
within your Directorate. So, if you are cutting those, do I
assume that you don't think it is important? Or do I assume
that you think you have enough resources? And if you think you
have enough resources, then why over the last year have I been
told, oh, it would take 180 days? Oh, what is the start date?
We don't know the start date. And then 180 days later I was
told, well, it will take--don't even think 5 years will do it.
I mean, this is something that I know so many members feel very
uncomfortable not having that list of priorities and risks and
vulnerability tied into that. So I want to hear from you what
is going on with that.
I would also like to hear what kind of capacity and
expertise you are building within the Department to assess and
protect that critical infrastructure. Who have you hired? Where
are they from? What kind of employees are they? Because we
really don't know. Are they expert? Are they experts in
chemical plants, in electrical grids? I also want to hear how
you are working with industry. Because, of course, we all know
that probably a little--somewhat over 80 percent of all the
critical infrastructure sits in private companies' hands.
I know that you have been sharing with advisory councils
and with ISACs, and I know that some of this has been going on
even before 9/11, but I want to find out which ones are going
well and where we need to help those that are falling behind.
I would also like to know how you work with the ISACs. Do
you have people within IAIP responsible for liaison with those
groups? Do you give them support and advice? Do you share
information? How is information given between the two?
Finally, probably another area of concern that we have is
the whole issue of intelligence capabilities. There seems to
still be little intelligence capability within DHS, and I know
there are some other members that are going to focus on that,
so I don't want to go into it.
Like I said, you probably have the toughest job, in my
opinion. I know, because I sit on this subcommittee and I think
I have one of the toughest jobs trying to get my hands around
all of this.
So, as I said, we are trying to figure out how you are set
up, who is doing what, how you are working with other groups.
So I thank you for being before us. I think we are going to ask
some tough questions, but, if we do, it is because we are
trying to get the job done.
Thank you.
Mr. Gibbons. Thank you, Ms. Sanchez.
We will now turn to members that are present here before
Secretary Libutti begins and offer them an opportunity in order
of appearance on the committee for a 3-minute opening
statement.
We will turn to Mr. Shays.
Mr. Shays. I will take my 8 minutes, sir, for questioning.
Mr. Gibbons. We will go to Mr. Turner of Texas.
Mr. Turner. Thank you, Mr. Chairman.
Welcome, General Libutti. We are pleased to have you here,
your first appearance before our committee; and I was pleased
to have the opportunity to visit with you in your office
several weeks ago. We certainly appreciate the enormity of the
task that you have undertaken and the diligence with which you
are pursuing the task at hand.
I know we all understand that we created the Department of
Homeland Security as a focal point for intelligence analysis so
we could do a better job of what we always referred to as
connecting the dots. Certainly, as we look back upon the
legislation creating the Department, most of us remember the
lengthy debate that occurred regarding the creation of what we
now call the Information Analysis and Infrastructure Protection
Directorate. Specifically, that debate involved what
responsibility the new Department and that Directorate would
have.
It disturbed many of us on both sides of the aisle when the
President decided that the key task of assembling, analyzing
and assessing intelligence related to terrorism would be placed
outside of the Department in a new entity called the Terrorist
Threat Integration Center. That certainly led to confusion
among many of us who have been very much committed from the
beginning to ensuring that the new Department was the place
where this integration process would occur.
So I think it is important that some of your time today,
General Libutti, be devoted to explaining to us what you
believe to be the merits of the way the threat integration
process has been set up as a so-called joint venture between
The Department of Homeland Security and other agencies.
We need to know whether the Directorate's intelligence-
related duties and responsibilities are still clearly defined
and whether there is an effective, functional relationship with
that new center and the other components of the intelligence
community as well as with your Directorate.
In addition to the intelligence analysis function, IAIP
remains a critical part of the Department and a key component
of our overall homeland security efforts. Among your duties are
identifying and assessing threats, mapping those threats
against vulnerabilities, issuing timely warnings, and serving
as a conduit of information to and from State and local law
enforcement.
In my view, your Directorate could probably be called the
nerve center of the Department of Homeland Security, and in
many ways the success of your Directorate will determine the
success of the entire Department and of the goals that the
Congress had in mind when it created that Department.
One of my key concerns, as expressed, and shared by
Congresswoman Sanchez, is the progress toward developing this
comprehensive threat and vulnerability assessment. Assistant
Secretary Liscouski testified to this committee that that
assessment could take up to 5 years. Finishing that task as
soon as possible is critical, because right now we feel that we
are driving the homeland security budget without a clear
roadmap as to where our limited tax dollars should be spent.
I hope, General, in your testimony today that you will help
us by clearing up what has been confusing information from
various sources about when we can expect the comprehensive,
national threat and vulnerability assessment to be completed.
If the date you give us is one that you are not satisfied with,
advise us as to what we can do to help you to move that date up
to an earlier point. If that involves additional funding, I
hope you will be forthright with us and give us that
information, because I think the Congress--in a bipartisan
way--recognizes that when we created the new Department,
merging 22 separate preexisting agencies, that the most
important contribution that we tried to make to making our
Nation more secure was not just in having a massive merger but
in doing some things new that we had not done before. One of
those on that list was comprehensive national threat and
vulnerability assessment. I hope you will give us a date that
we can expect the assessment that to be accomplished.
I am also concerned about the progress in developing the
Integrated Terrorist Watch List. That task, to me, is one of
the most critical elements of our ability to keep terrorists
out of this country. Because every activity, whether it is
screening people at our airports or at our land borders or
reviewing visas by the State Department, all of those
activities to be effective have to have access real time to a
comprehensive terrorist watch list.
That task has not been completed. As you know, here we are
two and a half years after September 11th; and that
responsibility has been passed around to various agencies. It
finally landed back with the FBI and with the Terrorist
Screening Center.
We continue to get different dates. At the beginning of
this year, we were told that the task would be completed by
March. That did not happen; and, in fact, according to the
Department's strategic plan released last week, this task is
not to be completed until the end of this year.
I really think that this is unacceptable, and I really to
not understand why we have had such a difficult task doing what
I think is a very critical and key part of making this country
safer.
Last week one official at the Department even suggested in
one publication I read that we may not really need to fully
integrate the terrorist watch list, which completely baffled me
in light of the fact that this has been a high priority for
some time.
Another issue that I want to mention is, despite the fact
that there is an overall increase in your Directorate's budget
as requested by the President, the request for the item called
assessments and evaluations decreases in that budget request by
$8 million compared with the current year. This I assume is due
to the elimination of the Directorate's funding or share of
funding to support the Terrorist Threat Integration Center and
the Terrorist Screening Center, but I want you, if you will,
General, to address this issue, because I worry that when we
end the Department's financial contribution to the Terrorist
Threat Integration Center we further distance the Department
from that critical role and from a responsibility that clearly
in the Department of Homeland Security Act was a responsibility
given to the Department.
There are other areas that I hope you will have the
opportunity to touch upon regarding your progress in
integrating your new hires and detailees into your work.
I know for a period of time your staffing authorization has
exceeded the number of staff that you have been able to hire,
and I would like to know how you are progressing there.
I would like to also know and have from you a candid
assessment of how well the intelligence community is sharing
information with you. I frankly believe that in this new era of
trying to protect the homeland that we are still sharing
classified intelligence as we did during the Cold War, and if
you can't tell me today that there are at least four or five
top folks in your Department, and you should be one of those,
that knows everything that is available regarding threats to
this country, I would say that we are still holding that
information too tightly.
I have been in briefings before, and I get the impression
that, generally, Secretary Ridge is probably told everything,
but I am not convinced that others in critical roles such as
yours have total access to all of the classified informing that
must be shared in order to be sure this country is secure. I
would like to have your candid observations with us regarding
that classified information sharing and whether or not you
think that I am correct or incorrect with regard to that
assessment.
I think I speak for all of my colleagues today that we
appreciate the good work you do and the progress you are
making, and we want to support you to be sure that we all can
accomplish the task that we know is so critical.
Thank you.
Mr. Gibbons. Thank you, Mr. Turner.
We will now turn to members that were here within the 5-
minute time limit of the gavel for a 3-minute opening remark.
Mr. Andrews of New Jersey.
Mr. Andrews. Mr. Chairman, I will pass on the opening
statement and reserve questions.
Mr. Gibbons. Ms. Slaughter.
Ms. Slaughter. I don't have an opening statement, Mr.
Chairman. I will reserve for questions.
Mr. Gibbons. Mr. Pascrell of New Jersey.
Mr. Pascrell. I will reserve.
Prepared Statement of The Honorable Sheila Jackson-Lee, a
Representative in Congress From the State of Texas
Mr. Chairman, thank you for your diligence in organizing today's
hearing to discuss and analyze the Fiscal Year 2005 Budget submission
for the Directorate for Information Analysis and Infrastructure
Protection (IAIP), as this portion of our Department of Homeland
Security (DHS) is probably one of the most important to our ability to
sustain ourselves in the event of a terrorist attack.
Key to our ability to sustain ourselves in the event of a terrorist
attack will be the effectiveness of our IAIP to pick up, interpret,
analyze, share, and transmit intelligence information to the Department
of Homeland Security (DHS) as a whole. Repeatedly, we have seen
instances where there has been demonstrated a weakness in our critical
infrastructure. The breakdown of the power grid system in areas such as
the Great Lakes, Michigan, Ohio, New York City, Ontario, Quebec,
Northern New Jersey, Massachusetts, and Connecticut during the blackout
of August 14, 2003 is but one example of the need for DHS to do a
better job of vulnerability assessment and evaluation. To date, we are
not comfortable that this kind of situation won't occur again; yet the
President's Fiscal Year 2005 Budget requests show an $8 million
decrease from the current year level for the Assessment and Evaluations
budget account. In addition, the request shows reduced funding for the
Terrorist Threat Integration Center (TTIC) and the Terrorist Screening
Center (TSC) totaling $19 million, which translates to a weakening of
the Threat Determination/Assessment and Infrastructure Vulnerability &
Risk Assessment resources that the Department will have.
Furthermore, DHS is in dire need of improvements in the area of
information-sharing. For example, according to a GAO report released
two months ago, the Department of Homeland Security's Division of
Customs and Border Patrol (CBP) does not have a national system for
reporting and analyzing inspection statistics by risk category. Data
from some ports are not available by risk level, not uniformly
reported, difficult to interpret, and not complete. Furthermore, when
GAO contacted ports to obtain these data, basic data on inspections
were not readily available. All five ports that gave information on
sources of data said they had extracted data from the national Port
Tracking System. However, this system did not include information on
the number of non-intrusive examinations or physical examinations
conducted, according to risk category. Moreover, a CBP headquarters
official stated that the data in the Port Tracking System are error
prone, including some errors that result from double counting. One port
official told us that the Port Tracking System was not suitable for
extracting the examination information we had requested, so they had
developed a local report to track and report statistics. A March 2003
Treasury Department Inspector General Report found, among other things,
that inspection results were not documented in a consistent manner
among the ports and examination statistics did not accurately reflect
inspection activities.
In the area of bioterrorism and the need to maintain an effective
system of information-sharing, Houston has made some progress in
improving its readiness. Infectious disease specialists in Houston have
formed a Communicable Disease Alert System (CDAS) to help public
officials maintain a close eye on the numbers and types of illnesses
that turn up in local clinics and emergency departments and to
communicate this information to the public rapidly. The chain of
information starts with pre-hospital providers such as emergency
medical technicians, paramedics and school nurses who watch for
suspicious syndromes or spikes in the occurrence of illnesses. Some
hospitals and their emergency departments act as sentinels, reporting
spikes in illnesses among patients seeking care at their facilities.
Each week, Houston infectious disease specialists and infection control
practitioners meet to discuss unusual cases of disease and trade notes
about occurrences in their respective institutions. The city of Houston
and Harris County rank high in their ability to spot unusual disease
patterns.
Threat assessment is key to our nation's ability to detect,
withstand, and recover from a potential terrorist attack. Therefore,
strong personnel in the technical analysis area of infrastructure
protection should be a priority over policy development. It is
problematic that, in the 2005 Budget request, the Administration seeks
authorization for only 225 intelligence analysts compared to 487
policy/program professional staff.
The need to fund improved threat assessment programs and to hire
technical analysts to aid individual states and local areas can be
found in Houston's drinking water vulnerability. Two-thirds of the
drinking water provided to Houston residents comes from the San Jacinto
and Trinity Rivers. These rivers are very vulnerable to pathogen and
pesticide pollution, among other things. Houston's ``Right-to-Know
Report'' earned a grade of ``Poor'' for 2000 and ``Fair'' for 2001.
This report included a need for more prominent placement of the
mandatory special alert for people who are more vulnerable to
particular contaminants. The 2000 report provided a prominent and
incorrect description of arsenic's health threat, and both reports
offered misleading information about Cryptosporidium, which has been
found in Houston's source water. This is but a single illustration of
the kind of threat and vulnerability assessment that is in dire need of
help from DHS. Our distinguished panelist indicates in his testimony
that the President, in his Fiscal Year 2005 Budget, requests $11
million to fund a new biosurveillance initiative that purports to
provide for ``real-time integration of biosurveillance data. I hope
that the IAIP will suggest that part of these funds go to helping
individual states to strengthen its threat assessment for bioterrorism.
Our panelist today, DHS Under Secretary for the Information
Analysis and Infrastructure Protection Section concluded his testimony
that ``the fiscal year 2005 budget request provides the resources to
enable the IAIP Directorate to manage and grow in its mission of
securing the homeland.''Our need is urgent, so there really isn't a lot
of time to allow for ``growing,'' unfortunately. The Budget requests
that are presented to us today suggest that the Administration feels
that we have time for ``growing.'' Because the threat is real and
emergent, we do not have the luxury of time. Monies available for
general purposes must be intelligently allocated to address specific
and localized needs.
Mr. Chairman and Ranking Member, I thank you again for your effort
and leadership in giving this Subcommittee the opportunity to analyze
and comment on this Budget.
Mr. Gibbons. Very well. We now have before us Under
Secretary Libutti. We look forward to your testimony. You are
welcome before us today, and the floor is yours, Mr. Under
Secretary.
STATEMENT OF GENERAL LIBUTTI, UNDER SECRETARY, INFORMATION
ANALYSIS AND INFRASTRUCTURE PROTECTION, DEPARTMENT OF HOMELAND
SECURITY
General Libutti. Thank you, sir. Good morning, Chairman
Gibbons, Representative McCarthy, Representative Sanchez,
Representative Turner, distinguished members of the
subcommittee. I am delighted to appear before you today to
discuss the President's 2005 budget request for the Department
of Homeland Security and my Directorate IAIP.
I am going to pause in my written prep for my oral and say
to you all with great respect and admiration--and I mean this
very sincerely, dare I go any other direction--the questions
that were in opening comments, if I had recorded all of them,
would probably be sufficient to both give me an opportunity to
share where we are going and also, candidly speaking, answer
your questions. I am a bit new to this process, but I have
taken a few notes, and I will come back to those, but I would
graciously and respectfully ask for those who have made
statements to come back at me with your questions so, in a very
logical and concise format, I can respond accordingly. I would
just ask with all due respect, sir, that we go that way.
Let me continue with my opening statement, please.
IAIP is the focal point for intelligence analysis,
infrastructure protection operations and information sharing--
let me underscore information sharing-Within the Department.
IAIP merges the capability to identify and assess a broad range
of intelligence and information concerns which threaten the
homeland. We map, as has been pointed out, that information
against national vulnerabilities, our critical infrastructure,
and we press on to protect the homeland.
This week marks the first anniversary of the Department,
and I would like to highlight for you some of the many
accomplishments of IAIP.
Since March, 2003, IAIP has launched the Homeland Security
Information Network, which is an interactive, collaborative,
web-based system which reaches our customer bases more than
ever before; and I am talking about State and local authorities
and down to police chiefs and the rest within the first
responder task forces of our country.
We have implemented the Homeland Security Presidential
Directive 7, which addresses critical infrastructure,
identification, prioritization and protection.
Through the National Cyber Security Division, we have
established the U.S. Computer Emergency Readiness Team, or US-
CERT, and launched the National Cyber Alert System only within
the last few months, America's first coordinated cyber security
system for identifying, analyzing, and prioritizing emerging
vulnerabilities and threats. And I might add, as a sidebar, it
is about making people aware of the situation regarding cyber
threats to our Nation, both in the business side and the home
user side as well.
We have assumed responsibility over this last year for the
Homeland Security Operations Center, which is indeed the
heartbeat in terms of information sharing and situational
awareness for the Department.
We have formally executed the Protected Critical
Infrastructure Information program, or the PCII, pursuant to
the provisions of the Critical Infrastructure Information Act
of 2002.
Now, even with these accomplishments, there is much work to
be done, as many of you have highlighted in terms of your
questions--and I include that so you understand I am on your
frequency--staffing, categorizing our critical infrastructure
and assets, ensuring private sector involvement in all that we
do, particularly in terms of hardening critical infrastructure
and putting protective measures in place, assuring the timely
flow of threat information and protective measures to our
customers across our great Nation.
To address these challenges, IAIP has instituted an
aggressive hiring plan that will bring on approximately 40 new
employees a month. We have worked with our partners at the
State and local levels to refine our list of critical
infrastructure, and we have 1,700 assets identified for action
in 2004.
We are working with the private industry to help them not
only understand their vulnerabilities but we are also providing
recommended protective actions since, as was pointed out, they
own about 85 percent and operate in support of 85 percent of
the critical infrastructure of our Nation.
Through the Homeland Security Operations Center and the
Homeland Security Information Network, we have increased our
ability to share information with State and local officials in
the private sector in an unprecedented fashion, real time
collaborative effort, a two-way street that all resides
operationally within our command center.
IAIP's budget relies on the expectation of two emerging
trends, one, the nature and complexity of the threat, two, our
national infrastructure components will become more complex and
interdependent. These trends will result in more demands on the
Department and on IAIP to anticipate terrorist intentions,
tactics, capabilities and the responsibility to mitigate the
risks and vulnerabilities and protect our country and our
citizens.
For these reasons, the President's 2005 budget request for
IAIP is structured around the following major programs: threat
determination and assessment, $22 million; infrastructure
vulnerability and risk assessment, $71 million; information and
warning advisories, $60 million; remediation and protective
actions, $346 million; outreach and partnership, $41 million;
national communications system, $140 million; competitive
analysis and
evaluation, $19 million; national plans and strategies, $3
million; and Homeland Security Operations Center, $35 million.
Let me discuss several initiatives associated with these
mission areas for the 2005 budget request of $864 million.
This budget will allow IAIP to develop a detailed
understanding of terrorist organizational capabilities with
supporting materials and connectivity to interpret and predict
threats.
Next, our budget funds the development of a comprehensive
national infrastructure risk analysis and profile program.
Next, this funding supports submission of collection
requests for threat information to the intelligence community
and law enforcement establishments, disseminating guidance to
homeland security components, developing analysis on the nature
and scope of threats and identifying potential terrorist
targets within the United States.
Another priority is the need to publish threat advisories,
bulletins and warnings at a different level of classification
to relevant stakeholders. Threat publications are detailed and
disseminated in a timely fashion, portraying the nature, scope
and targets of the threat.
The IAIP Directorate provides a broad range in services,
including on-site planning advice, technical operational
training programs, assistance in identifying vulnerabilities
and developing and sharing best practices.
Activities in this area also include security efforts to
protect infrastructure and key assets from cyber attacks.
Specifically, the $345.738 million for remediation and
protective action programs for critical infrastructure and key
asset identification; critical infrastructure vulnerability
field assessments; infrastructure and key asset protection
programs; protection standards and performance metrics; and
cyberspace security funding to ensure the continued healthy
function of cyberspace.
The budget request allows the NCS to continue ensuring
priority use of telecommunications services during times of
national crisis, including the Government Emergency
Telecommunications Service, or GETS. This funding also supports
the development of the Wireless Priority Service, WPS, which
provides a nationwide priority cellular service to key national
security and emergency preparedness users, including
individuals from Federal, State and local governments and the
private sector.
Through the competitive analysis and evaluation program, we
ensure that IAIP products and services are tested, that they
are accurate and they are based on sound assumptions and data.
In summary, the 2005 budget request provide the resources
to enable IAIP to manage and grow in its mission of securing
the homeland. I come before you today to tell you that the
progress that we have made has been solid; and there is
absolutely no doubt in my mind that we, in terms of our efforts
in support of defending the country, have made progress. While
there is work to be done, we are safer today than we were a
year ago, sir.
Sir, again, I am delighted to be before you, Mr. Chairman,
and I am ready to take questions at this time, sir.
Mr. Gibbons. Thank you very much, Under Secretary Libutti,
for your very timely and helpful and constructive comments that
you have provided this committee. They will be very useful for
us in our deliberations as well.
[The statement of General Libutti follows:]
Prepared Opening Statement of General Frank Libutti, Under Secretary
for Information Analysis and Infrastructure Protection, Department of
Homeland Security
Introduction
Good morning Chairman Gibbons, Representative McCarthy , Chairman
Camp, Representative Sanchez and distinguished members of the
Subcommittees. I am delighted to appear before you today to discuss the
President's Fiscal Year 2005 budget request for the Department of
Homeland Security's Information Analysis and Infrastructure Protection
(IAIP) Directorate.
IAIP is the focal point for intelligence analysis, infrastructure
protection operations, and information sharing within the Department of
Homeland Security (DHS). Within a single directorate, IAIP merges the
capability to identify and assess a broad range of intelligence and
information concerning threats to the homeland, map that information
against the nation's vulnerabilities, issue timely and actionable
warnings, and take appropriate preventive and protective action to
protect our infrastructures and key assets. IAIP is currently comprised
of three primary components: the Office of Information Analysis (IA),
the Office of Infrastructure Protection (IP), and the Homeland Security
Operations Center (HSOC).
Fiscal Year 2004 Accomplishments
As we mark the first anniversary of the Department, I would like to
highlight for you some of the many accomplishments of the IAIP
Directorate, one of the newest parts of the federal government. The
formation of IAIP has created for the first time a unique, integrated
capability to not only map the current threat picture against the
nation's vulnerabilities, but to also assess the risk of a terrorist
attack based upon preventive and protective measures in place. That is,
IAIP is enabling us to move from a reactive posture in the homeland to
a risk management and mitigation posture. Let me give you some
examples.
Since March, 2003, IAIP has:
Launched the Homeland Security Information Network
(HSIN), a comprehensive information sharing program that
expands access to and use of the Joint Regional Information
Exchange System (JRIES). The HSIN will provide secure real-time
connectivity in a collaborative environment with states, urban
areas, counties, tribal areas, and territories to collect and
disseminate information between federal, state, local, and
tribal agencies involved in combating terrorism.
Coordinated Operation Liberty Shield and the rapid
enhancement of security at more than 145 national asset sites
at the outset of the war in Iraq. Following that, IAIP
transitioned the protection of the sites from National Guard
and law enforcement to a more cost effective and permanent set
of physical protective measures.
Enhanced protection, by assisting local communities
with conducting vulnerability assessments and implementing
protective measures, of the nation' highest risk chemical
sites, thereby improving the safety of over 13 million
Americans.
Implemented Homeland Security Presidential Directive
(HSPD) 7, ``Critical Infrastructure Identification,
Prioritization and Protection,'' which was signed by President
Bush in December 2003. The HSPD assigned the Department of
Homeland Security responsibility for coordinating the overall
national effort to enhance the protection of the critical
infrastructure and key resources of the United States and the
development of an integrated cyber and physical protection
plan.
Implemented Wireless Priority Service, to ensure the
continuity of cellular networks nationwide, registering over
3,000 federal, state, local and private users.
Established the National Cyber Security Division
(NCSD) to coordinate the implementation of the National
Strategy to Secure Cyberspace and serve as the national focal
point for the public and private sectors on cybersecurity
issues, and developed a process for handling cyber incidents,
successfully managing a number of major cyber events.
Through the NCSD, established the U.S. Computer
Emergency Readiness Team (US-CERT) through an initial
partnership with the Computer Emergency Response Team
Coordination Center at Carnegie Mellon University. US-CERT is
building a cyber watch operation, launching a partnership
program to build situational awareness and cooperation, and
coordinating with U.S. Government agencies to predict, prevent,
and respond to cyber attacks.
Launched the National Cyber Alert System under the
auspices of US-CERT, America's first coordinated cyber security
system for identifying, analyzing, and prioritizing emerging
vulnerabilities and threats. This system provides the first
nationwide infrastructure for relaying actionable computer
security update and warning information to computer users in
the government, in private industry, and small business and
home users.
Assumed responsibility for the Homeland Security
Operations Center (HSOC), which maintains and shares real time
domestic situational awareness; coordinates security
operations; detects, prevents, and deters incidents; and
facilitates response and recovery for all critical incidents
and threats. As of February 2004, 26 federal and local law
enforcement agencies and Intelligence Community members are
were represented in the HSOC, providing reach back capability
into their home organizations to continuously inform the
current threat picture, and to provide key decision makers with
real time information.
Conducted detailed vulnerability studies of the
banking and telecommunications industry to better understand
the interdependencies and prioritize vulnerability reduction.
Initiated an intra-Department and interagency review
and analysis of information obtained in detainee briefings to
assess specific terrorist capabilities, work that subsequently
became the subject of several advisories disseminated to a
variety of homeland security partners regarding terrorist
planning, tactics and capabilities.
Co-chaired with the Border and Transportation Security
Directorate (BTS) the DHS Intelligence Activities Joint Study
charged with reviewing the mission, responsibilities and
resources of DHS Intelligence component organizations. The
study was chartered for the purpose of making recommendations
to the Secretary as to the optimal utilization of the
Department's analytical resources.
With the Homeland Security Council (HSC), initiated an
ongoing interagency review of the Homeland Security Advisory
System (HSAS), for the purpose of refining the system to make
it more efficient and more beneficial for states and localities
and the private sector.
Formally executed the Protected Critical
Infrastructure Information (PCII) implementing regulation,
pursuant to the provisions of the Critical Infrastructure
Information ACT of 2002. The purpose of the PCII Program is to
encourage private entities and others with knowledge about our
critical infrastructure to voluntarily submit confidential,
proprietary, and business sensitive critical infrastructure
information to the Department. Submitted information that
qualifies for protection under the provisions of the Act and
the PCII implementing regulation will be exempted from public
disclosure, providing a significant opportunity for private
entities to assist in homeland security without exposing
potentially sensitive and proprietary information to the
public. The Department will use information that qualifies for
protection primarily to assess our vulnerabilities, secure the
nation's critical infrastructure and protected systems, issue
warnings and advisories, and assist in recovery.
Fiscal Year 2005
Even with these accomplishments, there is much more work that must
be done. The United States remains at risk, despite the continuing work
to assess and mitigate vulnerabilities. Our interdependent critical
infrastructures enable Americans to enjoy one of the highest standards
of living in the world, provide the backbone for the production of
goods and services for the world's largest economy, provide over 60
million jobs, and ensure the United States can protect its national
security interests. Infrastructure will remain one of the top priority
targets for terrorists desiring to damage the nation?s economy and
incite fear in the minds of the American people.
While the possibility of large-scale attacks similar to 9/11 remain
significant, it is also possible likely that terrorists will employ
smaller scale operations such as the suicide bombings prevalent in
Israel. Terrorists understand that the cumulative effect of many small-
scale operations--that are easier to plan and conduct ? can be just as
effective as large-scale attacks in their overall impact on Americans?
sense of security in their own country and, especially, at United
States facilities overseas.
IAIP's budget relies on the expectation of two emerging trends:
First, the nature and complexity of threats will increase; and, second,
our national infrastructure components will become more complex and
interdependent. These trends will result in more demands on the
Department and IAIP to anticipate terrorist intentions, tactics and
capabilities, and to mitigate risks and vulnerabilities for the
protection of the United States and its citizens.
For these reasons, the President's Fiscal Yyear 2005 budget request
for IAIP is structured around the following major program areas: Threat
Determination and Assessments, Infrastructure Vulnerabilities and Risk
Assessments, Information Warnings and Advisories, Remediation and
Protective Actions, Outreach and Partnerships, National Communications
System, Competitive Analysis and Evaluations, National Plans and
Strategies, and the Homeland Security Operations Center.
Threat Determination and Assessment ($21.943 Million)
IAIP's Threat Determination and Assessment program is designed to
detect and identify threats of terrorism against the United States
homeland; assess the nature and scope of these terrorist threats; and
understand terrorist threats in light of actual and potential
vulnerabilities within critical infrastructures and/or key assets.
Addressing these issues requires the IAIP Directorate to improve on its
existing set of threat analysts and analytical tools by hiring and
training additional highly skilled threat analysts; acquiring and
fielding new analytical tools and technologies to assist in assessing
and integrating information; and deploying secure communications
channels that allow for the rapid exchange of information and
dissemination of analytical results.
These improvements will be used for multiple purposes, including:
(1) providing analysis and assessments of the current threat picture as
it relates to critical infrastructure; (2) developing actionable
intelligence for Federal, state, and local law enforcement; (3) issuing
warnings at all levels from the Federal Government to the private
sector; and (4) supporting efforts to identify and coordinate effective
countermeasures.
The President's Budget requests $21.943 million for continued
support of on-going activities to continually form terrorist threat
situational awareness, execute the functions outlined above, and focus
on information sharing and coordination within DHS as well as in the
Intelligence Community and other external stakeholder communities.
These capabilities enhance the performance of two critical functions in
protecting the homeland. First, it offers the United States Government
the ability to integrate, synchronize, and correlate unique sources of
information relating to homeland security, emanating from traditional
and non-traditional (e.g., state and local governments, private
industry) sources. Second, the IAIP Directorate is positioned to
integrate knowledge of potential terrorist threats with an
understanding of exploitable infrastructure vulnerabilities, resulting
in a value-added profile of national risk that transcends traditional
threat and vulnerability assessments.
Funding in this area is targeted to increase the IAIP Directorate?s
technical competencies by training analysts and equipping IAIP with the
most advanced technologies and tools. The training, tools and
technologies will be utilized in four primary areas:
Model Terrorist Organization: Developing a detailed
understanding of terrorist organization capability with
supporting materials and connectivity to interpret and predict
threats.
Develop Terrorist Capabilities Baseline: Developing a
detailed understanding of terrorist capabilities baseline with
supporting materials and connectivity to interpret and predict
threats.
Collaboration and Fusion: Expanding collaboration and
fusion efforts from DHS to internal components, and out to an
extended customer base.
Analysis Coordination: Spearheading the effort to
build a collaborative and mutually supporting analysis
coordination schematic for DHS, and ensure that it incorporates
others (TTIC, TSC, and the Intelligence Community) into a
``community of interest'' approach for understanding domestic
terrorist threats.
Infrastructure Vulnerability and Risk Assessment ($71.080 million)
The Homeland Security Act directs the IAIP Directorate to carry out
comprehensive assessments of the vulnerabilities of the critical
infrastructure and key assets of the United States. As such, the IAIP
Directorate serves as the focal point for coordination between the
Federal government, critical infrastructure owners and operators, and
state and local governments for the sharing of information and the
planning for response to crisis events affecting infrastructures.
The Fiscal Year 2005 President's Budget requests $71.080 million to
fund the development of a comprehensive National infrastructure risk
analysis and profile (e.g., high value/high probability of success
targets); development of analytic tools to evaluate critical
infrastructure and key assets; and the coordination and development of
a National threat vulnerability and asset database to access,
integrate, correlate, and store threat and vulnerability information.
These mission areas will be enable IAIP to identify potential risks
caused by infrastructure interdependencies, and determine the potential
consequences of an infrastructure failure due to a terrorist attack.
Ultimately, the intent of these efforts is to strengthen the
capabilities of the IAIP Directorate and each critical infrastructure
to provide near real-time notification of incidents; enhance the
ability of the IAIP Directorate to assess the impact of incidents on
critical infrastructure and key assets; to assess collateral damage to
interdependent infrastructure; and create tools and processes to
enhance infrastructure modeling and risk assessment capabilities.
The Fiscal Year 2005 budget request for infrastructure
vulnerability and risk assessment is divided into three areas:
National Infrastructure Risk Analysis: Funding in this
area supports the development of comprehensive risk and
vulnerability analyses on a national scale. These analyses are
cross-sector in nature, focusing on problems affecting multiple
infrastructures, both physical and cyber-related. As assigned
in the Homeland Security Act and HSPD-7, the IAIP Directorate
will continue to leverage and develop new techniques to map
data provided by threat analyses, provide consequence analysis,
and create vulnerability assessment teams based on the nature
of the indicators or incidents. The goal is to produce timely,
actionable information that is more meaningful to industry. A
portion of this funding also supports the direct involvement of
critical infrastructure sector experts to supplement risk
analysis efforts and to gain a better understanding of the
sector's core business and operational processes. In addition,
a portion of this funding is utilized for exploration and to
pilot innovative methodologies to examine infrastructure
vulnerabilities and interdependencies.
Analytic Tools Development and Acquisition: The IAIP
Directorate will continue to collaborate with the Science and
Technology (S&T) Directorate to acquire the most advanced tools
and database designs available to better understand the
complexities of interdependent systems and for translating vast
amounts of diverse data into common and usable information for
decision-makers, analysts, and infrastructure operators. Such
capabilities include data-logging systems, modeling and
simulation, data mining, and information correlation. Funding
is targeted toward developing dynamic and multi-faceted tools
designed to expand access to needed information.
National Threat/Vulnerability/Asset Databases: The
funding level requested for this activity in the fiscal year
2005 budget is based on the recognition of the data intensive
nature, scale and complexity of analyzing infrastructure
vulnerability issues. The intent is to develop and maintain
databases that allow the IAIP Directorate to provide its
stakeholders with up-to-date information on threats and
vulnerabilities. Specifically, the IAIP Directorate is
continuing to coordinate and direct the development of the
primary database of the Nation's critical infrastructures
through a collaborative process involving all stakeholders;
maintain data on the risks posed to specific facilities and
assets (and the probability of attack and associated
consequences for homeland, national, and economic security
should an attack occur); and develop, operate, and manage
integrated data warehouses--in full compliance with the
Department's privacy policies--that contain comprehensive
allsource threat, vulnerability, and asset data.
Information and Warning Advisories ($59.807 Million)
One of the most visible aspects of the DHS mission lies in the
management and administration of the Homeland Security Advisory System,
the communications of threat condition status to the general public,
and the continuous around-the-clock monitoring of potential terrorists
threats. Specifically, there are three key information and warning
activities that help support the Homeland Security Advisory System and
other efforts to alert key Departmental leadership, national leaders
and the general public: (1) tactical indications and warning and the
associated warning advisory preparation and issuance; (2) information
requirements management; and (3) integrated physical and cyber
infrastructure monitoring and coordination.The Fiscal Year 2005
President's Budget requests $59.807 million to maintain the information
and warning program. In addition to continuously operating a 24x7
capability, the information and warning program area will provide surge
capabilities for the HSOC and with other Directorates during heightened
states of alert or in response to specific incidents. The relevant
fiscal year 2005 budget request is divided into three primary areas:
Tactical Indications and Warning Analysis/Warning
Advisory Preparation and Issuance: Funding in this area
supports submission of collection requests for threat
information to the Intelligence Community and law enforcement,
disseminating guidance to DHS components, developing analyses
on the nature and scope of the threats, and identifying
potential terrorist targets within the United States. A program
priority is the continued to development of tools and
technologies to assist our analysts to interpret, integrate,
and catalogue indicators, warnings, and/or actual events and to
provide Departmental and national leaders situational
awareness. Another priority is the need to publish threat
advisories, bulletins, and warnings at different levels of
classification prior to distribution to the relevant
stakeholders. Threat publications are detailed and disseminated
in a timely fashion, portraying the nature, scope, and target
of the threat. Ultimately, this information provides the basis
for determinations to change the threat condition.
Information Requirements Management: Information
related to threats and critical infrastructure vulnerabilities
are collected, stored, and protected within a diverse set of
locations and sources, spanning all levels of government
(Federal, state, and local) and including intelligence,
proprietary and public sources. Funding in this area supports
the technologies necessary to search within those diverse
databases to identify, distill, and/or acquire mission-critical
information. Program funding supports efforts to coordinate
information requests and tasks emanating from within other
parts of IAIP, other DHS Directorates, the Intelligence
Community, law enforcement, state and local governments, and
the private sector. In addition, a portion of these funds is
used to supplement the information technology structure to
accomplish these tasks efficiently and effectively through the
use of leading-edge capabilities. This effort ensures that all
information users are able to access all available and relevant
data.
Integrated Physical and Cyber Infrastructure
Monitoring and Coordination: Intelligence and warning staff
monitoring and coordination efforts ensure that threat and
critical infrastructure issues are adequately addressed and
represented. In addition, these efforts coordinate incident
response, mitigation, restoration, and prioritization across
critical sectors in conjunction with the other relevant DHS
components (e.g., Emergency Preparedness and Response
Directorate).
Remediation and Protective Actions ($345.738 Million)
The IAIP Directorate has established a national Critical
Infrastructure Protection program that leverages stakeholder input at
the Federal, state, and local level and across the private sector to
provide the best and most cost-effective protective strategies for ``at
risk'' infrastructure and facilities. Through this program, the IAIP
Directorate provides a broad range of services including on-site
planning advice, technical and operational training programs,
assistance in identifying vulnerabilities, and development and sharing
of best practices. Activities in this area also include security
efforts to protect infrastructure and assets from cyber attacks (e.g.,
malicious software, distributed denial-of-service attacks).
1Specifically, the Fiscal Year 2005 President's Budget requests
$345.738 million, for remediation and protective actions divided into
the following five areas:
Critical Infrastructure and Key Asset Identification:
The Homeland Security Act directs the IAIP Directorate to
recommend measures necessary to protect the critical
infrastructure of the United States. One key step in this
process is funding a national program focused on identifying
critical infrastructure and assets and assessing potential
risks of successful attacks to those assets. By understanding
the full array of critical infrastructure facilities and
assets, their interaction, and the interdependencies across
infrastructure sectors, IAIP is able to forecast the national
security, economic, and public safety implications of terrorist
attacks and prioritize protection measures accordingly.
Moreover, the process of identifying and prioritizing assets in
this manner creates a common overarching set of metrics that
consist of the individual attributes of specific infrastructure
sectors.
Critical Infrastructure Vulnerability Field
Assessments: The Directorate coordinates with all relevant
Federal, state and local efforts to identify system
vulnerabilities and works closely with the private sector to
ensure vulnerability field assessment methodologies are
effective, easy to use, and consistently applied across
sectors. Funding is targeted at the need to conduct and
coordinate specialized vulnerability assessments by DHS teams,
in conjunction with teams from other Federal or state agencies
and private sector companies as appropriate, for the highest
priority critical infrastructures and assets. The intent of
these efforts is to catalogue specific vulnerabilities
affecting the highest priority terrorist targets, thereby
helping guide the development of protective measures to harden
a specific facility or asset. A nationwide vulnerability field
assessment program is currently underway leveraging the
expertise of the IAIP Directorate, other agencies, and the
private sector to ensure cross-sector vulnerabilities are
identified and that sound, informed decisions will be reached
regarding protective measures and strategies.
Infrastructure and Key Asset Protection
Implementation: Due to the vast geographic size of the United
States and diverse operating environment for each
infrastructure sector, protection strategies must start at the
local level and then be applied nationally as needed.
Priorities for protection strategies are based on regional,
state, and local needs and on the need for cross-sector
coordination and protective actions within those geographic
boundaries. The budget request reflects the need for the IAIP
Directorate to continue the development of a flexible set of
programs to assist in the implementation of protective
measures. Examples include coordinating with other Federal and
state agencies and the private sector to: (1) ensure the
detection of weapons of mass destruction material is considered
in the development of protection plans; (2) disrupt attack
planning by taking low cost actions that make information
collection and surveillance difficult for terrorists; (3)
defend the most at risk critical infrastructure facilities and
key assets throughout the country above the level of security
associated with industry best practices; and (4) develop a
nationally-integrated bombing response capability similar to
that of the United Kingdom. DHS funding in these areas focuses
on high value, high probability targets and will take the form
of ``joint ventures'' with state and local governments,
regional alliances, and the private sector.
Cyberspace Security: Consistent with the Homeland
Security Act and the National Strategy to Secure Cyberspace, a
key element of infrastructure protection, both in the public
and private sectors, is to ensure the continued healthy
functioning of cyberspace, which includes the cyber
infrastructure and the cyber dependencies in the critical
infrastructure sectors. The IAIP Directorate recognizes that
cyberspace provides a connecting linkage within and among many
infrastructure sectors and the consequences of a cyber attack
could cascade within and across multiple infrastructures. The
result could be widespread disruption of essential services,
damaging our national economy, and imperiling public safety and
national security. The budget request supports efforts to
capitalize on existing capabilities of the Directorate, and
investing in new capabilities to monitor, predict, and prevent
cyber attacks and to minimize the damage from and efficiently
recover from attacks. As the manager responsible for a national
cyber security program, the IAIP Directorate provides direct
funding to support: (1) creating a national cyberspace security
threat and vulnerability reduction program that includes a
methodology for conducting national cyber threat and
vulnerability risk assessments; (2) strengthening a national
cyberspace security readiness system to include a public-
private architecture for rapidly responding to and quickly
disseminating information about national-level cyber incidents-
including the Cyber Alert Warning System; (3) expanding and
completing the warning and information network to support
crisis management during cyber and physical events; (4)
implementing a national cyberspace security awareness and
training program; (5) developing capabilities to secure the
United States Government in cyberspace that include guidelines
for improving security requirements in government procurements;
(6) strengthening the framework for national security
international cyberspace security cooperation that focuses on
strengthening international cyber security coordination and;
(7) the Global Early Warning Information System, which monitors
the worldwide health of the Internet through use of multiple
data sources, tools, and knowledge management to provide early
warning of cyber attacks.
Protection Standards and Performance Metrics: Working
in collaboration with the National Institute of Standards and
Technology as appropriate, the IAIP Directorate is developing
objective data for systems protection standards and performance
measures. Several sectors currently use threat-based exercise
approaches to validate key elements of their protection
efforts. The budget request in this area will focus on
continually improving and validating sector plans and
protective programs and providing training and education
programs for public and private sector owners and operators of
critical infrastructure and/or key assets.
Outreach and Partnership ($40.829 Million)
The private sector and state and local government own and operate
more than 85 percent of the Nation's critical infrastructures and key
assets. Consequently, public-private cooperation is paramount, and
without such partnerships, many of our Nation's infrastructures and
assets could be more susceptible to terrorist attack. The IAIP
Directorate is responsible for cultivating an environment conducive for
public and private partnerships, developing strategic relationships
underlying those partnerships, and coordinating and supporting the
development of partnerships between the Directorate and state and local
government, private industry, and international communities for
national planning, outreach and awareness, information sharing, and
protective actions.
The Fiscal Year 2005 President's Budget requests $40.829 million to
build and maintain a sound partnership foundation. It is imperative
that the Department is familiar with the issues confronting the private
sector, state and local governments, Federal sector specific agencies
for critical infrastructure, and our international partners.
Specifically, strong relationships must be maintained with the
following communities of interest:
State and Local Governments: Establishing and
maintaining effective working relationships with State and
local officials is a fundamental part of the DHS mission to
effectively share information at unprecedented levels. IAIP is
working with DHS' Office of State and Local Government
Coordination to assess the information sharing and
dissemination capabilities that exist nationwide in order to
leverage existing capabilities and supplement capacity where
needed.
Private Sector: The Private Sector is another key
partner in developing a nationwide planning, risk assessment,
protective action, and information sharing strategy. Engaging
the business community and making a business case for
investment in protective and remedial strategies is key to our
success.
Academia: DHS will continue to develop, coordinate,
and support partnerships with academic and other educational
institutions. These partnerships will encourage and coordinate
academic and other workforce development to assure availability
of quality IT security professionals, and encourage curriculum
development to integrate critical infrastructure protection
(security) as normal elements of professional education.
Advisory Bodies: DHS will also provide support to
Presidential advisory bodies and cross-sector partnerships
(including the National Infrastructure Advisory Council and the
Partnership for Critical Infrastructure Security.)
International: This funding will also support and
enhance partnerships with the international community, working
with and through DHS Office of International Affairs and the
State Department, collaborating with the United States State
Department on infrastructure protection activities. This
includes bilateral discussions and activities on risk
assessment and protective actions, information sharing,
exercises and training. Of particular focus is the IAIP
component of the Smart Borders implementation with Canada and
Mexico. We will continue our role as the lead Federal Agency
Role for the Information and Telecommunications Sectors. The
Directorate will continue to partner with representatives from
those industries composing the Information and
Telecommunications sector and to educate members of the sector,
develop effective practices, develop and implement intra-sector
and cross-sector risk assessments, and work with other sectors
on identifying and addressing risks associated with
interdependencies.
Cyber: We will expand the platform established by the
Cyber Alert Warning System to include awareness and education
programs for home users of computers and computer professionals
in partnership with other Federal agencies and industry.
Additionally, within private industry, our partnership and
outreach efforts will involve the engagement of risk management
and business educational groups to implement strategies to
elevate senior management understanding of the importance of
investment in cyber security.
National Communications System ($140.754 Million)
The national telecommunications infrastructure supports multiple
mission-critical national security and emergency preparedness (NS/EP)
communications for the Federal government, state and local governments,
and the private industry. The security and availability of the
telecommunications infrastructure is essential to ensuring a strong
national, homeland, and economic security posture for the United
States. The National Communications System (NCS) is assigned NS/EP
telecommunications responsibilities through Executive Order 12472,
Assignment of National Security and Emergency Telecommunications
Functions, which include: administering the National Coordinating
Center for Telecommunications to facilitate the initiation,
coordination, restoration, and reconstitution of NS/EP
telecommunications services or facilities under all crises and
emergencies; developing and ensuring the implementation of plans and
programs that support the viability of telecommunications
infrastructure hardness, redundancy, mobility, connectivity, and
security; and serving as the focal point for joint industry-government
and interagency NS/EP telecommunications planning and partnerships.
The Fiscal Year 2005 President's Budget requests $140.754 million
for the capabilities and analytic tools necessary to support the
expansion of NS/EP telecommunications programs and activities. The
fiscal year 2005 funding level ensures a continuation of the NCS
mission and legacy NS/EP telecommunications programs and assets.
Specifically, the fiscal year 2005 budget request for the NCS is
divided into four areas:
Industry-Government and Interagency Processes: The NCS
has cultivated and expanded its relationships with the
telecommunications industry and other Federal agencies to
promote joint planning, operational activities, coordination,
and information sharing. The primary industry partnership is
the President's National Security Telecommunications Advisory
Committee (NSTAC), which is comprised of 30 industry leaders
representing various elements of the telecommunications
industry. The NSTAC and its subordinate body, the Industry
Executive Subcommittee (IES), provides industry-based analyses
and perspectives on a wide range of NS/EP telecommunications
issues and provides policy recommendations to the President for
mitigating vulnerabilities in the national telecommunications
infrastructure. Paralleling this industry relationship is the
interagency process involving the NCS Committee of Principals
and its subordinate body, the Council on Representatives, which
facilitate the NS/EP telecommunications activities of the 23
Federal agencies constituting the NCS.
Critical Infrastructure Protection Programs:
Leveraging the industry relationships described above, the NCS
manages several network security and CIP-related programs,
including: (1) the National Communications Center (NCC), a
joint industry--and Government-staffed organization collocated
within the NCS and serves as the operational focal point for
the coordination, restoration, and reconstitution of NS/EP
telecommunications services and facilities; (2) the
Telecommunications Information Sharing and Analysis Center,
which is the focal point for the generation, compilation, and
sharing of cyber warning information among the
telecommunications industry; (3) the Government and National
Security Telecommunications Advisory Committee Network Security
Information Exchanges (NSIEs), which meet regularly and share
information on the threats to, vulnerabilities of, and
incidents affecting the systems comprising the public network;
(4) the Critical Infrastructure Warning Information Network
(CWIN), which is designed to facilitate the dissemination of
information and warnings in the event of a cyber attack; (5)
Training and Exercises, which helps ensure the readiness and
availability of qualified staff to perform the operational
duties of the NCS associated with Emergency Support Function
#2--Telecommunications of the Federal Response Plan; (6)
Operational Analysis, which develops and implements tools and
capabilities to conduct analyses and assessments of the
national telecommunications infrastructure and its impact on
NS/EP services; (7) NCS also supports the Global Early Warning
Information System, which monitors the worldwide Internet
health through use of multiple data sources, tools, and
knowledge management to provide early warning of cyber attacks,
(8) Shared Resources (SHARES) High Frequency (HF) Radio
Program, developed by the NCS and in continuous operation since
being approved by the Executive Office of the President in the
NCS Directive 3-3 of January 1989. The SHARES program makes use
of the combined resources and capabilities of existing Federal
and federally affiliated HF radio stations on a shared,
interoperable basis to provide critical backup communications
during emergencies to support national security and emergency
preparedness (NS/EP) requirements.
Priority Telecommunications Programs: The NCS is
continuing a diverse set of mature and evolving programs
designed to ensure priority use of telecommunications services
by NS/EP users during times of national crisis. The more mature
services--including the Government Emergency Telecommunications
Service (GETS) and the Telecommunications Service Priority
(TSP)--were instrumental in the response to the September 11th
attacks. Fiscal Year 2005 funding enhances these programs and
supports the development of the Wireless Priority Service (WPS)
program and upgrade to the Special Routing Arrangement Service
(SRAS). Specifically, priority service programs include: (1)
GETS, which offers nationwide priority voice and low-speed data
service during an emergency or crisis situation; (2) WPS, which
provides a nationwide priority cellular service to key NS/EP
users, including individuals from Federal, state and local
governments and the private sector; (3) TSP, which provides the
administrative and operational framework for priority
provisioning and restoration of critical NS/EP
telecommunications services; (4) SRAS, which is a variant of
GETS to support the Continuity of Government (COG) program
including the reengineering of SRAS in the AT & T network and
development of SRAS capabilities in the MCI and Sprint
networks, and; (5) the Alerting and Coordination Network (ACN)
which is an NCS program that provides dedicated communications
between selected critical government and telecommunications
industry operations centers.
Programs to Study and Enhance Telecommunications
Infrastructure Resiliency: The NCS administers and funds a
number of programs focusing on telecommunications network
resiliency, security, performance, and vulnerabilities,
including: (1) the Network Design and Analysis Center, which is
a set of tools, data sets, and methodologies comprising the
Nation's leading commercial communications network modeling and
analysis capability that allows the NCS to analyze the national
telecommunications and Internet
infrastructures; (2) the NS/EP Standards program, which works closely
with the telecommunications industry to incorporate NS/EP requirements
in commercial standards and participates in national and international
telecommunications standards bodies; (3) the Converged Networks
Program, which investigates vulnerabilities and mitigation approaches
in future technologies and networks (specifically Internet Protocol-
based networks); (4) the Technology and Assessment Laboratory, which
provides the ability to evaluate penetration testing software, modeling
tools, various operating systems and protocols, hardware
configurations, and network vulnerabilities, and; (5) the Routing
Diversity effort, which is developing a communications routing
diversity methodology to analyze a facility's level of routing
diversity and is evaluating alternative technologies which can provide
route diversity, and (6) the NCS, through various associations and
other activities is involved in a variety of International Activities
(NATO, CCPC, CEPTAC, and Hotline) which provides technical subject
matter expertise, guidance, and coordination on CIP issues affecting
the telecommunications infrastructure in numerous international forums
on behalf of the United States Government.
Competitive Analysis and Evaluation ($18.868 Million)
The Competitive Analysis and Evaluation program ensures that IAIP
products and services are tested, accurate, based on sound assumptions
and data, and ultimately, offer the highest quality, depth, and value
to IAIP customers. The Fiscal Year 2005 President's Budget requests
$18.868 million to provide for the unbiased, objective analyses and
evaluation of IAIP findings, assessments, and judgments through three
functional areas: Risk Assessment Validation, Evaluation, and Exercises
and Methodologies.
Risk Assessment Validation: Funding is used to
establish and field physical and cyber target risk analysis
teams that employ ``red team'' techniques to evaluate measures
taken by other IAIP components to protect key assets and
critical infrastructure. The red teams emulate terrorist
doctrine, mindsets, and priorities and employ non-conventional
strategies to test and evaluate IAIP planning assumptions.
Evaluation: Funding supports several initiatives,
including the IAIP Product and Process Evaluation, which
involves conducting independent, objective evaluations of IAIP
products and processes and to assist IAIP divisions to develop
products that offer value to IAIP customers. The second is IAIP
Customer Satisfaction, which evaluates customer satisfaction
with IAIP products and services to ensure they are responsive
to current customer needs. Funding in this area provides for
electronic and non-electronic feedback surveys, field visits,
and conferences.
Exercises and Methodologies: Coordinate and manage
interagency exercises and tabletops that test both DHS and IAIP
policies, processes, procedures, capabilities, and areas of
responsibilities. Participating in and conducting after action
reviews of exercises provides invaluable experience and
feedback related to capabilities, connectivity, and information
sharing during a crisis event. Investment in this area informs
the Department's decision as to where improvements are needed.
This funding also supports examining and instituting advanced
methodologies such as alternate hypotheses, gaming, modeling,
simulation, scenarios, and competitive analyses to ensure IAIP
products are accurate, sophisticated, and of the highest
quality and value to customers.
National Plans and Strategies ($3.493 Million)
Critical to ongoing national efforts to protect and secure the
homeland are updating, revisiting, coordinating the development, and
monitoring the implementation of National Plans and Strategies. The
Fiscal Year 2005 President's Budget requests $3.493 million to support
activities by coordinating, developing, and publishing contingency
planning documents for critical infrastructures (as called for in the
National Strategy to Secure Cyberspace), monitoring progress against
those documents, and producing an annual report.
Homeland Security Operations Center ($35.0 Million)
The HSOC maintains and shares domestic situational awareness;
coordinates security operations; detects, prevents, and deters
incidents; and facilitates the response and recovery for all critical
incidents. The HSOC is the focal point for sharing information across
all levels of government and the private sector.
The HSOC facilitates the flow of all-source information and
develops products and services including: (1) the daily Homeland
Security Situation Brief for the President, (2) reports and briefs to
law enforcement, the Intelligence Community, other Federal and state
agencies and industry partners, (3) warnings and alerts to individual
responder agencies and the public as appropriate, and (4) coordinated
response when crises do occur. The HSOC concept is to draw from the
many distributed systems and centers that are currently dedicated to
different missions and optimize their contribution to homeland
security.
HSOC funding will help with the time efficiency of issuance of
information and warning advisories through increased operations
efficiency brought about by facility improvements.
New Programs
In the fiscal year 2005 IAIP budget, as a part of an interagency
effort to improve the Federal Government's capability to rapidly
identify and characterize a potential bioterrorist attack, the
President request $11 million for a new biosurveillance iniative. This
increase provides for real-time integration of biosurveillance data
harvested through the Centers for Disease Control (CDC), Food and Drug
Administration (FDA), United States Department of Agriculture (USDA)
and DHS Science and Technology (S & T) Directorate with terrorist
threat information analyzed at IAIP. Currently, a finding from one
source of surveillance exists in isolation from relevant surveillance
from other sectors, making it difficult to verify the significance of
that finding or to recommend appropriate steps for response.
Integrating the information in IAIP, and analyzing it against the
current threat picture will inform effective homeland security
decision-making and speed response time to events.
This interagency initiative, includes DHS's ongoing BIOWATCH
environmental biodetection program, Health and Human Services' (HHS)
proposed BIOSENSE program, HHS' and United States Department of
Agriculture's (USDA) ongoing joint separate food security surveillance
efforts, and USDA's agricultural surveillance efforts. This DHS-led
effort will promote data sharing and joint analysis among these sectors
at the local, state, and Federal levels and also will establish a
comprehensive Federal-level multi-agency integration capability to
rapidly compile these streams of data and preliminary analyses and
integrate and analyze them with threat information
Conclusion:
In summary, the fiscal year 2005 budget request provides the
resources to enable the IAIP Directorate to manage and grow in its
mission of securing the homeland. I look forward to working with you to
accomplish the goals of this department and the IAIP directorate.
Mr. Chairman and Members of the Subcommittees, this concludes my
prepared statement. I would be happy to answer any questions you may
have at this time.
Mr. Gibbons. We will turn to members for 5 minutes or for
those people that did not make an opening statement an
additional 3 minutes to their time to ask questions.
I will begin by asking you a sort of ``current events''
topic today. The Congressional Quarterly this morning is
reporting that the Heritage Foundation is about to release a
report that is somewhat critical of the Department for being--
and I will quote their statemen--just another end user, end
quote, of intelligence information.
The article further implies that the Department of Homeland
Security is not a full partner, because it does not have
oversight authority over TTIC.
Could you address this issue for the committee? Is DHS a
full partner at TTIC, or is DHS simply just another end user of
the information?
General Libutti. I appreciate the questions, sir. It gives
me a chance to share with you my views relative to not only
TTIC but our charge and responsibility.
As you all know, we are the newest member of the Federal
intelligence community, and we full members. We are not red-
shirting. We are not standing in the back of the bus. We are
full players. We demand excellence. We interact with members of
the community across the country in terms of providing input to
us from State and local, private sector.
In terms of the TTIC response, I would tell you this. We
are part of the TTIC. We are TTIC. The key players in TTIC are
the CIA, the FBI and Homeland Security. Members of Homeland
Security work in the spaces and operation and function within
the TTIC environment.
TTIC's key point in terms of function is integration. They
bring together foreign and overseas data and intelligence. They
combine that with input from Homeland Security, the Justice
Department, key point, FBI, and they integrate, fuse, analyze
and share it with their customer base, which are the key
players in the Federal Government.
When we receive that information, we are charged to and
absolutely every day execute comparative and competitive
analysis of that information. And what is different about what
we do, sir--and ladies and gentlemen--is that we focus on the
domestic scene, and we do so, again, in concert with our
customer base.
So when we analyze information relative to a threat, be it
general or specific, we take that input which our folks at TTIC
have helped in supporting development of, and we provide to our
IA leadership, General Pat Hughes, input from State and local
folks. We analyze that with a view towards action, protective
or preventive action, in support of protecting the country.
Quite frankly, I see TTIC as a great effort, a great
initiative set up, established at the right time, at the right
place, as the country looked for a service to function and
integrate intelligence. For me and from my standpoint, it is
working.
I just glanced very quickly this morning at the Heritage
article. I respect the leadership at Heritage. They have not
called me or talked to me about their concerns or their
viewpoints. I dare say, although I don't know this for fact,
they probably didn't talk to General Pat Hughes either or any
of our folks in our intelligence organization. But I dare say
perhaps with further investigation that investigation would
reveal that, number one, we have a principal, primary mission
to support and protect the homeland. We are in the intelligence
business. Our focus is different than the agency, the CIA, or
TTIC, and I think we are doing it smartly.
Mr. Gibbons. Mr. Secretary, I gather from your comments
that you feel the article was either inaccurate or
misrepresentative of the facts?
General Libutti. Sir, again, I glanced at it very briefly.
I would say that if indeed the article represents a notion that
we are not full players, that is absolutely incorrect.
Mr. Gibbons. Let me ask a very brief question. I have 40
seconds to do this, and hopefully we can get through it.
There have been a lot of news articles and reviews recently
reporting that the terrorist watch list is not functional and
that border security officials and law enforcement personnel
don't have easy access to this information. I think we all
understand that the Terrorist Screening Center is an FBI
program. Could you briefly address this issue from the
perspective of a customer of the Terrorist Screening Center?
General Libutti. The FBI Department of Justice does lead
the effort now. I think it is a feather in the cap of the
Department of Justice and overall those who deal with
countering terrorism in the country that the Terrorist
Screening Center is alive and well, up and functioning and
producing great results.
The bottom line in terms of what that center is about is to
help the cops on the beat at State locations, providing a
single point of contact for entry into the national system
which would ask appropriate questions regarding those we
suspect of being terrorists or conducting terrorist activity.
It is still in its initial phases.
As you all well know--and if you don't I will provide a
quick summary--one, the charge is work day-to-day now; and they
are doing that. I would tell you that my recollection is that
there have been since 1 March 1,388 inquiries into that system
and 527 positive hits that have helped law enforcement across
the country deal with the situation at hand. I mean, that has
got to mean something in terms of not only the operational side
of it but what we see as a way ahead in terms of what we expect
in the future when the program is fully mature.
My recollection as well is that local cops have access to
over 50,000 records that are now part of what is available to
cops on the beat.
My recollection as well is that we had hoped to complete
the second aspect of the Terrorist Screening Center and the
Department of Justice and the FBI's work is that we would take
numerous watch lists and integrate them into a single database.
That effort, indeed, may take longer than we had expected as an
effort we could do by this summer.
But the point of fact is the system is working. The
clarification, purification, adjustments of the watch list is
being done, and a single database is indeed being developed.
So the system works now; and, as I said earlier, I think it
has had tremendous credibility in terms of how cops see that
system working now to support them.
Mr. Gibbons. Thank you very much.
I will turn now to Ms. Sanchez of California for 5 minutes.
Ms. Sanchez. Thank you, Mr. Chairman.
Well, I asked a whole bunch of questions in the beginning,
so let me just go over a couple of them, and maybe you can get
to them quickly.
The first one was on the critical infrastructure and having
the database listing. As I said, Mr. Liscouski had said that it
would be completed within 5--might be completed within 5 years.
What is the right estimate? Who is in charge of the effort?
What methods are being used to prioritize that critical
infrastructure? How comprehensive is the database going to be?
I know that this is an unclassified setting, but can you tell
us generally what is included, what industries, what public
infrastructure?
Secondly, if you could speak, please, to the funding
decrease for the risk assessment in fiscal year 2005. If we
don't have a completed assessment yet and we are not going to
have it for 5 years, then why are we cutting the funding in
that category? Aren't you concerned that we are not getting
adequate staff to do this or adequate funding to do it,
considering it has been 2 years--over 2 years since 9/11 and
this committee has seen nothing done with respect to this work
yet?
General Libutti. Well, I respect your comments, ma'am, but
I must say there has been an awful lot done in terms of risk
assessment, contacts that we have made in IAIP with Bob
Liscouski in the lead and his magnificent team. We plan on
moving forward over the next year to look at 1,700 facilities.
When you lay that out against the thousands of infrastructure
facilities across the country, you would say, well, that may
not be much more than a drop in the bucket, except with this
footnote.
What we have done with the private sector and business
leaders is looked across the country at what we believe are
key, critical infrastructure sites or facilities, and we have
prioritized our efforts to deal with those facilities that we
think are what I call critical centers of gravity, the loss of
which would result in economic failure, lack of trust from the
American people and a catastrophic failure in terms of function
of the cities and areas around those facilities.
So that has been done. We have connected with people in the
private sector as well as State and local authorities.
Ms. Sanchez. So this security that is being done on these
very critical situations that you have said you have already
taken a look at, has there been Federal money spent to help
fortify that or not?
General Libutti. Money out of my Directorate has been
spent, was spent in 2003 and is now being spent to support,
one, identifying that which is most critical, two, working to
analyze the actions that need to be taken--we call protective
measures--to reinforce or harden those facilities or targets
and--.
Ms. Sanchez. Why is that information not shared with the
Subcommittee on Critical Infrastructure?
General Libutti. I can't answer that, ma'am. I am surprised
to hear you say that. I will make every effort and--.
Ms. Sanchez. I mean, we have asked over and over for some
sort of list or what are you doing or what is the
infrastructure you are protecting or what should we protect.
Because remember, after all, we are the ones that control the
dollars to all of this.
General Libutti. Ma'am, you are absolutely right; and I
hear you loud and clear. Let me outline within this 1,700
number I gave you where we are going.
Ms. Sanchez. And how did you choose the 1,700? I mean, this
is the question we all have. We don't know.
General Libutti. I will do my very best to answer your
question, ma'am.
The broad areas that we are looking at with a priority of
effort, the chem sites, nuclear power plants, soft targets, for
example, shopping malls, stadiums and the rest, electric power
substations and mass transit systems--when people ask me, Frank
Libutti, what are your concerns overall in terms of how you see
the threat and that which will be paramount in your mind in
terms of protective action working with the private sector and
the other folks in the intelligence community and our other
customer base, I would tell you, broadly speaking, it is
transportation, it is aviation--transportation at large,
aviation and energy.
The points I just made relative to where our current focus
is represents the priority of action in terms of where we are
going to go over the next year, and I regret that you are not
informed relative to that. I will make a very special effort
to--.
Ms. Sanchez. Great. So I can get a list of the 1,700Sec.
General Libutti. To bring those details to you, ma'am.
Ms. Sanchez. Whether it has to be in a secret meeting or
what have you. But, I mean, we really have been asking for this
information, and we have seen nothing.
General Libutti. You asked how we arrive at this. In our
business, in terms of how Intel informs actions, other than the
Intel actions which we refer to, setting requirements,
collecting against requirements, analyzing that and taking
actions, that is the Intel side. But the real action side of
what we do, something that should be and will be measured and
shared with you all, is Bob Liscouski's action. My expectation
is not only will we hold meetings, conference calls and
councils across the country with appropriate ISACs and CEOs, I
am looking for material changes that really make a difference
in terms of the physical plant. And we are working towards
that. That is a priority for what we are all about.
Again, I will be happy to share that with you or ask Bob
Liscouski to share that with you as well.
Ms. Sanchez. Thank you, Mr. Chairman. I see that my time
has expired. Thank you.
Mr. Gibbons. Thank you, Ms. Sanchez.
We will return now to the chairman of the full committee,
Mr. Cox, for 5 minutes.
Mr. Cox. Thank you, Mr. Chairman.
Welcome, Mr. Secretary. I want to cover just one or two
topics, but I have a lot of little, detailed questions. So I am
going to do something unusual and ask you to just jot down some
notes. I am going to start out with eight little questions
about factoids that I think you can just tell me you know the
answer to or you don't and you can get back to us, if that is
all right.
The first--and the two topics concern, first, IAIP growth
plans and how you are staffing up; and the second concerns the
downstream role of TTIC and the relationship of TTIC to IAIP.
So here are eight questions that I hope will elicit some
data in response.
First, your budget request this year, the Department's
budget request, seeks to fund 19 new analysts in IAIP, and I am
just wondering what that represents in terms of a percentage
increase, how many you have currently.
Second, where are we getting these 19 people? Are these
going to be fresh hires from universities, or will we fish in
some other pond?
Third, how long will it take to bring the 19 up to full
capability?
Fourth, are they going to be hired for specific subject
matter expertise, for example, in biohazards?
Fifth, inasmuch as there are other intelligence agencies
that are also hiring analysts and some of them have more
established brand names, does Congress need to help you provide
additional incentives so that you can attract the kind of
analysts that you need? Are you thinking about that, or do you
need to--.
General Libutti. I can answer that question, if I may
interrupt and say as I said earlier--and I don't mean this to
be--try to be cute. We need all the help we can get, and I will
talk when you finish, sir, about our way ahead in terms of
staffing, planning, recruiting efforts, et cetera. But
certainly any encouragement, particularly from a gentleman of
your persuasion and reputation, is going to make a difference,
and I thank you for it.
Mr. Cox. Well, to try and throw that question more in the
category of the others so that you can respond with just--that
could be a difficult conceptual topic to get into, but, you
know, very specifically, do you need authority for more money
in order to do that?
Six, does DHS and do you at IAIP have your own training
program for your analysts? How will they be trained? By whom?
Is there a set program, for example.
Seventh, what is the current percentage of your analysts at
IAIP who are detailed from other Federal agencies?
And eighth, and finally, what percentage of IAIP's analysts
are now contractors or annuitants?
You may be able to answer some or all of those with the
information you brought, and possibly you will have to get back
to us. I would appreciate that either way.
The other question relates to TTIC. I have a transcript of
an interview on Fox News, or at least a news story on Fox News,
quoting John Brennan at TTIC. Mr. Brennan repeats something we
have heard in this committee before, that Homeland's mission
stops at the U.S. shore. It concerns me a great deal, because I
think it is abundantly clear that the mission does not stop at
the U.S. shore. There is absolutely nothing in the Homeland
Security Act that suggests that.
As a matter of fact, today's terrorist threat to the people
who live in America's cities and towns is an overseas-directed
threat, and the information that we are eliciting from
questioning of Al- Qa`eda operatives in Guantanamo is leading
us not only to the place that they might conduct their
activities in the United States but also to their overseas
bases and to the organizations that are both directing these
things and recruiting additional people to do it. We set up the
Homeland Security Department so that we would have someplace
where we could deal with this unique threat with the nature of
this.
What I will say is TTIC's unique disadvantage is just the
opposite of what Mr. Brennan is saying, and that is that TTIC,
under the direction of the DCI and de facto if not de jure
under the control of the CIA, cannot, should not and must not
be involved in domestic U.S. homeland security.
Mr. Cox. They are essentially an overseas operation, so we
have to have TTIC and IAIP to perform those statutory
functions.
I just want to leave you with section 201(D) of the act
which I am fond of quoting. It is, in fact, the law, and it
says that first on a list of your responsibilities is to
access, receive, and analyze law enforcement information,
intelligence information, and other information from agencies
of the Federal Government, State and local government agencies,
including law enforcement agencies and private sector entities,
and to integrate such information in order to identify and
assess the nature and scope of terrorist threats to the
homeland, detect and identify threats of terrorism against the
United States, and understand such threats in light of actual
and potential vulnerabilities of the homeland.
I cannot for the life of me see how that mission differs
from TTIC's. I think they have set themselves up as a direct
competitor.
So my second question to you is, can we anticipate down the
road a plan for Homeland to acquire control over this
operation, which the Inspector General says is a competitor
that is diminishing your opportunity to do your job?
And I want to conclude all of these questions by saying, I
ask these in a spirit of complete, unequivocal support for your
mission and what you are doing. This committee is the strongest
booster for the Department in Washington that you are going to
find. We want you to be as effective as possible in fulfilling
those statutory mandates. That is a lot, but--.
General Libutti. Sir, I will do my very best with the time
constraints and the rest, and mind my manners in that regard.
So I will try to get through key points. One is the manpower
piece, TTIC, and related questions, that which I do not have a
chance to answer, so we will provide that back to you and to
the chairman as requested.
General Libutti. But let me start with the last point.
Again, I was the Commissioner For Counterterrorism in New York
City when all of this came about in terms of the establishment
of TTIC. So when I came in as prepped for my hearings, I had to
get smart on TTIC, the interaction with IAIP, the Department of
Homeland Security, and other members of the Intelligence
Community. And at the time, and as I now feel, the
establishment and stand-up of TTIC was the right thing at the
right time under the right leadership. Our relationship with
John Brennan as the leader of that organization has been
superb.
As I said or alluded to, and I will try to restate it more
clearly now when I reference the point that we are TTIC, I
believe that in my heart, I believe that intellectually. We are
both customer and contributor to the TTIC effort, and I think
it has been more than satisfactory in terms of supporting our
needs as an integrator and an organization that is not per se
operational, nor does it per se collect, but it gathers. We are
in the business of taking that information and intelligence and
actioning it to people that have a responsibility to protect
the homeland, both in the Federal Government and in the State
and local arenas. There is my bottom line in terms of your last
point. In the future, we ought to be open enough to keep all
options on the table relative to any organization that supports
the intelligence effort of this great country.
Let me move to manpower, sir, and you know most of this, so
I will try to cut through the details and provide bottom line
executive ceremony. When IAIP inherited positions from five
legacy organizations, the vast majority of which were vacant;
that is, we got the authority but people did not come with
that, and the numbers I want to share with you are 409 vacant
of 544 total for 2003. We put into place an aggressive hiring
plan. That plan includes the following: identification of our
unique needs. We are talking people that have to, at the end of
the day, to fully support our operation, have Top Secret/SCI
clearances, because the space I work in is a SCIF space.
Next, we have been using contract support to help us write
position descriptions, advertise the jobs, conduct interviews
with appropriate candidates, and alluding to one point you made
earlier, I would just say in a broad sense we are looking for
at every corner to recruit, in academia, young, hard charges
coming out of the service, people who have been long-standing
experts in the intelligence field. There are no holds barred,
no restrictions in terms of those we are looking at to bring
into this and bring onto this great team.
The plan is to bring 40 new employees a month on board. We
currently have on board 263 full-time employees, with another
100 positions in the hiring process. What that means is we have
interviewed 100 people, and I am hoping and praying, saying my
rosary, that the majority of those folks are motivated to come
on board and support us, because we need them, and you are
absolutely right.
These folks are supplemented by 214 detailees and
contractors for an on-board strength of 471 people. Please
understand, as I know you do, sir, but permit me to carry on,
it is a heck of a challenge in trying to find qualified folks,
because the competition in this town is not simply in terms of
the Federal Government, including intelligence agencies, but it
is with the private sector, the private sector who is
appropriately reaching out and doing business with us in the
area of homeland security, and IAIP needs the same credentials
and classification requirements as my folks need.
So back to a point you made earlier, and it is not about
money, because we got enough money; it is about the reputation
and encouragement of everybody in a leadership position in this
town to help us recruit. And I would ask you to help me with
that, sir.
One of the challenges we have, and my staff and I are
focused on this big time, I think it gets back to a question
that Representative Turner raised, or maybe even just suggested
we look at, and we are, sir, and that is the whole
classification system. It takes a year or a year-and-a-half to
get somebody cleared and, quite frankly, being the infantry guy
I am, a fairly simple person in terms of getting things done, I
want to get things done. And while I am not criticizing the
current system, because it is appropriate given the guidelines
that we all work under now, I am going to try to move forward
and ask folks to deal with that, to look hard at the whole
classification system. Not that we would circumvent the
requirement to bring in people that are clean as a whistle,
that have great integrity and can deal with classified
material, but the fact is it slows the heck out of what we are
trying to do.
The question relative to analysts in IAIP, we have 74 FTEs
and 37 detailees for a total of 111 people. And given my
approach towards recruiting, we can bring on 40 or so a month,
and we will move ahead to close the gap and meet our objectives
in terms of hiring.
Sir, that just touches broadly on your two questions. I am
happy again to provide answers on the following additional
questions you rifled at me in terms of experts to deal with
biohazard and the training piece and the rest, and I am happy
to do that, with your blessing.
Mr. Cox. As follow up, that is fine.
General Libutti. Yes, sir. Appreciate it, sir.
Mr. Gibbons. Thank you very much, Mr. Cox. We will turn now
to Ms. McCarthy for 5 minutes.
Ms. McCarthy. Thank you, Mr. Chairman. And thank you, sir,
for your testimony here today.
I want to follow up with you, first of all, by telling you
how pleased I am that you are requesting an increase in funding
for communication skills and efficiency of informations and
warnings, and I thank you for sharing the good news with us
about the watch list improvements for our police. You have been
on the frontline in New York and in the world of the police
department, and so you know how vital that is.
You mentioned in your testimony that there is going to be
improvement on the wireless service for Federal, State, and
local officials, and that is truly one of the key topics I hear
from my first responders when I am talking to them in the
district.
Would you explain a little bit more about that wireless
service that you mentioned and how it is going to be
interoperable? I hope that is under consideration; I did not
hear that in your remarks, and I wonder if it does include
interoperability, because I think that that is one of the most
important things our first responders bring up with us. They
need timely, usable information from the Department, and then
they have to make informed decisions and hopefully prevent some
sort of terrorist incident out there in America, and there are,
of course, several methods and ways to share information. But I
wonder what type of information IAIP plans to share with State
and local officials and the methods that they will use to pass
this along, particularly in a timely way.
General Libutti. I thank you for the question. It reflects
our priority as well. I know that you all are aware of the
initiative the Secretary rolled out last week in Washington and
I rolled out in St. Louis last week. It is called our Homeland
Security Information Network. I am on my way to Florida and
other places across the country to initiate that program and
improve what I would call our ability to communicate and share
information.
To the point that you asked, ma'am, regarding
interoperability, that is a concern of ours, but the lead
agency for that piece of communications, info-sharing, is
science and technology. But I will turn my attention now to
attempt to address your questions regarding wireless. But when
you mention that word, interoperability, what is to me is I am
a user of technology, and the technology wizards are in S & T
and not in my shop.
But I do want to just briefly talks about GETS, which I
mentioned earlier, which is about the land side, and the WPS,
what is the cellular side. I just want to cover key points that
I put together in my notes, appreciating the fact that you
would have questions on this.
The goal of the Wireless Priority Service, or what we call
WPS, is to enhance the Nation's cellular telephone
infrastructure with priority capability that gives national
security and the emergency preparedness community priority
communications at all times under all circumstances. The WPS is
designed to provide critical users a high probability of call
completion during periods of extreme communication network
congestion; for example, during 9/11, major hurricanes, storms,
or, God forbid, another terrorist attack.
The wireless infrastructure in the United States consists
primarily of two technologies offered mainly by the six major
nationwide carriers and almost equally deployed. The global
system for mobile communications, GSM, for AT & T Wireless,
Cingular Wireless, Nextel and T-Mobile, and Code Division
Multiple Access, we call CDMA, for Verizon Wireless and Sprint
PCS, just to give you a sense of what we are after in terms of
land and cell, and then who is doing that and who we expect to
complete those actions.
Ms. McCarthy. Mr. Secretary, I appreciate that knowledge,
and I would be happy for you to just get that to me to read
thoughtfully and also have available for my conversations with
my first responders at home.
General Libutti. Yes, ma'am.
Ms. McCarthy. Speak to me about how confident you are about
achieving this and when, because you are right, when you
mentioned storms, during a severe ice storm a couple of years
ago in my community, my fire and police could not talk to each
other. They wanted to help out, they ended up using their cell
phones.
General Libutti. Yes, ma'am. Again, my New York experience
brings me to that same conclusion. At State and local levels
that needs to be improved and improved with a real strong
energy, strong vector at let's make it work.
Back to a point I made earlier. The S & T folks are looking
across the country at all technologies off the shelf, what the
future looks like, and they are the ones that are providing the
technology advanced concepts in support of folks in the cities
and States. My job, again in support of science and technology,
is to be a good listener in terms of what first responders are
saying and to hold that up against the threat. So technology
and supported communications interoperability must make sense
in terms of what we know about the tactics, techniques, and
operational capabilities of the bad guys. So that is my role in
that.
Ms. McCarthy. I appreciate that role.
General Libutti. I want to just cover something, if I may.
Ms. McCarthy. Let me just suggest something to you, sir,
out of respect to time and the other concerns of the committee.
I appreciate that you are a good listener; I know you are.
I would like you to be a big bell ringer. I would like this to
become a priority, not just in the science and technology end,
but in your end as well, because really, truly, that is the
number one issue I hear over and over again from the first
responders, is the need for that. And I believe we need to make
it a priority, and I would like your involvement in that goal.
General Libutti. Yes, ma'am. I do want to cover if I may,
Mr. Chairman, just continue very quickly, and again it is just
stats that I put together to share with you.
In terms of the GETS program, currently there are
approximately 82,000 users of that program. In the wireless
program that we refer to, the priority service currently, 3,000
users and rapidly growing operational in terms of the T-Mobile
network, AT & T Wireless, and Cingular, we expect to come up
this June, and Nextel this fall. Verizon and Sprint will
provide those same services not later than 2006. Again, we will
provide all of this to you upon request.
Ms. McCarthy. Well, it is 2004, and let us hope it does not
take until 2006, sir. I very much appreciate your enthusiasm on
this issue.
General Libutti. Yes, ma'am. I appreciate it.
Ms. McCarthy. I yield back.
Mr. Pascrell. Mr. Chairman, would you yield for 30 seconds?
Mr. Gibbons. The gentlewoman's time has expired, but
without objection, we can yield to you for 30 seconds.
Mr. Pascrell. I just listened to the conversation, and
there is a zero amount of money budgeted for interoperability.
So we are talking out of both sides of our mouth here, before
we go any further. Thank you.
Mr. Gibbons. Very good. Mr. Secretary, you do have an
opportunity to respond to the comment since it was made.
General Libutti. Well, sir, again, at the risk of beating a
dead horse, my charge is the Intel piece and the infrastructure
protection piece. I am very confident, having testified Tuesday
with Dr. Chuck McQueary, that he and his folks are indeed on
top of the interoperability science and technology application
to help first responders.
Mr. Pascrell. It is still zero.
General Libutti. Sir, I will share with Dr. McQueary your
concerns.
Mr. Camp. [Presiding.] The Chair now recognizes the
gentleman from Connecticut, Mr. Shays.
Mr. Shays. Thank you very much. Mr. Secretary, I was
looking at your bio and I was thinking we are very fortunate to
have you, and I was thinking of all of the other folks like
yourself who want to be of service in this Department. I also
was thinking, as our former chairman was there, he helped
initiate the effort of the Department of Homeland Security, it
came before my subcommittee when we established it, and it is
amazing how much has been accomplished in a short period of
time.
But my questions are--so when I ask these questions, I want
to put them in the context of we have come so far, but we have
so far to go. I also want to say that we had your Department--
your part of the Department represented last year and it was a
very unfortunate dialogue. We learned you had not yet been--the
analysis side had not yet had their facility, we learned that
there were not many people. You have Information Analysis and
Infrastructure Protection. Under Information Analysis, how many
people do you have?
General Libutti. Again, I will look through my notes. I
think we are just short of 90 people, sir.
Mr. Shays. Okay. That is an approximate; much better than
where we were.
General Libutti. Oh, yes, sir. Again, as you said earlier,
I am a team player, Coach--
Mr. Shays. I do not want to spend too much time on that.
You are much better than where you were. So can we leave it at
that?
General Libutti. Well, with all due respect, I just again
want to signal to everybody that I look at it as one team. For
dissecting organizational tasks, it is IAIP Op Center. I have,
as I said, my total number--.
Mr. Shays. I am running out of time here. I am sorry. You
have made your point. I do not think you need to make it again.
General Libutti. Yes, sir.
Mr. Shays. But what I want to do is I want to get into the
warning system. It is one part that you have, and I want to ask
you right now, are we at green, blue, yellow, orange, red; low,
guarded, elevated, high, or severe? Where are we at right now?
General Libutti. Sir, as you know, during the holiday
period--.
Mr. Shays. I want to know right now. Where are we at?
General Libutti. We are at yellow, sir.
Mr. Shays. Right. And the reason I am asking that question
is why are we at elevated? Why are we at elevated instead of
guarded?
General Libutti. We are at elevated because as those of us
in the business of intelligence analysis, making
recommendations and advice and protecting the homeland, there
is absolutely zero doubt in my mind that the intent of Al-
Qa`eda and other terrorist groups has not changed and they are
hell-bent on bringing the country down. They have talked about,
and we have collected information that indicates that they--.
Mr. Shays. I hear you on that. Explain to me, though, if
you could, why would that not be the general risk of a
terrorist attack?
What concerns me is you are already at that level of
yellow, so you only give yourself one before you go to
basically red. And I just wonder, because I feel right now that
we are functioning under a guarded position, that there is a
general risk of a terrorist attack, and I think that is how the
public is functioning. We all know there is a general risk. I
guess what I would love to know is whether--and I would like
you to review that on whether we should not be back down one
level. Because when you go to orange, my point is, and I am
getting to this point, when you go to orange, you are basically
saying that there is a high risk of a terrorist attack. But the
same message we are getting out of your Department is, it is a
warning to the people who can protect us, but it is not a
warning to the general public, and I do not understand why when
we go to orange it should not be a warning to the general
public. I can understand if you went from--I am sorry, just
from basically guarded to elevated, you know, but when you go
to high. So if you could tell me why.
General Libutti. My first step moving to answer your
question, I ought to start by sharing with you my view relative
to the two points you made. You talk about risk and you talk
about threat. The threat is the threat, and I talked about that
by saying there is no doubt in my mind that intent has not
changed. The threat is serious. We see actions that reflect
that overseas. That is why we see the administration and our
great, beloved military taking all appropriate actions to
charge on a second front and bring people to justice, et
cetera, et cetera.
But when you hold up risk assessment and the
vulnerabilities that we identify when we look across the
country at what I call centers of gravity and key target sets,
and then we, with our friends and partners and industry and
local and State authority, take those actions, preventive,
protective actions, you take a risk--excuse me, a threat, you
take actions, and you reduce the risk to those facilities and
the American people. You do not take a threat and apply it to a
situation. If you have taken measures and call that threat when
you see it a 10, you call it a 10 when it gets to a target set.
I am trying to define in simple terms the difference between
ongoing threat, terrorist intent, and how we mitigate that
threat by taking action.
Mr. Shays. I am trying to understand why we are at elevated
as opposed to guarded.
General Libutti. We are at elevated, sir, because the
threat is real. The threat is real.
Mr. Shays. But wouldn't the threat be real if we were at
guarded?
General Libutti. Well, I think again, the gradations, the--
if I could say the ``shades of color'' would simply indicate
the requirement to be more aggressive in terms of--.
General Shays. I am just going to then renew my point. I
would love you all to look at this a little differently. I
think when you--we are going now in a guarded way. That is how
the public is functioning. I think even that is how a lot of
our local folks are. And I think you do not give yourself
enough levels. And when you read what orange is, that tells me
that it is more a warning not just to our law enforcement
folks, but it also should be a warning to the general public. I
do not think we should hear from the Department when we go to
high that you should just do what you normally do. I think that
is not wise, and I think it prevents us from doing responsible
things.
General Libutti. Sir, I hear you loud and clear and I
appreciate your point, and I agree with you. I would only--if I
may add a footnote. We do our very best to look strategically,
operationally and tactically at what the threat means, we look
at the actions we have taken and we try to assess what the risk
is to a city, a county, a State, a facility. Again, I share
with you parenthetically, having served in New York, this may
be pretty sensitive to this next point. Our job is to share
that information with State and local leadership, governors,
mayors, our police chiefs, not to tell them how to suck eggs in
terms of whatever decision they decide to make relative to
actions in that place, particularly involved in communicating
the threat in that city or region to the people of that area.
Mr. Camp. Thank you, Mr. Secretary. The time has expired.
The gentleman from New Jersey, Mr. Andrews, is recognized
for 8 minutes.
Mr. Andrews. Thank you, Mr. Chairman.
Thank you, Mr. Secretary, for your time.
General Libutti. Sure.
Mr. Andrews. If a State trooper in Ohio stopped a car along
Interstate 80 right now and the driver of the car was on the
terrorist watch list maintained by the CIA, would the State
trooper know that?
General Libutti. Well, he does not know it instantaneously,
sir. What he does is, through his dispatch, gets back to the
terrorist screening center. The terrorist screening center will
provide appropriate inquiries to a database or to a watch
list--.
Mr. Andrews. I would assume so. Let us assume that it is an
ordinary vehicle stop, just for speeding. The trooper has no
idea of anything other than that. And let's assume for the
moment that the trooper has a laptop in his or her car for
local law enforcement purposes. Would the laptop give the
trooper information to the terrorist watch list?
General Libutti. You present an interesting scenario. Given
the threat across the country, and from what I know police
departments have done in educating and training and making
their cops aware, I would put money on the fact that that cop
would be very suspicious relative to any incident or situation
of that nature and probably mind his manners, quite frankly, in
terms of privacy and civil rights. But he is going to be as
aggressive as he needs to be to follow up on what his intuition
and professional training has indicated he needs to do.
Mr. Andrews. I agree with that, and I think that is very
characteristic of police officers and I am grateful for that.
But would the officer have access to the CIA watch list?
General Libutti. The officer--again, I am sharing with you
a process, sir. If he is concerned and wants an inquiry into
the watch list or database, there is a system in place to do
that and, normally, he or she would contact their dispatcher
electronically back to the terrorist screening center in
minutes, not hours; there is a turnaround of that information,
and the gentleman or lady on the beat makes the judgment.
Mr. Andrews. See if you can walk me through that. So let's
say the trooper, if the trooper had some reason to suspect that
he or she should ask the question, the trooper would have to
either e-mail in or call in to the dispatch.
General Libutti. Probably call in or if they have a
computer within the vehicle, they would use that system.
Mr. Andrews. Does the dispatch have the authority to get
the information from the terrorist watch list? Does the Ohio
State police dispatch?
General Libutti. Yes, sir, again, following the process,
following the procedures.
Mr. Andrews. What are the procedures? Tell me what happens
between the dispatch and the terrorist watch list. What hoops
do you have to jump through?
General Libutti. I am not sure, sir. This is difficult or
challenging, as you might think. But again, in simple terms,
the cop on the beat works through his operation center,
probably electronically nowadays, that information is passed
back to the terrorist screening center that is really the
advocate and single point of contact for the cop on the beat.
The terrorist screening center exercises its responsibilities
and makes inquiries into watch lists or the database status,
whatever that may be, does appropriate--asks appropriate
questions, gets the answers and passes it back to the cop on
the beat.
Mr. Andrews. How long does it take?
General Libutti. I think it depends on the situation. It
is--.
Mr. Andrews. What is the shortest time, what is the longest
time?
General Libutti. I will get you that information in terms
of all of what I have indicated where over 1,000, I think I
said earlier, 1,388 calls made and 527 positive matches. I
would be happy to do two things, sir: give you whatever
specific data we have, and two, provide you with appropriate
slides, a detailed briefing on the interaction of the terrorist
screenings.
Mr. Andrews. I would like to know the time range, what is
the shortest period of time, what is the longest period of
time.
General Libutti. I would be--it would be premature for me
and not wise to tell you 5 minutes, 6 minutes.
Mr. Andrews. Sure.
General Libutti. I think it truly and very sincerely
depends on the situation, circumstances. One of the points I
made earlier when first questioned on this caused me to respond
in a way that I will just again summarize. We are making a
valiant effort and a noble effort to purify watch lists. Same
name, same initial, different date of birth, other complicating
details. That is part of the challenge, but it is working to
purify watch lists and bring those watch lists into a database.
That is going very well.
Mr. Andrews. Let me ask your opinion about something, and I
ask this question without prejudice.
General Libutti. Yes, sir.
Mr. Andrews. Do you think the day should come when an
officer has on his or her laptop the watch list, has access
electronically to it? Should that trooper be able to enter in
whatever identifying characteristics he or she has of the stop
and just get the information instantaneously?
General Libutti. I think that is a terrific question. I
would be prone to, given my background and experience, to take
it on board and bring in duty experts from the police
department and kick it around, as well as those charged with
safeguarding extremely sensitive information and making every
effort because of this great challenge we have of maintaining
the balance between privacy and civil rights, individual rights
as well. I would just want to make sure whatever system we put
in place was darn near perfect in terms of protecting
individual rights and privacy, and that we need to be very,
very careful with all of that.
But the operational response is when in doubt take
appropriate police action to safeguard the country and the
American citizens. So again, I would be very happy to provide
you details on this through my staff. Again, the FBI runs this.
We have provided the Assistant Director For the Terrorist
Screening Center, and we will contact him and pry out
additional details.
Mr. Andrews. I appreciate your concern about civil rights,
and I certainly share it. I do not think that anybody should be
restricted in their liberty if we just are suspicious of them.
That is not our law, that is not our tradition. But I also
think that if there is a significant body of evidence that
someone is being watched, that law enforcement officers ought
to know that, because it is a piece of the puzzle that they can
help put together--.
General Libutti. I agree with you, sir.
Mr. Andrews. That might help prevent a catastrophe.
General Libutti. You are right, and while what I am going
to say does not support your example, I can tell you from my
experience again with NYPD, the people who know the community
and the area and the cops and first responders, it is not the
guys at the Federal level, and that is why this partnership is
so critical.
Mr. Andrews. It is also why I share Mr. Pascrell's view: we
have to get some money in the budget for interoperability. I
know that is not your call, but it is really important. Thank
you, Mr. Chairman.
Mr. Camp. Thank you. The gentleman from Arizona is
recognized for 5 minutes.
Mr. Shadegg. Mr. Under Secretary, thank you for your
testimony today. I appreciate it. It is helpful to us.
I want to follow up on that line of questioning. I think we
are all interested in actually the two-way communication
between you and the cop on the beat and between the cop on the
beat and you. In a minute I want to go into some staffing
levels and find out how adequate you feel you are staffed,
which I understand you have touched on already. But first let
us talk about the question that was just raised.
In response to the issue of whether or not the officer on
the street should be able to get on his laptop and access this
list, you said that you would talk to experts in the field and
analyze that issue and express your concern about privacy, and
I think there is a valid concern about privacy. My question of
you is, are you currently discussing, or do you have an ongoing
analysis effort, to look at how functional that line of
communication currently is; that is, we hear from our local
police, look, you know, we cannot find out who the terrorist
is; we worry that we might stop a terrorist and let her or him
go. We are not sure that we are getting communication from the
Department on these issues.
So I guess my first question is, hopefully a softball, are
you guys studying this? Do you have an ongoing effort working
with local police and State agencies to try to find out what
would work, and how fast does it have to be to be functional?
Generalal Libutti. The answer is absolutely, sir, yes.
Mr. Shadegg. So it is a softball, good.
General Libutti. Seriously, I mean again, you have to
understand, I say this with great humility and respect for law
enforcement and first responders. I mean this is where it is
happening. That is where they are going to interrupt, disturb,
detect, bring to justice these folks, so I mean my head and
heart are there.
Back to the point about direct communications. Let me give
you the Frank Libutti Marine Corps response to that and
understand it in terms of now my greater responsibility as an
Under Secretary. We need to streamline communications, but we
do not need to be cavalier or bullish in the way we do that,
because there are lots of people who have equities in terms of
dealing with the threat of terrorism.
I mentioned earlier, I believe I mentioned earlier that I
am very much a supporter, and it would not surprise you given
my background, in what I call chain of command and chain of
communications, and I do not want to cut out people within that
chain, particularly if we are dealing with an imminent
situation. You stop somebody, things do not look good, it is
going south in a hurry, this could be something big, or it
could be a routine pull-over perhaps with someone who is
involved in supporting terrorism, but indirectly through money
handling, laundering, et cetera. We need to be very careful
about that. And the answer to that question I think is broadly
speaking, conceptually, streamlined communications is a two-way
street. Get it to people who have to take action. Track that so
that we get a good sense of warnings, indicators, and profile.
It all talks to surveillance and counter surveillance programs
that we do not run per se, but the cops on the beat do.
Mr. Shadegg. Let's flip the coin. On the opposite side of
the coin--well, one side of the coin are their concerns that
they may not know they have stopped a terrorist, they want to
be able to find out, they want to be able to help in the cause.
The flip side of it is they have observed something suspicious,
they want to pass it up the chain. And we get the same
complaint there, that and colleagues might get--I suspect they
do, I know I do, and complaint might not be the right word;
concern there, about well, we are not sure if we passed it up
if it would go anywhere.
General Libutti. I would hitchhike on your point because it
is a very good point and one that concerned me tremendously in
New York as well. To that point, as I said earlier, we rolled
out this homeland security information network. The guts of
that is something called JRIES. JRIES is the Joint Regional
Information Exchange System. We did not give birth to it; it
was something within DOD months and years ago. I used it in New
York. When I came down to Homeland Security, I said let us look
at that to see if we can broad base this thing to support first
responders. We are now doing that. It is extremely effective.
The future in my view calls for us to integrate and complement
other network systems. But the current system right now, where
it has been embraced across the country, right now, with a view
towards providing to 50 States and 50 other high urban areas
within several months, these systems, this laptop system, this
interactive system will give people on the beat the opportunity
of darn near zero time response. As soon as you hit it, click
send, that is gone, and that now, from the standpoint of that
which is in New York City, is reflected in our operations
center on a broad screen. We know what they know. We pass it
back to them. We share it with all other members that are
involved in the JRIES homeland security network right now. So
the guy in California knows what the input is Newn York has
provided, and that goes across the country.
Mr. Camp. Thank you, Mr. Secretary. The gentleman's time
has expired.
The gentleman from New Jersey, Mr. Pascrell, is recognized
for 8 minutes.
Mr. Pascrell. Thank you, Mr. Chairman.
General you talked about wireless in response to some
questions before, and I am not going to bring up the subject
about what is budgeted, because that is maybe beyond someone's
pay grade, I do not know. But I understand that. You are the
messenger. But you are more than a messenger down on Nebraska
Avenue. You are more than a messenger. Because you spoke in
your entire presentation to the question about commercial
entities.
Understand that we are very concerned on this committee
with public institutions, and that is why the subject of our
first responders, police and fire, has been brought up. This is
a critical issue. We are kind of flabbergasted as to the budget
response. That was the whole point of the discussion, and I
hope you understand that. It was not meant to be in any manner,
shape, or form critical of you.
General Libutti. I understand, sir. I appreciate your
comment.
Mr. Pascrell. Second point. You, throughout your
presentation in terms of work that has been submitted,
indicate, even in the area of personnel, not only service, but
personnel, the hiring of personnel, you contracted out much of,
a lot of this work. In fact, in many areas there is more
contracted personnel than there are public personnel in terms
of full-time equivalent employees.
General Libutti. Correct, sir.
Mr. Pascrell. My question is this, a very simple question:
is this public record?
General Libutti. I believe it is. I am a little, not taken
aback, but perhaps do not understand your question as I should.
Mr. Pascrell. Let me be more clear. In other words, anybody
on this committee would be able to review any of the contracts
that your agency has developed in terms of either service or
personnel?
General Libutti. I do not see why not, sir.
Mr. Pascrell. Okay. So we would know who the private
contractors are that you have looked to?
General Libutti. The only concern, not in this forum, but
in the appropriate forum in terms of specific manpower within
the IA side, the Intel side, we need to be careful to share
that at the appropriate classified level, and I am happy to do
that.
Mr. Pascrell. I understand your function and the function
of your agency in terms of information-gathering and analysis,
is to attempt to anticipate and then interrupt. I am
simplifying it, and if I am incorrect, interrupt me.
General Libutti. Well, forgive me for interrupting, and I
only would add to what you have said, sir, to support you. It
is about prevention, and then interrupt, deter, reaction.
Mr. Pascrell. That is very interesting. Very briefly, the
question of your agency, therefore, is not reactive. It is a--
if we know a series of threats exist, we may suggest, we may
not only try to interrupt those threats; we may act to try to
remove the threats in the future. Therefore, this is more of a
wider scope of involvement of your agency, of socioeconomic
factors, groups that we interact with in other countries, so
that we prevent these things from happening to change people's
perception about America.
General Libutti. Yes, sir.
Mr. Pascrell. That is not an overstatement, is it?
General Libutti. It is terrific, sir.
Mr. Pascrell. Now, 2 years after September 11, we still do
not have, and you have heard this today, our infrastructure
risk assessment in terms of spending priorities, et cetera, et
cetera. Can you tell me when this will be complete? Ranking
Member Turner referred to this in one of his questions earlier
today. And then give us a brief explanation as to why this is
the case at this point.
And then I have one other question, if I may.
General Libutti. What I would like to open with is a
comment that is meant to again communicate my sincerity and yet
my energy in moving forward. The magnitude and scope of the
challenge ahead is such that assessment, risk assessment,
categorizing vulnerabilities, and taking action will be a
never-ending process and program. I would say again, since I
have been on board, since early July as sworn, we have made
great progress in this in terms of looking across the country,
using indicators and lessons learned from Liberty Shield and in
concert with the private sector, State and local officials, to
begin this grand effort, this noble effort to put our head into
and arms around critical information. It is an ongoing effort.
A week ago, I was privileged to be with the lieutenant
governor in Virginia, and he grabbed me in the elevator and
said, Frank, that list of critical infrastructure just is not
right. And I said, yes, we have recently reviewed it and it
needs to be updated and we are hard-charging to do that.
The point I am making, sir, with all due respect, is that
this is a tremendous challenge, one that will never go away in
terms of, you take your pack off. So I would simply tell you
that there is an ongoing, aggressive effort to look at the top
priority target sets and take protective action in terms of
working with the private sector.
Mr. Pascrell. One more, General. Please follow me.
Before 9/11, there was intelligence that went from Federal
agencies, CIA, FBI, to the FAA about individuals, specific
individuals that we were targeting, focusing on. We do not know
clearly, and maybe the 9/11 Commission will bring this forward,
we do not know clearly whatever happened to that information
from the FAA, and I am sure they have been questioned on this,
and we will learn about this. We know just very little.
How often do you actively communicate with senior
intelligence officials from the CIA, the FBI, the DOD, the
State Department, to go through difficult interagency problems
such as information-sharing, and defining lines of
jurisdiction. There are a lot of questions at least hinting to
that. Do you ever meet as a group, for instance?
General Libutti. The answer to all of those questions is
yes, yes, and yes. I talk to folks every day in the
Intelligence Community across those agencies. Pat Hughes,
General Hughes, the Assistant Secretary for Intelligence, talks
to TTIC several times a day, the FBI, the CIA, DIA, State
Department contacts. And others across the Federal Government.
Pat Hughes holds within the Department of Homeland Security
meetings every month with members of the intelligence team in
the Department of Homeland Security.
Now, let me pause and tell you what I mean by that so you
get a good sense. When we brought all of the agencies together,
they came in, they had their operational element, and they had
their Intel teams to support their mission profile. This had
not gone away, and properly so. Pat Hughes, as the Intel
officer for the Department of Homeland Security, has exercised
his leadership in tremendous fashion, bringing together the
leadership and the intelligence business across the Department,
and he does that regularly. That reinforces the notion that the
center of gravity, the center of the universe in terms of
advice and sharing information at a senior level is happening
repeatedly, very aggressively, and productively.
Mr. Camp. The gentleman's time has expired.
Mr. Pascrell. Thank you.
Mr. Camp. Thank you.
Mr. Secretary, looking at the IAIP Directorate as a whole,
can you give some examples about how the information-sharing
and intelligence programs are aiding this critical
infrastructure protection effort?
General Libutti. Sir, I can, and I shall. I would tell you,
as I mentioned in the opening statement about the Information
Operation Center, and I will try to again summarize this and
then I will respond to additional questions.
The centerpiece of what I do is information-sharing/
intelligence. The other piece of that, is to take appropriate
action to protect the infrastructure of the country and then
advise appropriate leadership.
Key point: information-sharing. The operation center for
us, and I am privileged to tell you that General Matt
Broderick, retired Marine works for me. He runs the operation
center. But he is in charge of the Secretary's operation center
and not my operation center. That operation center is indeed,
as mentioned earlier, the nerve center for communications. And
in that regard, it is through the operations center that
inquiries are made, advisories, bulletins, and alerts to our
customer base across the country are sent out and received. In
addition to that, there are frequent conference calls, secure
VTC with our friends at the White House, other members of the
interagency, and State and local officials as well.
The operation center conducts itself on a 24/7 basis. It
has representation as liaison to other organizations to help
with information flow and sharing of that information. So you
have agencies represented in the operations center from Federal
Government organizations, DOD, FBI, State, local police. During
the holiday period, we had detectives from NYPD and California
sitting with us. During the holiday period, given the threat
and the credibility of that threat, under our leadership in
IAIP and the blessing of the Secretary, we sent executive teams
to several locations across the country to meet with mayors,
governors, police chiefs to share with them real-time, face-to-
face what we knew about the threat and recommendations that we
thought should be put in place. It gives you a broad overview
of how important information sharing is.
I would only add this footnote, and I am repeating myself.
The guts of what we do in terms of the Web-based connectivity
stream is the homeland security information network. That is
good to go now, will improve in terms of the expanded
capability in the future. The JRIES program, the guts of that
worked very well. In the future, this homeland security network
in terms of sharing critical IAIP information will go from
unclassified law enforcement-sensitive by the end of the year
to a classified, secret level information-sharing system.
Mr. Camp. To follow up on that, I have seen figures that 98
percent of our critical infrastructure is in private hands, and
clearly there needs to be a collaborative effort between the
Department and the private sector, and I know that the ISACs,
the information sharing and analysis centers, have been created
to share information on threats and vulnerabilities. I wonder
if you could just comment on the progress those have made. I
realize there are some challenges that remain, particularly
communicating with industry on activities being set up by the
Department and other items.
General Libutti. Yes, sir. It gives me a good chance to
brag a bit on the leadership and aggressive spirit of Bob
Licouski, Assistant Secretary for Infrastructure Protection,
who has my full confidence and is indeed charging ahead. I want
to comment a little bit on this ISAC business so you understand
how I feel about it.
This organization or group of people is absolutely central
to information sharing and the high expectation we have that
they will be leaders within the industry to bring the industry
together, not simply to pass information. Having said that, Bob
is looking on my behalf into how we can look at ISACs and
broaden their capability and responsibility as true capital L
leaders in the community. We think they can do more. We think
they have done a super job. But we need to, I think, reorient
perhaps their direction and their influence.
To that point we have brought together what is called the
ISAC Council, made up of senior representatives across all
communities, and we are posing that very question to them,
soliciting their advice. But we are focused on improving what
is now a good system and making it an outstanding system. So
again, key point. They are critical. They have to play. We are
looking at ways to make their contribution even greater.
Mr. Camp. Thank you. I see my time has expired.
The gentleman from Rhode Island is recognized for 5
minutes.
Mr. Langevin. Thank you, Mr. Chairman.
Good afternoon, Mr. Secretary. Thank you for being here.
General Libutti. Yes, sir.
Mr. Langevin. Let me begin by following up on some of the
things that Chairman Cox and my colleague Mr. Pascrell have
already touched on.
As you can tell from the questions that are coming from the
committee, there is still a great deal of concern, even
confusion, over the relationship between DHS and the rest of
the Intelligence Community, and I am sure there is probably
going to be a recurring theme until we are confident that that
relationship is seamless. We ask for obviously your cooperation
and your indulgence in trying to work with us to get through
this.
But in particular, my question centers on the creation of
TTIC and the terrorist screening center, which perhaps seems to
again have muddied the waters when it comes to the roles and
responsibilities of key counterterrorism units.
So my question is, and perhaps you have already answered in
some way, but do you share any of this confusion? Do you see
any concerns that we should be aware of, and do you think it
would be helpful to have a written presidential directive
clarifying the roles and responsibilities of IAIP, TTIC, TSC,
CIA, FBI, and the rest of the Intelligence Community?
General Libutti. I have already made the comments in
response to your question to other members, and if you will
permit me, I will sort of summarize that as opposed to going
through a long list of that which I think is critical, but I
will be prepared to stand by for that, sir.
We are a new organization. My feelings, and I am a guy who
sees things half full, not half empty. If I get any sense from
any member of the Intelligence Community that is not treating
us with appropriate dignity and respect and understands that we
are full players, I take appropriate action. And I have not
hesitated in the past to do that.
Now I tell you that not to be so bravado, but to tell you
as a footnote I have not had to do that much. I tell you that
the leadership of the FBI, CIA, TTIC and the rest, including
DIA, they get it. They understand the responsibility of the
role that we shoulder.
Where there has been, if any, problem along the way is with
some younger folks who do not understand the changing culture,
perhaps have not read the Homeland Security Act, but when they
are instructed, when they are coached, they get it. But I can
tell you that for the time being at every turn we are going to
have to ensure that we do not miss the opportunity to inform
people of what my mission is, what the mission of Homeland
Security is, and make darn sure they understand that this is a
team effort.
So I do not know if that answers part of the question, but
I have--I mean we do not live in a perfect world. I mean even
great organizations across the country, the Federal Government,
all branches of government, certainly would admit in an open
and candid discussion that they can always make improvements to
either the decision process, administration, logistics,
whatever. And we are in the process of doing that. And you have
my guarantee we will continue to improve the system. But the
bottom line is the system is working. And I say that in terms
of TTIC and the terrorist screening centers. Lord knows, it is
only in its first phase of standing up and being fully
operational. And I will be happy at any point in time to come
back one-on-one or send my staff to meet with your staff, sir,
to share with you the status of progress being made.
Mr. Langevin. I guess one particular point, just in
following up, is there any information that TTIC receives that
DHS does not?
General Libutti. Well, I need to be careful with that, and
I say this sort of tongue in cheek, you don't know what you
don't know. But I know what the Homeland Security Act says, and
it says I have unfettered access to all intel.
Part of the challenge in the past and probably that which
merited correction and we took it was when we started IAIP up--
and I might add we just moved into a new building, and I invite
you all and your staff to come visit us. It is at the NAC. It
is the same facility, but it is a renovated building.
Back to my point, initially, we did not have electronic
connectivity with databases across the intelligence community.
That has been fixed. So perhaps that is one of these small
boulders that we circumvented to move forward; and we have done
it quite well, in my opinion.
We are always looking for ways to improve, we always try to
be better listeners, but we act, behave and expect respect from
the intelligence community as full players.
Thank you, sir.
Mr. Langevin. Thank you, Mr. Secretary.
I see my time has run out. I will forward another question
to you for the record, basically asking you if you could
explain what information DHS has collected from States and the
private sector regarding risk assessments and describing how it
is being used by DHS to build a priority list, but I will
submit that to the record since my time is expired.
General Libutti. We will be delighted to respond. Thank
you, sir.
Mr. Camp. Thank you, sir.
The gentleman from New York is recognized for 5 minutes.
Mr. Sweeney. Thank you, sir.
General good to see you again.
General Libutti. Good to see you, sir.
Mr. Sweeney. As a fellow New Yorker, I will try to be
direct and to the point, as you always are, and I am going to
maybe beat a dead horse but continue down the same line of
questioning, with the hopes that I think you understand it, but
other people understand in the intelligence community--.
General Libutti. I understand, sir.
Mr. Sweeney.--the concern that we have over the ability of
TTIC to incorporate itself into and be a useful process with a
great deal of confidence being gained by Members of Congress
and the American people, and I think that the key to that is--
and I know the Chairman has mentioned this before. I was going
to talk to you about personnel levels. I know you have answered
those questions, and you are going to get back. But the key to
this really is--and I want the world to understand it--that you
have got to be the guy in charge. We all believe that here in
this body, and I don't believe other people believe that.
I think there are some written comments that I would like
to cite just because I am very concerned when I read them.
In a February 27th article on Fox News, John Brennan, the
Threat Center Director, said, quote, do you really want to give
this new organization, Homeland, the responsibility for setting
up with secure communications systems and networks and having a
fully trained, analytical cadre? No, you don't want that. What
you want to do is tap into the capability that already exists.
Now, the latter part of that I agree with, but it seems to
me that there is a public resistance to the ideas or the
intentions that I think Congress had when we moved forward and
established the Department of Homeland Security.
Later in the article, Vince Cannistraro is quoted as
saying--and I know he is not (he is former, retired), but he is
highly respected. Quote, it is a joke. What do you gain by
having DHS intelligence?
Now we have been here before and seen this. It is culture.
We get it. We all knew it coming into the process, and I urge
you, I guess, to be blunt and be a New Yorker, to throw your
weight around. You need to justify your contributions. You also
need to justify why you need to be in the game in TTIC, and you
will have a lot of support here on both sides of the aisle, I
would point out.
I want to get to just very quickly some more ministerial or
tangible kind of questions.
Providing State and local officials--other colleagues have
asked this--security clearances, secure communications and
storage--and we see resistance on just the broader sense, so
this may be an impossible question for you. How are you going
to pay for it? Is it all coming out of IAIP? Is it shared by
somebody else?
General Libutti. The appropriate response is that,
initially, in support of the Homeland Security Information
Network, that is $11 million to support 50 States and 50 other
urban areas. It is a combination of monies. My recollection--my
staff no doubt will pass me a note if I miss the mark on this,
and I will share it with you, sir, but I believe it was--the
lion share of that money came out of IAIP because we could
afford to do it in 2004 and additional funds from the office of
domestic preparedness, if I am not mistaken.
We think this is a great first move forward. We will look
now, in terms of what I call the deep fight, what are we going
to do in a couple of years in terms of this system. Given that
technology is turning over so rapidly and my intention is to
provide the first responders the best available, we have got to
figure out--because this is nobody's, what I call in my own
language, cost center line, that program money to support that,
but it was an initiative we thought was absolutely critical. We
moved out on it smartly, and it has been well received across
the country thus far. The implementation of that will probably
hit the street in early summer.
Mr. Sweeney. Let me get to two real kind of tangible things
as it relates. On the $11 million, what do you think the 2004
number is in terms of how many clearances you are going to be
able to have successfully completed?
Secondly, I just left the Approps Subcommittee hearing with
the Secretary, and this issue came up as well of the context of
communicating between the varying levels of government.
I would like to work with your staff at identifying other
resources that may be available both in and out of DHS, and to
some degree that is a tough place for you to go, but we need to
have some ideas. And, I think your partners in TTIC could be
helpful in this, and it may be a suggestion that in the
appropriations process we may be able to pursue. But, more
directly, a ballpark number, how many local and State
clearances you think you will have done by 2004, end of 2004?
General Libutti. The short answer and correct answer is I
don't know. The clearance piece and the funding for that is not
coming out of my shop. I am not the lead for clearances, sir. I
will take that back and put it in the right department.
Again, my job is, as you have heard me say, support the
first responders, support our customer base, talk to the
threat, deal with the infrastructure protection, but I will
take that back.
Mr. Sweeney. And we may need to strengthen that. There is
great concern and has been great concern that first responders
have been out of it, and you are the guardian angel there.
Mr. Camp. Thank you. The gentleman's time has expired.
The gentleman from Washington is recognized for 5 minutes.
Mr. Dicks. First of all, I want to apologize for not being
here for your testimony, because I am ranking on an
Appropriations Subcommittee and was on a much less exciting
issue than this, but thank you for your good work and effort.
Let me ask you a couple of things. In the new DHS strategy
document--you may have covered this, but please bear with me--
released last week, the Department says that it will have a
complete database with a prioritized critical infrastructure
list by the end of 2004. It is unclear, however, who is
spearheading this work at an operational and analytical level
within IAIP. Can you tell us who is spearheading that?
General Libutti. Well, I am in charge of IAIP, and Bob
Liscouski, as Assistant Secretary for Infrastructure
Protection, is the lead for me in that regard, sir.
Mr. Dicks. Okay. Let me ask you specifically, have the
States sent in a list of critical infrastructure? Because the
State of Washington I know not only have they sent in a list,
but they have got a plan. I believe each State should have the
first crack at developing a list of critical infrastructure in
their State and to come up with a plan and submit it to the
Department. Now, is that being done?
General Libutti. It has been done, sir. Plans were
submitted including that information among lots of other things
they submitted by our request. They were due the end of
December. Plans were received. Washington's plan was absolutely
superb.
Mr. Dicks. I couldn't believe how comprehensive it was.
General Libutti. It was tremendous, and if we had time, I
would show you all the plans.
But I would tell you this. One, some of the plans were sent
back for tweaking to help us help them, but the plans are in.
The Secretary appreciated it tremendously, and it is the first
step forward in what I used to complain about--let me restate
that. My concerns in New York were that--and they fixed this,
by the way--that the need for a strategic plan that brought
together cities and towns across New York State with a focus on
priorities, with a focus on ecumenical approach to the
challenges at hand that dealt with money, that dealt with how
we deal with that which in the infrastructure category really
needed to be top, top priority.
So I am absolutely delighted that the States, based on the
leadership of the Secretary, Secretary Ridge, have supported
this business. A strategic plan is the basis to bring the
country together in terms of looking at resource requirements,
prioritization, a blueprint for moving forward. I mean, I
applaud it; and, again, I recognize the great work--.
Mr. Dicks. Good. My time is very short here, so I don't
mean to cut you off. Are these plans going to be utilized by
your Department in developing this database? I certainly would
hope they would be.
General Libutti. Sir, the name of the game is--am sure you
have said this a million and one times in the leadership you
demonstrate every day. It is about partnership, and we will use
all of the information within those plans to frame, to shape
and to make appropriate decisions on infrastructure, on
intelligence, information sharing and in any other area in my
directorate that I have responsibility for.
I would tell you that in the infrastructure business what
we have realized is you have got to look at the physical and
the cyber; and what I have learned in the 6, 7 months I have
been with the Department is that there is incredible
interdependency across industries. You can think of any one
industry and think about if you had catastrophic failure in one
industry, what would the impact be on the other and how would
that affect the small towns and big cities and the industry at
large across the country? So I am with you a hundred percent,
sir, and I appreciate it.
Mr. Dicks. The other thing is on the national cyber
security division. You know the President has laid out his
vision here, the national strategy to secure cyberspace. But is
it being properly funded?
It says the President's budget requested $60 million for
its information warning and advisory program. This program has
three core components: tactical indications and warning
analysis, information requirement management, integrated
physical and cyber structure monitoring and coordination. With
the exception of $56.6 million allocated for the information
warning and advisory groups for the live wire cyber exercises
conducted by NCSD, the budget request does not specify how much
of this total is allocated for cyber security. Can you, for the
record, give us an indication of how this is going to be
funded?
General Libutti. Yes, sir, I can. In the 2005 budget, the
information warning advisory is $23.7 million, and the remedial
protective action program and support of cyber is $55.9
million.
Mr. Dicks. And you have said--going back on the
infrastructure--the database will be completed by the end of
2004. Is that calendar year or fiscal year?
General Libutti. Say the statement again, sir. The end of
2004?
Mr. Dicks. Yes. It says a complete database with a
prioritized central infrastructure list by the end of 2004. The
Department says that it will have it complete.
General Libutti. It is by the end of the calendar year,
sir.
Mr. Dicks. All right.
Mr. Camp. The gentleman's time has expired.
I want to thank the Secretary for being here. This joint
subcommittee hearing is now adjourned.
General Libutti. Thank you very much, sir.
[Whereupon, at 12:09 p.m., the joint subcommittee was
adjourned.]
A P P E N D I X
----------
Material Submitted for the Record
Please: note: Under Secretary Libutti departed DHS February 1, 2005.
Matthew Broderick, the Director of the Homeland Security Operations
Center submits the following responses on behalf of DHS.
Questions for the Record from The Hon. John B. Shadegg
Undersecretary Libutti, the State of Arizona is establishing a
fusion center for intelligence this May that will be officially called
the Arizona Counter-Terrorism Information Center.
Question: 1. Are you aware of this effort?
Answer: Yes, we are aware of Arizona's establishment of a fusion center
for intelligence. Many of the States are setting up similar entities.
We are working to develop a coordinated effort and standards to provide
guidelines for all states wishing to establish information centers.
This is one of the top priorities of the DHS Information Sharing and
Collaboration Program, and the. Office of State and Local Government
Coordination and Preparedness.
Question: 2. How will the Department of Homeland Security interact with
this Center? Will it have direct two-way communications?
Answer: The Department of Homeland Security has established
communications between the Homeland Security Operations Center (HSOC)
and all states via the Homeland Security Information Network (HSIN). We
plan to strengthen these communications by providing connectivity up to
the secret level in the future. To date, eighteen Law Enforcement
Intelligence Centers or Fusion facilities have been identified to
receive Secret level capability packages to operate at the collateral
level. Facilities identified as key coordination and fusion centers by
each state and that have been constructed to handle classified
information will have priority.
Question: 3. Have other states created similar centers?
Answer: Yes, other states have created similar centers, based on state
or regional requirements and relationships. The Department of Homeland
Security, through the Information Sharing and Collaboration Program,
the Office of State and Local Government Coordination and Preparedness,
and the DHS Operations Center, is working to develop an interconnected
and collaborative partnership between both DHS and each of these
centers, and between and the State centers and any regional centers
which may develop through consortium efforts of the States.
Question: 4. If so, are there any lessons to be learned from those
efforts before Arizona's Center is officially opened?
Answer: The Department of Homeland Security has a team scheduled to
visit Arizona this month. We will use this opportunity to provide
advice and establish connections between Arizona, as well as other
states.
Question: 5. In the Fiscal Year 2004 Homeland Security Appropriations
bill, there was $10 million in funding to the IAIP Directorate for a
command center and emergency communications network. The National
Alliance of State Broadcasting Associations will soon complete an AMBER
Alert network that could potentially be used for an all-alert network.
How is the Directorate using that funding?
Answer: Using 2003 & 2004 appropriated funds, IAIP implemented the
Homeland Security Operations Center (HSOC) capability. The HSOC is the
primary national hub for domestic incident management operational
coordination and situational awareness. The HSOC is a standing 24/7
interagency organization fusing law enforcement, national intelligence,
emergency response, and private sector reporting. As such, the HSOC
facilitates homeland security information-sharing and operational
coordination with other Federal, State, local, tribal, and non-
government Emergency Operation Centers (EOCs). Further, the HSOC is the
primary conduit for the White House Situation Room and IIMG for
domestic situational awareness.
Questions for the Record From The Hon. Mac Thornberry
Question: 6. How is private sector interaction being coordinated and
funded within the Department, particularly with the operational arm of
the private sector, i.e., Information Sharing Analysis Centers (ISACs)?
Who in the Department is responsible for coordination, but as
important, program management and budget oversight of these varied
initiatives? During your testimony, you mentioned that the ISACs may
need to be re-directed in their efforts--what specifically does this
mean, and what direction are you recommending for the private sector?
Will the NCS funding model for the telecommunications ISAC, as noted
below, become a model for other sectors to strive towards?
We are aware of a newly established TSA encrypted web-
based communication system called the Maritime and Land
Security eCOMM (MLS eCOMM) that will provide for the real-time
exchange of Alert Bulletins, Best Security Practices, Program
Initiative Information, and Guidance and General Information.
We are aware that IA recently announced the Joint
Regional Information Exchange System (JRIES) that will provide
secure communications for state, local, and private entities.
We are aware of the NCSD Cyber Alert and Warning
system, also a web-based communication system.
The National Communications System (NCS) has already
spent millions for the Cyber Warning Information System, a
secure out-of-band collaboration system.
In addition, the NCS fully funds the National
Coordination Center which serves as the Telecommunications ISAC
for that sector, which is staffed by government and private
sector individuals.
Answer: Within IAIP, the National Infrastructure Coordinating Center
(NICC) maintains operational awareness of the nation's critical
infrastructures and key resources, and provides a common infrastructure
for information sharing and coordination between and among government,
critical infrastructure owners and operators, and other industry and
private sector partners. DHS has developed and is implementing a plan
to integrate the referenced systems into the Homeland Security
Information Network (HSIN). The HSIN is a secure, unclassified backbone
communications network that offers a conglomeration of ``communities''
and information management tools. It provides a common platform for
communication with law enforcement, and state and local government. DHS
is in the process of deploying the functionality of HSIN to the
critical infrastructure and key resource sectors described in HSPD-7.
Currently, these sectors have varying levels of information sharing
capabilities. HSIN will provide core capabilities to bring every sector
up to a baseline of information sharing features, which includes
extending the ability of sectors to deliver alerts, warnings and
advisories to more members at little to no cost to them. It is intended
that any future information sharing system implemented by DHS will be
an integrated component of HSIN. The Infrastructure Coordination
Division, within IAIP, is responsible for coordination and integration
of these initiatives as they relate to the CI/KR, and ensures
coordination and addresses issues with and between the CI/KR sectors.
The HSOC provides oversight to the HSIN. For the Telecommunications
Sector, the NCS National Coordinating Center (NCC) for
Telecommunications functions as the Telecom Information Sharing and
Analysis Center (ISAC). This joint Government Industry collaborative
body established in 1984 builds on the history of cooperation and
established trust relationships to address the initiation,
coordination, restoration, and reconstitution of national security/
emergency preparedness telecommunication services and facilities under
all conditions, crises, and emergencies. The NCS funding model will not
be used for other ISACs. ICD will address each sector individually,
recognizing that each has unique characteristics and needs.
Question: 7. The IAIP budget describes IAIP and the Homeland Security
Operations Center (HSOC) as the principal mechanism for the execution
of all DHS programs, with focus on federal, state, local and private
sector systems. IAIP has requested an increase of $10 million for HSOC
upgrades to include information sharing missions (providing a total of
$35 million in fiscal year 2005). Is any of this funding going to be
used to help the private sector integrate their information and expert
analysis into the HSOC? If not, how does DHS plan to work with the
private sector as a caretaker of the critical infrastructure? Please
provide description of specific projects.
Answer: Yes, in 2004, HSOC began the rollout of a national information
sharing capability that is called the Homeland Security Information
Network (HSIN). This network connects federal, state, local, tribal and
private sector infrastructure stakeholders, enabling information
sharing and collaboration within and among communities of interest.
HSIN-CI (Critical Infrastructure) is a community of interest within
HSIN that is dedicated to private sector components of the nation's
critical infrastructure. A significant portion of the 2005 HSOC budget
request is planned for growing the infrastructure and the reach of
HSIN. HSOC is working closely with the Infrastructure Protection
division of IAIP to identify and reach these private sector
participants.
8. Cyberspace and the potential threat to our homeland through
cyberattacks are of concern and priority for the Department. The
Homeland Security Act calls for DHS to perform comprehensive
assessments of cyber vulnerabilities (Sec 201 (d)) and carry out
comprehensive assessments of the vulnerabilities of the key resources
and critical infrastructure of the United States, including the
performance of risk assessments (Sec 201 (d)). Risk assessment involves
the correlation of threat and vulnerability to determine the risk to
the nation, with IA responsible for cyber threat evaluation and IP
responsible for cyber vulnerability assessment. The fiscal year 2005
budget requested $79.8 million to expand the capabilities of the IP
National Cyber Security Division (NCSD), which according to the DHS
``implements the public and private sector partnership protecting cyber
security as it identifies, analyzes, and reduces threats and
vulnerabilities; disseminates threat warning information; and
coordinates cyber incident preparedness, response, and recovery
efforts.'' However, there does not appear to be funding for cyber
within the IA budget request for cyber threat analysis. There is also
confusion on which of the ``watch centers'' has responsibility for
overall cyber threat reporting, noting that the IP
National Communications System (NCS) operates a 24X7
telecommunications watch center, IP NCSD operates a 24x7 cyber watch
center, and IA operates a 24x7 Homeland Security Operations Center. The
U.S. Secret Service also operates a 24x7 watch operation for electronic
crimes, which is a direct mission of cybersecurity. Each has a
significant funding request, but there is little information available
on how these watch centers integrate cyber information for national
threat assessment and if there are plans for eventual integration of
these watch centers into one cohesive unit.
Please describe how these different watch centers will
be integrated to ensure efficiency and effectiveness in
protecting our country from cyber threats.
Answer: Currently the watch centers of the DHS/IAIP/IP divisions are
physically separated according to function and division missions, but
integrated in terms of information sharing. As DHS stood up, it was
important that each division retain the 24x7 watch capabilities
critical to their respective missions. During this time, each watch
center has routinely collaborated with the others to share information
and coordinate singular, integrated, and focused responses. Now that
the divisions are more mature, IP will be integrating functions of the
National Cyber Security Division's (NCSD) US-CERT, the National
Communications System's (NCS) National Coordinating Center for
Telecommunications, and the Infrastructure Coordination Division's
(ICD) Watch into the National Infrastructure Coordinating Center
(NICC).
Co-located with the Transportation Security Administration, the
NICC will provide a coordinated and seamless information sharing
capability with the IP NICC desk at the Homeland Security Operations
Center (HSOC) and among all industry partners associated with critical
infrastructures and key resources.
The U.S. Secret Service (USSS) has an Investigative Support
Division duty desk, which supports its field investigations (cyber and
otherwise) on a 24x7 basis. Relevant information from the duty desk is
coordinated through USSS headquarters and through the HSOC.
How does IAIP interact with the Intelligence Community
for classified cyber assessments? Does IAIP work with TIIC for
cyber threat analysis? If so, how is this information shared
within the department for analysis and warning, as well as
correlation with vulnerability information provided by the
private sector? How is cyber threat information shared with the
private sector, and who has that responsibility--IA or IP/NCSD?
Answer: NCSD is working intensively with the law enforcement
communities as well as DHS/IA to develop a comprehensive threat, risk,
attribution assessment and response capability.
NCSD interaction with the TIIC (in December, the National
Counterterrorism Center (NCTC) undertook all functions assigned to the
TIIC) is accomplished through DHS/IA, law enforcement and intelligence
community detailees on staff in IAIP. With regard to classified
assessments, the NCSD works with the Office of Information Analysis
(IA) in the Information Analysis and Infrastructure Protection (IAIP)
Directorate through our participation in IA's periodic threat
assessment meetings and on an as-needed basis in the case of a
particular threat or vulnerability. One example of this coordination
was the participation of NCSD through IA in the National Intelligence
Estimate' (NIB) ``Cyber Threat Against the Information
Infrastructure.'' This classified document is an update of the 2000
NIE. In addition to the regular meetings both IA and NCSD participate
in daily conference calls with the National Security Agency/NSIRC, the
Central Intelligence Agency, and the Department of Defense's Joint Task
Force Global Network Operations (JTF-GNO) to discuss classified cyber
activity of note.
Through its mission to serve as the national focal point for cyber
security issues and to implement the National Strategy to Secure
Cyberspace, the NCSD is responsible for managing and issuing cyber
advisories and warnings. Those advisories and warnings are issued to
the public and our partners through the National Cyber Alert System and
to specific entities on an as-needed basis in the case of a targeted
vulnerability or threat. Information that is less sensitive and for
wider distribution is disseminated through the US-CERT public website
and the US-CERT secure online portal, as appropriate. The Department
also receives various intelligence reports regarding the world-wide
cyber security situation, but because of the central role of the United
States in the cyber world, the locus of effort and source of nearly all
relevant assessments are activities led by the Department and its
partners in the public and private sectors.
How does IAIP determine risks posed by particular
types of cyber attacks, including assessment of probability of
success, and feasibility and potential effectiveness of
countermeasures?
Answer: As mentioned above, risk assessment involves the correlation of
threat and vulnerability to determine overall risk to the nation. With
respect to cyber threats, the US-CERT has developed a threat severity
rating scheme and identified countermeasures for degrees and types of
cyber attacks. That scheme is a standard, repeatable and reliable
method to assess the criticality or severity of new or emerging cyber
security events. Once information is received about an actual or
potential event, US-CERT assesses its ``severity'' using a scale from 1
to 5, with 1 being minimal and 5 being a crisis. Factors that are
weighed in determining the 'severity' of a security event are based
upon a matrix of factors, and appropriate countermeasures are
considered.
From a strategic standpoint, the NCSD is developing a set of
guidelines on cyber aspects of vulnerability assessment for the
critical infrastructure sectors as part of the Homeland Security
Presidential Directive 7 and Sector Specific Plan implementations. Once
finished, those vulnerabilities can be mapped against potential and
emerging threats to provide risk assessments.
How will the Cyber Warning Information Network (CWIN)
that has been deployed by IP be integrated into the IA Joint
Regional Information Exchange System (JRIES)? How are cyber
warnings coordinated between IP National Cyber Security
Division and the IA Homeland Security Operations Center?
Answer: CWIN will be technologically and operationally integrated under
the Homeland Security Information Network (HSIN) umbrella concept under
the direction of IP/ICD. Within the HSIN network platform, CWIN will
serve as the highly reliable back-up communications network component
during crisis. The network is currently in use by selected Federal
agencies, private industry, and Information Sharing and Analysis
Centers (ISACs). Additionally, HSIN-Secret will use the CWIN network
for collaborating collateral level information. DHS will work with the
states and critical infrastructure sectors to identify nationally
critical operations centers requiring CWIN connectivity to remain
connected to DHS during a crisis. The Infrastructure Coordination
Division (ICD) has created a prioritized implementation list of future
CWIN sites. A draft Concept of Operations (CONOPs) and Standard
Operating Procedure (SOP) has already been developed and once approved,
would govern CWIN protocols and usage of the network.
JRIES represents a community of users that also sits on the HSIN
network platform. Consequently, key participants of JRIES may have
access to CWIN based on whether those JRIES participants meet the
identified CWIN criteria for membership. The US-CERT, through its HSIN
web portal, which utilizes JRIES, routinely shares information with the
HSOC on cyber security issues and alerts, including participation in
daily conference calls and regular e-mail correspondence. CWIN, as the
back-up network under the HSIN umbrella could have the capability to
replicate data from the JRIES tool. In time of crisis when JRIES or
other forms of communication are inoperable, DHS will continue its
operations on CWIN. CWIN has extended connectivity to each State's
emergency operations center (EOC). This was done, in part, to provide
an interim solution which allows for the transmission of information up
to the SECRET-level within and between the HSOC and the States' EOCs;
this capability will be significantly expanded once the Homeland
Security Data Network (HSDN) is fielded. Under this approach, CWIN
would serve as the backbone network providing immediate connectivity to
the States, with HSDN connecting through appropriate encryption devices
to the state EOC offices.
How does DHS integrate cyber advisories and warnings
into the existing Homeland Security Advisory System, given that
cyber has a unique audience, particularly when those people who
must respond to an attack are not the First Responders used for
physical national disasters?
Answer: NCSD provides information for use in the Homeland Security
Advisory System to be activated as appropriate. However, the nature of
cyber attacks is that there are varying degrees of cyber activity at
any given time that warrant advisory to the cyberspace stakeholder
community that does not meet the criteria for raising the national
alert status. Therefore, US-CERT utilizes its National Cyber Alert
System (NCAS) to let the stakeholder community know about activity that
may warrant information protection measures but that does not rise to
the national security level of the Homeland Security Advisory System.
US-CERT is reaching out to key partners for incident response at
various levels of sensitivity or urgency through the NCAS, the Homeland
Security Information Network (HSIN)/US-CERT Portal, and the US-CERT
public website to communicate with cyber ``first responders'' and other
stakeholders.
9. I would like to have a better understanding of overall coordination
of exercises within the Department. For example, IAIP has requested
$1.9 million for cyber exercises in fiscal year 2005. FEMA's budget
includes $20 million for planning and exercises associated with medical
surge capabilities. The U.S. Secret Service conducts tabletop
exercises, but the funding is not clearly identified for this effort.
The Office of Domestic Policy manages a National
Exercise Program for counterterrorism in support of Homeland
Security Exercises--``TopoffI'' and ``TopoffII.'' TopoffI was
conducted under the auspices of the Department of Justice.
These exercises were conducted in Seattle and Chicago. TopoffII
and subsequent exercises was/will be conducted under the
auspices of the Department of Homeland Security (DHS).
The Department of Defense will presently conduct a
Homeland Defense exercise titled "Determined Promise '03 and
Amalgam Chief 03-13'', This robust command post and field
exercise is the precursor/requirement for Northern Command's
(NORTHCOM) approval for ``Full Operational Capability (FOC)''
status.
The Secret Service Electronics Crime Unit (ECU) is
reaching out to the private sector and supporting table-top
exercises to address the security of private infrastructures,
These have been extremely successful, as demonstrated during
the recent exercise in Houston.
The ``Live Wire'' exercise, sponsored by Dartmouth
College, took steps to integrate the private sector into their
cyber exercise effort, but there was very poor coordination of
the overall exercise.
TSA in coordination with the U.S. Navy War College is
also beginning the planning for a series of exercises.
Throughout all these activities, there appears to have been little
integration of active private industry/infrastructure into these
exercises. Who has overall responsibility for coordination, and how are
exercise results shared with other federal, state, and private
organizations?
Answer:
Coordination
Secretary Ridge directed the establishment of a national exercise
program following the conclusion of TOPOFF 2. He approved the plan in
October 2003. The Department's Office for State and Local Government
Coordination and Preparedness (OSLGCP) administers the Program, and is
implementing it through coordination across government and by hosting a
series of planning conferences to facilitate implementation. OSLGCP has
responsibility on behalf of the Department to work with DHS program
offices and interagency partners to establish and administer the
Program, provide policy and program instructions, and monitor, analyze
and report on the progress of implementation.
Agencies, departments and offices serve as leads for national-level
exercises and Program elements that fall within their specific areas of
responsibility. The Program is designed to support and assist their
efforts. OSLGCP works closely with participants spanning the
interagency, all levels of government, the private sector, and
international audiences, and with other DHS Directorates/Components.
The Department's Operational Integration Staff coordinates departmental
participation in national level and senior official exercises. DHS
Directorates/Components conduct targeted exercises within their areas
of particular responsibility. For example, the US Coast Guard recently
conducted the California Spills of National Significance (SONS)
exercise in April. These exercises are a component of the Coast Guard's
National Preparedness for Response Exercise Program (PREP) to exercise
and evaluate government Area Contingency Plans and industry spill
response plans. OSLGCP and other components of DHS, as well as the
interagency supported and participated in the exercise, which included
significant private sector participation.
The creation of the Department of Homeland Security has greatly
aided coordinating the inclusion of the private sector and critical
infrastructure sectors in homeland security exercises by creating the
Private Sector Office and the Information Analysis & Infrastructure
Protection Directorate to ensure these partners are included in
exercises. Past exercises, such as TOPOFF 2, have had extensive private
sector participation.
Sharing exercise lessons and best practices.
A major goal of our National Exercise Program, development of a
national system for collecting, reporting, analyzing, interpreting, and
disseminating lessons and exemplary practices, was implemented on April
19th, 2004, when Secretary Ridge and Director Mencer announced the
establishment of the Lessons Learned Information Sharing (LLIS.gov)
system. Lessons Learned Information Sharing (LLIS.gov) is the national
network of Lessons Learned and Best Practices for emergency response
providers and homeland security officials. It was developed by the
National Memorial Institute for the Prevention of Terrorism (MIPT), a
non-profit institution established after the April 1995 bombing of the
Murrah building in Oklahoma City. LLIS.gov is a secure system. All
users are verified emergency response providers and homeland security
officials at the local, state, and federal levels, and the system uses
strong encryption and active site monitoring to protect all information
housed on the system. Content is peer-validated by homeland security
professionals for their peers. LLIS.gov also houses an extensive
catalog of after-action reports (AARs) from exercises and actual
incidents as well as an updated list of homeland security exercises,
events and conferences.
The Department and its interagency counterparts routinely share
lessons from sponsored exercises. These are done formally, within the
Administration and during the course of concept development and
planning conferences for other exercises. Unclassified lessons learned
from other agencies' exercises are incorporated into the Lessons
Learned Information Sharing system.Emergency response providers also
set a LLIS research agenda and, whenever the priority research topics
span other government agencies' areas of responsibility, the LLIS Team
collects pertinent information to inform their research and analysis.
As an example, published Best Practice series that incorporate lessons
from HHS exercises include:
Strategic National Stockpile Distribution
Regional Emergency Planning for Healthcare Facilities
Emergency Management Programs for Healthcare
Facilities (to include emergency operations plans and hazard
vulnerability analyses)
USNORTHCOM, through its Joint Interagency Coordination Group
(JIACG), has provided its schedule of homeland defense and civil
support exercises, which is posted on the Lessons Learned Information
Sharing system and, through this site, shared with the emergency
response community. The Lessons Learned Information Sharing research
team is also working with the Interagency Homeland Air Security
Steering Group co-chaired by DoD to capture and share lessons learned
in the aviation security domain.
The current network of members stands at approximately 3,600 and is
growing daily. The system is currently populated with hundreds of
documents. Specifically, since its establishment on April 19, 2004, the
site contains ten Best Practice series with a total of 87 documents, 57
Lessons Learned, and 20 Good Stories. To date the site includes almost
800 documents, 250 AARs, and hundreds of external links, news items,
and event postings.
Learned and Good Stories are posted weekly. The original research
agenda is continually being updated based upon input from the emergency
response community. Lessons will be captured at all levels (state,
local, and federal), and documents, events, and news items will be
identified, formatted, and uploaded constantly. Lessons from DHS-
sponsored exercises are captured in an after-action report analysis
database. The tool is used to capture problems, positive performance,
and lessons from DHS/OSLGCP-sponsored exercises by mission, discipline,
and task.
Lessons from exercises are an important component in the
development of state or urban area homeland security strategies, which
are a key element in both the State Homeland Security and Urban Area
Security Initiative Grant Programs. DHS/OSLGCP has worked with states
and urban areas to establish exercise programs and multi-year exercise
schedules, and requires submission of exercise after action reports.
States are required to provide OSLGCP with copies of the AAR for all
exercises conducted with OSLGCP funds. The AARs are analyzed by the
Lessons Learned Information Sharing program to identify lessons learned
and best practices that can be shared with other jurisdictions as well
as to inform grant, exercise, and training programs.
To notify the first responder community of LLIS.gov's availability,
both OSLGCP and the LLIS Team has embarked on an ambitious schedule to
publicize this outstanding resource at numerous conferences, symposia,
and events. OSLGCP is developing an Information Bulletin on Lessons
Learned Information Sharing for release to the state and local homeland
security community. In addition to public outreach events, other media
have highlighted LLIS, including Aviation Week's Homeland Security &
Defense (April 14); Federal Computer Week (19 April); ANSER Homeland
Security Newsletter (25 June); Fire Chief Magazine (28 July); and the
U.S. Conference of Mayors Newspaper (forthcoming). The website is
accessible through the Department of Homeland Security Homepage; the
National Governors Association; National Volunteer Fire Council;
Association of State and Territorial Health Officials; U.S. Fire
Administration; PoliceOne.com; Center for State Homeland Security;
Public Health Foundation; and the International Association of Fire
Chiefs.
Efforts to coordinate an effective cyber response capability across
state and local jurisdictions and economic sectors and with the
National Exercise Program (NEP) are underway in DHS' National Cyber
Security Division.
Although the NEP is the responsibility of the Office of Domestic
Preparedness (ODP), the NCSD retains overall responsibility for
planning and execution of adequate cyber security exercises to measure
and test readiness nationally. The NCSD now has a cyber security
exercise program manager who works with ODP to schedule cyber-focused
exercise elements in a manner that poses no undue burden on scarce
resources including key personnel.
NCSD's involvement in the NEP is guided by two principles: (1)
Cyber is only one element of a multifaceted NEP; cyber elements must be
closely coordinated with other elements of that program to ensure
efficient use of limited resources and the most effective return on
exercise investments; (2) Cyber exercise elements must not be sidelined
or relegated to an ``afterthought'' category within the NEP.
The federal government cannot by itself defend cyberspace from
current or future threats. Acknowledging this, NCSD collaborates with
industry and public-sector stakeholders across the country to define,
develop, and exercise the major elements of a national cyber-space
security response system. Its goals for the National Exercise Program
(NEP) are to:
1. Sensitize a diverse constituency of private and public-
sector decision-makers to a variety of potential cyber threats
including strategic attack; .
2. Familiarize this constituency with DHS' concept of a
national cyber response system and the importance of their role
in it; and
3. Practice effective collaborative response to a variety of
cyber attack scenarios, including crisis decision-making.
4. Provide an environment for evaluation of inter-agency and
inter-sector business processes reliant on information
infrastructure.
5. Measure the progress of ongoing u.S. efforts to defend
against an attack.
6. Foster improved information sharing among government
agencies and between government and industry.
7. Identify new technologies that could provide earlier warning
of attacks.
8. Sort roles and responsibilities of government agencies and
industry.
10. From the creation of the Department of Homeland Security
you have quite appropriately described homeland security as a
shared responsibility of the public and private sectors,
especially since over 85 percent of the nation's critical
infrastructure assets are owned and operated by the private
sector. In a recent speech commemorating the first anniversary
of the Department it included a commitment to:
Work in greater tandem with the private sector to strengthen
vertical communication systems and significantly increase
permanent protections around our nation's most vital assets.
The goal is to maximize real-time sharing of situational
information without delay, and with full throttle distribution
of intelligence to those in the field who need to act on it
(presentation of Secretary Tom Ridge before the Homeland
Security Policy Institute, George Washington University,
February 23, 2004).
Could you describe in greater detail how you intend to accomplish
this laudable goal and how you intend to include representatives of the
private sector in the design and implementation of your plans? For
example, are there any plans to integrate private sector experts into
your analysis centers, either the HSOC or Cyber Watch Center?
Answer: In 2004, HSOC began the rollout of a national information
sharing capability that is called the Homeland Security Information
Network (HSIN). This network connects federal, state, local, tribal and
private sector infrastructure stakeholders, enabling information
sharing and collaboration within and among communities of interest.
HSIN-CI (Critical Infrastructure) is a community of interest within
HSIN that is dedicated to private sector components of the nation's
critical infrastructure. A significant portion of the 2005 HSOC budget
request is planned for growing the infrastructure and the reach of
HSIN. HSOC is working closely with the Infrastructure Protection
division of IAIP to identify and reach these private sector
participants.
Questions for the Record From the Honorable Sheila Jackson-Lee
11. Given that the CIA's pre-existing Counter Terrorism Center
works to fuse information analysis and operations with the input of
several law enforcement agencies, why channel $865 million in fiscal
year 2005 funds to the Terrorist Threat integration Center rather than
channeling funds to the CIA's Center to make it better? Is it not
possible to accomplish the same goals as with the TIIC with half the
cost?
Answer: The National Counterterrorism Center (NCTC), formerly the
Terrorist Threat Integration Center (TIIC), has not received and will
not be receiving $865 million in fiscal year 2005 funds from either the
Department of Homeland Security or any other element of the U.S.
Government.
12. In this area, the Houston Task Force on Terrorism and its
medical advisory steering committee are developing efforts to prepare
for terrorist incidents and making sure that individual institutions
have the information they need to be prepared.
The Houston public health and medical community is as well prepared
as possible to detect and deal with infection by biological weapons. A
tightly knit group of infectious disease specialists, strong city and
county health departments and the communicable disease alert system
(CDAS) help public officials maintain a close eye on the numbers and
types of illnesses turning up in the area's clinics and emergency
departments and to communicate this information to the public rapidly.
This monitoring alerts them to patterns of disease that could be the
result of bioterrorist activities. Because of refineries in Houston,
chemical plants and other industries using dangerous materials, the
city's health community is also well versed in treating individuals who
have been exposed to life-threatening chemicals and in decontaminating
patients as well as keeping health care facilities clear of such
contamination. Already, education on the patterns of illness associated
with bioterrorism or chemical terrorism is being distributed to
physicians at the state and local level.
How does the Fiscal Year 2005 Budget propose to address the state-
by-state disparities in the ability to prepare for bioterrorist attacks
in hospitals and other medical facilities?
Answer: Under the Homeland Security Act of 2002 and Homeland Security
Presidential Directive (HSPD)-7, the Department of Homeland Security
(DHS) is responsible for leading, integrating, and coordinating
implementation efforts among federal departments and agencies, state
and local governments, and the private sector to protect United States
critical infrastructure and key resources. HSPD-7 designates Sector-
Specific Agencies responsible for infrastructure protection activities
in a designated critical infrastructure sector, including conducting or
facilitating vulnerability assessments and encouraging risk management
strategies to protect against and mitigate the effects of attacks
against critical infrastructure. The Department of Health and Human
Services is the Sector-Specific Agency for the public health,
healthcare and food (other than meat, poultry and egg products)
sectors, and as such would be responsible for collaborating with the
aforementioned entities to encourage risk management strategies for
hospitals and other medical facilities.
13. The need to fund improved threat assessment programs and to hire
technical analysts to aid individual states and local areas can be
found in Houston's drinking water vulnerability. Two-thirds of the
drinking water provided to Houston residents comes from the San Jacinto
and Trinity Rivers. These rivers are very vulnerable to pathogen and
pesticide pollution, among other things. Houston's ``Right-to-Know
Report'' earned a grade of ``Poor'' for 2000 and ``Fair'' for 2001.
This report included a need for more prominent placement of the
mandatory special alert for people who are more vulnerable to
particular contaminants. The 2000 report provided a prominent and
incorrect description of arsenic's health threat, and both reports
offered misleading information about Cryptosporidium, which has been
found in Houston's source water.
Our distinguished panelist indicates in his testimony that the
President, in his Fiscal Year 2005 Budget, requests $11 million to fund
a new biosurveillance initiative that purports to provide for
``realtime integration of biosurveillance data. Will the IAIP suggest
to the Department that part of these funds go to helping individual
states to strengthen their threat assessment for bioterrorism?
Answer: As part of the larger Biosurveillance Initiative, the IAIP
budget request of $11M is for the development of biosurveillance
information integration capabilities that will provide improved early
detection and characterization of bio-threats or developing disease
events that may endanger our nation. Specifically, the National Bio-
surveillance Integration System (NBIS) is an integrated geographic
information assessment and response system for collecting, monitoring,
and evaluating clinical and non-clinical biological threat information
and reporting data streams from government and the private sector.
This NBIS system will leverage existing, emergent and future
disease surveillance and detection systems, current Federal Department
and agency capabilities, and other current state, industry and
international disease surveillance and reporting capabilities. DHS has
been working closely with Federal partners such as USDA, HHS, and EPA
during the NBIS design phase--their existing biosurveillance
capabilities are essential system components. DHS will continue to rely
on those partners' subject matter and technical expertise and input
throughout the development and implementation phases.
The $11M for biosurveillance also includes development of the
National Bio-surveillance Integration Center (NBIC), which will
facilitate real time analysis of disease and contamination events. The
NBIC will provide National leadership with improved situational
awareness of emergent biological events and will integrate various data
streams from Federal partner agencies, States, and industry into a
focused and refined status monitoring information stream.
Mature, integrated bio-surveillance systems will provide for the
Federal and State Governments to effectively attribute bio-terrorism
events and implement appropriate prevention, intervention and
mitigation strategies, thereby enhancing the nation's ability to
provide a coordinated, controlled, focused and measured national
response to bio incidents.
Budgetary allotments for biosurveillance within IAIP will enable
DHS to stand up NBIS functionality and establish the fusion capability
for various bio-surveillance data streams. IAIP does not intend to use
NBIS funding for bioterrorism assessments at the state level.
Individual states have authority under the 2005 State Homeland Security
Strategy Guidance to spend Fiscal Year 2005 Homeland Security Grant
Program funds specifically for the purposes of bioterrorism threat
assessments, if it fits into their homeland security strategy.
14. DHS Chemical Security Activities
In your testimony, you note that your Directorate has assisted in
the conduct of vulnerability assessments and implementation of
protective measures at many of the nation's highest risk chemical
sites, thereby improving the safety of over 13 million Americans.
Secretary Libutti, can you tell me what exactly the Department has
done to improve chemical security?
Answer: The Office of Infrastructure Protection (IP), part of the
Information Analysis and Infrastructure Protection (IAIP) Directorate,
uses a risk management process to develop and implement community-based
security improvements around Critical Infrastructure and Key Resources
(CI/KR) of greatest concern. IP maps threat information directly to
identified vulnerabilities within and across sector segments. The
process involves the identification of critical infrastructure and then
the identification and assessment of vulnerabilities at those
facilities and in the surrounding communities.
In the case of chemical sites, IP utilized the EPA RMP data as a
starting point as part of a ``worst-case'' scenario modeling analysis
to determine potential impacts of a terrorist attack. Using this
conservative analysis, IP refined the methodology of the EPA
consequence model, yielding results applicable to terrorist attack and
not emergency preparedness. This led DHS to determine that there is
only one chemical facility in the country that could impact over I
million people, nearly 300 that could impact over 50,000 people, and
roughly 3,800 facilities that could impact over 1,000 people. IP is
concentrating efforts in fiscal year 2004 on those facilities that pose
the greatest risk--the facilities that could potentially impact over
50,000 people.
Once these facilities are detected, vulnerabilities are then
identified through Site Assistance Visits (SAVs). Over 30 SAVs have
been conducted at chemical facilities so far this fiscal year to assist
owners and local law enforcement officials in the identification of
vulnerabilities and to facilitate mitigation option discussions. Owners
and operators have independently implemented many of the protective
measures identified in SAVs.
Using the information obtained during SAVs, as well as other
sources of information, IP has also developed tools to bolster the
physical security of chemical facilities. The first of these tools are
Characteristic and Common Vulnerabilities (CCVs) reports. These CCVs
concentrate on specific elements of critical infrastructure by
providing specialized, sector-based information to help owners and
operators bolster physical protection. By identifying common
vulnerabilities in storage, refrigeration, or distribution related to
the chemical industry, DHS can advise owners and operators how to
better protect their facilities.
Further utilizing this sector-based approach, IP has also developed
Potential Indicators of Terrorist Activity (PITAs) reports. PITAs call
attention to terrorist surveillance, training, planning, preparation,
or mobilization activities that may precede a terrorist attack,
identifying both generic terrorist-related activates and those unique
to each particular sector. The chemical sector PITA identifies
potential surveillance techniques and local and regional indicators
unique to the chemical sector that can alert facility operators to
suspicious activities that may precede a terrorist attack.
Vulnerabilities are not only identified within chemical facilities;
IP is facilitating the preparation and implementation of Buffer Zone
Protection Plans (BZPP) within the chemical sector. The purpose of a
BZPP is to identify protective measures around a specific facility that
make it more difficult for terrorists to stage and launch a successful
attack from the immediate vicinity of CI/KR. IP provides technical and
material assistance to Local Law Enforcement (LLE) to mitigate
vulnerabilities identified in the BZPP, effectively reducing
vulnerabilities at the specific chemical site and building the general
protection capacity of the community. Buffer zone plans provide
scalable protective actions implemented in concert with changes in the
Homeland Security Advisory System or as otherwise required, and are
designed to provide an increased security posture.
Finally, to secure specific high-risk facilities better, a pilot
Webcam program is being implemented at 13 high-risk chemical
facilities. This equipment will help augment the overall security
capability of these sites by providing 24-hour perimeter surveillance
of established buffer zones. This information will be fed to LLE
agencies and the Department, who will have the added capability of
monitoring these sites continuously. All 13 high-risk chemical
facilities are scheduled to have Webcam monitoring installed by
September 30, 2004.
Last Tuesday, the President again called for the passage of
comprehensive chemical security legislation. Can you tell us what that
legislation will allow you to in terms of improving security that you
cannot do now?
Answer: Regarding the Chemical Sector:
DHS continues to work with Congress on legislation to facilitate
the protection of our Nation's chemical facilities, while considering
the legitimate concerns of the private sector. However, we are not
waiting for legislation. DHS has developed an effective working
relationship with our private sector partners, and we are seeing good
results and an increase in protection coming out of that developing
partnership.
DHS has worked to accurately identify key assets, and to estimate
their respective vulnerabilities.
Using the EPA's Risk Management Program (RMP) database
as a point of departure, DHS has estimated actual consequences
of a successful attack on certain key assets. Our focus is on
the potential impacts of terrorist attacks, so that protective
actions can be prioritized at a Federal level. We have also
done a basic evaluation of the chemical sector as a system (to
the degree we have data available for such an assessment), so
as to identify the most hazardous or highest-risk sites, again
to support prioritization at a Federal level, and also to
support the decision-making processes of the State Homeland
Security Advisors. This analysis included:
Reviewing reported RMP status (materials held
and quantities by vessel);
Reviewing the population density in the
vicinity of above-threshold (RMP) quantities of
selected hazardous chemicals;
Evaluating possible impacts of intentional
attack instead of the accidental release model used in
safety programs;
Factoring RMP effected population estimates
from a circle to a wedge, producing a rough estimate of
actual, potential effected persons; and
Modified plume modeling for more detailed
effects prediction (where such modeling was deemed
necessary to revise/validate estimates)
To date, the Department's protective measures have
been threat-based, focusing risk management efforts on the
sites of greatest immediate concern. While the Department
continues to work with our state, local and industry partners
to refine the list of chemical sites, roughly 3,800 facilities
that could impact over 1,000 people and nearly 300 facilities
that could impact 50,000 or more people, and one facility that
could impact over 1 million people have been identified. To
date, DHS officials have visited more than 150 of the more than
300 chemical, petrochemical and related sites of greatest
concern. The Department continues to visit these facilities on
a priority basis.
Going forward, these threat- based actions will be
coupled with vulnerability reduction programs that will more
systematically identify and develop best practices across the
entire chemical sector, relating to the development and
implementation of protective programs. Beyond the fence line of
a specific plant, DHS continues its aggressive program to
integrate community assets into the overall security posture of
the chemical infrastructure. This effort includes both the
Buffer Zone Protection Program, and a variety of educational,
outreach, and coordination programs now in operation. The
Chemical Sector-Specific Plan (an annex to the National
Infrastructure Protection Plan that is scheduled to be
available in December 2004) outlines many of these longer-term,
more strategic initiatives.
Another major focus of the Department has been the development of
guidelines, increased preparedness of law enforcement and first
responders, and the implementation of protective measures at and around
select chemical sites.
Site visits are also conducted with chemical
facilities as part of Buffer Zone Protection Plans (BZPPs).
BZPPs are local efforts that contribute to reducing specific
vulnerabilities by developing protective measures that extend
from the critical infrastructure site to the surrounding
community to deny terrorists an operational environment. The
Department works in collaboration with state, local, and tribal
entities by providing training workshops, seminars, technical
assistance and a common template to standardize the BZPP
development process. Local law enforcement takes a lead role in
protecting its community as they are most familiar with the
operational environment. To date, 65 plans developed by local
law enforcement officials for chemical facilities have been
submitted to the Department via State Homeland Security
Advisors.
As part of the protective buffer zone effort, web-
based cameras are being installed at the 12 potentially
highest-risk chemical facilities. The web cams will aid
facility personnel and local law enforcement officials in
detecting and deterring surveillance and other terrorist
activities. Each site and local law enforcement officials will
have access to the web cams.Additionally, the Homeland Security
Operations Center (HSOC) at the Department's headquarters will
also have access in order to create a real-time picture of the
operating environment.
The Department has also recently awarded five
contracts for the development of next generation chemical
sensors for both indoor and outdoor use. These sensors will be
used in part to give immediate warning to areas surrounding
chemical facilities in the event of an incident, whether
intentional or accidental.
All 2,040 member plants of the American Chemistry
Council, as well as the entire membership of the Synthetic
Organic Chemical Manufacturer's Association, and several other
chemical industry trade associations, will have implemented
strict voluntary security measures by the end of 2004. These
Responsible Care companies have made great strides in
improving security throughout the industry, and up and down the
value chain. DHS continues to work closely with industry groups
in order to develop security-oriented screening tools,
assessment tools, best practices, and other processes to
improve both our understanding of risk and vulnerability, and
to improve our security on a site by site and infrastructure-
wide basis.
DHS has also made major efforts in sharing information with law
enforcement and the private sector.
DHS is establishing or enhancing sector-specific
information sharing and coordinating mechanisms for all of the
17 CI/KR sectors, incorporating both Information Sharing and
Analysis Centers (ISACs) and Sector Coordinating Councils
(SCCs). These entities have dual roles in that they serve as
central points of infonnation sharing within each of the
sectors and also act as the liaison to the federal government.
Their main functions are to funnel threat information to
facilities and receive and collect information from facilities.
The Chemical Sector ISAC has supported Homeland Security's
information sharing efforts since the Department's inception
and includes over 600 individuals representing more than 430
different chemical companies.
The Chemical Sector ISAC utilizes CHEMTREC, the
chemical industry's 24-hour emergency communication center as
the communication link between the Department and ISAC
participants. When CHEMTREC receives information from DHS, that
information is immediately transmitted, on an around-the-clock
basis, to Chemical Sector ISAC participants utilizing
electronic mail and a secure website.
The Department introduced the Homeland Security
Information Network (HSIN) on February 24, 2004, a real-time
counter terrorism communications network currently connected to
all 50 states, territories, and District of Columbia, as well
as more than 50 major cities and urban areas. This program
significantly strengthens the two-way flow of real-time threat
information at the Sensitive-but-Unclassified level between the
State, local, tribal, and private sector partners. By the end
of this year, information at the SECRET level will be able to
be shared with HSIN users.
The Homeland Security Information Network initiative
was expanded to include critical infrastructure owners and
operators and the private sector in 13 states centered on the
Dallas, Seattle, Indianapolis and Atlanta regions. The Homeland
Security Information Network-Critical Infrastructure (HSIN-CI)
Pilot Program is an unclassified network, which immediately
provides the Department's Homeland Security Operations Center
(HSOC) with one-stop, 24/7 access to a broad spectrum of
industries, agencies and critical infrastructure across both
the public and private sectors, including chemical facilities.
This conduit for two-way information sharing provides the
Department with an expanding base of locally knowledgeable
experts and delivers real-time access to critical information.
To date, HSIN-CI communicates with nearly 40,000 members.
The key to preparedness is educating law enforcement and private
entities.
- Information derived from Site Assistance Visits (SAVs) are
used to create two series of sector specific reports that are
disseminated to owners, operators, security planners and local
law enforcement officials to integrate into their respective
risk management processes. The Common Characteristics and
Vulnerabilities (CV) reports highlight common issues across
chemical facilities so that relevant stakeholders can address
possible vulnerabilities and improve overall site security.
Potential Indicators of Terrorist Attack (PI) reports give
further insight to owners, operators, and law enforcement
official on how to better protect chemical facilities and, in
turn, thousands of Americans in the surrounding communities.
DHS has provided Buffer Zone Protection Plan workshops
to state and local law enforcement officials in many cities who
have chemical plants in their areas.
60 Minutes Report
Last November, the television program 60 Minutes reported it had
examined security at 50 plants across the country and it had found
widespread security gaps, including unlocked and open gates,
dilapidated fences, absent guards, and easy access to containers
storing tons of toxic chemicals.
Has DHS approached 60 Minutes to find out what they found and which
plants had which deficiency?
Answer: DHS has not approached 60 Minutes to discuss their reporting on
chemical plant security. While we work closely with the media in many
areas, operational readiness is one which we treat seriously and do not
want to create journalist conflicts.
Has DHS worked with any of these plants noted in this and other
reports, such as
a. Neville Chemical Plant in Pittsburgh (33,000 people
potentially effected)
b. The Univar plant in Forward, Pennsylvania (1.2 million
people potentially effected)
c. Millenium Chemical Company in Baltimore (> 1 million people
potentially effected)?
Answer: As described in QO1927, DHS utilizes a risk management process
to map threat to vulnerabilities and uses a tiered approach to address
facilities of greatest concern first. An assessment, including a Buffer
Zone Protection Plan (BZPP), was conducted for the Neville Chemical
Plant facility in conjunction with state and local law enforcement
officials, security planners and the owners/operators. As the Sector
Specific Agency (SSA) responsible for the chemical sector, DHS is
developing a Sector Specific Plan (SSP) as part of the National
Infrastructure Protection Plan (NIPP) in accordance with HSPD-7. The
SSP for the chemical sector addresses the various types of facilities
that could pose a threat to surrounding communities and builds on
current activity being conducted by DHS to further protect chemical
facilities.
15. Role of EPA
Reversing the principle outlined in National Strategy on Homeland
Security, Homeland Security Presidential Directive-7 transferred
responsibility for chemical plant security from the EPA to your
Directorate at DHS. Last week, the White House reportedly forbade
representatives from EPA from attending a hearing by the House
Committee on Government Reform on the topic of chemical security.
However, EPA already regulates the chemical industry for accidental,
worker safety, and environmental protection issues.
Mr. Secretary, can you explain to us the logic behind removing EPA
from the responsibility for chemical sector security?
Even though DHS has assumed responsibility for the chemical sector,
the Department closely collaborates with the EPA in the protection of
it. The close working relationship between the two agencies ensures
that safety and security concerns are both addressed, taking advantage
of both DHS and EPA's expertise in this area.
Are you working with EPA to can you assure us that facilities are
not being overburdened by excessive or duplicative government
interference or direction?
Answer: Yes. While DHS is tasked to secure these facilities, it must
work closely with all other federal agencies to provide a strong
security posture. For example, the Environment Protection Agency (EPA)
has the mission to protect human health and the environment and to the
degree it successfully monitors the safety and environmental compliance
of these facilities, EPA contributes to the overall security posture of
chemical facilities.
Furthermore, DHS and the EPA are working together on overarching
national protection strategy documents, such as the forthcoming
National Response Plan (NRP), which will serve as the primary document
to guide domestic incident management, and the National Infrastructure
Protection Plan (NIPP), which will provide a ``roadmap'' for protecting
the nation's CI/KR and delineate roles and responsibilities to do so.
This collaboration will continue to help ensure that our nation's
chemical facilities are safe and secure without excessive government
interference.
Synergistic Security Strategies
In considering a potential terrorist attack on a chemical facility,
one should assume the intent of the attack is to cause a catastrophic
release of toxic chemicals because this would pose the biggest risk to
the public and is likely to cause the most fear. Given that avoiding
the release of toxic chemicals is already the focus of most all
accident, safety and environmental regulations, strategies, best
practices, and technologies common to the industry, is DHS attempting
at all to leverage these approaches to effect security improvements?
Answer: Yes. DHS seeks to bolster chemical facility security, not
complicate it with unnecessary and time-consuming revisions. DHS'
security and counterterrorism efforts that focus on protecting against
malicious attacks are leveraged against EPA's ongoing efforts to
prevent non-malicious accidents. Additionally, the private sector
continues to develop and implement new technologies and best practices
related to safety and security. The coordinated efforts of these three
are required to best protect America.
Questions for the Record From The Hon. James R. Langevin
As you know, much work has been done at the state level to identify
and prioritize critical infrastructure, and I know that my state of
Rhode Island has worked hard to develop such a list. I also know that
at the federal level, a comprehensive and prioritized list of critical
infrastructure is still lacking. It seems to make sense that DHS should
be taking advantage of the work already done by the states in this
area.
16. Can you explain what information DHS has collected from states
and the private sector regarding risk assessments and describe how it
is being used by DHS to build a priority list? Is there a formal
procedure for collecting and sharing this information, or is it a more
informal or voluntarily process based on the initiative of individual
states? If there is a formal process in place, who is responsible for
collecting the information, how is it done, and how is it used?
Answer: The Department is encouraged by the progress states and the
private sector has made in examining vulnerabilities in their
communities. DHS utilizes a variety of informal avenues to collect
information from the states and private sector entities as part of our
national protective strategy. This includes tapping into the networks
created by Information Sharing and Analysis Centers (ISACs) and
relationships with private sector associations.
More formally, DHS collects vulnerability assessments and security
plans via the US Coast Guard and Transportation Security Administration
(TSA). Information is also collected in collaboration with local law
enforcement officials and facility owners and operators through Site
Assistance Visits (SAVs) and Buffer Zone Protection Plans (BZPPs).
Another source of information is outreach conducted by sector specific
agencies in accordance with HSPD-7.
Additionally, on July 19, 2004 states and localities were asked to
participate in a data call intended to collect site information to
further populate the National Asset Database (NADB), a growing registry
of critical infrastructure and key resources (CI/KR). Information from
all of these sources aids DHS to map threat information to
vulnerabilities so protective programs can be prioritized.
�