A requirement for developing counter-surveillance plans at each of the 6,000+ covered facilities; A collection plan for the counter-surveillance reports from those facilities; A set of chemical facility counter-terrorism collection requirements for other intelligence organizations; An intelligence analysis unit capable of producing intelligence reports at the CVI level for all covered facilities; and A program that would allow for the distribution of classified intelligence reports to Tier 1 (possibly Tier 2) facilities.This intelligence collection and analysis capability would certainly require Congressional authorization and funding. Including such authorization in a bill that makes CFATS permanent would have the advantage of allowing for full integration of the intelligence requirements with the security requirements. Unfortunately, it would also add another couple of Congressional committees to the mix of those required to review the legislation before it came to the floor for a vote.
Tuesday, February 16, 2010
There is an interesting article over on USAToday.com about a plan to share classified intelligence information with about 10,000 managers, supervisors and “behavior detection officers” working in airport security with TSA. Unfortunately, only 750 of the 10,000 currently have the requisite Secret clearance necessary to receive the information that could be critical to the performance of their mission. The remaining 9,250 should get their clearances within the next two years, according to the article. To the uninitiated, it would seem really odd that the TSA was just now getting around to getting important intelligence information down to the first line supervisor level. After all, didn’t the 9/11 Commission point out that failure to share information between intelligence agencies? Actually, the 9/11 complaint was that there wasn’t adequate sharing of information between intelligence agencies, not the lack of distribution of intelligence to the operational level. Intelligence Distribution Intelligence agencies, even down to the tactical level, exist to provide commanders (up to and including the President) and other executives with the information necessary to properly plan and execute their mission. Distributing the developed intelligence down through the organization is typically limited to one or two levels of subordinate organizations. Even then it is an abbreviated version of the information given to person to whom the agency reports. A major reason for this is that good operational security (OPSEC) requires that the enemy or adversary should not become aware of what one knows about their capability and intentions. That knowledge could result in changes in the adversary’s operations that might not be detected in time to take appropriate preventive actions. Additionally, intelligence collection agencies tend to want to protect their means and methods of data collection. If the adversary knew what information about their actions was actually being collected, they would be able to take additional countermeasures to prevent that collection in the future. Finally, we must remember that most of the collected intelligence information is never distributed outside of the collecting agency. The reason for that is that the raw data is collected in such large volume that sharing all of the unevaluated data would simply clog the communications channels. Analysts must sort, collate and verify the data before it can become useful information. Necessary Intelligence Distribution There are certain kinds of intelligence information that do require the widest possible dissemination. One important type is the intelligence indicator. When an agency develops information that an adversary typically does something before conducting a particular type of operation, then that action becomes an intelligence indicator of possible future action. The widest possible distribution of information on this operational ‘tell’ is important so that the ‘tell’ is detected and reported at the earliest opportunity. One typical ‘tell’ is information about how an adversary conducts pre-operational intelligence collection. For example, a terrorist needs to collect information on a target before that target is attacked. They need to know about the security measures that they will encounter, where critical portions of their target are located, and how to most effectively attack their intended target. Information about how a particular organization collects this information would provide a good indicator that an attack is potentially being planned. Another type of intelligence information that should require distribution to the operational level is information about new adversary capabilities and how to counter them is useful operational intelligence. For example, information on the Underwear Bombers placement of explosives along with information about how to detect that in a pat down search would aid in the early detection and prevention of this type of attack. One of the frequent problems with distributing this type of intelligence is that it is classified in order to protect the means and methods of collecting the information. This requires that the target operational users must have the appropriate security clearance and must be trained in how to deal with handling and disseminating classified material. It also requires a secure means of communications to transmit the information to the intended user. When the person to whom the information is being sent is a Federal government employee, the problem of security clearances is easier to handle. The appropriate agencies typically have the internal rules and regulations in place to govern the handling of classified information. They also have personnel who are qualified to train new recipients of a security clearance in the proper handling techniques. This is not typically the case in most civilian companies or even State and local governments. Intelligence and CFATS While the largest chemical companies probably have some intelligence collection/analysis capability, the vast majority of high-risk facilities have no internal access to counterterrorism intelligence. The CSAT web site does provide a semi-secure means of communication with the Federal government. There is also a set of common set of security information rules and techniques in place to protect sensitive information (the Chemical-Terrorism Vulnerability Information – CVI – program) already in place. What is needed now is an intelligence collection and analysis organization that is dedicated to providing intelligence necessary to protect high-risk chemical facilities against terrorist attack. Most of the collection effort will probably be aimed at training facilities facility management in the development of counter-surveillance programs for their facility and acting as a clearing house for information collected by such efforts. The remainder of the intelligence collection would consist of preparing ‘tasking requirements’ for other intelligence organizations for specific types of information that might indicate the development of tactics and techniques for attacks on chemical facilities. ISCD has been properly focused on developing the tools for identifying, assessing and initially securing high-risk chemical facilities. They now need to start developing an intelligence tool to help maintain adequate levels of protection at those facilities covered under the CFATS program. That tool would include the development of: