Yesterday DHS updated the 2017 Chemical Sector Security
Summit (2017 CSSS) web
page with links to some of the presentations that were made at this year’s
Summit. Unfortunately, even with the Summit including web casts of several of
the presentations, the links provided only provide copies of the slides used in
the presentations.
The presentations available (in .PDF format) include:
How Vulnerable Are You? -
Effective Strategies for Assessing Cybersecurity Risk
Global Partnerships:
International Chemical Security Efforts
CTRA 4.0 – Chemical Terrorism
Risk Assessment
What to Expect During a CFATS
Inspection
When Disaster Strikes: Security
Roles during a Disaster
A New Frontier: Unmanned Aircraft
Systems (UAS)
Chemicals on the Move: Updates in
Transportation Security
Improving Security and Resilience of
Chemical Facilities: Voluntary Security Programs
As I have mentioned a number of times, just providing copies
of the slides, while better than nothing, are frequently frustrating. For
example: in the ‘Chemicals on the Move’ presentation from the Coast Guard slide
#2 is down-right cruel. In the discussion of the TWIC Reader Rule it lists one
of the issues with that rule as being “Unintended consequences of Final Rule”.
It would have been real interesting to hear what those consequences are as I am
sure that people who attended the Summit did.
Having said that, there are some interesting bits of
information included in these slides. They include:
• ‘A New Frontier’ provides a link
to the “Unmanned Aircraft Systems (UAS) - Critical Infrastructure” web site;
• ‘CFATS Compliance Lessons Learned’
specifically mentions ‘cybersecurity’ as one of the things to pay attention to
in the new Tiering letters being issued under CSAT 2.0;
• ‘What to Expect During a CFATS
Inspection’ includes an important note: “Prepare list of attendees to the
Opening Meeting. Have CVI numbers for each attendee ready.”
• ‘CTRA 4.0’ presentation notes
that only 71 of the 185 chemical compounds assessed by Chemical Security
Analysis Center (CSAC) are CFATS chemicals of interest (COI);
• ‘CFATS Regulatory Update’
mentions that “Will begin the Paperwork
Reduction Act process to expand
[Personnel Surety Program] to Tiers 3 & 4 in the coming year”;
• ‘How Vulnerable Are You’ makes an important point: “A
non-segmented network where CROWN JEWELS are not isolated will always be prone
to failure from the failure of the weakest link”;
Remembering my complaint expressed above about the basic inadequacy of slides, I really do think that reviewing these presentations is worthwhile for anyone in the chemical facility security community. They do not take much time to review and there is some interesting information.
Having said that, the two most worthwhile presentations to
review are the ones dealing with cybersecurity
and disaster planning. As
stand-alone documents, they both provide valuable and useful information. The
latter is especially important (and in some ways prophetic) in light of the
problems seen in the aftermath of Harvey.
One final note: The 2017 CSSS page provides a link to the
page with the links to the presentation. It is odd, however, that the list of
presentations is not an HTML page but rather a .PDF page. This makes loading a
tad bit slow (as are the documents). And, as always, the Federal government’s
reliance on .PDF documents with the attendant security issues is problematic
(and more than a little ironic on a page devoted to security issues). Is there
a more secure manner of presenting unalterable documents?
Posts
No comments:
Post a Comment