Today the DHS Infrastructure Security Compliance Division
(ISCD) published two new fact sheets on the Chemical Facility Anti-Terrorism
Standards (CFATS) Knowledge Center.
They dealt with reporting significant incidents (Risk Based Performance
Standards 15 and 16) and detect and delay attacks (multiple RBPS).
Significant Incidents
This fact
sheet emphasizes that what will be ‘a significant incident’ will vary with
the types of facilities and the COI found at each facility. It does provide a
generic description of significant incidents; one that would likely “include
events that arise based on intentional threats that attempt to, or successfully
circumvent a security measure”; several broad examples are provided.
The fact sheet also provides general guidance about whom to
contact and when to contact them for various types of incidents, both physical
and cyber. Interestingly, there is no mention of contacting the FBI, though
that is mentioned in the RBPS
Guidance Document (pg 109) as a possible law enforcement point of contact.
It is also odd that there is no requirement for a post incident report to ISCD;
this would allow for prompt information sharing with other covered facilities.
Detect and Delay Attacks
This fact
sheet conducts a brief overview of the importance of early detection of a
potential attack and delaying the progress of the attack to allow time for an
appropriate security response to stop a successful attack. While these detect
and delay activities are partially addressed in a number of the RBPS, the most
detailed coverage is found in RPBS #4; Deter, Detect and Delay.
Unfortunately, neither the RPBS Guidance document nor this
fact sheet include any discussion of the possible precursor signs that might be
an indicator of a future attack; obviously the best time to detect the attack. I
discussed these precursors a number of years ago (The Michigan State Police
video is still on
YouTube).
Posts
No comments:
Post a Comment