A high-level DHS official pointed out that information could flow in different ways. The Department was trying to build a model to push information out to localities and local law enforcement. He noted that Washington could set standards, but people in the field shouldn’t wait for Washington, citing the example of Las Vegas casinos that share security-related information through fusion centers despite their cutthroat competition for customers. Over the last three years, much more information sharing had developed, but if there are problems at the local level, you can’t expect Washington to solve them. A NMSAC member commented that the need was to share usable information, to push down the right material. Intelligence purveyors don’t take responsibility for recommending actions. The official responded that when the printer bomb plot had surfaced, DHS had immediately formed an international working group in Washington that not only provided real-time recommendations to the Secretary, but also to the carriers. As a result, the international air freight/courier service system did not have to be shut down to retool security. The key is to work with industry to ensure that we use the right tools to provide the right information. There’s so much information that, if we don’t send out information that is credible and actionable, we’ll overwhelm industry with useless information.
A NMSAC member suggested the model of a daily report of “what’s going on in the maritime world,” with the option of calling the analyst with any questions. A USCG representative responded that there is an existing mechanism through the alert warning system for MTSA-regulated facilities. The member replied that many entities that are not regulated under MTSA also need to know. In addition, many recipient organizations have structural problems that limit who can receive information. This needs to be studied.
A representative of the International Liquid Terminals Association (ILTA) in the audience pointed to the recent alerts to the gas pipeline community by the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) regarding a persistent cyber intrusion campaign as an example of moving from classified information to practical guidance on what to do. A small group heard the classified material and figured out what could be done. The information provided to industry came from a trusted source. In his opinion, the Partnership for Critical Infrastructure Security (PCIS) provides the right kind of gateway. The Sector Councils understand how to filter information. A NMSAC member pointed out that there was no maritime sector council, as it had never gotten off the ground. The ILTA rep agreed, but indicated that he thought of NMSAC as the functional equivalent. Which brought the riposte that there were broad sections of the maritime industry not represented on NMSAC and the Committee also hadn’t had any new members in a long time. (This prompted the Assistant Designated Federal Officer for NMSAC to report that a list of new members was finally moving forward in the bureaucracy and might make it to the Secretary’s office by next week.) A representative of the DHS Office of Infrastructure Protection volunteered to check on what the problems had been and whether a Maritime Sector Council could be made viable.
A representative from the Maritime Administration (MARAD) said that MARAD puts out advisories to the maritime industry and unclassified information about piracy gets out quickly, with the Office of Naval Intelligence putting out weekly reports on which industry provides feedback. Someone else stated that he always held up piracy information as a successful model of information dissemination. A NMSAC member pointed out that ports were single hubs in long logistics chains. Consequently, they were also concerned about land transportation threats, not just waterside issues.
In closing, the high-level DHS official remarked that the first priority would be to grab the low hanging fruit, but committed to continue to work on the hard issues. The representative from the Office of Infrastructure Protection said that it would be necessary to build on what was already being done, as there wasn’t any money to reinvent the wheel. A USCG HQ representative with some oversight over Sector commands promised to provide “tactical” guidance to Captains of the Port and to ask why information could not be shared. The Chairman of the NMSAC working group indicated that he thought NMSAC had gotten what it wanted—a high level discussion—out of this meeting. The working group would continue its work at the staff and tactical levels.
This was followed by a discussion of the date for the next NMSAC meeting. This issue was not resolved, but the target date was sometime in August or early September.
NOTE: This post may be copied, distributed, and displayed and derivative works may be based on it, provided it is attributed to Maritime Transportation Security News and Views by John C. W. Bennett,http://mpsint.com.