DHS Failing At The Basics
From our "Oy Vey" department…
DHS achieves another failing grade. This time from the GAO which assessed the agency’s regional command centers. Homeland Security Daily Wire reported last week that DHS’s twenty-five national and regional operations centers suffer from
poor collaboration and coordination, with shabby management preventing
the information-sharing network from reaching its full potential.
Aggregation and correlation of security information is one of the most basic elements of an incident response architecture. Why can’t DHS do this well?! Heck, I know how to build best practice response centers – they should call me. Or call a real professional like Rich Grassie. But gee whiz, call somebody!
First you organize your data sources. They may be feeds from regional governments, law enforcement agenceis, news sources and private associates. Then you organize technology inputs like sensor feeds from critical infrastructure facilities. Concurrently you set up public-private information sharing in a specific region. Not all of this has to be completed before the incident response station begins being useful. It’s a process.
After setting up the inputs, apply the policies. Strategic security consultants can build basic threshholds and escalation procedures. Correlation engines can map sensor and news inputs to the policies.
Along the way, establish a reliable communications system to keep in touch with regional first responders and agencies. Communications should include POTS telephone, IP telephony, radio, and text message broadcasting.
Finally, build a reporting and workflow management protocol that ensures that every event is processed efficiently. None of this is rocket science – and it should have been done years ago.