Cyber Digest Available

CIKR Monthly Open Source Cyber Digest (OSCD)

For those of you with a particular interest in cyber-security information, the Monthly Open Source Cyber Digest (OSCD) is for you!

The Monthly Open Source Cyber Digest (prepared by DHS)  is a tailored summary of domestic and international cyber events with specific relevance to the operations of the Critical Sectors community. The OSCD is primarily a compilation and reorganization of reporting drawn from the Daily Open Source Infrastructure Report (OSIR). The OSCD may also contain additional unclassified reporting found using open source research methodologies and may include imagery; local, national, and international media reports; academia and industry sources; multimedia and blogs; and other relevant, publicly available sources. The OSCD does not provide analysis or projection; the content found within the OSCD is strictly for situational awareness.

This report is posted regularly to the Homeland Security Information Network Critical Sectors portal.  If you would like to become a HSIN-CS member, please contact:

In addition, don’t forget to check the US CERT cyber RSS feed that appears at the lower right on this page.  This links directly to Federal cyber information resources for headlines and hot topics.


DHS Announces Workplace Security Awareness Training Course

The Department of Homeland Security announces the availability of IS-906, Workplace Security Awareness, a no-cost training course developed by the Office of Infrastructure Protection Sector-Specific Agency Executive Management Office.  You can access this training on the FEMA Emergency Management Institute web site at

The online training provides guidance on how to improve security in the workplace.  The course is self-paced and takes about an hour to complete.  This comprehensive cross-sector training is appropriate for a broad audience regardless of knowledge and skill level.  The course promotes workplace security practices applicable across all 18 critical infrastructure sectors.  The training uses innovative multimedia scenarios and modules to illustrate potential security threats such as:

*¨ Access & Security Control

*¨ Criminal & Suspicious Activities

*¨ Workplace Violence

*¨ Cyber Threats

The course also features interactive knowledge reviews, employee tools, and additional resources.  Upon completion of Workplace Security Awareness, employees will be able to:

+  Identify potential risks to workplace security

+  Describe measures for improving workplace security

+  Determine the actions to take in response to a security situation

A certificate is given to participants who complete the entire course.

Presidential Policy Directive 8

Earlier this month, ASDWA’s Security Notes posted information about the new Presidential Policy Directive 8 that updated and replaced HSPD 8 on National Preparedness.  You can now read the complete Policy Directive on the DHS website at:

Citing the Directive’s opening paragraph…”This directive is aimed at strengthening the security and resilience of the United States through systematic preparation for the threats that pose the greatest risk to the security of the Nation, including acts of terrorism, cyber attacks, pandemics, and catastrophic natural disasters. Our national preparedness is the shared responsibility of all levels of government, the private and nonprofit sectors, and individual citizens. Everyone can contribute to safeguarding the Nation from harm. As such, while this directive is intended to galvanize action by the Federal Government, it is also aimed at facilitating an integrated, all-of-Nation, capabilities-based approach to preparedness.”

New DHS Training Course Available: Active Shooter, What You Can Do

DHS announces the availability of a new Independent Study Course titled:  Active Shooter, What You Can Do (IS-907), a no-cost training course developed to provide the public with guidance on how to prepare for and respond to active shooter crisis situations.  An active shooter is defined in the course as an individual “engaged in killing or attempting to kill people in a confined and populated area. In most cases, there is no pattern or method to their selection of victims.”

This new online training is available through FEMA’s Emergency Management Institute (EMI) at  The training is targeted to reach a broad range of individuals, including managers and employees, so they can prepare to respond to an active shooter situation.

The Active Shooter course was developed by the Office of Infrastructure Protection through a collaborative process that included representatives from the Commercial Facilities Sector and FEMA EMI.  Development also included consultation with the Federal Law Enforcement Training Center.

The course is self-paced and takes about 45 minutes to complete. Upon completion, employees and managers will be able to:

  • Describe the actions to take when confronted with an active shooter and responding law enforcement officials.
  • Recognize potential workplace violence indicators.
  • Describe actions to take to prevent and prepare for potential active shooter incidents.
  • Describe how to manage the consequences of an active shooter incident.

A certificate from FEMA EMI is awarded to participants who complete the course and pass a short final exam.

This is the second in a series of critical infrastructure cross-sector training courses; DHS announced the availability of IS-906, Workplace Security Awareness, in early March.  Access IS-906 on the FEMA EMI Web site:  For more information about Office of Infrastructure Protection training courses, contact:  For more information on DHS critical infrastructure protection and resilience programs visit:

Another Resiliency Resource is a helpful one-stop shop of disaster preparedness and post-disaster economic recovery resources and tools.  Funded by the US Economic Development Administration (EDA), provides resources and best practice information for public and private stakeholders seeking to rebuild their local economies after a disaster as well as assisting the business community in preparing for a disaster.

The site exposes readers to critical issues and challenges, highlights lessons learned in the response and recovery process, as well as suggests resources and best practices to use in restoring the local economy after a disaster. This includes articles, whitepapers, presentations, briefings, documents, website links, and other relevant resources to assist your community in the disaster preparedness or recovery process.  For more information, go to:

Federal Register Notice on Cyber Gap Data Collection

The April 21 Federal Register contains a request for comment on a DHS data collection effort to identify gaps in cyber security initiatives.

Included as part of the FY 10 DHS appropriations measure, DHS “…in cooperation with FEMA and relevant stakeholders, shall develop the necessary tools for all levels of government to complete a cyber network security assessment so that a full measure of gaps and capabilities can be completed. The NCSR will be conducted via the US–CERT Secure Portal. The assessment stakeholders will be states and large urban areas. The NCSR is a voluntary self-assessment designed to measure cybersecurity preparedness and resilience.”

Comments are encouraged and will be accepted until June 20, 2011.

To read the full notice, go to:

Secretary Napolitano Announces Implementation of National Terrorism Advisory System

Today, Secretary of Homeland Security Janet Napolitano announced the implementation of the Department of Homeland Security’s (DHS) National Terrorism Advisory System (NTAS)—a robust terrorism advisory system that provides timely information to the public about credible terrorist threats and replaces the former color-coded alert system.

As part of today’s announcement, Secretary Napolitano released a public guide outlining the new system to the American public, along with an example of an NTAS Alert that would be issued to the public if the government were to receive information about a specific or credible terrorist threat.

 Under NTAS, DHS will coordinate with other federal entities to issue detailed alerts to the public when the federal government receives information about a credible terrorist threat.  NTAS alerts provide a concise summary of the potential threat including geographic region, mode of transportation, or critical infrastructure potentially affected by the threat, actions being taken to ensure public safety, as well as recommended steps that individuals, communities, business and governments can take to help prevent, mitigate or respond to a threat. NTAS Alerts will include a clear statement on the nature of the threat, which will be defined in one of two ways:

  • “Elevated Threat”: Warns of a credible terrorist threat against the United States
  • “Imminent Threat”: Warns of a credible, specific, and impending terrorist threat against the United States

Depending on the nature of the threat, alerts may be sent to law enforcement, distributed to affected areas of the private sector, or issued more broadly to the public through both official and social media channels—including a designated DHS webpage (,Facebook, and via Twitter@NTASAlerts.  NTAS alerts and posters will also be displayed in places such as transit hubs, airports and government buildings.  NTAS threat alerts will be issued for a specific time period and will automatically expire. Alerts may be extended if new information becomes available or as a specific threat evolves.

DHS encourages citizens to follow NTAS Alerts for information about threats and take an active role in security by reporting suspicious activity to local law enforcement authorities through the “If You See Something, Say Something” public awareness campaign.  For more information on the National Terrorism Advisory System or to receive NTAS alerts, visit

NHSRC Product Updates

The US EPA National Homeland Security Research Center (NHSRC) has just published the most recent list ofproduct updates. 


1) Biological Sample Preparation Collaboration Project, Detection of Bacillus anthracis Spores in Soil

Report:  The objective of this work was to develop and optimize an automated immunomagnetic separation (AIMS) method for isolation of Bacillus anthracis (BA) spores from soil. In this study, the AIMS method for separating BAspores from various soil matrices was developed using the Dynabeads® technology (Invitrogen Corporation, Carlsbad, CA). This involved optimizing paramagnetic beads conjugation with antibodies specific to BA spores, designing an automated program (BeadRetriever™, Invitrogen) and developing standard procedures for separating BAspores from four soil types using AIMS.

2) Biological Sample Preparation Collaboration Project, Detection of Bacillus anthracis Spores in Soil

Journal Article:  A method was developed to deposit Bacillus subtilis spores via aerosolization onto various surface materials for biological agent decontamination and detection studies.

3) Technology Evaluation Report Real UV254 Security Monitor

Technology Evaluation Report:  EPA recently evaluated the performance of several online total organic carbon (TOC) analyzers and ultraviolet spectrometers including the Real UV254 Security Monitor. The primary objective of this evaluation was to determine the response of the TOC analyzers and ultraviolet spectrometers upon the introduction of contaminants such as toxic industrial chemicals (TICs) and biological contaminants in drinking water.


1) Evaluation of Liquid and Foam Decontamination Technologies for Surfaces Contaminated by Bacillus anthracis Spores

Summary:  Summary of the results of multiple studies on the effectiveness of liquid and foam decontamination technologies against Bacillus anthracis spores

2) Efficacy of liquid spray decontaminants for inactivation of Bacillus anthracis spores on building and outdoor materials

Journal Article:  The study results may be useful in the selection of technologies to decontaminate buildings and outdoor areas in the event of contamination with B. anthracis spores. These results may also facilitate selection of decontaminant liquids for the inactivation of other spore forming infectious disease agents.

3) Reports on the evaluation of technologies to remove radionuclides from concrete surfaces

+ Technology Evaluation Report CS Unitec ETR180 Circular Sander for Radiological Decontamination;

+ Technology Evaluation Report Empire Abrasive Blast N’Vac for Radiological Decontamination;

+ Technology Evaluation Report Industrial Contractors Supplies, Inc. Surface Dust Guard with Diamond Wheel for Radiological Decontamination;

+ Technology Evaluation Report Industrial Contractors Supplies, Inc. Surface Dust Guard with Wire Brush for Radiological Decontamination;

+ Technology Evaluation Report Real UV254 Security Monitor; and

+ Technology Evaluation Report River Technologies LLC 3-Way Decontamination System for Radiological Decontamination


1) CANARY USER’S MANUAL and software upgrades

Software:  For initial download please contact Terra Haxton  The goal of CANARY is to take standard water-quality data and use mathematical algorithms to identify the onset of periods of anomalous water quality, while at the same time, limiting the number of false alarms that occur. The working definition of “anomalous” can be set by the user by selecting the configuration parameters. These parameters may vary from one utility to the next and may even vary across monitoring locations within a single utility. CANARY can be set up to receive data from a SCADA database, and return alarms to the SCADA system.

2) EPANET Multi-Species Extension Software

Software:  EPANET is used in homeland security research to model contamination threats to water systems. Historically, EPANET has been limited to tracking the dynamics of a single chemical transported through a network of pipes and storage tanks, such as a fluoride used in a tracer study or free chlorine used in a disinfection decay study. Recently, the NHSRC released a new extension to EPANET called EPANET-MSX (Multi-Species eXtension) that allows for the consideration of multiple interacting species in the bulk flow and on the pipe walls. This capability has been incorporated into both a stand-alone executable program as well as a toolkit library of functions that programmers can use to build customized applications.

3) Threat Ensemble Vulnerability Assessment- Sensor Placement Optimization Tool (TEVA-SPOT) Graphical User Interface (EPA/600/R-08/147)

Software:  The ultimate aim of a simulation and its subsequent analysis is to determine the vulnerability of the distribution system to contaminant releases and determine the optimal locations to place a set of water quality sensors in the network to mitigate the impacts of contamination. This tutorial helps to familiarize users to the TEVA-SPOT functionality.

4) Development of a Sensitive Detection Method for Stressed E. coli O157:H7 in Source and Finished Drinking Water by Culture-qPCR

Journal article:  A sensitive and specific method that also demonstrates viability is of interest for detection of E. coli O157:H7 in drinking water. A combination of culture and qPCR was investigated. Two triplex qPCRs, one from a commercial source and another designed for this study were optimized from 5 different assays to be run on a single qPCR plate.

Register Today for WaterISAC and U.S. EPA’s Two-Part Webinar on the Tabletop Exercise Tool for Water Systems

Join WaterISAC and US EPA for two FREE  important training webinars on the Agency’s newTabletop Exercise Tool for Water Systems: Emergency Preparedness, Response, and Climate Resiliency (TTX Tool).

The TTX Tool contains materials that assist in planning and facilitating tabletop exercises that focus on water sector-related issues. Fifteen diverse scenarios, which include natural hazards, man-made incidents, and climate change impacts, address an all-hazards approach to emergency preparedness and response in the water sector. The natural and man-made hazards address short-term emergency response activities, and climate change-related scenarios provide an opportunity for utilities to consider and implement long-term planning measures into their operations.

The situation manual, discussion questions, and slide deck for each scenario can be modified and customized by the user to tailor the scenario to fit his or her specific needs.

Session 1: The first webinar will be held on Thursday, May 26 from 3:00-4:00pm Eastern Time, and will provide an overview of the functionality of the TTX Tool.

Session 2: The second webinar will be held on Thursday, June 2, 2011 from 3:00-4:30pm Eastern Time. This session will provide more detailed information on how to use the materials on the TTX Tool to plan, design, facilitate, and evaluate Water Sector-specific exercises.

These two webinars are free and open to all WaterISAC subscribers as well as other members of the drinking water and wastewater communities.

Click here to sign up today!

NLE 11 Preparedness Matters Newsletter

Please see the attached April edition of the National Level Exercise 2011 (NLE 2011) newsletter, entitled “NLE 2011: Preparedness Matters.” This newsletter will be the primary source of monthly updates on NLE 2011 from the Office of Infrastructure Protection, providing important meeting and contact information for critical infrastructure stakeholders interested in participating in the exercise process.  Each newsletter will focus on a different aspect of NLE 2011 and all are encouraged to distribute widely.   This edition focuses on the connections between the Japanese nuclear accident and NLE 11 planning and exercise elements.

NLE Prepredness Matters_April 2011