Lt. General Frank Libutti, USMC (Ret.) - Keynote Speaker, Advisor, Consultant

Opening Statement of

General Frank Libutti

Under Secretary for Information Analysis and Infrastructure Protection

Department of Homeland Security

Before the

House Homeland Select Subcommittee on Intelligence and Counterterrorism and the Subcommittee on Infrastructure and Border Security

March 4, 2004
Introduction

Good morning Chairman Gibbons, Representative McCarthy , Chairman Camp, Representative Sanchez and distinguished members of the Subcommittees. I am delighted to appear before you today to discuss the Presidents FY 2005 budget request for the Department of Homeland Securitys Information Analysis and Infrastructure Protection (IAIP) Directorate.

IAIP is the focal point for intelligence analysis, infrastructure protection operations, and information sharing within the Department of Homeland Security (DHS). Within a single directorate, IAIP merges the capability to identify and assess a broad range of intelligence and information concerning threats to the homeland, map that information against the nations vulnerabilities, issue timely and actionable warnings, and take appropriate preventive and protective action to protect our infrastructures and key assets. IAIP is currently comprised of three primary components: the Office of Information Analysis (IA), the Office of Infrastructure Protection (IP), and the Homeland Security Operations Center (HSOC).

FY 2004 Accomplishments

As we mark the first anniversary of the Department, I would like to highlight for you some of the many accomplishments of the IAIP Directorate, one of the newest parts of the federal government. The formation of IAIP has created for the first time a unique, integrated capability to not only map the current threat picture against the nations vulnerabilities, but to also assess the risk of a terrorist attack based upon preventive and protective measures in place. That is, IAIP is enabling us to move from a reactive posture in the homeland to a risk management and mitigation posture. Let me give you some examples.

Since March, 2003, IAIP has:

Launched the Homeland Security Information Network (HSIN), a comprehensive information sharing program that expands access to and use of the Joint Regional Information Exchange System (JRIES). The HSIN will provide secure real-time connectivity in a collaborative environment with states, urban areas, counties, tribal areas, and territories to collect and disseminate information between federal, state, local, and tribal agencies involved in combating terrorism.

Coordinated Operation Liberty Shield and the rapid enhancement of security at more than 145 national asset sites at the outset of the war in Iraq. Following that, IAIP transitioned the protection of the sites from National Guard and law enforcement to a more cost effective and permanent set of physical protective measures.

Enhanced protection, by assisting local communities with conducting vulnerability assessments and implementing protective measures, of the nations highest risk chemical sites, thereby improving the safety of over 13 million Americans.

Implemented Homeland Security Presidential Directive (HSPD) 7, Critical Infrastructure Identification, Prioritization and Protection, which was signed by President Bush in December 2003. The HSPD assigned the Department of Homeland Security responsibility for coordinating the overall national effort to enhance the protection of the critical infrastructure and key resources of the United States and the development of an integrated cyber and physical protection plan.

Implemented Wireless Priority Service, to ensure the continuity of cellular networks nationwide, registering over 3,000 federal, state, local and private users.

Established the National Cyber Security Division (NCSD) to coordinate the implementation of the National Strategy to Secure Cyberspace and serve as the national focal point for the public and private sectors on cybersecurity issues, and developed a process for handling cyber incidents, successfully managing a number of major cyber events.

Through the NCSD, established the U.S. Computer Emergency Readiness Team (US-CERT) through an initial partnership with the Computer Emergency Response Team Coordination Center at Carnegie Mellon University. US-CERT is building a cyber watch operation, launching a partnership program to build situational awareness and cooperation, and coordinating with U.S. Government agencies to predict, prevent, and respond to cyber attacks.

Launched the National Cyber Alert System under the auspices of US-CERT, Americas first coordinated cyber security system for identifying, analyzing, and prioritizing emerging vulnerabilities and threats. This system provides the first nationwide infrastructure for relaying actionable computer security update and warning information to computer users in the government, in private industry, and small business and home users.

Assumed responsibility for the Homeland Security Operations Center (HSOC), which maintains and shares real time domestic situational awareness; coordinates security operations; detects, prevents, and deters incidents; and facilitates response and recovery for all critical incidents and threats. As of February 2004, 26 federal and local law enforcement agencies and Intelligence Community members are were represented in the HSOC, providing reach back capability into their home organizations to continuously inform the current threat picture, and to provide key decision makers with real time information.

Conducted detailed vulnerability studies of the banking and telecommunications industry to better understand the interdependencies and prioritize vulnerability reduction.

Initiated an intra-Department and interagency review and analysis of information obtained in detainee briefings to assess specific terrorist capabilities, work that subsequently became the subject of several advisories disseminated to a variety of homeland security partners regarding terrorist planning, tactics and capabilities.

Co-chaired with the Border and Transportation Security Directorate (BTS) the DHS Intelligence Activities Joint Study charged with reviewing the mission, responsibilities and resources of DHS Intelligence component organizations. The study was chartered for the purpose of making recommendations to the Secretary as to the optimal utilization of the Departments analytical resources.

With the Homeland Security Council (HSC), initiated an ongoing interagency review of the Homeland Security Advisory System (HSAS), for the purpose of refining the system to make it more efficient and more beneficial for states and localities and the private sector.

Formally executed the Protected Critical Infrastructure Information (PCII) implementing regulation, pursuant to the provisions of the Critical Infrastructure Information ACT of 2002. The purpose of the PCII Program is to encourage private entities and others with knowledge about our critical infrastructure to voluntarily submit confidential, proprietary, and business sensitive critical infrastructure information to the Department. Submitted information that qualifies for protection under the provisions of the Act and the PCII implementing regulation will be exempted from public disclosure, providing a significant opportunity for private entities to assist in homeland security without exposing potentially sensitive and proprietary information to the public. The Department will use information that qualifies for protection primarily to assess our vulnerabilities, secure the nations critical infrastructure and protected systems, issue warnings and advisories, and assist in recovery.

FY 2005

Even with these accomplishments, there is much more work that must be done. The United States remains at risk, despite the continuing work to assess and mitigate vulnerabilities. Our interdependent critical infrastructures enable Americans to enjoy one of the highest standards of living in the world, provide the backbone for the production of goods and services for the worlds largest economy, provide over 60 million jobs, and ensure the United States can protect its national security interests. Infrastructure will remain one of the top priority targets for terrorists desiring to damage the nations economy and incite fear in the minds of the American people.

While the possibility of large-scale attacks similar to 9/11 remain significant, it is also possible likely that terrorists will employ smaller scale operations such as the suicide bombings prevalent in Israel. Terrorists understand that the cumulative effect of many small-scale operations that are easier to plan and conduct can be just as effective as large-scale attacks in their overall impact on Americans sense of security in their own country and, especially, at United States facilities overseas.

IAIPs budget relies on the expectation of two emerging trends: First, the nature and complexity of threats will increase; and, second, our national infrastructure components will become more complex and interdependent. These trends will result in more demands on the Department and IAIP to anticipate terrorist intentions, tactics and capabilities, and to mitigate risks and vulnerabilities for the protection of the United States and its citizens.

For these reasons, the Presidents FY 2005 budget request for IAIP is structured around the following major program areas: Threat Determination and Assessments, Infrastructure Vulnerabilities and Risk Assessments, Information Warnings and Advisories, Remediation and Protective Actions, Outreach and Partnerships, National Communications System, Competitive Analysis and Evaluations, National Plans and Strategies, and the Homeland Security Operations Center.

Threat Determination and Assessment ($21.943 Million)

IAIPs Threat Determination and Assessment program is designed to detect and identify threats of terrorism against the United States homeland; assess the nature and scope of these terrorist threats; and understand terrorist threats in light of actual and potential vulnerabilities within critical infrastructures and/or key assets. Addressing these issues requires the IAIP Directorate to improve on its existing set of threat analysts and analytical tools by hiring and training additional highly skilled threat analysts; acquiring and fielding new analytical tools and technologies to assist in assessing and integrating information; and deploying secure communications channels that allow for the rapid exchange of information and dissemination of analytical results.

These improvements will be used for multiple purposes, including: (1) providing analysis and assessments of the current threat picture as it relates to critical infrastructure; (2) developing actionable intelligence for Federal, state, and local law enforcement; (3) issuing warnings at all levels from the Federal Government to the private sector; and (4) supporting efforts to identify and coordinate effective countermeasures.

The Presidents Budget requests $21.943 million for continued support of on-going activities to continually form terrorist threat situational awareness, execute the functions outlined above, and focus on information sharing and coordination within DHS as well as in the Intelligence Community and other external stakeholder communities. These capabilities enhance the performance of two critical functions in protecting the homeland. First, it offers the United States Government the ability to integrate, synchronize, and correlate unique sources of information relating to homeland security, emanating from traditional and non-traditional (e.g., state and local governments, private industry) sources. Second, the IAIP Directorate is positioned to integrate knowledge of potential terrorist threats with an understanding of exploitable infrastructure vulnerabilities, resulting in a value-added profile of national risk that transcends traditional threat and vulnerability assessments.

Funding in this area is targeted to increase the IAIP Directorates technical competencies by training analysts and equipping IAIP with the most advanced technologies and tools. The training, tools and technologies will be utilized in four primary areas:

Model Terrorist Organization: Developing a detailed understanding of terrorist organization capability with supporting materials and connectivity to interpret and predict threats.
Develop Terrorist Capabilities Baseline: Developing a detailed understanding of terrorist capabilities baseline with supporting materials and connectivity to interpret and predict threats.
Collaboration and Fusion: Expanding collaboration and fusion efforts from DHS to internal components, and out to an extended customer base.
Analysis Coordination: Spearheading the effort to build a collaborative and mutually supporting analysis coordination schematic for DHS, and ensure that it incorporates others (TTIC, TSC, and the Intelligence Community) into a community of interest approach for understanding domestic terrorist threats.
Infrastructure Vulnerability and Risk Assessment ($71.080 million)

The Homeland Security Act directs the IAIP Directorate to carry out comprehensive assessments of the vulnerabilities of the critical infrastructure and key assets of the United States. As such, the IAIP Directorate serves as the focal point for coordination between the Federal government, critical infrastructure owners and operators, and state and local governments for the sharing of information and the planning for response to crisis events affecting infrastructures.

The FY 2005 Presidents Budget requests $71.080 million to fund the development of a comprehensive National infrastructure risk analysis and profile (e.g., high value/high probability of success targets); development of analytic tools to evaluate critical infrastructure and key assets; and the coordination and development of a National threat vulnerability and asset database to access, integrate, correlate, and store threat and vulnerability information.

These mission areas will be enable IAIP to identify potential risks caused by infrastructure interdependencies, and determine the potential consequences of an infrastructure failure due to a terrorist attack. Ultimately, the intent of these efforts is to strengthen the capabilities of the IAIP Directorate and each critical infrastructure to provide near real-time notification of incidents; enhance the ability of the IAIP Directorate to assess the impact of incidents on critical infrastructure and key assets; to assess collateral damage to interdependent infrastructure; and create tools and processes to enhance infrastructure modeling and risk assessment capabilities.

The FY 2005 budget request for infrastructure vulnerability and risk assessment is divided into three areas:

National Infrastructure Risk Analysis: Funding in this area supports the development of comprehensive risk and vulnerability analyses on a national scale. These analyses are cross-sector in nature, focusing on problems affecting multiple infrastructures, both physical and cyber-related. As assigned in the Homeland Security Act and HSPD-7, the IAIP Directorate will continue to leverage and develop new techniques to map data provided by threat analyses, provide consequence analysis, and create vulnerability assessment teams based on the nature of the indicators or incidents. The goal is to produce timely, actionable information that is more meaningful to industry. A portion of this funding also supports the direct involvement of critical infrastructure sector experts to supplement risk analysis efforts and to gain a better understanding of the sectors core business and operational processes. In addition, a portion of this funding is utilized for exploration and to pilot innovative methodologies to examine infrastructure vulnerabilities and interdependencies.
Analytic Tools Development and Acquisition: The IAIP Directorate will continue to collaborate with the Science and Technology (S&T) Directorate to acquire the most advanced tools and database designs available to better understand the complexities of interdependent systems and for translating vast amounts of diverse data into common and usable information for decision-makers, analysts, and infrastructure operators. Such capabilities include data-logging systems, modeling and simulation, data mining, and information correlation. Funding is targeted toward developing dynamic and multi-faceted tools designed to expand access to needed information.
National Threat/Vulnerability/Asset Databases: The funding level requested for this activity in the FY 2005 budget is based on the recognition of the data intensive nature, scale and complexity of analyzing infrastructure vulnerability issues. The intent is to develop and maintain databases that allow the IAIP Directorate to provide its stakeholders with up-to-date information on threats and vulnerabilities. Specifically, the IAIP Directorate is continuing to coordinate and direct the development of the primary database of the Nations critical infrastructures through a collaborative process involving all stakeholders; maintain data on the risks posed to specific facilities and assets (and the probability of attack and associated consequences for homeland, national, and economic security should an attack occur); and develop, operate, and manage integrated data warehousesin full compliance with the Departments privacy policiesthat contain comprehensive all-source threat, vulnerability, and asset data.
Information and Warning Advisories ($59.807 Million)

One of the most visible aspects of the DHS mission lies in the management and administration of the Homeland Security Advisory System, the communications of threat condition status to the general public, and the continuous around-the-clock monitoring of potential terrorists threats. Specifically, there are three key information and warning activities that help support the Homeland Security Advisory System and other efforts to alert key Departmental leadership, national leaders and the general public: (1) tactical indications and warning and the associated warning advisory preparation and issuance; (2) information requirements management; and (3) integrated physical and cyber infrastructure monitoring and coordination.

The FY 2005 Presidents Budget requests $59.807 million to maintain the information and warning program. In addition to continuously operating a 24x7 capability, the information and warning program area will provide surge capabilities for the HSOC and with other Directorates during heightened states of alert or in response to specific incidents. The relevant FY 2005 budget request is divided into three primary areas:

Tactical Indications and Warning Analysis/Warning Advisory Preparation and Issuance: Funding in this area supports submission of collection requests for threat information to the Intelligence Community and law enforcement, disseminating guidance to DHS components, developing analyses on the nature and scope of the threats, and identifying potential terrorist targets within the United States. A program priority is the continued to development of tools and technologies to assist our analysts to interpret, integrate, and catalogue indicators, warnings, and/or actual events and to provide Departmental and national leaders situational awareness. Another priority is the need to publish threat advisories, bulletins, and warnings at different levels of classification prior to distribution to the relevant stakeholders. Threat publications are detailed and disseminated in a timely fashion, portraying the nature, scope, and target of the threat. Ultimately, this information provides the basis for determinations to change the threat condition.
Information Requirements Management: Information related to threats and critical infrastructure vulnerabilities are collected, stored, and protected within a diverse set of locations and sources, spanning all levels of government (Federal, state, and local) and including intelligence, proprietary and public sources. Funding in this area supports the technologies necessary to search within those diverse databases to identify, distill, and/or acquire mission-critical information. Program funding supports efforts to coordinate information requests and tasks emanating from within other parts of IAIP, other DHS Directorates, the Intelligence Community, law enforcement, state and local governments, and the private sector. In addition, a portion of these funds is used to supplement the information technology structure to accomplish these tasks efficiently and effectively through the use of leading-edge capabilities. This effort ensures that all information users are able to access all available and relevant data.
Integrated Physical and Cyber Infrastructure Monitoring and Coordination: Intelligence and warning staff monitoring and coordination efforts ensure that threat and critical infrastructure issues are adequately addressed and represented. In addition, these efforts coordinate incident response, mitigation, restoration, and prioritization across critical sectors in conjunction with the other relevant DHS components (e.g., Emergency Preparedness and Response Directorate).
Remediation and Protective Actions ( $345.738 Million)

The IAIP Directorate has established a national Critical Infrastructure Protection program that leverages stakeholder input at the Federal, state, and local level and across the private sector to provide the best and most cost-effective protective strategies for at risk infrastructure and facilities. Through this program, the IAIP Directorate provides a broad range of services including on-site planning advice, technical and operational training programs, assistance in identifying vulnerabilities, and development and sharing of best practices. Activities in this area also include security efforts to protect infrastructure and assets from cyber attacks (e.g., malicious software, distributed denial-of-service attacks).

Specifically, the FY 2005 Presidents Budget requests $345.738 million, for remediation and protective actions divided into the following five areas:

Critical Infrastructure and Key Asset Identification: The Homeland Security Act directs the IAIP Directorate to recommend measures necessary to protect the critical infrastructure of the United States. One key step in this process is funding a national program focused on identifying critical infrastructure and assets and assessing potential risks of successful attacks to those assets. By understanding the full array of critical infrastructure facilities and assets, their interaction, and the interdependencies across infrastructure sectors, IAIP is able to forecast the national security, economic, and public safety implications of terrorist attacks and prioritize protection measures accordingly. Moreover, the process of identifying and prioritizing assets in this manner creates a common overarching set of metrics that consist of the individual attributes of specific infrastructure sectors.
Critical Infrastructure Vulnerability Field Assessments: The Directorate coordinates with all relevant Federal, state and local efforts to identify system vulnerabilities and works closely with the private sector to ensure vulnerability field assessment methodologies are effective, easy to use, and consistently applied across sectors. Funding is targeted at the need to conduct and coordinate specialized vulnerability assessments by DHS teams, in conjunction with teams from other Federal or state agencies and private sector companies as appropriate, for the highest priority critical infrastructures and assets. The intent of these efforts is to catalogue specific vulnerabilities affecting the highest priority terrorist targets, thereby helping guide the development of protective measures to harden a specific facility or asset. A nationwide vulnerability field assessment program is currently underway leveraging the expertise of the IAIP Directorate, other agencies, and the private sector to ensure cross-sector vulnerabilities are identified and that sound, informed decisions will be reached regarding protective measures and strategies.
Infrastructure and Key Asset Protection Implementation: Due to the vast geographic size of the United States and diverse operating environment for each infrastructure sector, protection strategies must start at the local level and then be applied nationally as needed. Priorities for protection strategies are based on regional, state, and local needs and on the need for cross-sector coordination and protective actions within those geographic boundaries. The budget request reflects the need for the IAIP Directorate to continue the development of a flexible set of programs to assist in the implementation of protective measures. Examples include coordinating with other Federal and state agencies and the private sector to: (1) ensure the detection of weapons of mass destruction material is considered in the development of protection plans; (2) disrupt attack planning by taking low cost actions that make information collection and surveillance difficult for terrorists; (3) defend the most at risk critical infrastructure facilities and key assets throughout the country above the level of security associated with industry best practices; and (4) develop a nationally-integrated bombing response capability similar to that of the United Kingdom. DHS funding in these areas focuses on high value, high probability targets and will take the form of joint ventures with state and local governments, regional alliances, and the private sector.
Cyberspace Security: Consistent with the Homeland Security Act and the National Strategy to Secure Cyberspace, a key element of infrastructure protection, both in the public and private sectors, is to ensure the continued healthy functioning of cyberspace, which includes the cyber infrastructure and the cyber dependencies in the critical infrastructure sectors. The IAIP Directorate recognizes that cyberspace provides a connecting linkage within and among many infrastructure sectors and the consequences of a cyber attack could cascade within and across multiple infrastructures. The result could be widespread disruption of essential services, damaging our national economy, and imperiling public safety and national security. The budget request supports efforts to capitalize on existing capabilities of the Directorate, and investing in new capabilities to monitor, predict, and prevent cyber attacks and to minimize the damage from and efficiently recover from attacks. As the manager responsible for a national cyber security program, the IAIP Directorate provides direct funding to support: (1) creating a national cyberspace security threat and vulnerability reduction program that includes a methodology for conducting national cyber threat and vulnerability risk assessments; (2) strengthening a national cyberspace security readiness system to include a public-private architecture for rapidly responding to and quickly disseminating information about national-level cyber incidents-including the Cyber Alert Warning System; (3) expanding and completing the warning and information network to support crisis management during cyber and physical events; (4) implementing a national cyberspace security awareness and training program; (5) developing capabilities to secure the United States Government in cyberspace that include guidelines for improving security requirements in government procurements; (6) strengthening the framework for national security international cyberspace security cooperation that focuses on strengthening international cyber security coordination and; (7) the Global Early Warning Information System, which monitors the worldwide health of the Internet through use of multiple data sources, tools, and knowledge management to provide early warning of cyber attacks.
Protection Standards and Performance Metrics: Working in collaboration with the National Institute of Standards and Technology as appropriate, the IAIP Directorate is developing objective data for systems protection standards and performance measures. Several sectors currently use threat-based exercise approaches to validate key elements of their protection efforts. The budget request in this area will focus on continually improving and validating sector plans and protective programs and providing training and education programs for public and private sector owners and operators of critical infrastructure and/or key assets.
Outreach and Partnership ($40.829 Million)

The private sector and state and local government own and operate more than 85 percent of the Nations critical infrastructures and key assets. Consequently, public-private cooperation is paramount, and without such partnerships, many of our Nations infrastructures and assets could be more susceptible to terrorist attack. The IAIP Directorate is responsible for cultivating an environment conducive for public and private partnerships, developing strategic relationships underlying those partnerships, and coordinating and supporting the development of partnerships between the Directorate and state and local government, private industry, and international communities for national planning, outreach and awareness, information sharing, and protective actions.

The FY 2005 Presidents Budget requests $40.829 million to build and maintain a sound partnership foundation. It is imperative that the Department is familiar with the issues confronting the private sector, state and local governments, Federal sector specific agencies for critical infrastructure, and our international partners. Specifically, strong relationships must be maintained with the following communities of interest:

State and Local Governments: Establishing and maintaining effective working relationships with State and local officials is a fundamental part of the DHS mission to effectively share information at unprecedented levels. IAIP is working with DHS Office of State and Local Government Coordination to assess the information sharing and dissemination capabilities that exist nationwide in order to leverage existing capabilities and supplement capacity where needed. .
Private Sector: The Private Sector is another key partner in developing a nationwide planning, risk assessment, protective action, and information sharing strategy. Engaging the business community and making a business case for investment in protective and remedial strategies is key to our success.
Academia: DHS will continue to develop, coordinate, and support partnerships with academic and other educational institutions. These partnerships will encourage and coordinate academic and other workforce development to assure availability of quality IT security professionals, and encourage curriculum development to integrate critical infrastructure protection (security) as normal elements of professional education.
Advisory Bodies: DHS will also provide support to Presidential advisory bodies and cross-sector partnerships (including the National Infrastructure Advisory Council and the Partnership for Critical Infrastructure Security.)
International: This funding will also support and enhance partnerships with the international community, working with and through DHS Office of International Affairs and the State Department, collaborating with the United States State Department on infrastructure protection activities. This includes bilateral discussions and activities on risk assessment and protective actions, information sharing, exercises and training. Of particular focus is the IAIP component of the Smart Borders implementation with Canada and Mexico. We will continue our role as the lead Federal Agency Role for the Information and Telecommunications Sectors. The Directorate will continue to partner with representatives from those industries composing the Information and Telecommunications sector and to educate members of the sector, develop effective practices, develop and implement intra-sector and cross-sector risk assessments, and work with other sectors on identifying and addressing risks associated with interdependencies.
Cyber: We will expand the platform established by the Cyber Alert Warning System to include awareness and education programs for home users of computers and computer professionals in partnership with other Federal agencies and industry. Additionally, within private industry, our partnership and outreach efforts will involve the engagement of risk management and business educational groups to implement strategies to elevate senior management understanding of the importance of investment in cyber security.

National Communications System ($140.754 Million)

The national telecommunications infrastructure supports multiple mission-critical national security and emergency preparedness (NS/EP) communications for the Federal government, state and local governments, and the private industry. The security and availability of the telecommunications infrastructure is essential to ensuring a strong national, homeland, and economic security posture for the United States. The National Communications System (NCS) is assigned NS/EP telecommunications responsibilities through Executive Order 12472, Assignment of National Security and Emergency Telecommunications Functions, which include: administering the National Coordinating Center for Telecommunications to facilitate the initiation, coordination, restoration, and reconstitution of NS/EP telecommunications services or facilities under all crises and emergencies; developing and ensuring the implementation of plans and programs that support the viability of telecommunications infrastructure hardness, redundancy, mobility, connectivity, and security; and serving as the focal point for joint industry-government and interagency NS/EP telecommunications planning and partnerships.

The FY 2005 Presidents Budget requests $140.754 million for the capabilities and analytic tools necessary to support the expansion of NS/EP telecommunications programs and activities. The FY 2005 funding level ensures a continuation of the NCS mission and legacy NS/EP telecommunications programs and assets. Specifically, the FY 2005 budget request for the NCS is divided into four areas:

Industry-Government and Interagency Processes: The NCS has cultivated and expanded its relationships with the telecommunications industry and other Federal agencies to promote joint planning, operational activities, coordination, and information sharing. The primary industry partnership is the Presidents National Security Telecommunications Advisory Committee (NSTAC), which is comprised of 30 industry leaders representing various elements of the telecommunications industry. The NSTAC and its subordinate body, the Industry Executive Subcommittee (IES), provides industry-based analyses and perspectives on a wide range of NS/EP telecommunications issues and provides policy recommendations to the President for mitigating vulnerabilities in the national telecommunications infrastructure. Paralleling this industry relationship is the interagency process involving the NCS Committee of Principals and its subordinate body, the Council on Representatives, which facilitate the NS/EP telecommunications activities of the 23 Federal agencies constituting the NCS.
Critical Infrastructure Protection Programs: Leveraging the industry relationships described above, the NCS manages several network security and CIP-related programs, including: (1) the National Communications Center (NCC), a joint industry- and Government-staffed organization collocated within the NCS and serves as the operational focal point for the coordination, restoration, and reconstitution of NS/EP telecommunications services and facilities; (2) the Telecommunications Information Sharing and Analysis Center, which is the focal point for the generation, compilation, and sharing of cyber warning information among the telecommunications industry; (3) the Government and National Security Telecommunications Advisory Committee Network Security Information Exchanges (NSIEs), which meet regularly and share information on the threats to, vulnerabilities of, and incidents affecting the systems comprising the public network; (4) the Critical Infrastructure Warning Information Network (CWIN), which is designed to facilitate the dissemination of information and warnings in the event of a cyber attack; (5) Training and Exercises, which helps ensure the readiness and availability of qualified staff to perform the operational duties of the NCS associated with Emergency Support Function #2Telecommunications of the Federal Response Plan; (6) Operational Analysis, which develops and implements tools and capabilities to conduct analyses and assessments of the national telecommunications infrastructure and its impact on NS/EP services; (7) NCS also supports the Global Early Warning Information System, which monitors the worldwide Internet health through use of multiple data sources, tools, and knowledge management to provide early warning of cyber attacks, (8) Shared Resources (SHARES) High Frequency (HF) Radio Program, developed by the NCS and in continuous operation since being approved by the Executive Office of the President in the NCS Directive 3-3 of January 1989. The SHARES program makes use of the combined resources and capabilities of existing Federal and federally affiliated HF radio stations on a shared, interoperable basis to provide critical backup communications during emergencies to support national security and emergency preparedness (NS/EP) requirements.
Priority Telecommunications Programs: The NCS is continuing a diverse set of mature and evolving programs designed to ensure priority use of telecommunications services by NS/EP users during times of national crisis. The more mature servicesincluding the Government Emergency Telecommunications Service (GETS) and the Telecommunications Service Priority (TSP)were instrumental in the response to the September 11th attacks. FY 2005 funding enhances these programs and supports the development of the Wireless Priority Service (WPS) program and upgrade to the Special Routing Arrangement Service (SRAS). Specifically, priority service programs include: (1) GETS, which offers nationwide priority voice and low-speed data service during an emergency or crisis situation; (2) WPS, which provides a nationwide priority cellular service to key NS/EP users, including individuals from Federal, state and local governments and the private sector; (3) TSP, which provides the administrative and operational framework for priority provisioning and restoration of critical NS/EP telecommunications services; (4) SRAS, which is a variant of GETS to support the Continuity of Government (COG) program including the reengineering of SRAS in the AT&T network and development of SRAS capabilities in the MCI and Sprint networks, and; (5) the Alerting and Coordination Network (ACN) which is an NCS program that provides dedicated communications between selected critical government and telecommunications industry operations centers.
Programs to Study and Enhance Telecommunications Infrastructure Resiliency: The NCS administers and funds a number of programs focusing on telecommunications network resiliency, security, performance, and vulnerabilities, including: (1) the Network Design and Analysis Center, which is a set of tools, data sets, and methodologies comprising the Nations leading commercial communications network modeling and analysis capability that allows the NCS to analyze the national telecommunications and Internet infrastructures; (2) the NS/EP Standards program, which works closely with the telecommunications industry to incorporate NS/EP requirements in commercial standards and participates in national and international telecommunications standards bodies; (3) the Converged Networks Program, which investigates vulnerabilities and mitigation approaches in future technologies and networks (specifically Internet Protocol-based networks); (4) the Technology and Assessment Laboratory, which provides the ability to evaluate penetration testing software, modeling tools, various operating systems and protocols, hardware configurations, and network vulnerabilities, and; (5) the Routing Diversity effort, which is developing a communications routing diversity methodology to analyze a facilitys level of routing diversity and is evaluating alternative technologies which can provide route diversity, and (6) the NCS, through various associations and other activities is involved in a variety of International Activities (NATO, CCPC, CEPTAC, and Hotline) which provides technical subject matter expertise, guidance, and coordination on CIP issues affecting the telecommunications infrastructure in numerous international forums on behalf of the United States Government.

Competitive Analysis and Evaluation ($18.868 Million)

The Competitive Analysis and Evaluation program ensures that IAIP products and services are tested, accurate, based on sound assumptions and data, and ultimately, offer the highest quality, depth, and value to IAIP customers. The FY 2005 Presidents Budget requests $18.868 million to provide for the unbiased, objective analyses and evaluation of IAIP findings, assessments, and judgments through three functional areas: Risk Assessment Validation, Evaluation, and Exercises and Methodologies.

Risk Assessment Validation: Funding is used to establish and field physical and cyber target risk analysis teams that employ red team techniques to evaluate measures taken by other IAIP components to protect key assets and critical infrastructure. The red teams emulate terrorist doctrine, mindsets, and priorities and employ non-conventional strategies to test and evaluate IAIP planning assumptions.
Evaluation: Funding supports several initiatives, including the IAIP Product and Process Evaluation, which involves conducting independent, objective evaluations of IAIP products and processes and to assist IAIP divisions to develop products that offer value to IAIP customers. The second is IAIP Customer Satisfaction, which evaluates customer satisfaction with IAIP products and services to ensure they are responsive to current customer needs. Funding in this area provides for electronic and non-electronic feedback surveys, field visits, and conferences.
Exercises and Methodologies: Coordinate and manage interagency exercises and tabletops that test both DHS and IAIP policies, processes, procedures, capabilities, and areas of responsibilities. Participating in and conducting after action reviews of exercises provides invaluable experience and feedback related to capabilities, connectivity, and information sharing during a crisis event. Investment in this area informs the Departments decision as to where improvements are needed. This funding also supports examining and instituting advanced methodologies such as alternate hypotheses, gaming, modeling, simulation, scenarios, and competitive analyses to ensure IAIP products are accurate, sophisticated, and of the highest quality and value to customers.
National Plans and Strategies ($3.493 Million)

Critical to ongoing national efforts to protect and secure the homeland are updating, revisiting, coordinating the development, and monitoring the implementation of National Plans and Strategies. The FY 2005 Presidents Budget requests $3.493 million to support activities by coordinating, developing, and publishing contingency planning documents for critical infrastructures (as called for in the National Strategy to Secure Cyberspace), monitoring progress against those documents, and producing an annual report.

Homeland Security Operations Center ( $35.0 Million)

The HSOC maintains and shares domestic situational awareness; coordinates security operations; detects, prevents, and deters incidents; and facilitates the response and recovery for all critical incidents. The HSOC is the focal point for sharing information across all levels of government and the private sector.

The HSOC facilitates the flow of all-source information and develops products and services including: (1) the daily Homeland Security Situation Brief for the President, (2) reports and briefs to law enforcement, the Intelligence Community, other Federal and state agencies and industry partners, (3) warnings and alerts to individual responder agencies and the public as appropriate, and (4) coordinated response when crises do occur. The HSOC concept is to draw from the many distributed systems and centers that are currently dedicated to different missions and optimize their contribution to homeland security.

HSOC funding will help with the time efficiency of issuance of information and warning advisories through increased operations efficiency brought about by facility improvements.

New Programs

In the FY 2005 IAIP budget, as a part of an interagency effort to improve the Federal Governments capability to rapidly identify and characterize a potential bioterrorist attack, the President requst $11 million for a new biosurveillance iniative. This increase provides for real-time integration of biosurveillance data harvested through the Centers for Disease Control (CDC), Food and Drug Administration (FDA), United States Department of Agriculture (USDA) and DHS Science and Technology (S&T) Directorate with terrorist threat information analyzed at IAIP. Currently, a finding from one source of surveillance exists in isolation from relevant surveillance from other sectors, making it difficult to verify the significance of that finding or to recommend appropriate steps for response. Integrating the information in IAIP, and analyzing it against the current threat picture will inform effective homeland security decision-making and speed response time to events.

This interagency initiative, includes DHSs ongoing BIOWATCH environmental biodetection program, Health and Human Services (HHS) proposed BIOSENSE program, HHS and United States Department of Agricultures (USDA) ongoing joint separate food security surveillance efforts, and USDAs agricultural surveillance efforts. This DHS-led effort will promote data sharing and joint analysis among these sectors at the local, state, and Federal levels and also will establish a comprehensive Federal-level multi-agency integration capability to rapidly compile these streams of data and preliminary analyses and integrate and analyze them with threat information

Conclusion:

In summary, the FY2005 budget request provides the resources to enable the IAIP Directorate to manage and grow in its mission of securing the homeland. I look forward to working with you to accomplish the goals of this department and the IAIP directorate.

Mr. Chairman and Members of the Subcommittees, this concludes my prepared statement. I would be happy to answer any questions you may have at this time.