Several New CyberSecurity Efforts in the News

Over the past few days, there have been media releases about several new cybersecurity initiatives that should have broad reaching benefits.

Timothy Riecker

First, Govtech.com reported on New Jersey’s consolidated fusion center-style approach to cybersecurity.  About a year ago, the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) was formulated, following the model of the National Cybersecurity Communications Integration Cell (NCCIC).  Co-located with the NJ State Emergency Operations Center and with support from the NJ Office of Homeland Security and Preparedness intelligence resources, the NJCCIC is keeping a watchful eye on cybersecurity matters internal and external to state government and sharing information with the private sector. This is a model effort that will hopefully grow and change based on identified opportunities in both New Jersey as well as other states who have yet to build such a capability.

EDM Digest recently reported on an initiative from the National Governor’s Association to form a multi-state working group, or academy as they are calling it, to create strategies to fight the evolving cybersecurity threat.  States contributing to this effort include Connecticut, Illinois, Louisiana, Nevada, and Oregon.  While not states we would usually think of as being on the forefront of cybersecurity issues, each does have significant business and industry which will hopefully serve as partners and resources in this endeavor.

Lastly, US Representatives Richard Hanna (R-NY) (who represents my district) and Derek Kilmer (D-WA) introduced the Small Business Cybersecurity Act to help American entrepreneurs protect themselves from cybercrimes and create cybersecurity plans that meet their business’ needs.  Co-sponsors of the bill included a range of Representatives of both parties from across the nation.  The release states that three out of every five cyberattacks target small businesses, and with small businesses making up a significant portion of the US economy, it is vital to help protect them.  I couldn’t agree more!  The intent of the bill is to create no-cost legislation to leverage the expertise of Small Business Development Centers (SBDCs) around the nation as an information distribution point for cybersecurity preparedness.  Let’s hope this one passes!  Express support for the bill to your Congressional Representative!

All in all, it’s encouraging to see continued effort toward cybersecurity protection, preparedness, and response.  As with the preparedness efforts we see in emergency management, I hope soon these efforts in cybersecurity will become more unified and closely knit.  While they all technically fall under the President’s Cybersecurity Strategy, we need to ensure connectivity of these efforts to help prevent duplication of effort and minimize holes.  We also want to ensure that access to services and resources that are available are comprehensive and streamlined to the greatest extent.  Let’s keep cybersecurity in mind and continue this work!

© 2016 – Timothy Riecker, CEDP

Training EOC First-Timers

If you’ve worked in an EOC, you’ve certainly seen it.  The deer-in-the-headlights stare of an EOC first-timer.  There is so much to take in and a lot going on.  A room full of work stations with people typing, people on the phone, and others talking to each other.  While all these people might be wearing vests or name badges, some are in a shirt and tie, some lost the tie hours ago, some in a polo shirt, and others are in uniforms.  Walls are covered in screens, some showing the news, some weather, and some with a list of information on shelters or road closures.  Where do I sit?  What do I do?  How do I dial an outside line???

Remember, though, we were all once that first-timer, too.

Lucien Canton, one of the most prolific consultants and bloggers in the field of emergency management, just posted a great article in his regular newsletter titled ‘Just in Time Training: Tips for Orienting EOC Newcomers.’.  In it, he lists some great ideas on how we can better prepare for these inevitable first-timers and help ensure they become productive members of the EOC team quickly.  Check it out.  Oh, and if you aren’t subscribed to his newsletter (you should be!), info can be found here.

– TR

DOT Releases New Emergency Response Guidebook

PHMSA 05-16
Tuesday, April 26, 2016
Contact:  Artealia Gilliard
Tel.: 202-366-4831

DOT Releases New Emergency Response Guidebook

2016 ERG Cover

More Than 1.5 Million Free Copies to First Responders Nationwide

WASHINGTON – The U.S. Department of Transportation’s (USDOT) Pipeline and Hazardous Materials Safety Administration (PHMSA) today released the 2016 Emergency Response Guidebook (ERG2016), providing first responders with an updated go-to manual to help respond to hazardous materials transportation accidents during the critical first minutes.

PHMSA will distribute more than 1.5 million free copies of the guidebook to firefighters, emergency medical technicians and law enforcement officers across the nation.  Emergency first responders will use the ERG2016 to identify specific risks associated with compromised hazardous materials, and the recommended safety measures and procedures they should take to protect themselves and contain the incident as quickly as possible.

“We take the safety of this nation and its emergency responders very seriously,” said U.S. Transportation Secretary Anthony Foxx. “Our goal is to make sure that these first responders have the most current and accurate safety guidelines possible for use during that initial phase of a hazmat incident.”

The ERG contains an indexed list of dangerous goods and the associated 4-digit United Nations identification numbers. The ERG also identifies the general hazards those dangerous goods pose and  recommends safety precautions in remediating a hazmat incident. For example, if emergency first responders arrive at the scene of an overturned tractor trailer displaying a USDOT hazardous material placard, they would use the guidebook to identify the material associated with the placard and how best to respond.

“The ERG is an invaluable tool during the initial stages of any hazmat transportation emergency. Taking the proper action during those critical first minutes impacts the safety of both the first responders and the people they serve,” said PHMSA Administrator Marie Therese Dominguez.

The 2016 version of the ERG includes general revisions, expanded sections and added guide pages for absorbed gases. Updated every four years as a collaborative effort of the USDOT, Transport Canada and Mexico’s Secretariat of Transport and Communications, the ERG2016 is available free to public safety agencies in all states, territories and Native American Tribes through designated state emergency management coordinators’ offices.

PHMSA has also partnered with the National Library of Medicine (NLM) to provide a free Smartphone version of the ERG2016.  NLM also develops and distributes the Wireless Information System for Emergency Responders. The mobile application will be available this spring.

A copy of the new ERG2016 is posted online at: http://phmsa.dot.gov/hazmat/outreach-training/ergPrint copies of ERG2016 are available for sale to the general public through the U.S. Government Printing Office Bookstore athttp://bookstore.gpo.gov and other commercial suppliers.

The mission of the Pipeline and Hazardous Materials Safety Administration is to protect people and the environment by advancing the safe transportation of energy and other hazardous materials that are essential to our daily lives.  PHMSA develops and enforces regulations for the safe operation of the nation’s 2.6 million mile pipeline transportation system and the nearly 1 million daily shipments of hazardous materials by land, sea, and air. Please visit http://phmsa.dot.gov or https://twitter.com/PHMSA_DOT for more information.

Exercising the Recovery Mission Area

It doesn’t happen often, but when it does, I get pretty excited about it – I got a blog request!  Last week, Darin, a LinkedIn connection, messaged me with a request to post my thoughts on exercising the recovery phase (or mission area) of emergency management.  His idea, as he expressed it to me, came from discussion at a Public Health Preparedness conference he was attending, where they were discussing ESF 8 (Public Health and Medical Services) continuity of operations and recovery exercises.  Challenge accepted!

When it comes to Recovery exercises, my first thought is that they are horribly underutilized.  We conduct a lot of exercises in the Response mission area, but it’s a rare occasion that we even mention Recovery.  The reasoning here is pretty easy – Response is sexy.  It’s the lights and sirens, saving lives, put out the fire, pull people from the wreckage kind of stuff that makes a big impact.  Recovery is often viewed as slow, tedious, bureaucratic, engineering kind of stuff.  Well… yeah… but there is a lot more to it.  Since when we plan exercises, one of the first things we do is to identify what Core Capabilities will be tested, let’s look at the Core Capabilities of the Recovery Mission Area.  Within each, I’ll mention some ideas you can incorporate into exercises.

The Big Three – Planning, Operational Coordination, and Public Information and Warning.  These Core Capabilities are found in every mission area and are sometimes applied differently.

  • Planning – Yeah, we should have recovery plans. I would argue that we have entered the recovery phase when all or most of the first two incident management priorities have been addressed – Life Safety and Incident Stabilization.  Sometimes these are resolved quickly, sometimes they take some time.  There are some fairly complex issues to be addressed in the recovery phase (many of which we will identify through the Core Capabilities), and we don’t do them often, therefore we should most certainly plan for them.  Remember, we exercise plans and capabilities – therefore our plans (and policies and procedures) are a significant focus when it comes to Recovery exercises.    This Core Capability is where continuity of operations plans will also fall.  Can your organization survive the lasting impacts of a disaster?
  • Operational Coordination – Recovery activities often involve organizations that had little to no activity during the Response phase. Most of these organizations are non-traditional responders who don’t usually operate under more strict command and control models, such as ICS, but in the Recovery phase of a disaster, I certainly advocate that they do.  Many of these agencies, typically the human services types of organizations, are very good at coordination and cooperation, as their daily priorities dictate that working with others is how needs are addressed.  The big challenge we often see here, though, is the introduction of some other organizations – typically those with regulatory responsibilities.  Regulation usually requires bureaucracy.  Bureaucracy usually requires time – lots of time – especially when exceptions are requested.  It’s really important to consider all stakeholders when planning an exercise to ensure that you get a chance to see how they interact, what the information flow and chain of authority looks like, what benefits they bring, and how they can work together in a timely fashion for the common good.
  • Public Information and Warning – We often take for granted the role of public information and warning in the Recovery phase. There are many benefits to keeping external stakeholders informed of what’s going on during Recovery.  Consider elected officials, business and industry, and special interest groups, along with the general public.  Your PIO and possibly your JIC should be just as involved in Recovery phase exercises as they are in those for the Response phase.

Aside from the ‘big three’, the Recovery mission area shares a Core Capability with the Response mission area – Infrastructure Systems.  Long-term restoration and rebuilding of infrastructure can lead to lengthy discussions in a Recovery-focused workshop or tabletop exercise.  What are the priorities for rebuilding?  Who will do it?  How will it be funded?  What are the completion timelines?  Will it be rebuilt the same or differently?  What are the impacts of doing it differently?  Who is impacted by this?  What do we do while we are waiting for it to be rebuilt?  Who makes decisions?  All important things to consider.

The first unique Core Capability in the Recovery mission area is Economic Recovery.  I was recently asked to present at a conference for a niche professional association comprised of professionals found in government, private sector, and non-profits.  While we will be covering topics in Hazard Mitigation and Preparedness, the biggest focus will fall within Economic Recovery.  Economic Recovery involves businesses reopening and people getting back to work to serve customers, make money, and become customers themselves.  After a disaster, it is absolutely vital for a community to get back on its feet, and the center of that is the local economy.  While many disaster impacts may be a relative drop in the bucket for larger companies, smaller businesses may have a hard time recovering – the central pieces of this are infrastructure restoration (see previous paragraph) and cash flow.  The SBA, USDA, and even IRS have mechanisms to assist with cash flow issues.  And don’t forget insurance!  Bring these and other stakeholders to the table to discuss economic recovery.  Consider priorities and mechanisms that must be in place to meet needs to support these priorities.  Your local chamber of commerce and other business associations will certainly want to be part of these exercises.  Does your jurisdiction have a business operations center (BOC)?  If not, consider it.  If you do, exercise it!

Health and Social Services.  This is the heart of all matters related to ESF 8 (Public Health and Medical Services), which Darin mentioned.  While this Core Capability is an extension of the Response mission area Core Capability of Public Health, Healthcare, and Emergency Medical Services; it is also so much more.  ESF 8 activity after disasters can last months or even years, particularly with ongoing issues such as medical monitoring and psychological impacts.  Eventually many of these services are absorbed into the system of regular service providers, but for a time the circumstances of the disaster may require some special coordination or monitoring.  The coordination needed involves an amalgamation of organizations at all levels of government, not for profits, and the private sector.  This can involve ongoing coordination with insurance companies, general practitioners and specialists; and must address the needs of everyone fairly and consistently, regardless of any differences, including their own financial resources or insurance coverage.  Tracking data related to the care and services provided is often important, but consideration must be given to HIPAA and other privacy laws.  Exercises can benefit from scenarios, such as exposures to radiological, biological, or chemical sources, which will drive discussion on the types of services to be provided, who will provide them, at whose cost, and for how long.  Many of these discussions should include topics of how to avoid social stigmatization of clients, sharing information between organizations, and the full range of social services that individuals and families may require.

Housing is typically the hardest nut to crack in all of disaster recovery.  Relative to need, there is little government owned housing stock available.  What is available may require waiting lists and relocation to access.  While many home owners are insured, we know that it takes some time for home owners to receive payment from insurance companies, and insurance is rarely at 100% coverage for losses.  Those that don’t own their own homes are often the left with the most dire situations.  While ‘FEMA trailers’ have provided some medium-term solutions, there are many issues to address.  I posit that plans at all levels are inadequate to address housing needs after a disaster.  If you have a plan, get a good exercise team to write a great scenario to test it.  If you don’t have a plan, conducting a workshop to identify and address major planning issues is the way to go.  A housing exercise is probably going to be one of the more eye opening yet depressing exercises you’ve ever done.

Lastly is the Core Capability of Natural and Cultural Resources, which focuses on the recovery of libraries and museums, documents and art, as well as helping to restore our own environment after a disaster.  Activities can range from restoring a historical landmark to major engineering projects to restore a wetland.  These activities can involve a great deal of technical expertise as well as regulation.  FEMA, the EPA, and the National Parks Service are often big players in these types of activities.

As for what types of exercises to conduct, that’s largely dependent upon the status of your plans and if you have conducted exercises on these plans before.  I always suggest starting with discussion-based exercises.  We often forget about seminars, which are more about conveying information than obtaining feedback, but are still valuable for discussing initiatives and new plans.  Workshops not only support the planning process to develop plans, they can also serve to facilitate a detailed review of a plan in its final draft stages.  Most Recovery exercises I have experience with have been tabletop exercises, which use a scenario to provide context to discussion questions for a group of stakeholders.  This is a great way to exercise decision making and to talk through the key tasks associated with plans.  Disaster recovery involves a lot of policy-level decision making, which is ideal for a tabletop.

Operations-based exercises for disaster recovery are found much less often.  Drills can certainly be conducted to test focused aspects of plans and procedures.  Drills in Recovery can help identify strengths and weaknesses of our processes, both for ourselves and for those we are trying to serve.  Functional exercises are broader and more encompassing than drills.  Much can be gained from a Recovery mission area functional exercise, but make sure that it’s grounded in reality.  Most jurisdictions don’t have an EOC activated for Recovery mission area activities. If you don’t, don’t try to run an exercise within that environment.  Some functions, however, may be run, at least for a time, from some sort of operations/coordination center, such as a health operations center (HOC).  With a good scenario focusing on addressing longer-term issues in the aftermath of a response, they can be done successfully.  Be sure to develop a pretty solid ‘ground truth’, however, to support the exercise, as much of Recovery is dependent upon what was done in Response, so players will need this context.  With a bit more complication, a functional exercise could be run virtually, with people participating from their own regular work stations as they often do during Recovery operations.  Testing Recovery plans in full scale exercises is significantly challenging based on the array and type of activities.  Because of the focus of activities, continuity of operations plans are likely among the most suited for full scale Recovery mission area exercises.

I’m curious to hear about your experiences exercising Recovery mission area plans and capabilities.  What ideas do you have?  What best practices have you found?

As always, thanks for reading!

© 2016 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC – Your Partner in Preparedness!

Course Review – RDPC Isolation and Quarantine

IQLast week I had the opportunity to take two courses sponsored by the Rural Domestic Preparedness Consortium (RDPC), MGT 433: Isolation and Quarantine for Rural Communities and PER 308: Rural Isolation and Quarantine for Public Health and Healthcare Professionals.  These courses together were completed in one day.

First came MGT 433.  This course covered a variety of topics associated with isolation and quarantine, including:

  • Case studies
  • Legal and ethical issues
  • Agencies and entities involved
  • Planning priorities
  • Resources

While the course is intended for rural audiences, which my home area generally is, the issues and considerations associated with isolation and quarantine are still largely the same for more densely populated areas.  While weaving through the various course topics, they mostly all related back to understanding the reasoning behind the use of isolation and/or quarantine as tools to limit the spread of certain communicable diseases and the planning and implementation associated with these activities.  The course did elevate my rather foundational knowledge of isolation and quarantine, and provided some great references for future application.

The second course, PER 308, didn’t really provide much more information than the previous course did, although it allowed an opportunity for a greater degree of analysis and discussion through a guided tabletop exercise.  The tabletop information from the participant manual was supplemented with several video segments which were produced with reasonable quality and help set the stage for many of the issues one would expect from dealing with an isolation/quarantine event.

Both courses were pretty solid, with only a few little tweaks or updates which I provided feedback on to the instructor.  As with most RDPC courses, those from larger agencies and more populated areas shouldn’t be dissuaded from participating – the foundational concepts they present are applicable to any area, rural or otherwise.

The instructor was very personable, professional, and knowledgeable of the course content.  While he didn’t have a public health background, which surprised me given the course topics, he clearly has a great cooperative public safety background.  I’ve found that the RDPC tends to prefer sending only one instructor to teach a course, along with an assistant to handle administrative matters.  While it’s certainly viable to handle the course alone, it’s challenging for both the instructor and the audience.

All in all, these are good courses, and I do recommend you keep a look out for them in your area.  Both courses are excellent for furthering your understanding of isolation and quarantine, when to use them, how to use them, and who to involve.  They are particularly good courses for public safety leadership and public health leadership and preparedness staff.

© 2016 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLCYour Partner in Preparedness

The NIMS Refresh – The Good, the Bad, and the Ugly

The current National Incident Management System (NIMS) doctrine document, dated December 2008, has guided NIMS for over seven years.  This iteration, as I recall, wasn’t much of a change from its predecessor (2004), with the most significant updates being some changes to the NIMS components and the inclusion of the concept and arrangement of the Intelligence function within ICS.  We now have a new draft NIMS document which has been posted for a national engagement period.  If you haven’t had a chance to review the document, it can be found here.

While I certainly intend on providing my comments directly to FEMA through their feedback mechanism (which I encourage you all to do), I wanted to provide a bit of an overview of the draft document to my readers, which of course will include some of my opinions on the changes they are proposing.  I remain a huge proponent of NIMS and fully believe in the positive impact it has had, although I have been quite outspoken (and will remain so) about the issues associated with ICS training.

In this NIMS refresh, as they are calling it, there are some significant changes to certain areas while largely maintaining the foundations of the system.  The significant changes include:

  • NIMS has consolidated its five components to three, dropping the components of Preparedness and Ongoing Management and Maintenance.
  • The introduction of the Center Management System (CMS) as part of the restructured Management and Coordination (formerly Command and Management) component
  • Incorporation of the NIMS Intelligence and Investigations Function Guidance

First off, the consolidation of the five NIMS components to three.  While I’m disappointed with the preparedness component being deemphasized, especially with so much preparedness work to always be done, I found many of the concepts of preparedness to be sprinkled throughout the document, including a nod to the National Preparedness Goal (NPG) in the introduction of the draft document.  The NPG should certainly be the guiding document of all preparedness efforts related to emergency management.  While there are some aspects that are NIMS-specific, I’m fairly confident they won’t get lost in the shuffle.  Withdrawing the Ongoing Management and Maintenance component, similarly has seen some of these activities being mentioned elsewhere in the document, although only a few of them, with some of the important elements simply not being apparent.

In my review of the document, I was pleased with the inclusion (albeit small) of the concept of Unity of Effort as a newly introduced guiding principal of NIMS.  Unity of Effort is an concept essential to the success to all components of emergency management and homeland security and certainly in incident management.  This is definitely a positive.

Credentialing – the first major component discussed in the document is Resource Management.  Within Resource Management is the concept of credentialing.  Despite an intent of the document being to emphasize that NIMS isn’t just about ICS, the narrative on credentialing essentially focuses only credentialing through use of a position task book – which is generally only used for ICS positions.  While this is an important element of personnel qualifications, credentialing of personnel within ICS positions is not the only aspect of personnel qualifications.

Based upon the content of the NIMS Intelligence and Investigation function guidance published a few years ago, the NIMS refresh has officially decreed that the Intelligence and Investigations function will reside at the general staff level.  You might recall that the previous version of NIMS allowed for several options, including general staff, command staff, or imbedded within Planning or Operations.  While the flexibility of ICS is one of its greatest benefits, people didn’t seem comfortable with all those options.  It’s not to say those options still can’t be employed for incidents involving much smaller or potential criminal components, as the option of placing a technical specialist in any of those positions is still available.

Next up, the long awaited Center Management System (CMS).  To be honest, I’m not crazy about the name, and I’m not sure we need fully developed separate guidance on operations/coordination centers.  I feel that specific application of ICS concepts to an operations/coordination center should be kept simple and would be an addendum to the ICS portion of the NIMS document.  That said, the NIMS refresh has saw fit to include a whole section on the CMS as part of the revamped Management and Coordination component, so we’ll break down some of the highlights.  It’s important to note that the CMS is expected to be guidance and not a requirement.

While I can live with the introduction of a formal Center Management System, they have chosen to declare the title of the individual in charge of an operations/coordination center a Center Director.  If there is anything that I 100% disagree with in this document, it’s this title.  Let’s step back and look at the principles of ICS, which, thankfully ,the CMS is largely based upon.  From our common organizational terminology, we know that those in charge of facilities (which an operations/coordination center is) are called managers, not directors.  Directors are found at the branch level.  It’s for this reason I have always been in favor of the Center Manager title and will continue to be.

A positive about the CMS narrative is the important mention of a policy group, as a MAC concept, as those providing advice or direction to the Center Director.  Not only is the policy group a reality in many jurisdictions, inclusion of this in the CMS is an excellent compromise to those systems which centered on a policy group and operations group as their EOC organization.

Within discussion of the CMS, the NIMS refresh identifies primary functions or reasons a center might activate.  While they are headed in the right direction, they need their explanations to be a bit more inclusive of other options.  They only make a minor mention of the possibility of an incident actually being run from an operations/coordination center, such as a public health incident, which could be a departmental operations center or some type of a multi-agency operations center.  I just think this needs to be shored up some.  It should also be mentioned that EOCs may take primary responsibility for actions that are decided to be outside the scope of incident command, which may desire to remain focused on incident suppression activities.  Activities such as sheltering/mass care, evacuation, or assessment and evaluation may be run out of an EOC instead of an ICP.

Now on to the CMS organization.  Along with the Center Director, the NIMS refresh has tried to make several other positions distinct from their ICS counterparts (although not all of them).  While I certainly acknowledge that the focus of an operations/coordination center is often different than that of an ICP, I see little reason to change the titles of some of these positons.  I think this has more potential to add to confusion rather than detract from it.  While the command staff (yes, still being called ‘command staff’) positions have remained the same, the following has been identified as the CMS general staff positions:

  • Strategic Operations Section
  • Intelligence/Investigations Section
  • Information and Planning Section
  • Resource and Center Logistics Section
  • Finance/Administration Section

As for some of the specific language within the sections, there are some positives.  Two particular ones are the inclusion of ‘future planning’ within the Information and Planning Section, and the acknowledgement that in most EOCs, the Logistics Section/Resource and Center Logistics Section tends to handle tracking of resources.

There is additional and expanded information on the CMS found in Appendix B.  These show some different organizational arrangements, particularly within the Information and Planning Section and the Resource and Center Logistics Section.  All in all, I think these proposed arrangements are practical and a reflection of reality in most operations/coordination centers.  Well done.

Lastly, Communications and Information Management has included mentions of different reports which may be required, including flash reports, status reports, and situation reports.  This is a good reflection of reality. They have also listed important considerations for elements of essential information (EEI) (I’d love to see this list added to a field operations guide!), which must be constantly monitored for the maintenance of situational awareness, and they have bolstered the incident information portion of this component.  All great positives!  Interesting to note that the term ‘common operating picture’ has been significantly de-emphasized.

After reviewing this document, I’m overall encouraged with the direction NIMS is taking, although I obviously have some reservations.  I’m confident that, over time, the kinks will shake out as they have done with other aspects of NIMS.  I’m looking forward to some of the other changes that will spin off of this central document, such as new planning guidance and training.

As always, I’m interested in your feedback on my ideas as well as your own reactions and analysis of the NIMS refresh.

Thanks for reading!

© 2016 – Timothy Riecker, CEDP

Emergency Preparedness SolutionsYour Partner in Preparedness

DHS Says Low Risk of Destructive Cyberattack

Published in The Hill yesterday, this article states that a DHS intelligence assessment rates a destructive cyberattack on the US energy grid as a low threat.  While I’m not a cybersecurity expert, this just doesn’t sit right with me.  So many other sources are talking about how serious of a threat a cyberattack is, especially the destructive impacts on infrastructure.  It seems pretty short sighted to think that criminal hackers will only enter systems to poke around and look for information.

The article cites that this is from a ‘leaked’ intelligence assessment.  Let’s hope they have their information wrong.

TR

~Edit~

About two hours after posting this, I read an article on Homeland Security Today which blows away the premise of the supposed DHS intelligence assessment.  Worth reading.

TR