1
Balancing Resources to RiskPresentation to
SCOTS / NCHRP 20 - 59 26 – 29 August 2007 Irvine, CA
Maritime Safety, Security and StewardshipRisk Management Directorate
Port Security Evaluation Division LCDR Brady Downs, U. S. COAST GUARD
2
MISSION– Prevent terrorist attacks within
the United States - (PREVENT)
– Reduce America’s vulnerabilityto terrorism - (PROTECT)
– Minimize the resulting damage if prevention fails - (RESPOND)
– Recover from attacks that do occur- Ensure economic security - (RECOVER)
Homeland Security Act of 2002
3
Critical InfrastructureProtection
Federal departments and agencies will identify, prioritize, and coordinate the protection of “critical infrastructure” and “key resources” in order to prevent, deter, and mitigate the effects of deliberate efforts to destroy, incapacitate, or exploit them.
Homeland Security Presidential Directive - 7
Operation Snow FlakeNADB
4
Hawkins Point
Clinton Street Marine Terminals
North Locust Point
South Locust Point
Fairfield
Critical Infrastructure / Key Resources
IllustrativeFor demonstration purposes
5
Critical InfrastructureProtection
“Risk is where risk is”
6
National Critical Infrastructure and
Key Resources (CI/KR) SectorsCritical Infrastructure1. Agriculture & Food *2. Water (WTS) *3. Public Health4. Emergency Services5. Defense Industrial Base *6. Information Technology7. Telecommunications *8. Energy *9. Transportation *
10. Banking and Finance11. Chemical & Hazardous
Materials *12. Postal and Shipping
Key Resources1. National Monuments & Icons *2. Nuclear Power & Materials *3. Dams *4. Commercial Facilities *5. Government Facilities *
HSPD 7:
7
Homeland Security
The complexity of the maritime transportation system is a pressing dilemma facing the Coast Guard. This includes the vast array of critical infrastructure, important assets, key resources, various systems, & networks that make up our nation’s sea/river ports crossing DHS sectors.
Localities
Cities
States
Nationally
8
Critical InfrastructureProtection
Maritime Security Risk Analysis Model
(MSRAM)
9
Risk Analysis Design
The MSRAM was designed to enhance security and reduce the risk of terrorism by identifying and prioritizing critical infrastructure, key resources and high consequence transits and events across sectors using a common risk methodology, taxonomy and metrics to measure security risk at the local, regional, and national levels.
Support Senior Leadership risk based decision making process
Risk Calculator
10
National Security Risk Profile
Illustration from: http://www.globalincidentmap.com/home.php
Security risk displayed geographically using common risk methodology, taxonomy and metrics to measure risk locally, regionally and nationally
Illustrative
11
Asset Risk USCG (MSRAM)
Threat (Grouped by Threat Tiers)
Total Port Risk
Vulnerability & Consequence(Port Area and Facility Risk)
Area and Population Risk
DHS RMD
x
+
Port Security Risk Formula
Economic Consequences
DHS RMD+
12
Total Ferry System Risk
Vulnerability & Consequence
Passenger Index(Annual Ridership) +
Ferry Security Risk Formula
USCG (MSRAM)(Threat x Vulnerability X Consequence)
Cargo Index(# of Vehicles Carried Annually)
+
13
Critical InfrastructureProtection
SAFE Port Act 2006• In applying for grants…, the Secretary …
shall make available, and Area Maritime Security Committees may use a risk assessment tool that uses standardized risk criteria, such as the Maritime Security Risk Assessment Tool used by the Coast Guard.”
SAFE Port Act 2006, Subtitle B Sec. 111 Risk Assessment Tool
14
Critical InfrastructureProtection
Greenlane Maritime Cargo Security Act 2006• SEC 16. Port Security Grant Program
(k) Risk Assessments – The Secretary shall make available to grant applicants a risk assessment tool, which uses standardized risk criteria, such as the Maritime Security Risk Assessment Modelused by the Coast Guard.”
Senate Bill 2459 Greenlane Maritime Security Act Section 16 (k)
15
Challenges are to refine and strengthen the process
• CG needs to improve on data limitations1. Threat information needs improvement2. CG needs to measure vulnerability reduction from CG activities3. CG needs to calculate cascading impacts of consequences4. CG needs a formal feedback process & 5. CG needs to be able to assess risk across ports
GAO comments on USCG Progress• CG improving MSRAM to address threat component• CG improving MSRAM to calculate risk reduction from security activities• CG improving MSRAM to calculate collateral impacts on consequences• CG will use formal feedback system in MSRAM risk mgmt process• CG improving MSRAM to allow national comparison of ports
GAO RISK MANAGEMENTReport December 2005
CG has built a good foundation in risk management
16
2001 2006 2007
PSRAT 1 PSRAT 2 PSRAT 2a MSRAM 1 MSRAM 2 / Enterprise MSRAM 3,4,5,6,7
GAO 1 GAO 2 GAO 3
CG Vulnerability assessments and
PSRAT need improvement
Good foundation
MSRAM addresses risk concerns
• Includes Threat• Accounts For
Cascading Effects
• Creates Formal Feedback Loop
MSRAM used to• effectively apply
resources• Improve AMSPs • Mature into the
all hazard risk management process
ONS CMT 1 Maritime Sentinel
Coast Guard Mission Change = Paradigm Shift
CMT2
2015
Path Forward
17
Innovation Award Winnerfor Risk Management
In recognition by the Commandant for outstanding innovation and implementation, the Coast Guard Maritime Security Risk Analysis Model (MSRAM) Team won the 2006 Joel Magnussen Innovation Award for Management. Pictured above left to right: Admiral Thad Allen, Commandant, U.S. Coast Guard, Mrs.
Joel Magnussen, LCDR Brady Downs, The Honorable Mr. Michael Jackson, Deputy Secretary, Department of Homeland Security.
18
Risk Based Elements
“What should drive our intelligence, policies, operations, and preparedness plans and the way we are organized is the strategic matrix of threat, vulnerability and consequence.
And so, we'll be looking at everything through that prism and adjusting structure, operations and policies to execute this strategy.” Secretary Chertoff 4/20/05
Risk = Threat * Vulnerability * Consequence
Secretary Chertoff, statement for the Record, April 20, 2005 before the U.S. Senate subcommittee on Appropriations.
Warning
19
Maritime Security Risk Analysis Model
Brady Downs, Mark Shepard, Jeff Fuller
Target / Asset Attack ModeScenario
Inte
ntio
ns &
Con
fiden
ce
Cap
abili
ty &
Con
fiden
ce
Geo
grah
ic T
hrea
t
Dea
th In
jury
Prim
ary
Econ
omic
Impa
ct
Sym
bolic
Effe
ct
Nat
iona
l Sec
urity
Envi
ronm
ent I
mpa
ct
Res
pons
e -
Ow
ner/O
pera
tor
Res
pons
e - L
ocal
1st
R
espo
nder
Res
pons
e - U
SCG
Rec
over
abili
ty
Red
unda
ncy
Seco
ndar
y Ec
onom
ic Im
pact
Ach
ieva
bilit
y
Syst
em S
ecur
ity -
Ow
ner/O
pera
tor
Syst
em S
ecur
ity -
LEA
Syst
em S
ecur
ity -
USC
G
Targ
et H
ardn
ess
Threat Attack
ProbabilitySecondary Economic
Impact
X Scenario Consequence
RiskPrimary Consequence + X Vulnerability
Created by USCG HQ, Areas, Districts, Sectors SMEs
20
MSRAM Elements
MSRAM Design is Based on Terrorist Attack Modes against Types of Targets
21
National Critical Infrastructure and Key Resources/Assets (CI/KA) Sectors
Critical Infrastructure1. Agriculture & Food2. Water (WTS)3. Public Health4. Emergency Services5. Defense Industrial Base6. Information Technology7. Telecommunications8. Energy 9. Transportation
10. Banking and Finance11. Chemical & Hazardous
Materials12. Postal and Shipping
Key Resources/assets1. National Monuments & Icons2. Nuclear Power & Materials3. Dams4. Commercial Facilities5. Government Facilities
HSPD 7:
Target / Asset Attack ModeScenario
Attack Modes address the full range of DHS Attack
Modes (WMD)
21
MSRAM Threat elements
Target / Asset Attack ModeScenario
Inte
ntio
ns &
Con
fiden
ce
Cap
abili
ty &
Con
fiden
ce
Geo
grah
ic T
hrea
t
Threat Attack
Probability Intel Coordination Center Robust Threat Component
Capture intention and capability for each possible scenario
Time Horizon to attain capability
geographic threat overlay
Warning
22
MSRAM Consequence elements
Target / Asset Attack ModeScenario
Dea
th In
jury
Prim
ary
Econ
omic
Impa
ct
Sym
bolic
Effe
ct
Nat
iona
l Sec
urity
Envi
ronm
ent I
mpa
ct
Res
pons
e -
Ow
ner/O
pera
tor
Res
pons
e - L
ocal
1st
R
espo
nder
Res
pons
e - U
SCG
Rec
over
abili
ty
Red
unda
ncy
Seco
ndar
y Ec
onom
ic Im
pact
Primary Consequence +Secondary Economic
Impact
X Scenario Consequence Field users assess primary and secondary consequences of a specific attack mode against the specific target
Field users assess the mitigation impact of the Owner/Operator, First Responders and USCG
23
MSRAM Vulnerability elements
TargetTargetTargetTarget
Attack
State/Local/Fed LEA System Security
Owner/Operator System Security
Achievability
Probability of USCG to interdict the attack on the
targetProbability of local, state (other federal) LEA to
interdict the attack on the target
Probability of owner/operator to interdict the attack on the
target
Probability that the target withstands the attack given they
have thwarted your layered system security
Probability of terrorist delivery of a successful attack
The vulnerability factors in MSRAM assess the probability that the layered defense strategy in place will successfully interdict and protect the target against the attack.
1
USCG System Security
2
3
45
Target HardnessDBTTTP
24
MSRAM Countermeasures Checklists to Capture Facility Defense Postures
Considered Countermeasures• Fencing/gates• Perimeters/access points• Waterside barriers• Anti-swimmer• Access control• Intrusion detection• CCTV• CBRNE detection• Blast mitigation• Guard forces• Communication• Public notification
Example Checklist
25
Security Risk Construct
= Risk
Threat Vulnerability Consequence
Threat = Capability X Intent (with confidence level) geographic weightfactor overlay
Vulnerability = Achievability X Owner /operator, LEA, and USCG System Security X Target Hardness
Consequence = Death and Injury, Primary and Secondary Economic impact, Environment , National security, Symbolic Impacts mitigated by Response Capability
Mitigated by Response Capability
Mitigated by Interdiction Capability
26
Maritime Security Risk Analysis Model
Brady Downs, Mark Shepard, Jeff Fuller
Target / Asset Attack ModeScenario
Inte
ntio
ns &
Con
fiden
ce
Cap
abili
ty &
Con
fiden
ce
Geo
grah
ic T
hrea
t
Dea
th In
jury
Prim
ary
Econ
omic
Impa
ct
Sym
bolic
Effe
ct
Nat
iona
l Sec
urity
Envi
ronm
ent I
mpa
ct
Res
pons
e -
Ow
ner/O
pera
tor
Res
pons
e - L
ocal
1st
R
espo
nder
Res
pons
e - U
SCG
Rec
over
abili
ty
Red
unda
ncy
Seco
ndar
y Ec
onom
ic Im
pact
Ach
ieva
bilit
y
Syst
em S
ecur
ity -
Ow
ner/O
pera
tor
Syst
em S
ecur
ity -
LEA
Syst
em S
ecur
ity -
USC
G
Targ
et H
ardn
ess
Threat Attack
ProbabilitySecondary Economic
Impact
X Scenario Consequence
RiskPrimary Consequence + X Vulnerability
Created by USCG HQ, Areas, Districts, Sectors SMEs
27
MSRAM-MAST-RAMCAPRelationships
GAPS NEEDS Cost Benefit Analysis
Functional Areas (Land & Water)
Dea
th In
jury
Econ
omic
Impa
ctSy
mbo
lic E
ffect
N
atio
nal S
ecur
ityEn
viro
nmen
tal I
mpa
ct
Inte
ntIn
tent
Con
fiden
ce F
acto
r %C
apab
ility
Cap
abili
ty C
onfid
ence
Fac
tor %
Geo
grap
hic
Thre
at (P
lace
hold
er)
Dea
th In
jury
Prim
ary
Econ
omic
Impa
ct
Sym
bolic
Effe
ct
Nat
iona
l Sec
urity
Envi
ronm
enta
l Im
pact
Res
pons
e C
apab
ility
Rec
over
abili
ty
Red
unda
ncy
Seco
ndar
y Ec
onom
ic
Ach
ieva
bilit
y
Targ
et H
ardn
ess
Syst
em S
ecur
ity -
Ow
ner/O
pera
tor
Syst
em S
ecur
ity -
LEA
Syst
em S
ecur
ity -
USC
G
Law
Enf
orce
men
t
Fire
Ser
vice
Emer
genc
y M
edic
al S
ervi
ceH
azar
dous
Mat
eria
ls R
espo
nse
Emer
genc
y M
anag
emen
tPu
blic
Saf
ety
Com
mun
icat
ions
(911
Dis
patc
h C
ente
rsC
omm
unic
atio
ns (U
SCG
/SB
IMA
P)Pu
blic
Wor
ks R
espo
nse
Publ
ic W
orks
Sup
port
Staf
fing
& P
erso
nnel
(S)
Trai
ning
(T)
Equi
pmen
t & S
yste
ms
(E)
Plan
ning
& P
repa
redn
ess
(P)
Exer
cise
/Eva
luat
ion
& C
orre
ctiv
e A
ctio
ns (E
c)
Org
aniz
atio
n &
Lea
ders
hip
(O)
Targ
et A
ttrac
tiven
ess
MASTMSRAM Add-on
Geo
grap
hic
Thre
at
Response Capability Factors
Use Physical Security Measures Checklist (PCM)
Response Capabilities Assessment (RCA) (Consequence Mitigation)
Inte
rdic
tion
Cou
nter
mea
sure
s (A
W C
M)
Threat
MSRAM Max Consequence
Secondary Economic
Impact
X Consequence =
Worst Time, Worst Place, Worst Location. Interdiction
L3
Acc
ess
Cou
nter
mea
sure
(PC
M)
Primary Consequence
Access L1
Acc
ess
Cou
nter
mea
sure
(AW
CM
)
Acc
ess
AW
CM
Gap
Red
uctio
n Fa
ctor
Det
ectio
n C
ount
erm
easu
re (A
W C
M)
Det
ectio
n A
W C
M G
ap R
educ
tion
Fact
or
Acc
ess
PCM
Gap
Red
uctio
n Fa
ctor
Det
ectio
n C
ount
erm
easu
re (P
CM
)
Det
ectio
n PC
M G
ap R
educ
tion
Fact
or
Inte
rdic
tion
Cou
nter
mea
sure
s (P
CM
)
Inte
rdic
tion
PCM
Gap
Red
uctio
n Fa
ctor
Detection L2
Access L1
X Vulnerability
MSRAM - FRONT END
Inte
rdic
tion
AW
CM
Gap
Red
uctio
n Fa
ctor
MAST Security Countermeasures Assessment (Vulnerability Reduction)
Area Wide Security Countermeasures Assessment
Physical Security Security Countermeasures Assessment
Conduct Field Interviews using Area Wide Security Measures (AW CM) Checklist &
conduct field interviews
Detection L2
Interdiction L3
Envi
ronm
enta
l - (N
arra
tive
Des
crip
tion)
Nat
iona
l Sec
urity
((N
arra
tive
Des
crip
tion)
psyc
holo
gica
l (N
arra
tive
Des
crip
tion
- sym
bolic
Hea
lth a
nd H
uman
Saf
ety
- Acu
te F
atal
ities
Cyber Consequence Primary Cyber Consequence SecondaryPhysical Consequence Primary Physical Consequence Secondary
Consequence Modeling
Hea
lth a
nd H
uman
Saf
ety
- Acu
te F
atal
ities
Hea
lth a
nd H
uman
Saf
ety
- Acu
te In
jurie
sEc
onom
ic Im
pact
- (F
igur
e 6-
4)En
viro
nmen
tal -
(Nar
rativ
e D
escr
iptio
n)N
atio
nal S
ecur
ity ((
Nar
rativ
e D
escr
iptio
n)ps
ycho
logi
cal (
Nar
rativ
e D
escr
iptio
n - s
ymbo
licH
ealth
and
Hum
an S
afet
y - A
cute
Fat
aliti
esH
ealth
and
Hum
an S
afet
y - A
cute
Inju
ries
Econ
omic
Impa
ct -
(Fig
ure
6-4)
Hea
lth a
nd H
uman
Saf
ety
- Acu
te F
atal
ities
Hea
lth a
nd H
uman
Saf
ety
- Acu
te In
jurie
sEc
onom
ic Im
pact
- (F
igur
e 6-
4)
Hea
lth a
nd H
uman
Saf
ety
- Acu
te In
jurie
sEc
onom
ic Im
pact
- (F
igur
e 6-
4)En
viro
nmen
tal -
(Nar
rativ
e D
escr
iptio
n)N
atio
nal S
ecur
ity ((
Nar
rativ
e D
escr
iptio
n)
VulnerabilityThreat
RAMCAP
Envi
ronm
enta
l - (N
arra
tive
Des
crip
tion)
Nat
iona
l Sec
urity
((N
arra
tive
Des
crip
tion)
psyc
holo
gica
l (N
arra
tive
Des
crip
tion
- sym
bolic
Cyb
er V
ulne
rabi
lty
psyc
holo
gica
l (N
arra
tive
Des
crip
tion
- sym
bolic
Attack Mode Target
Created by USCG Mark Shepard, Brady Downs, Jeff Fuller
28
Blast & Consequence analysis
Model Simulation
SSSSS
Terrytow nTerrytow nTerrytow nTerrytow nTerrytow n
Vieux CarreVieux CarreVieux CarreVieux CarreVieux Carre
McDonoghvilleMcDonoghvilleMcDonoghvilleMcDonoghvilleMcDonoghville
New OrleansNew OrleansNew OrleansNew OrleansNew Orleans
HarveyHarveyHarveyHarveyHarvey
GretnaGretnaGretnaGretnaGretna
AlgiersAlgiersAlgiersAlgiersAlgiers
Harvey Lock - New OrleansHarvey Lock - New OrleansHarvey Lock - New OrleansHarvey Lock - New OrleansHarvey Lock - New Orleans
New Orleans - Site 1New Orleans - Site 1New Orleans - Site 1New Orleans - Site 1New Orleans - Site 1
New Orleans - Site 2New Orleans - Site 2New Orleans - Site 2New Orleans - Site 2New Orleans - Site 2
New Orleans - Site 3New Orleans - Site 3New Orleans - Site 3New Orleans - Site 3New Orleans - Site 3
Inner Harbor Lock - New OrleInner Harbor Lock - New OrleInner Harbor Lock - New OrleInner Harbor Lock - New OrleInner Harbor Lock - New Orle
Plume Analysis
Field tests
Historical data
29
InputsVulnerability• Assessments (AMSC, VSP,
FSP, RAM-D, MAST, PSA, RAMCAP, CRs, SAV, PIVA, HLS-CAM, JISVA).
• Tools (MMCT, ACAMS, ViSAT, CSR, TRAM, FHWA)
• Studies / Grants ( BZPP)• Workgroups (SME)
Consequence• Studies (Blast & Consequence)• Plans (AMSP, FSP, VSP)• Tools (Chemtap, Oiltap, CAMEO)• Consequence Data (RMP, GCOA)
Inte
ntio
ns &
C
onfid
ence
Cap
abili
ty &
C
onfid
ence
Geo
grah
ic T
hrea
t
Dea
th In
jury
Prim
ary
Econ
omic
Im
pact
Sym
bolic
Effec
t
Nat
iona
l Sec
urity
Envi
ronm
ent
Impa
ct
Res
pons
e C
apab
ility
Rec
over
abili
ty
Red
unda
ncy
Seco
ndar
y Ec
onom
ic Im
pact
Ach
ieva
bilit
y
Syst
em S
ecur
ity -
Ow
ner/O
pera
tor
Syst
em S
ecur
ity -
LEA
Syst
em S
ecur
ity -
USC
G
Targ
et H
ardn
ess
Threat Attack Probability
Secondary Economic
Impact
X Scenario Consequence
RiskPrimary Consequence + X Vulnerability =
Outputs
ThreatICC Strategic Threat Analysis• Intent w/Confidence• Capability w/Confidence• Time Horizon Until Capability
Acquired
MSRAM - Analysis
• Prioritized Risk Ranking - Common Risk Model (NADB)
• Security Risk Profiles • Risk Drivers• Data for Risk Management Analysis• Risk Management Priorities
Strategic Risk Analysis ProcessProtective Security Analysis Center (PSAC)
National Infrastructure Simulation and Analysis Center (NISAC)Coast Guard R & D Center / National Labs
Exercises: PREP, PORTSTEP, AMSTEP
Analyze & Exercise
30
One Dimension Consequence Scale
Ferry
Defense Facility
Nuclear Power Plant
Consequence-Based Approach
Chemical Plant
CDC Barge
HIGH ConsequenceLOW Consequence
Cruise Ship
WaterwayRefineryBridge
Oil Tanker
Freight Ship
31CONSEQUENCE
LIK
LIE
HO
OD
Risk Group 1
Risk Group 2
Risk Group 3
HighLow
(Thre
at *
Vuln
erab
ility
)
Low
High
Base Line Risk Provided By MSRAM
32
Like
lihoo
d (T
hrea
t * V
ulne
rabi
lity)
CDC Facility –Car/Truck Bomb
National Icon – Boat Bomb
Bridge – Attack By Hijacked Vessel
High Capacity Ferry Terminal-Car/Truck Bomb
Petroleum Refinery –Car/Truck Bomb
Cruise Terminal –Car/Truck Bomb
Bridge - Boat Bomb
HIGH ConsequenceLOW Consequence
LOW
HIGH
Risk-Based Profile Provided By MSRAM
Nuclear Power Plant – Car/Truck Bomb
High Capacity Ferry –Boat Bomb
Ferry 150 -1000 –Boat Bomb
Cruise Ship - Boat Bomb
Cruise Ship - Car/Truck Bomb
Cruise Ship – Attack By Hijacked Vessel
LPG Tanker - Boat Bomb
LPG Tanker – Stand-Off Weapon
Oil Tanker –Boat Bomb
High Capacity Ferry -Car/Truck Bomb
For Official Use Only
33
Risk by Port or CityUse reports to
quickly scan for inconsistencies and
outliers
SAMPLE DATA
34
Risk by Target ClassUse reports to quickly scan for
inconsistencies and outliers
SAMPLE DATA
Bridges & Tunnels
35
Risk by attack modeUse reports to quickly scan for
inconsistencies and outliers
SAMPLE DATA
36
Risk by Port or CitySAMPLE DATA
37
Risk by Target ClassSAMPLE DATA
38CONSEQUENCE
LIK
LIE
HO
OD
Risk Group 1
Risk Group 2
Risk Group 3
HighLow
Mitigation strategies implemented to
reduce risk
(Thre
at *
Vuln
erab
ility
)
Prev
entio
n \P
rote
ctio
n
Response / Recovery
Low
High
Power of MSRAM: Risk Mitigation Strategies
CMT2
Regulatory Regime (C
MT2)
39
Risk Management Guidance Response/Recovery
• Chapter 15 Terrorism
• Chapter 16 Maritime Security/Antiterrorism
• Chapter 17 Law Enforcement
• Chapter 23 Event Management
• Chapter 18 Search and Rescue
• Chapter 19 Oil Spill
• Chapter 20 Hazardous Substance (Chemical,
• Biological, Radiological, Nuclear)
• Chapter 21 Marine Fire
• Chapter 22 Multi-Casualty
40
ICS Risk Management Cycle
MSRAM Analyze
Impact of Operations
Begin Next Operational
PeriodMSRAM Initial
Assessment
MSRAM Supports (ICS
& JOPES) Operational Planning for
Special Events, Security
Operations & Contingency
Response
ICS = Incident
Command System
JOPES = Joint Operations
Planning and Execution System
41
MSRAM Review Process
District Review Provide consistency/normalization between
Sectors2
Area Review Provide consistency/normalization
between Districts
3
HQ Assessment, Review & Analysis Provide
consistency/normalization between Areas
4
SECRET SIPRNET
Security Sensitive
Information
Review
and Direction
COTP/Sector Assessment with AMSC Input - Identifies risk
profile for individual targets
1
42
MSRAM Operational Use: Geospatial Risk Map
• Provides strategic, operational and tactical planners and risk managers a view of what the greatest risks are and where they exist based on MSRAM risk analysis and target location
• MSRAM feeds the COMDT’s geospatial risk map to illustrate geographical distribution of CI / KR, targets, assets, events, NSSE, hazmat transits…
See Classified Brief
UNCLASS Illustration
43
Current National Maritime Security RiskAnalysis Model Geographic Coverage
Created by Mark Shepard, Brady Downs, Jeff Fuller
18,000 MTSA facilities, vessels, Critical Infrastructure/ Key Resources, events
Across sectors
Chemical Facilities, BridgesPassenger terminals (Vessel and Rail), Stadiums, Cruise ships, vehicle ferriesmaritime events, high capacity ferriesvessel transits with hazardous cargoes through High Population Density Areas
44
Risk Density by State Illustration
Risk Density for Type Target by Gulf State (Illustrative)
020004000
60008000
Florid
aAlab
ama
Louis
iana
Mississ
ippi
Texa
s
OtherVesselsKey AssetsInfrastructureFacilitiesBarges
SAMPLE DATA
45
Risk Density Illustration by Target Type for States
Risk Density by Type Target for Gulf States (Illustrative)
010002000300040005000
Barges
Facili
ties
Infras
tructu
reKey
Assets
Vesse
lsOthe
rTexas
Mississippi
Louisiana
Alabama
Florida
SAMPLE DATA
46
0
1000
2000
3000
4000
5000
6000
Floo
ding
-Sin
king
Pers
onne
l Mish
apDr
ug S
mug
glin
gNa
tura
l Disa
ster
Atta
ck o
n Po
rt In
frast
ruct
ure
or M
TSCo
llisio
n-Al
lisio
nFo
reig
n Ill
egal
Fis
hing
Oil S
pill
Nat
ion
Stat
e At
tack
Non
-Mar
itim
e In
cide
ntDo
mes
tic Il
lega
l Fish
ing
Inva
sive
Spec
ies
Intro
duct
ion
Disc
harg
e of
Deb
ris/S
ewag
eG
roun
ding
Mar
ine
Cas
ualty
Affe
ctin
g W
ater
way
Inte
rrupt
ion
of M
ilitar
y O
pera
tions
Seas
onal
Con
ditio
nsFi
re-E
xplo
sion
Illega
l Mig
rant
Ent
ryRe
leas
e of
HAZ
MAT
Spec
ies
Dam
aged
by
Mar
ine
Ope
ratio
ns
Unified Risk Coast Guard MissionsExpected Residual Loss (Risk) that the CG has the ability to influence due to:
All incidents (excluding transfer of WMD)
Category-8Category-7Category-6Category-5Category-4Category-3Category-2Category-1
Severity
Important Note: These are not suggested resourcing profiles! Context is required before these profiles are able to meaningfully inform planning and budgeting decisions.
MSRAM data contributes to this risk profile
47
All Hazards Risk Profile
Illustration from: http://www.globalincidentmap.com/home.php
Risk displayed geographically using common risk methodology, taxonomy and metrics to measure risk locally, regionally and nationally
Illustrative
48
Maritime Domain Awareness Global Supply Chain Risk Profile
Illustrative
49
MSRAM Contacts Policy Questions– CAPT Don Grant, USCG– LCDR Brady Downs, USCG– LT Dixon, LT Pisares, LT Thayer, USCG
MSRAM Technical Issues– Mr. Bob Vaeth, Mr. Matt Mower ABS Consulting
MSRAM Senior Technical Advisor– Jeff Fuller, Teledyne Brown Engineering
HOMEMPORT Customer Service - [email protected]
MSRAM HELP DESK – [email protected]
50
Questions
MSRAMQuestions / Answers Topics for Discussion
“In the absence of emotion and political influence:Risk is where risk is”.
Quote by LCDR Brady Downs, USCG
51
Risk Management
“We need to adopt a risk-based approach in both our operations and our philosophy. Risk management is fundamental to managing the threat, while retaining our quality of life and living in freedom. Risk management must guide our decision making as we examine how we can best organize to prevent, respond and recover from an attack.” Secretary Chertoff 3/16/05
DHS must use risk based decision making
Secretary Chertoff, statement, March 16, 2005 before Homeland Security Policy Institute at George Washington University.
52
Risk Management
Cycle
Risk Management Framework
MSRAM Assesses Unit risk at the
individual target / attack mode level.
Data analysis supports risk based
decisions at the tactical, operational & strategic levels of
the chain of command.
1
2
3
4
5
53
Network System Critical Node Analysis
Critical Node / System inter-connectivity Risk displayed geographically using common risk methodology, taxonomy and metrics to measure risk locally, regionally and nationally
54
Risk Group 1
Risk displayed geographically using common risk methodology, taxonomy and metrics to measure risk locally, regionally and nationally
55
Risk Group 2
Risk displayed geographically using common risk methodology, taxonomy and metrics to measure risk locally, regionally and nationally
56
Risk Group 3
Risk displayed geographically using common risk methodology, taxonomy and metrics to measure risk locally, regionally and nationally
57
Critical InfrastructureProtection
Sector-Specific Agencies In accordance with guidance provided by the Secretary, shall:
• (a) collaborate with all relevant Federal departments and agencies, State and local governments, and the private sector, including with key persons and entities in their infrastructure sector;
• (b) conduct or facilitate vulnerability assessments of the sector; and
• (c) encourage risk management strategies to protect against and mitigate the effects of attacks against critical infrastructure and key resources.
HSPD 7