1

Balancing Resources to RiskPresentation to

SCOTS / NCHRP 20 - 59 26 – 29 August 2007 Irvine, CA

Maritime Safety, Security and StewardshipRisk Management Directorate

Port Security Evaluation Division LCDR Brady Downs, U. S. COAST GUARD

2

MISSION– Prevent terrorist attacks within

the United States - (PREVENT)

– Reduce America’s vulnerabilityto terrorism - (PROTECT)

– Minimize the resulting damage if prevention fails - (RESPOND)

– Recover from attacks that do occur- Ensure economic security - (RECOVER)

Homeland Security Act of 2002

3

Critical InfrastructureProtection

Federal departments and agencies will identify, prioritize, and coordinate the protection of “critical infrastructure” and “key resources” in order to prevent, deter, and mitigate the effects of deliberate efforts to destroy, incapacitate, or exploit them.

Homeland Security Presidential Directive - 7

Operation Snow FlakeNADB

4

Hawkins Point

Clinton Street Marine Terminals

North Locust Point

South Locust Point

Fairfield

Critical Infrastructure / Key Resources

IllustrativeFor demonstration purposes

5

Critical InfrastructureProtection

“Risk is where risk is”

6

National Critical Infrastructure and

Key Resources (CI/KR) SectorsCritical Infrastructure1. Agriculture & Food *2. Water (WTS) *3. Public Health4. Emergency Services5. Defense Industrial Base *6. Information Technology7. Telecommunications *8. Energy *9. Transportation *

10. Banking and Finance11. Chemical & Hazardous

Materials *12. Postal and Shipping

Key Resources1. National Monuments & Icons *2. Nuclear Power & Materials *3. Dams *4. Commercial Facilities *5. Government Facilities *

HSPD 7:

7

Homeland Security

The complexity of the maritime transportation system is a pressing dilemma facing the Coast Guard. This includes the vast array of critical infrastructure, important assets, key resources, various systems, & networks that make up our nation’s sea/river ports crossing DHS sectors.

Localities

Cities

States

Nationally

8

Critical InfrastructureProtection

Maritime Security Risk Analysis Model

(MSRAM)

9

Risk Analysis Design

The MSRAM was designed to enhance security and reduce the risk of terrorism by identifying and prioritizing critical infrastructure, key resources and high consequence transits and events across sectors using a common risk methodology, taxonomy and metrics to measure security risk at the local, regional, and national levels.

Support Senior Leadership risk based decision making process

Risk Calculator

10

National Security Risk Profile

Illustration from: http://www.globalincidentmap.com/home.php

Security risk displayed geographically using common risk methodology, taxonomy and metrics to measure risk locally, regionally and nationally

Illustrative

11

Asset Risk USCG (MSRAM)

Threat (Grouped by Threat Tiers)

Total Port Risk

Vulnerability & Consequence(Port Area and Facility Risk)

Area and Population Risk

DHS RMD

x

+

Port Security Risk Formula

Economic Consequences

DHS RMD+

12

Total Ferry System Risk

Vulnerability & Consequence

Passenger Index(Annual Ridership) +

Ferry Security Risk Formula

USCG (MSRAM)(Threat x Vulnerability X Consequence)

Cargo Index(# of Vehicles Carried Annually)

+

13

Critical InfrastructureProtection

SAFE Port Act 2006• In applying for grants…, the Secretary …

shall make available, and Area Maritime Security Committees may use a risk assessment tool that uses standardized risk criteria, such as the Maritime Security Risk Assessment Tool used by the Coast Guard.”

SAFE Port Act 2006, Subtitle B Sec. 111 Risk Assessment Tool

14

Critical InfrastructureProtection

Greenlane Maritime Cargo Security Act 2006• SEC 16. Port Security Grant Program

(k) Risk Assessments – The Secretary shall make available to grant applicants a risk assessment tool, which uses standardized risk criteria, such as the Maritime Security Risk Assessment Modelused by the Coast Guard.”

Senate Bill 2459 Greenlane Maritime Security Act Section 16 (k)

15

Challenges are to refine and strengthen the process

• CG needs to improve on data limitations1. Threat information needs improvement2. CG needs to measure vulnerability reduction from CG activities3. CG needs to calculate cascading impacts of consequences4. CG needs a formal feedback process & 5. CG needs to be able to assess risk across ports

GAO comments on USCG Progress• CG improving MSRAM to address threat component• CG improving MSRAM to calculate risk reduction from security activities• CG improving MSRAM to calculate collateral impacts on consequences• CG will use formal feedback system in MSRAM risk mgmt process• CG improving MSRAM to allow national comparison of ports

GAO RISK MANAGEMENTReport December 2005

CG has built a good foundation in risk management

16

2001 2006 2007

PSRAT 1 PSRAT 2 PSRAT 2a MSRAM 1 MSRAM 2 / Enterprise MSRAM 3,4,5,6,7

GAO 1 GAO 2 GAO 3

CG Vulnerability assessments and

PSRAT need improvement

Good foundation

MSRAM addresses risk concerns

• Includes Threat• Accounts For

Cascading Effects

• Creates Formal Feedback Loop

MSRAM used to• effectively apply

resources• Improve AMSPs • Mature into the

all hazard risk management process

ONS CMT 1 Maritime Sentinel

Coast Guard Mission Change = Paradigm Shift

CMT2

2015

Path Forward

17

Innovation Award Winnerfor Risk Management

In recognition by the Commandant for outstanding innovation and implementation, the Coast Guard Maritime Security Risk Analysis Model (MSRAM) Team won the 2006 Joel Magnussen Innovation Award for Management. Pictured above left to right: Admiral Thad Allen, Commandant, U.S. Coast Guard, Mrs.

Joel Magnussen, LCDR Brady Downs, The Honorable Mr. Michael Jackson, Deputy Secretary, Department of Homeland Security.

18

Risk Based Elements

“What should drive our intelligence, policies, operations, and preparedness plans and the way we are organized is the strategic matrix of threat, vulnerability and consequence.

And so, we'll be looking at everything through that prism and adjusting structure, operations and policies to execute this strategy.” Secretary Chertoff 4/20/05

Risk = Threat * Vulnerability * Consequence

Secretary Chertoff, statement for the Record, April 20, 2005 before the U.S. Senate subcommittee on Appropriations.

Warning

19

Maritime Security Risk Analysis Model

Brady Downs, Mark Shepard, Jeff Fuller

Target / Asset Attack ModeScenario

Inte

ntio

ns &

Con

fiden

ce

Cap

abili

ty &

Con

fiden

ce

Geo

grah

ic T

hrea

t

Dea

th In

jury

Prim

ary

Econ

omic

Impa

ct

Sym

bolic

Effe

ct

Nat

iona

l Sec

urity

Envi

ronm

ent I

mpa

ct

Res

pons

e -

Ow

ner/O

pera

tor

Res

pons

e - L

ocal

1st

R

espo

nder

Res

pons

e - U

SCG

Rec

over

abili

ty

Red

unda

ncy

Seco

ndar

y Ec

onom

ic Im

pact

Ach

ieva

bilit

y

Syst

em S

ecur

ity -

Ow

ner/O

pera

tor

Syst

em S

ecur

ity -

LEA

Syst

em S

ecur

ity -

USC

G

Targ

et H

ardn

ess

Threat Attack

ProbabilitySecondary Economic

Impact

X Scenario Consequence

RiskPrimary Consequence + X Vulnerability

Created by USCG HQ, Areas, Districts, Sectors SMEs

20

MSRAM Elements

MSRAM Design is Based on Terrorist Attack Modes against Types of Targets

21

National Critical Infrastructure and Key Resources/Assets (CI/KA) Sectors

Critical Infrastructure1. Agriculture & Food2. Water (WTS)3. Public Health4. Emergency Services5. Defense Industrial Base6. Information Technology7. Telecommunications8. Energy 9. Transportation

10. Banking and Finance11. Chemical & Hazardous

Materials12. Postal and Shipping

Key Resources/assets1. National Monuments & Icons2. Nuclear Power & Materials3. Dams4. Commercial Facilities5. Government Facilities

HSPD 7:

Target / Asset Attack ModeScenario

Attack Modes address the full range of DHS Attack

Modes (WMD)

21

MSRAM Threat elements

Target / Asset Attack ModeScenario

Inte

ntio

ns &

Con

fiden

ce

Cap

abili

ty &

Con

fiden

ce

Geo

grah

ic T

hrea

t

Threat Attack

Probability Intel Coordination Center Robust Threat Component

Capture intention and capability for each possible scenario

Time Horizon to attain capability

geographic threat overlay

Warning

22

MSRAM Consequence elements

Target / Asset Attack ModeScenario

Dea

th In

jury

Prim

ary

Econ

omic

Impa

ct

Sym

bolic

Effe

ct

Nat

iona

l Sec

urity

Envi

ronm

ent I

mpa

ct

Res

pons

e -

Ow

ner/O

pera

tor

Res

pons

e - L

ocal

1st

R

espo

nder

Res

pons

e - U

SCG

Rec

over

abili

ty

Red

unda

ncy

Seco

ndar

y Ec

onom

ic Im

pact

Primary Consequence +Secondary Economic

Impact

X Scenario Consequence Field users assess primary and secondary consequences of a specific attack mode against the specific target

Field users assess the mitigation impact of the Owner/Operator, First Responders and USCG

23

MSRAM Vulnerability elements

TargetTargetTargetTarget

Attack

State/Local/Fed LEA System Security

Owner/Operator System Security

Achievability

Probability of USCG to interdict the attack on the

targetProbability of local, state (other federal) LEA to

interdict the attack on the target

Probability of owner/operator to interdict the attack on the

target

Probability that the target withstands the attack given they

have thwarted your layered system security

Probability of terrorist delivery of a successful attack

The vulnerability factors in MSRAM assess the probability that the layered defense strategy in place will successfully interdict and protect the target against the attack.

1

USCG System Security

2

3

45

Target HardnessDBTTTP

24

MSRAM Countermeasures Checklists to Capture Facility Defense Postures

Considered Countermeasures• Fencing/gates• Perimeters/access points• Waterside barriers• Anti-swimmer• Access control• Intrusion detection• CCTV• CBRNE detection• Blast mitigation• Guard forces• Communication• Public notification

Example Checklist

25

Security Risk Construct

= Risk

Threat Vulnerability Consequence

Threat = Capability X Intent (with confidence level) geographic weightfactor overlay

Vulnerability = Achievability X Owner /operator, LEA, and USCG System Security X Target Hardness

Consequence = Death and Injury, Primary and Secondary Economic impact, Environment , National security, Symbolic Impacts mitigated by Response Capability

Mitigated by Response Capability

Mitigated by Interdiction Capability

26

Maritime Security Risk Analysis Model

Brady Downs, Mark Shepard, Jeff Fuller

Target / Asset Attack ModeScenario

Inte

ntio

ns &

Con

fiden

ce

Cap

abili

ty &

Con

fiden

ce

Geo

grah

ic T

hrea

t

Dea

th In

jury

Prim

ary

Econ

omic

Impa

ct

Sym

bolic

Effe

ct

Nat

iona

l Sec

urity

Envi

ronm

ent I

mpa

ct

Res

pons

e -

Ow

ner/O

pera

tor

Res

pons

e - L

ocal

1st

R

espo

nder

Res

pons

e - U

SCG

Rec

over

abili

ty

Red

unda

ncy

Seco

ndar

y Ec

onom

ic Im

pact

Ach

ieva

bilit

y

Syst

em S

ecur

ity -

Ow

ner/O

pera

tor

Syst

em S

ecur

ity -

LEA

Syst

em S

ecur

ity -

USC

G

Targ

et H

ardn

ess

Threat Attack

ProbabilitySecondary Economic

Impact

X Scenario Consequence

RiskPrimary Consequence + X Vulnerability

Created by USCG HQ, Areas, Districts, Sectors SMEs

27

MSRAM-MAST-RAMCAPRelationships

GAPS NEEDS Cost Benefit Analysis

Functional Areas (Land & Water)

Dea

th In

jury

Econ

omic

Impa

ctSy

mbo

lic E

ffect

N

atio

nal S

ecur

ityEn

viro

nmen

tal I

mpa

ct

Inte

ntIn

tent

Con

fiden

ce F

acto

r %C

apab

ility

Cap

abili

ty C

onfid

ence

Fac

tor %

Geo

grap

hic

Thre

at (P

lace

hold

er)

Dea

th In

jury

Prim

ary

Econ

omic

Impa

ct

Sym

bolic

Effe

ct

Nat

iona

l Sec

urity

Envi

ronm

enta

l Im

pact

Res

pons

e C

apab

ility

Rec

over

abili

ty

Red

unda

ncy

Seco

ndar

y Ec

onom

ic

Ach

ieva

bilit

y

Targ

et H

ardn

ess

Syst

em S

ecur

ity -

Ow

ner/O

pera

tor

Syst

em S

ecur

ity -

LEA

Syst

em S

ecur

ity -

USC

G

Law

Enf

orce

men

t

Fire

Ser

vice

Emer

genc

y M

edic

al S

ervi

ceH

azar

dous

Mat

eria

ls R

espo

nse

Emer

genc

y M

anag

emen

tPu

blic

Saf

ety

Com

mun

icat

ions

(911

Dis

patc

h C

ente

rsC

omm

unic

atio

ns (U

SCG

/SB

IMA

P)Pu

blic

Wor

ks R

espo

nse

Publ

ic W

orks

Sup

port

Staf

fing

& P

erso

nnel

(S)

Trai

ning

(T)

Equi

pmen

t & S

yste

ms

(E)

Plan

ning

& P

repa

redn

ess

(P)

Exer

cise

/Eva

luat

ion

& C

orre

ctiv

e A

ctio

ns (E

c)

Org

aniz

atio

n &

Lea

ders

hip

(O)

Targ

et A

ttrac

tiven

ess

MASTMSRAM Add-on

Geo

grap

hic

Thre

at

Response Capability Factors

Use Physical Security Measures Checklist (PCM)

Response Capabilities Assessment (RCA) (Consequence Mitigation)

Inte

rdic

tion

Cou

nter

mea

sure

s (A

W C

M)

Threat

MSRAM Max Consequence

Secondary Economic

Impact

X Consequence =

Worst Time, Worst Place, Worst Location. Interdiction

L3

Acc

ess

Cou

nter

mea

sure

(PC

M)

Primary Consequence

Access L1

Acc

ess

Cou

nter

mea

sure

(AW

CM

)

Acc

ess

AW

CM

Gap

Red

uctio

n Fa

ctor

Det

ectio

n C

ount

erm

easu

re (A

W C

M)

Det

ectio

n A

W C

M G

ap R

educ

tion

Fact

or

Acc

ess

PCM

Gap

Red

uctio

n Fa

ctor

Det

ectio

n C

ount

erm

easu

re (P

CM

)

Det

ectio

n PC

M G

ap R

educ

tion

Fact

or

Inte

rdic

tion

Cou

nter

mea

sure

s (P

CM

)

Inte

rdic

tion

PCM

Gap

Red

uctio

n Fa

ctor

Detection L2

Access L1

X Vulnerability

MSRAM - FRONT END

Inte

rdic

tion

AW

CM

Gap

Red

uctio

n Fa

ctor

MAST Security Countermeasures Assessment (Vulnerability Reduction)

Area Wide Security Countermeasures Assessment

Physical Security Security Countermeasures Assessment

Conduct Field Interviews using Area Wide Security Measures (AW CM) Checklist &

conduct field interviews

Detection L2

Interdiction L3

Envi

ronm

enta

l - (N

arra

tive

Des

crip

tion)

Nat

iona

l Sec

urity

((N

arra

tive

Des

crip

tion)

psyc

holo

gica

l (N

arra

tive

Des

crip

tion

- sym

bolic

Hea

lth a

nd H

uman

Saf

ety

- Acu

te F

atal

ities

Cyber Consequence Primary Cyber Consequence SecondaryPhysical Consequence Primary Physical Consequence Secondary

Consequence Modeling

Hea

lth a

nd H

uman

Saf

ety

- Acu

te F

atal

ities

Hea

lth a

nd H

uman

Saf

ety

- Acu

te In

jurie

sEc

onom

ic Im

pact

- (F

igur

e 6-

4)En

viro

nmen

tal -

(Nar

rativ

e D

escr

iptio

n)N

atio

nal S

ecur

ity ((

Nar

rativ

e D

escr

iptio

n)ps

ycho

logi

cal (

Nar

rativ

e D

escr

iptio

n - s

ymbo

licH

ealth

and

Hum

an S

afet

y - A

cute

Fat

aliti

esH

ealth

and

Hum

an S

afet

y - A

cute

Inju

ries

Econ

omic

Impa

ct -

(Fig

ure

6-4)

Hea

lth a

nd H

uman

Saf

ety

- Acu

te F

atal

ities

Hea

lth a

nd H

uman

Saf

ety

- Acu

te In

jurie

sEc

onom

ic Im

pact

- (F

igur

e 6-

4)

Hea

lth a

nd H

uman

Saf

ety

- Acu

te In

jurie

sEc

onom

ic Im

pact

- (F

igur

e 6-

4)En

viro

nmen

tal -

(Nar

rativ

e D

escr

iptio

n)N

atio

nal S

ecur

ity ((

Nar

rativ

e D

escr

iptio

n)

VulnerabilityThreat

RAMCAP

Envi

ronm

enta

l - (N

arra

tive

Des

crip

tion)

Nat

iona

l Sec

urity

((N

arra

tive

Des

crip

tion)

psyc

holo

gica

l (N

arra

tive

Des

crip

tion

- sym

bolic

Cyb

er V

ulne

rabi

lty

psyc

holo

gica

l (N

arra

tive

Des

crip

tion

- sym

bolic

Attack Mode Target

Created by USCG Mark Shepard, Brady Downs, Jeff Fuller

28

Blast & Consequence analysis

Model Simulation

SSSSS

Terrytow nTerrytow nTerrytow nTerrytow nTerrytow n

Vieux CarreVieux CarreVieux CarreVieux CarreVieux Carre

McDonoghvilleMcDonoghvilleMcDonoghvilleMcDonoghvilleMcDonoghville

New OrleansNew OrleansNew OrleansNew OrleansNew Orleans

HarveyHarveyHarveyHarveyHarvey

GretnaGretnaGretnaGretnaGretna

AlgiersAlgiersAlgiersAlgiersAlgiers

Harvey Lock - New OrleansHarvey Lock - New OrleansHarvey Lock - New OrleansHarvey Lock - New OrleansHarvey Lock - New Orleans

New Orleans - Site 1New Orleans - Site 1New Orleans - Site 1New Orleans - Site 1New Orleans - Site 1

New Orleans - Site 2New Orleans - Site 2New Orleans - Site 2New Orleans - Site 2New Orleans - Site 2

New Orleans - Site 3New Orleans - Site 3New Orleans - Site 3New Orleans - Site 3New Orleans - Site 3

Inner Harbor Lock - New OrleInner Harbor Lock - New OrleInner Harbor Lock - New OrleInner Harbor Lock - New OrleInner Harbor Lock - New Orle

Plume Analysis

Field tests

Historical data

29

InputsVulnerability• Assessments (AMSC, VSP,

FSP, RAM-D, MAST, PSA, RAMCAP, CRs, SAV, PIVA, HLS-CAM, JISVA).

• Tools (MMCT, ACAMS, ViSAT, CSR, TRAM, FHWA)

• Studies / Grants ( BZPP)• Workgroups (SME)

Consequence• Studies (Blast & Consequence)• Plans (AMSP, FSP, VSP)• Tools (Chemtap, Oiltap, CAMEO)• Consequence Data (RMP, GCOA)

Inte

ntio

ns &

C

onfid

ence

Cap

abili

ty &

C

onfid

ence

Geo

grah

ic T

hrea

t

Dea

th In

jury

Prim

ary

Econ

omic

Im

pact

Sym

bolic

Effec

t

Nat

iona

l Sec

urity

Envi

ronm

ent

Impa

ct

Res

pons

e C

apab

ility

Rec

over

abili

ty

Red

unda

ncy

Seco

ndar

y Ec

onom

ic Im

pact

Ach

ieva

bilit

y

Syst

em S

ecur

ity -

Ow

ner/O

pera

tor

Syst

em S

ecur

ity -

LEA

Syst

em S

ecur

ity -

USC

G

Targ

et H

ardn

ess

Threat Attack Probability

Secondary Economic

Impact

X Scenario Consequence

RiskPrimary Consequence + X Vulnerability =

Outputs

ThreatICC Strategic Threat Analysis• Intent w/Confidence• Capability w/Confidence• Time Horizon Until Capability

Acquired

MSRAM - Analysis

• Prioritized Risk Ranking - Common Risk Model (NADB)

• Security Risk Profiles • Risk Drivers• Data for Risk Management Analysis• Risk Management Priorities

Strategic Risk Analysis ProcessProtective Security Analysis Center (PSAC)

National Infrastructure Simulation and Analysis Center (NISAC)Coast Guard R & D Center / National Labs

Exercises: PREP, PORTSTEP, AMSTEP

Analyze & Exercise

30

One Dimension Consequence Scale

Ferry

Defense Facility

Nuclear Power Plant

Consequence-Based Approach

Chemical Plant

CDC Barge

HIGH ConsequenceLOW Consequence

Cruise Ship

WaterwayRefineryBridge

Oil Tanker

Freight Ship

31CONSEQUENCE

LIK

LIE

HO

OD

Risk Group 1

Risk Group 2

Risk Group 3

HighLow

(Thre

at *

Vuln

erab

ility

)

Low

High

Base Line Risk Provided By MSRAM

32

Like

lihoo

d (T

hrea

t * V

ulne

rabi

lity)

CDC Facility –Car/Truck Bomb

National Icon – Boat Bomb

Bridge – Attack By Hijacked Vessel

High Capacity Ferry Terminal-Car/Truck Bomb

Petroleum Refinery –Car/Truck Bomb

Cruise Terminal –Car/Truck Bomb

Bridge - Boat Bomb

HIGH ConsequenceLOW Consequence

LOW

HIGH

Risk-Based Profile Provided By MSRAM

Nuclear Power Plant – Car/Truck Bomb

High Capacity Ferry –Boat Bomb

Ferry 150 -1000 –Boat Bomb

Cruise Ship - Boat Bomb

Cruise Ship - Car/Truck Bomb

Cruise Ship – Attack By Hijacked Vessel

LPG Tanker - Boat Bomb

LPG Tanker – Stand-Off Weapon

Oil Tanker –Boat Bomb

High Capacity Ferry -Car/Truck Bomb

For Official Use Only

33

Risk by Port or CityUse reports to

quickly scan for inconsistencies and

outliers

SAMPLE DATA

34

Risk by Target ClassUse reports to quickly scan for

inconsistencies and outliers

SAMPLE DATA

Bridges & Tunnels

35

Risk by attack modeUse reports to quickly scan for

inconsistencies and outliers

SAMPLE DATA

36

Risk by Port or CitySAMPLE DATA

37

Risk by Target ClassSAMPLE DATA

38CONSEQUENCE

LIK

LIE

HO

OD

Risk Group 1

Risk Group 2

Risk Group 3

HighLow

Mitigation strategies implemented to

reduce risk

(Thre

at *

Vuln

erab

ility

)

Prev

entio

n \P

rote

ctio

n

Response / Recovery

Low

High

Power of MSRAM: Risk Mitigation Strategies

CMT2

Regulatory Regime (C

MT2)

39

Risk Management Guidance Response/Recovery

• Chapter 15 Terrorism

• Chapter 16 Maritime Security/Antiterrorism

• Chapter 17 Law Enforcement

• Chapter 23 Event Management

• Chapter 18 Search and Rescue

• Chapter 19 Oil Spill

• Chapter 20 Hazardous Substance (Chemical,

• Biological, Radiological, Nuclear)

• Chapter 21 Marine Fire

• Chapter 22 Multi-Casualty

40

ICS Risk Management Cycle

MSRAM Analyze

Impact of Operations

Begin Next Operational

PeriodMSRAM Initial

Assessment

MSRAM Supports (ICS

& JOPES) Operational Planning for

Special Events, Security

Operations & Contingency

Response

ICS = Incident

Command System

JOPES = Joint Operations

Planning and Execution System

41

MSRAM Review Process

District Review Provide consistency/normalization between

Sectors2

Area Review Provide consistency/normalization

between Districts

3

HQ Assessment, Review & Analysis Provide

consistency/normalization between Areas

4

SECRET SIPRNET

Security Sensitive

Information

Review

and Direction

COTP/Sector Assessment with AMSC Input - Identifies risk

profile for individual targets

1

42

MSRAM Operational Use: Geospatial Risk Map

• Provides strategic, operational and tactical planners and risk managers a view of what the greatest risks are and where they exist based on MSRAM risk analysis and target location

• MSRAM feeds the COMDT’s geospatial risk map to illustrate geographical distribution of CI / KR, targets, assets, events, NSSE, hazmat transits…

See Classified Brief

UNCLASS Illustration

43

Current National Maritime Security RiskAnalysis Model Geographic Coverage

Created by Mark Shepard, Brady Downs, Jeff Fuller

18,000 MTSA facilities, vessels, Critical Infrastructure/ Key Resources, events

Across sectors

Chemical Facilities, BridgesPassenger terminals (Vessel and Rail), Stadiums, Cruise ships, vehicle ferriesmaritime events, high capacity ferriesvessel transits with hazardous cargoes through High Population Density Areas

44

Risk Density by State Illustration

Risk Density for Type Target by Gulf State (Illustrative)

020004000

60008000

Florid

aAlab

ama

Louis

iana

Mississ

ippi

Texa

s

OtherVesselsKey AssetsInfrastructureFacilitiesBarges

SAMPLE DATA

45

Risk Density Illustration by Target Type for States

Risk Density by Type Target for Gulf States (Illustrative)

010002000300040005000

Barges

Facili

ties

Infras

tructu

reKey

Assets

Vesse

lsOthe

rTexas

Mississippi

Louisiana

Alabama

Florida

SAMPLE DATA

46

0

1000

2000

3000

4000

5000

6000

Floo

ding

-Sin

king

Pers

onne

l Mish

apDr

ug S

mug

glin

gNa

tura

l Disa

ster

Atta

ck o

n Po

rt In

frast

ruct

ure

or M

TSCo

llisio

n-Al

lisio

nFo

reig

n Ill

egal

Fis

hing

Oil S

pill

Nat

ion

Stat

e At

tack

Non

-Mar

itim

e In

cide

ntDo

mes

tic Il

lega

l Fish

ing

Inva

sive

Spec

ies

Intro

duct

ion

Disc

harg

e of

Deb

ris/S

ewag

eG

roun

ding

Mar

ine

Cas

ualty

Affe

ctin

g W

ater

way

Inte

rrupt

ion

of M

ilitar

y O

pera

tions

Seas

onal

Con

ditio

nsFi

re-E

xplo

sion

Illega

l Mig

rant

Ent

ryRe

leas

e of

HAZ

MAT

Spec

ies

Dam

aged

by

Mar

ine

Ope

ratio

ns

Unified Risk Coast Guard MissionsExpected Residual Loss (Risk) that the CG has the ability to influence due to:

All incidents (excluding transfer of WMD)

Category-8Category-7Category-6Category-5Category-4Category-3Category-2Category-1

Severity

Important Note: These are not suggested resourcing profiles! Context is required before these profiles are able to meaningfully inform planning and budgeting decisions.

MSRAM data contributes to this risk profile

47

All Hazards Risk Profile

Illustration from: http://www.globalincidentmap.com/home.php

Risk displayed geographically using common risk methodology, taxonomy and metrics to measure risk locally, regionally and nationally

Illustrative

48

Maritime Domain Awareness Global Supply Chain Risk Profile

Illustrative

49

MSRAM Contacts Policy Questions– CAPT Don Grant, USCG– LCDR Brady Downs, USCG– LT Dixon, LT Pisares, LT Thayer, USCG

MSRAM Technical Issues– Mr. Bob Vaeth, Mr. Matt Mower ABS Consulting

MSRAM Senior Technical Advisor– Jeff Fuller, Teledyne Brown Engineering

HOMEMPORT Customer Service - HomeportHelp@osc.uscg.mil

MSRAM HELP DESK – MSRAMHelp@uscg.mil

50

Questions

MSRAMQuestions / Answers Topics for Discussion

“In the absence of emotion and political influence:Risk is where risk is”.

Quote by LCDR Brady Downs, USCG

51

Risk Management

“We need to adopt a risk-based approach in both our operations and our philosophy. Risk management is fundamental to managing the threat, while retaining our quality of life and living in freedom. Risk management must guide our decision making as we examine how we can best organize to prevent, respond and recover from an attack.” Secretary Chertoff 3/16/05

DHS must use risk based decision making

Secretary Chertoff, statement, March 16, 2005 before Homeland Security Policy Institute at George Washington University.

52

Risk Management

Cycle

Risk Management Framework

MSRAM Assesses Unit risk at the

individual target / attack mode level.

Data analysis supports risk based

decisions at the tactical, operational & strategic levels of

the chain of command.

1

2

3

4

5

53

Network System Critical Node Analysis

Critical Node / System inter-connectivity Risk displayed geographically using common risk methodology, taxonomy and metrics to measure risk locally, regionally and nationally

54

Risk Group 1

Risk displayed geographically using common risk methodology, taxonomy and metrics to measure risk locally, regionally and nationally

55

Risk Group 2

Risk displayed geographically using common risk methodology, taxonomy and metrics to measure risk locally, regionally and nationally

56

Risk Group 3

Risk displayed geographically using common risk methodology, taxonomy and metrics to measure risk locally, regionally and nationally

57

Critical InfrastructureProtection

Sector-Specific Agencies In accordance with guidance provided by the Secretary, shall:

• (a) collaborate with all relevant Federal departments and agencies, State and local governments, and the private sector, including with key persons and entities in their infrastructure sector;

• (b) conduct or facilitate vulnerability assessments of the sector; and

• (c) encourage risk management strategies to protect against and mitigate the effects of attacks against critical infrastructure and key resources.

HSPD 7