medicines and sensing devices) are adequately protected against the Design Basis Threat postulated adversary capabilities and objectives. The Technical Support Working Group (TSWG) is the U.S. national forum that The Counter-Terrorism Technology Oversight Group (CTTOG) is a joint The Non-Proliferation and Arms Control Technology Working Group (NPAC- The Department of Defense's Physical Security Equipment Action Group CI personnel at HQ and in the field obtain data from various federal and non-federal agencies, particularly the FBI and local DOD elements. At the National level, participation in the National Joint Terrorism Task Force (NJTTF) significantly enhances information sharing efforts. CI elements have become increasingly engaged with Joint Terrorism Task Forces (JTTF), which are led by the FBI and include other federal agencies and local law enforcement organizations. In a few areas, OCI/ODNCI coordinates with the Terrorism Task Forces working under the leadership of U.S. Attorneys. OCVODNCI is also gaining access to some technology-supported sources such as Law Enforcement On-line. This information is then exchanged internally through the CI collateral information network (CI-NET). Depending on the information, field elements use such data for general threat awareness briefings to personnel throughout the DOE complex. OCI/ODNCI has supported FBI efforts to track suspected terrorists by reviewing lists of foreign visitors and assignees for potential matches to "watch lists" maintained by the FBI. OCVODNCI personnel participate in the NJTTF, and field CI personnel participate in regional JTTF. They also work jointly with the FBI on cases on DOE personnel suspected of terrorist-related activity or DOE equities. Generally speaking, there is an open exchange of information in these forums, except for restricted portions of investigative or source information. CI normally does not have direct access to information systems that might be shared with full time JTTF personnel, nor do they have the benefit of information flow that occurs on a daily basis among those teams. The JTTF and OCVODNCI complementary liaison activities with federal, state, and local agencies are effective and have improved the flow of threat information. OCI also notes that the National Counterintelligence Executive (NCLX) is becoming more involved in unifying the CI communities' efforts to support the War on Terrorism. Presidential Decision Directive - 75 listed the protection of personnel and assets as one of the six core missions of the CI community. OCI is a member of the National Counterintelligence Policy Board (NACIPB), and the National Counterintelligence Operations Board (NACOB) that are led by NCIX. The combined activities of these groups result in the opportunity to share insights, needs and information gaps, requirements and priorities, questions, potential solutions and available solutions. The level and nature of involvement ranges from national government bilateral exchanges and international conferencing to individual department or agency exchanges to specific individual technical manager interchanges. The various groups and initiatives rely on a multitude of mechanisms to facilitate the sharing of information and ideas and include the cooperative authorship of threat documents and policies, safeguards and security information, and security policies. Integration and Access into Intelligence and Law Enforcement Agencies. The Department of Energy has a long history of making its expertise available to other agencies to solve pressing problems, and we are particularly active in this national priority as well. Scientific and technical experts have been detailed to other key IC organizations as well as receiving liaisons from outside organizations. Not only do these exchanges provide real-time technical capabilities to the agencies that need them, but they also give IN insight into urgent or developing issues, permit better coordinated budget and programmatic approaches, and the best possible analytical assessments. IN's access is commensurate with that of those individuals with which they are working. This access is extremely significant with respect to facilitating the flow of information between agencies. In another example, the Department has provided a detailee to FBI Critical Incident Response Group (CIRG) and weapons of mass destruction (WMD) activities. On an informal basis, DOE has a close relationship with the FBI Counter-terrorism and Threat Warning Group and has contacts within the WMD Operations Unit as well. DOE also has access to the National Law Enforcement Telecommunications System (NLETS) and Law Enforcement Online (LEO), which provide general law enforcement community information and bulletins. In addition to the FBI, DOE maintains contacts in the Secret Service, ATF, State Department, and DOD for gathering information on a case-by-case basis. Although the Department's counterintelligence elements are not formally integrated into any other law enforcement or intelligence agency, there are three FBI personnel on detail to senior positions in the Department. During periods of heightened alert or crisis, however, CI officers are present at the FBI's Strategic Information and Operations Center (SIOC). Likewise, depending on the nature and location of the threat, field elements are prepared to shift resources to participate full-time in the regional JTTF or other similar task forces. Information Sharing with State and Local Law Enforcement for Securing DOE Facilities. The Department has various Memoranda of Agreement (MOA) between and among specific sites and local, state, and federal law enforcement regional offices for sharing information. Separately, state and local authorities also are increasingly reaching out to DOE and its national laboratories for assistance with WMD terrorism preparedness. The nature of the assistance being sought and provided includes education, training, and assistance with scientific and technology matters. DOE's counterintelligence field elements have established liaison programs with local and state agencies. Information provided by these agencies to Department personnel is integrated with local threat assessments and shared with the facility managers and security personnel. Additionally, CI field units report relevant information to Headquarters where it may be reviewed, evaluated and combined with other information for further dissemination to the Intelligence Community via the standardized Intelligence Information Report (IIR) format. DOE performs threat assessments at various DOE facilities throughout the US using the Area Threat Assessment Program (ATAP) that works with the FBI, ATF, local law enforcement entities, and others in the close geographic region around these facilities to get a general threat environment - from general criminal activity to terrorists. Integration and information sharing with state and local law enforcement agencies is reflected in the ongoing "Silent Thunder" exercise program that is designed to examine Federal, State and local law enforcement and first responders crisis management procedures in reaction to a terrorist weapons of mass destruction incident at a DOE facility. Legal or Policy Obstacles to Sharing Information. The single greatest obstacle to effective domestic counter-terrorism and related domestic security operations is the inability of the federal government to coordinate and use all available information and resources to collect, analyze, and disseminate timely, actionable intelligence to those individuals at federal, state, and local levels that have the ability to respond to a potential crisis or an ongoing event. The restrictions on the collection and sharing of information continue to impede the timely execution of domestic counter-terrorism operations. Some of the restrictions have been eased and there has been much discussion since 9/11 about further improvements, particularly in accelerating the pace by which these improvements are adopted. In this regard, we are hopeful that legislation to establish a Department of Homeland Security that the President can support will be passed this year. The quality and quantity of information attenuates significantly once the area or individuals of interest are within US borders. Issues involving collection of information on US persons increasingly arise especially when an intelligence component is dealing with law enforcement information. This directly affects the ability of personnel engaged in counter-terrorism and domestic security operations by limiting their ability to provide timely, actionable intelligence to policymakers, crisis response, and consequence management personnel and organizations. This is particularly acute when the individuals are permanent resident aliens (PRA), whose status under E.O. 12333 is the same as US citizens, or when their status is unknown, in which case the required presumption is that they are US persons, whose status is the same as US citizens. The problem is further exacerbated when intelligence tracking and analysis results in a law enforcement action that requires the information to be confiscated for further criminal investigation. While neither a legal nor policy obstacle to information sharing, but a very real cultural limitation is the concern by many in the intelligence and law enforcement communities that shared information could quickly become part of the public domain through leaks or threat alerts. These releases could not only compromise the source(s) of the information, but also make the task of acquiring new information that much more difficult, sometimes impossible. An increasing challenge is the amount of information publicly available to potential terrorists, to include potential targets, vulnerabilities, and possible public reaction. Information sharing with the private sector. As the lead agency for the national energy sector, DOE's Office of Energy Assurance (OEA) established and staffed the Energy Information Sharing, Coordination, and Analysis Group (ISCG) at the National Infrastructure Protection Center (NIPC). A core element of this effort is the development of a robust energy sector information sharing and threat warning capability. This public-private partnership improves the flow of information between industry and government, as well as facilitates timely, actionable warnings to help deter or prevent physical and cyber attacks against the energy infrastructure. As part of this process, DOE also sponsors security clearances for private sector personnel and ensures that classified specific threat information is made available to industry leaders through a collaborative effort with the FBI NIPC and FBI field offices. DOE has started a daily assessment of the vulnerabilities of operations of energy infrastructures to identify if an attack on any single facility would create a risk of large disruptions or cascading effects. If a vulnerability is identified, the DOE staff at the NIPC will be in contact with the appropriate FBI field office, which will then work with state and local authorities to ensure proper protective measures are in place. This provides a mechanism for immediate, tailored assistance to facility security managers based on realtime information. Since December 2001, DOE also has been working closely with industry to develop guidelines that will assist in the development of security plans and procedures to better protect the national energy infrastructure. The guidelines have been developed cooperatively with industry and our interagency partners, and will establish a baseline for the further development of security requirements, verification mechanisms, and national training standards for industry personnel. Although efforts by industry are voluntary, nonparticipation has not been at issue. DOE has met with senior executives from industry and industry associations, as well as the Directors of Homeland Security from most states. DOE has also made its case for the guidelines to the National Governor's Association and the National Council of State Legislatures. Our outreach efforts, and the fact that the owners and operators worked in partnership with government to create the guidelines, have resulted in unanimous support. DOE intends to conduct vulnerability assessments and site visits to verify that industry officials are implementing the agreed upon security guidelines. The assessment teams are made up of DOE officials, other federal or state officials and the same laboratory employees who develop methodologies for use by other sectors and agencies. The Department's Office of Energy Assurance has identified 86 critical energy sites and is leading an assessment of the 23 top critical energy assets throughout the country to provide a baseline analysis on the security of the energy infrastructure. OEA sponsored an exposition to exhibit advanced security technologies to industry and state and local government. They also have conducted a review of training already available within the federal system that is beneficial to industry and assisted in the development of customized weapons of mass destruction emergency response. Finally, the Energy Assessment program has established a cyber penetration testing capability and has conducted a cyber penetration test of the Cyber Security Penetration Testing And Supervisory Control And Data Acquisition (SCADA) systems of a major pipeline company, in coordination with the Office of Pipeline Safety. They have scheduled cyber penetration testing of the SCADA systems of both nuclear power plants, in coordination with the Nuclear Regulatory Commission, and two major electricity providers, to take place later this year. Cultural issues that impede the flow of information. The issue of information sharing continues to receive attention at the highest levels of government and involves many complicated aspects. DOE's Intelligence program, for example, must comply with the dissemination requirements of other IC agencies when utilizing data and analysis obtained from these agencies. These guidelines impose strict controls on information sharing with customers outside the IC which can present difficulties in the timely sharing of information. DOE has also had to redirect some of the traditional ways of thinking. Prior to 9/11, CI efforts were focused primarily on countering the efforts of foreign intelligence collectors, while countering physical threats was largely the responsibility of our security forces. Since the attacks, we have made and are continuing to make adjustments to meet an expanded requirement for CI input to terrorist threat analysis and security planning. As a Department whose primary workforce is contractors, DOE is also working to overcome the constraints in providing threat information to non-federal personnel. Externally, we continue to depend on the major intelligence agencies to collect and disseminate information. Within those agencies, there remain processes and procedures necessary to protect their sources and methods, as well as ensure that raw, unanalyzed |