December 2011
|  |
Thanks to
Our Bronze-Level Corporate Patrons
| 
|
Need Your Own Copy of The Risk Communicator?
|
|
Write for Us
|
| Have you seen a story you would
like to see included in The Risk Communicator? Do you have a research project you want to share with your colleagues? If so, please contact
the newsletter staff at newsletter@sarma.org. |
Legal Matters
| Copyright 2011
SARMA
All Rights Reserved
Privacy Policy
The views expressed in The Risk Communicator reflect the views of their authors, and do not neccesarily reflect the views of SARMA, the US Government or the employers or clients of the contributors.
|
|
|
| President's Corner |
| Dear Fellow SARMA Members,
Yes, another year has passed -- the fifth since SARMA's founding. From the Japanese earthquake, tsunami and ongoing nuclear disaster, to the 10th anniversary of the 9/11 terrorist attacks and our own "quakicane" here on the east coast of the United States, 2011 has been filled with reminders of the myriad risks we face in today's world. As I noted at the end of last year, there are important reminders in such events. The first is that the challenges we face are multi-dimensional. It is therefore critical that we continue to view security risk through an all-hazards prism. Likewise, since such risks can never be fully eliminated, addressing them in a manner that is both rational and affordable requires a sound risk management strategy that focuses on enhanced societal resilience as the outcome. Finally, achieving this in a meaningful way requires the alignment of key national policies and programs, as well as the convergence of public- and private-sector homeland security risk management interests (fittingly, December has been declared Critical Infrastructure Protection Month here in the United States). Throughout the year, SARMA has worked hard to keep the spotlight on these issues, as well as continue to grow and mature the organization and advance the discipline of security risk management. Some key highlights from our fifth year of operations include: - Conducting another highly successful Annual Conference;
- Providing comment on the development of Presidential Policy Directive (PPD) 8, the National Preparedness Goal and National Preparedness System;
- Creating and staffing two critical new positions on the SARMA staff -- the Director of Conferences and Events, and Director of Membership and Outreach;
- Expansion of the SARMA Linked-In Group to more than 800 active users and launch of several new subgroups, including SARMA Operations Security, SARMA International and SARMA Training and Education.
In the coming weeks and months, I hope to hear your thoughts on ways that SARMA can expand on these efforts in 2012. Some areas where I believe we can start include: - Increasing our corporate and individual memberships;
- Establishing a professional certification program;
- Establishing a government advisory panel to support our efforts to provide DHS and other federal agencies with unbiased advice and opinions;
- Developing additional university partnerships;
- Implementing an ongoing calendar of events;
- Reviewing SARMA's IT infrastructure and revising as necessary to more effectively support SARMA's mission and operational needs; and
- Updating and revamping the current web site.
While these represent important steps toward achieving the goals and objectives identified in the Association's Strategic Plan, they cannot be accomplished without the necessary funding and active involvement of our membership. I ask each of you consider ways you can contribute. Finally, as we close out 2011, I am also pleased to welcome a new member of the SARMA leadership team. At its December meeting, the SARMA Board unanimously elected Michael Chipley to serve as the Association's Executive Vice President. Mike brings a wealth of experience, ideas and energy that I know will be essential in advancing SARMA's mission in 2012. Please join our Board Chair, John Paczkowski, and myself in thanking Mike for taking on this extra assignment! Wishing you and your families a safe and enjoyable holiday season. Kerry Kerry L. Thomas President |
| News | | |
DHS Emphasizes Resilience in New Secure Cyber Blueprint
Continuing the homeland security enterprise's ongoing emphasis on the need to recover quickly from natural and man-made disasters, a new report on cybersecurity from the Department Of Homeland Security lists increased resilience as one of four goals for protecting critical information infrastructure. The Blueprint for a Secure Cyber Future builds on DHS's 2010 Quadrennial Homeland Security Review Report by laying out a clear path to achieve that report's goals for a "safe, secure, and resilient" cyberspace. Key to this effort, the report explains, is increasing the system fault tolerance of the nation's critical information infrastructure and preparing to maintain critical operations in a degraded environment.
Doing so will require excellence in a number of core capabilities, starting with a "comprehensive understanding of vulnerabilities, critical dependencies, and the potential for cascading disruptions." A clear understanding of the system's weakness will, in turn, make it easier to adopt architectural standards for resilience, such as "the reduction of single points of failure through multiple communications paths, storing a snapshot or 'checkpoint' of an application in a known good state, fault isolation and containment, and reversion modes." The Blueprint also emphasizes conformance to resilience standards such as NIST 800-34 and ISO/IEC 27031:2011, the development of methods to artificially create diversity in software systems, and a continuous audit program of resilience efforts.
|
|
Key Reports
|
FEMA: National Preparedness System Description
As required by PPD-8, FEMA released its description of the National Preparedness System, including "a series of integrated national planning frameworks covering prevention, protection, mitigation, response and recovery and be built upon scalable, flexible and adaptable coordinating structures." Get the report DHS: Strategic Implementation Plan for Empowering Local Partners to Prevent Violent Extremism in the United States A new report from DHS outlines the department's strategic plan for working with local law enforcement authorities and non-governmental groups to identify and disrupt terrorist activities. NSTC: Strategic Plan for the Federal Cybersecurity Research and Development Program A new report from the president's National Science and Technology Council "replaces the piecemeal approaches of the past with a set of coordinated research priorities...to engage the private sector in activities for transitioning promising R&D into practice." Get the report
|
Jobs
| |
ABS Consulting: Junior Analyst
ABS is seeking a talented young professional to provide technical and management consulting services to the Federal Government, specifically in the area of homeland security risk analysis. Tasks focus primarily on methodology development, metrics design, qualitative and quantitative analysis, and risk modeling.
Read the notice
ABS Consulting: Junior Risk Analyst
ABS is seeking a talented young professional to provide technical and management consulting services to the Federal Government, specifically in the area of homeland security risk analysis. Tasks focus primarily on methodology development, metrics design, qualitative and quantitative analysis, and risk modeling.
Read the notice
ABS Consulting: Risk Analyst
ABS is seeking a talented young professional to provide technical and management consulting services to the Federal Government, specifically in the area of homeland security risk analysis. Tasks focus primarily on methodology development, metrics design, qualitative and quantitative analysis, and risk modeling.
Read the notice
ABS Consulting: Risk Consultant
ABS is seeking a talented young professional to provide technical and management consulting services to the Federal Government, specifically in the area of homeland security risk analysis. Tasks focus primarily on methodology development, metrics design, qualitative and quantitative analysis, and risk modeling.
Read the notice
DHS: Operations Research Analyst
DHS National Protection and Programs Directorate is seeking applicants to provide technical support and subject matter expertise for execution of strategic quantitative risk assessments. Responsibilities include developing tailored risk and decision analytics, support tools and technical assistance; advancing risk and decision analytics, support tools and technical assistance, and promoting effective homeland security risk communications and enhance risk communications techniques.
Visual Risk Technologies: Safety and Security Risk Consultant
Visual Risk Technologies is seeking applicants to contribute to the firm's creative approaches and proven software solutions that are in use by a variety of corporate and government clients in the homeland security, transportation, energy, and chemical industries. The position will provide expert guidance to technical staff and conduct independent research and analysis culminating in written reports and oral presentations.
FEMA: Program Analyst
FEMA is seeking applicants to, among other tasks, conduct research and performs analytical tasks for risk analysis, risk management, and critical infrastructure protection initiatives and programs. The successful applicant will also provide assistance for obtaining, analyzing, and processing data related to critical infrastructure and all-hazards risk in support of assessments and analyses.
Read the notice
CFATS: Senior Cyber Security Consultant The Senior Cyber Security Consultant will provide chemical security analyses of vulnerability assessments and security plans for chemical facilities. Consultant will assist government client with review and analysis of information submitted by chemical facilities. The successful candidate will assist with review and analysis of information submitted by regulated facilities for completeness and consistency. This includes cyber security analysis pertaining to identification and description of computer or cyber systems related to operations, process control, or security.
CFATS: Chemical Facility Physical Security Consultant
A Chemical Facility Security Consultant will provide physical security, chemical security, and/or cyber security analyses of vulnerability assessments and security plans for chemical facilities regulated by the Department of Homeland Security. Consultant will assist DHS or other government clients with review and analysis of information submitted by chemical facilities. The job responsibilities will include: (1) evaluation of existing and planned security measures, practices, and plans; (2) evaluation of vulnerabilities; (3) evaluation of risk management practices; (4) participation in coordination meetings and conference calls; and (5) documentation of assessment results (in formal reports, briefings, and white papers).
CFATS: Senior Chemical Security Consultant
The Senior Chemical Security Consultant will provide chemical security analyses of vulnerability assessments and security plans for chemical facilities regulated by the Department of Homeland Security. Consultant will assist DHS or other government clients with review and analysis of information submitted by chemical facilities. The successful candidate will assist DHS with review and analysis of information submitted by regulated facilities for completeness and consistency.
CFATS: Cyber Security Consultant
A Cyber Security Consultant will provide chemical security analyses of vulnerability assessments and security plans for chemical facilities regulated by the Department of Homeland Security. Under the direction of a Senior Cyber Security Consultant, a Cyber Security Consultant will assist DHS or other government clients with review and analysis of information submitted by chemical facilities. The successful candidate will assist DHS with review and analysis of information submitted by regulated facilities for completeness and consistency. This includes cyber security analysis pertaining to identification and description of computer or cyber systems related to operations, process control, or security.
CFATS: Senior Physical Security Consultant
A Senior Physical Security Consultant will provide physical security analyses of vulnerability assessments and security plans for chemical facilities regulated by the Department of Homeland Security. Consultant will assist DHS or other government clients with review and analysis of information submitted by chemical facilities. The successful candidate will assist DHS with review and analysis of information submitted by regulated facilities for completeness and consistency. The Physical Security consultant will review designs and security programs and evaluate existing security countermeasures and practices.
Read the notice
Security Management Resources: Petroleum Security Advisor
Provide security advice and support to ensure the security of the people, operations and facilities of the global Petroleum organization. This role will proactively support the Petroleum Security Manager in the implementation of security strategies with particular focus on emerging threats, security incident management, development of security procedures in new locations, and security reviews for established operations.
Read the notice
|
|
|
|
|
