Department of Homeland Security- Chemical Facility Anti-Terrorism Standards

CHEMICAL FACILITY ANTI-TERRORISM STANDARDS (CFATS)
CFATS Overview Brochure
CFATS Website

The tri-fold brochure provides a general overview of the CFATS program including: an overview of 6 CFR 27, facility categories, Chemicals of Interest, Risk-Based Tiering, Risk-Based Performance Standards, the Inspection Process, Compliance and Enforcement information, and Chemical-terrorism Vulnerability Information.

The guide contains a list of free or low-cost training, Web-based classes, seminars, and documents that are routinely available through one of several component agencies within the Department. The list was compiled to assist facility security officers’ to train their employees on industry security practices, physical and cyber security awareness, and emergency management and response.

The Web-Based Chemical Security Awareness Training Program is an interactive tool available free to chemical facilities nationwide to increase security awareness. The training is designed for all facility employees, not just those traditionally involved in security. Upon completion, a certificate is awarded to the participant.

This booklet draws upon best practices and findings from tabletop exercises to present key guidance for chemical facility planning and training, and poses specific questions that an effective active shooter response and recovery plan will answer. It is designed to help both chemical facility management and employees prepare and respond by designating roles and needed actions.

HSIN-CS is the primary information-sharing platform for the Chemical Sector. The portal is available to both public and private Chemical Sector stakeholders and is a key tool for security informational awareness. Access enhances the ability of users to receive information and communicate during operationally significant situations. For example, during a hurricane the portal provides alerts and incident bulletins are posted regularly. Interested individuals should contact: CIKRISEAccess@hq.dhs.gov with a request for nomination that includes a name, company, and email address. Email addresses must match the company name. Once nominated, registrants will receive an electronic link to an application for completion.

The goal of the DHS National Cyber Security Division's CSSP is to reduce industrial control system risks within and across all critical infrastructure and key resource sectors by coordinating efforts among federal, state, local, and tribal governments, as well as industrial control systems owners, operators and vendors. The CSSP coordinates activities to reduce the likelihood of success and severity of impact of a cyber-attack against critical infrastructure control systems through risk-mitigation activities.

CYBER SECURITY FOR CONTROL SYSTEMS ENGINEERS & OPERATORS

This training is intended for control system (also referred to as SCADA, DCS, PCS, etc.) employees whose primary job is not cyber security. This training was developed through the Control Systems Security Program, established by the U.S. Department of Homeland Security National Cyber Security Division.

THE ROLE OF EMERGENCY RESPONDERS IN CFATS
 
Approved CFATS First Responder Brochure

This tri-fold brochure provides a general overview of the CFATS program including: an overview of Section 550 of the DHS Appropriations Act of 2007 and 6 CFR 27, what are the CFATS standards, the role of Emergency Responders and CFATS, and how Chemical-terrorism Vulnerability Information is protected.

The purpose of this document is to assist owners and operators in their efforts to improve basic security awareness at their chemical facility and to provide information on the security threat presented by explosive devices and cyber vulnerabilities.

VCAT is a secure, web-based application and self-assessment tool originally designed for use by the chemical industry. The tool allows owners and operators to identify their facility's current risk level using an all-hazards approach. VCAT facilitates a cost-benefit analysis by allowing users to select the best combination of physical security countermeasures and mitigation strategies to reduce overall risk. An archived, informative webinar demonstrating the tool followed by a Q&A session is also available.

This two-page flyer provides information on voluntary training, exercises and web-based tools for chemical facilities and how to access/acquire the voluntary training, exercises and web-based tools described in the document.

The goals of this site are to enable first responders, first receivers, and other healthcare providers and planners to plan for, respond to, recover from, and mitigate the effects of mass-casualty incidents involving chemicals and to provide a comprehensive, user-friendly, web-based resource that is also downloadable in advance, so that it may be available during an event if the internet is not accessible.

OPSEC FOR CONTROL SYSTEMS

This training is intended to provide an overview of operations security for control systems (also referred to as SCADA, DCS, PCS, etc.). This training was developed through the Control Systems Security Program, established by the U.S. Department of Homeland Security National Cyber Security Division.

The Cyber Security Evaluation Tool (CSET) is a Department of Homeland Security product that assists organizations in protecting their key national cyber assets. CSET is a desktop software tool that guides users through a step-by-step process to assess their control system and information technology network security practices against recognized industry standards.

Cyber threats to a control system refer to persons who attempt unauthorized access to a control system device and/or network using a data communications pathway. Threats to control systems can come from numerous sources, including hostile governments, terrorist groups, disgruntled employees, and malicious intruders. Though other threats exist, including natural disasters, environmental, mechanical failure, and inadvertent actions of an authorized user, this discussion will focus on the deliberate threats mentioned above.