Nationwide Emergency Alert System Test Scheduled

The first nationwide test of the Emergency Alert System (EAS) will be conducted jointly by the Department of Homeland Security (DHS) Federal Emergency Management Agency (FEMA), the Federal Communications Commission (FCC), and the National Oceanic and Atmospheric Administration’s (NOAA) National Weather Service (NWS) on November 9, at 2:00 p.m. Eastern.

The EAS has never been used on a nationwide basis before, and only previously has been used by State and local governments to send weather alerts and other emergencies. The purpose of the upcoming test is to assess the readiness and effectiveness of the current system.

FEMA is the lead agency in all operational and management functions of the EAS, while the FCC is an independent agency that presides over EAS rules and handles test reporting data directly from EAS Participants. The NWS will play a key role in the dissemination of local warnings via the EAS. EAS Participants include all broadcasters, satellite and digital radio and television, cable television and wireline video providers who ensure the system is at a constant state of readiness.

It is important to note that the agencies involved will not be using a pass or fail measure on this first test.  The first step will be testing the current readiness and effectiveness of the system as it exists today.  Continual testing will be required to identify necessary improvements in the future.

Thanks to the Alaska EAS Tests in 2010 & 2011 and a tsunami live-code test in the U.S. Virgin Islands, IPAWS has already begun to develop best practices and establish open communication with the EAS Community.

According to the FEMA website, “The alert and warning landscape is in an important state of transition; from the current system of radio, television, cable, satellite, and wireline broadcast media-based alerting to a future system that integrates new technologies for a more universal access to alert and warning messages. Future testing of the EAS will assess the effectiveness and reliability of other technologies to achieve the ultimate goal of timely alert and warning to American public in the preservation of life and property.”

For more information, please visit: http://www.fema.gov/emergency/ipaws/eas_info.shtm

Homeland Security Warns Utilities of Threat

CNN recently reported an intelligence bulletin was issued by the Department of Homeland Security alerting State and local law enforcement officials to look out for threats targeting private utility facilities in the United States.

“While DHS has no specific, credible intelligence of an imminent threat posed to the private-sector utilities, several recent incidents highlight the ongoing threat to infrastructure in the utility sectors from insiders and outsiders seeking facility-specific information that might be exploited in an attack,” DHS spokesman Matthew Chandler said.

ABC News also reported that DHS warns of an insider threat to utilities, stating that there is a risk of violent extremists having already obtained inside positions.

Read the full articles here:

http://www.cnn.com/2011/US/07/20/terror.warning.utilities/index.html

http://abcnews.go.com/Blotter/terror-alert-warns-insider-threat-infrastructure/story?id=14118119

Free Cyber Security Resource

All types of businesses and organizations are vulnerable to potential cyber attacks against their websites. Thankfully there is a new free resource to help protect Internet sites against hackers.

The Department of Homeland Security (DHS), in collaboration with the Mitre Corporation, recently released the Common Weakness Enumeration version 2.0 (or CWE v2). The CWE v2 is a new online catalog of software weaknesses that can be exploited by hackers, including a list of the top 25 most dangerous weaknesses.

Created as part of a collaboration by the Department of Homeland Security (DHS) and the Mitre Corporation, CWE v2 was launched as part of the DHS’s Software Assurance Program.

This online resource of known software weaknesses is available for public use and will help software developers to build secure and limit vulnerabilities that can be potentially exploited.

Within the CWE v2, the Common Weakness Risk Analysis Framework (CWRAF) organizes the top priority exploitable weaknesses by business type, such as energy, public health, and telecommunications, to help software developers find information related to their specific needs.  Also included is the Common Weakness Scoring System (CWSS), which provides a tool to develop your own list of most critical weaknesses.

In addition to listing the top 25 technical software problems that hackers exploit, the CWE v2 has created a way to rank third-party software so that customers can see whether it meets necessary standards.

Find out more here: http://cwe.mitre.org/