Category: Organisation Types

Organisation Types for membership

TXOne Networks Publishes In-Depth Analysis of Vulnerabilities Affecting Industrial Control Systems

Cyber Security CII sector, Industry News

TXOne Networks, a global leader in OT zero trust and Industrial IoT (IIoT) security, has published its 2021 Cybersecurity Report which focuses on the vulnerabilities that can affect ICS environments. TXOne Networks' threat researchers conducted in-depth analysis of ICS-affecting vulnerabilities using the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for ICS, a globally-accessible knowledge base of adversary tactics and techniques found in cyber attacks on ICS environments. The results of this Cybersecurity Report enable TXOne Networks to show cyber threat and research trends from 2021 and previous years that will affect the industrial control system (ICS) environment in 2022. One important observation from the report is that cyber attacks on critical infrastructure can be resisted and made significantly easier to repel by applying the OT zero trust methodology, which includes device inspection, preserving critical applications and services, network segmentation, and virtual patching.

The focus of TXOne Networks' Cybersecurity Report lies especially on the analysis of so-called Common Vulnerabilities and Exposures (CVEs) that can affect ICS environments. These industry-critical vulnerabilities are identified each year by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). The MITRE ATT&CK for ICS matrix used by TXOne Networks gives an overview of "tactics" (malicious actors' goals during an attack) as well as the specific "techniques" malicious actors will use to accomplish their goals.

2021's ICS-CERT advisories

ICS-CERT advisories are published when an ICS vulnerability is released that attackers could use to cause harm. According to the Cybersecurity Report, the number of advisories dramatically increased in 2021. There were 389 advisories published, which, compared with 2020's number of 249, shows the largest year-to-year growth in the history of the ICS-CERT program. The ever-increasing number of CVEs affecting ICS environments highlights the near-impossibility of comprehensively addressing each specific vulnerability.

2021 also saw fundamental changes in the methods favored by cyber attackers, as well as more advanced and destructive supply chain attacks than ever before. Known recently-active ransomware groups include Maze, Lockbit, REvil, and DarkSide, though their activity levels can vary.

CVEs affecting ICS environments

By taking a closer look at vulnerabilities in ICS-CERT advisories from 2017 to 2021 classified by affected sector, a huge spike in vulnerabilities affecting Critical Manufacturing clearly stands out - 59.8% of CVEs identified in 2021 advisories are considered critical or high-risk.

While Critical Manufacturing is obviously in the lead, the Cybersecurity Report also shows a spike in CVEs which can be used to affect multiple sectors. Both attackers and researchers are likely to take more interest in these kinds of vulnerabilities in 2022 and 2023, because attackers can potentially exploit the same vulnerability across different kinds of operational environments.

"Our analysis of the 613 CVEs identified in advisories in 2021 that are likely to affect Critical Manufacturing environments shows that 88.8% of them might be leveraged by attackers to create an impact and cause varying degrees of disruption to ICS equipment and the environment," said Dr. Terence Liu, CEO of TXOne Networks. "For ICS environments, impact is a critical concern that includes damage or disruption to finances, safety, human lives, the environment, and equipment."

Supply Chain and Work Site Security

According to the Cybersecurity Report, while ICS-CERT shows information about CVEs that is immediately useful and necessary, it might be missing some information that can streamline the process of addressing them. More complete information provided by the National Vulnerability Database (NVD) can be critical in the creation of Software Bills of Materials (SBOMs) and the prevention of supply chain attacks, but almost 25% of CVEs take more than 3 months to reach this stage of documentation.

This underscores some crucial points. First, from a security point of view, no organization can depend on one source for cybersecurity information. In other words, ICS cybersecurity is a group effort that can't be effectively accomplished without comparing multiple sources of information. Second, due to an extended timeline for information availability, organizations can't rely on vendor patches or even released research to secure operations.

Leave a comment , ,

Germany Broadens Definition of ‘Critical Infrastructures’

Cyber Security CII sector, Industry News, Power/Energy/Oil & Gas sector, Telecomms sector, Transport sector

The second amendment of the Ordinance on the Designation of Critical Infrastructures under the BSI Act entered into effect on January 1, 2022. Such amendment broadens the definition of “critical infrastructures,” which are of particular relevance for Germany’s foreign direct investment screening regime.

This amendment follows the latest update (the 17th amendment) to the Foreign Trade and Payments Ordinance (Außenwirtschaftsverordnung, AWV) which entered into effect on May 1, 2021. Such amendment materially expanded the catalogue of sectors of particular relevance to Germany’s order and security[1] and introduced more differentiated thresholds.

In addition, since May 28, 2021, a mandatory foreign direct investment (FDI) filing is triggered if the German target business develops or manufactures certain IT components which are used in critical infrastructures (so-called critical components).

The second amendment of the Ordinance on the Designation of Critical Infrastructures under the BSI Act (BSI-KritisV or Law) comprehensively revises the definitions and thresholds required to designate critical infrastructures (energy, water, nutrition, IT and telecommunication, health, finance and insurance, and transport and traffic). The following amendments of the Law will likely have the most significant impact on German FDI screening, further increasing the number of notifications to the German Ministry of Economics and Climate Action:

Definition of a “Facility”: The concept of a “facility” is generally an essential prerequisite for the assumption of a critical infrastructure under the BSI-KritisV. In addition to premises and other fixed installations, machinery, equipment, and other mobile installations, the updated “facility” definition now also explicitly includes software and IT services necessary for the provision of a critical service for the operation of a critical infrastructure. Relevant software and IT services do not need to be specially developed for the operation of critical infrastructures to fall in the scope of the updated “facility” definition. This may result in third-party IT and software service providers being designated as operators of a critical infrastructure.
Energy Sector: The thresholds for power plants to be considered a critical infrastructure were lowered from 420 megawatts to 104 megawatts. Further, the updated BSI-KritisV introduces new categories of facilities (trading systems and facilities relevant for the trade of gas or petroleum) and also lowers the existing threshold for trading systems and facilities relevant for the trade of electricity from 200 terawatt-hours to 3.7 terawatt-hours per year.
IT and Telecommunication Sector: The Law reduces the existing thresholds for internet exchange points (IXPs)—number of connected autonomous systems (annual average)—from 300 to 100, as well as the thresholds for computer centers/housing—contractually agreed installed power in megawatts—from 5 megawatts to 3.5 megawatts.
Health Sector: The Law introduces a new facility category, the so-called “laboratory information network”. A laboratory information network is a network of facilities or systems that provide IT services for diagnosis and therapy control in human medicine for at least one laboratory.
Finance and Insurance Sector: The Law introduces new facility categories related to the trading in securities and derivatives. These concern systems for generating orders for trading securities and derivatives and forwarding them to a trading venue exceeding 6,750,000 transactions per year; trading systems (as defined in Article 4 number 24 of Directive 2014/65/EU) exceeding 850,000 transactions per year; and other depository management systems exceeding 6,750,000 transactions per year.
Transport Sector: The Law introduces new facility categories—for instance, air and port traffic control centers, port information systems, and others.

The amendment of the Law will increase the number of businesses designated to be operators of a critical infrastructure. The Federal Ministry of Interior and Community estimated in this respect that the number of operators of critical infrastructures will increase from a total of approximately 1,600 to a total of approximately 1,870.

Operators of critical infrastructures are primarily subject to the obligations of the BSI-KritisV, in particular, notification of IT security breaches. In addition, the broadened definition of critical infrastructures may increase the number of mandatory notifiable transactions under the German FDI provisions. Foreign investors should therefore factor this into their diligence efforts when considering the acquisition of voting rights in German domiciled companies.

[Source: Morgan Lewis]
Leave a comment ,

How is the Federal Government Approaching Climate Resilience?

Agency News, Industry News, Transport sector

Extreme weather events—like wildfires, hurricanes, and some winter storms—threaten the stability of critical infrastructure that we rely on every day. This includes systems like roads, electric grids, supply chains, as well as how this infrastructure is used for military operations. The projected impact of climate change on these critical infrastructures is a key source of federal fiscal exposure because of the size of the federal government’s investment and states’ increasing reliance on the federal government for disaster assistance.

This past year may go on record as one of the most active and costly years for extreme weather events. As of Oct. 8, there have been 18 such events, each with losses exceeding $1 billion, according to the National Centers for Environmental Information. Disaster costs are projected to increase as certain extreme weather events become more frequent and intense due to climate change—as observed and projected by the U.S. Global Change Research Program and the National Academies of Sciences, Engineering, and Medicine.

One way to reduce long-term risk to people and property from natural hazards is to enhance climate resilience. Enhancing climate resilience means taking actions to reduce potential future losses by planning and preparing for potential climate hazards, such as extreme rainfall, sea level rise, and drought. The Administration is taking some actions through various climate-related Executive Orders, and we are monitoring implementation of these emerging efforts.

As our climate continues to change, experts say this trend of larger, more costly weather events will also continue. Today’s WatchBlog post looks at some of our work on federal climate-resilience activities.

Climate-resilient public infrastructure

Every year, the federal government spends billions of dollars to maintain buildings, levees, and roads. This cost could grow as certain weather-related events that cause damage increase in frequency and intensity.

For instance, if roads are flooded from dangerous amounts of rainfall or hurricanes, routes used for emergency evacuations can become unsafe and require costly repairs. Road damage due to climate-related changes may even cost up to $20 billion annually by the end of the century, according to the 2018 Fourth National Climate Assessment.

Over the last decade, the Federal Highway Administration (FHWA), which is part of the Department of Transportation (DOT), has developed policies, provided technical assistance, and funded climate-resilience research as part of its efforts to address climate change's impacts on roadways.

In our September report we found that some states were planning, or already made, changes to their infrastructure using FHWA resources. For example, in Maryland authorities raised a bridge by two feet in anticipation of rising sea levels. While some improvements have been made, more can be done to enhance the climate resiliency of federally funded roads. We identified 10 options for DOT to consider. For example, DOT could provide information to states on best practices and how to include climate projections into road planning and design.

DOT agreed to consider our options when prioritizing climate-resilience actions.

Climate-resilient electricity grid

Severe weather is also expected to impact nearly every aspect of the electricity grid—including the generation, transmission, distribution, and demand for electricity. Extreme-weather events could cost billions—from power outages to infrastructure damage—and leave people without access to electricity.

In February 2021, dangerously cold weather spread into Texas causing increased demand for electricity, and about 4.5 million people lost power.

In August 2021, Hurricane Ida resulted in at least a million people, across three states, without electricity and left seven people dead.

How can we better protect the electricity grid?

Although private companies own much of the electricity grid, the federal government is a key player in promoting its resiliency. Since 2014 the Department of Energy (DOE) and the Federal Energy Regulatory Commission (FERC) have taken steps to improve grid resilience, such as partnering with utilities and collecting information on weather-related risks to grid operations. However, DOE still doesn’t have an overall strategy to guide its climate-resiliency efforts despite recognizing the risks. Additionally, FERC hasn’t identified or assessed weather-related risks to the grid.

In a March 2021 report, we recommended that DOE develop a department-wide strategy to enhance grid resilience, and FERC identify and asses risks to the grid and plan a response.

[Source: GAO]
Leave a comment ,

Recommendations for the Implementation of an EU Strategy on Technology Infrastructures

Agency News, Cyber Security CII sector, Industry News

As technology infrastructures (TIs) are critical enablers for the European research, development and innovation ecosystems, the European Commission’s Joint Research Centre (JRC) and the European Association of Research and Technology Organisations (EARTO) recommend a pan-European, agile and sustainable environment for their development, accessibility and governance, within the framework of a dedicated EU strategy.

The key role of TIs in RD&I Ecosystems

TIs are (physical or virtual) facilities and equipment, such as demonstrators, testbeds, piloting facilities and living labs, capable of building bridges between science and the market.

They are mostly created, managed, maintained and upgraded by not-for-profit Research Performing Organisations (mainly Research and Technology Organisations – RTOs, and Technical Universities – TUs), which require dedicated and significant resources and competences.

TIs are open to a wide range of public and private users, large and small, collaborating with TI managers to jointly develop and integrate innovative technologies into new products, processes, and services.

Examples  of  technology  infrastructures  include  facilities  to  develop  electrolyser stacks,  biogas  plants,  clean-room  facilities  for  chip  production,  test  areas  for automated shipping or road traffic safety solutions, wind tunnels, testbeds for multi-functional nano-composites, multi-material 3D printing, thermo-plastics and industrial robotics.

Technology Infrastructures are major building blocks for Europe to deliver on its ambitions of making successful transitions to a sustainable, digital and resilient industry and society.

Industry’s innovation capacity, productivity and international competitiveness heavily depend on possibilities to develop, test, validate and upscale new technological solutions at an ever-faster pace.

Towards an EU strategy for technology infrastructures

A European Commission Staff Working Document on TIs published in 2019 recommended the development of an EU Strategy for Technology Infrastructures building on the experience and the framework of the European Strategy for Research Infrastructures (ESFRI) with its own specificities.

In this context, the JRC and EARTO launched a joint project on TIs to gather evidence and highlight the common specificities of TIs across Europe, assess the challenges they face over their whole lifecycle, and identify how their capacity could be further leveraged.

The JRC and EARTO have just published an analysis of the main strategic elements that would ensure an effective and sustainable management of an integrated landscape for TIs at the European level:

  • Combining and completing the existing repositories and mappings of TIs at EU level, covering both TIs’ locations and the services and facilities they offer, could be used to enable a better understanding of the TIs’ landscape by policymakers and users, foster accessibility to TIs, and create connections between complementary TIs.
  • Roadmapping of future needs for capital expenditure (CAPEX) investments in TIs should be organised with a sectorial value-chain and bottom-up approach, with the involvement of TIs’ stakeholders, by identifying the future needs for TIs in existing roadmaps linked to current EU instruments and actions (e.g. European Partnerships, European Research Area (ERA) Industrial Technology Roadmaps).
  • Setting up a mechanism to draw from sectorial roadmaps and prioritise investments in TIs at European level and/or to coordinate and synchronise national/regional TIs’ roadmaps in strategic sectors would be valuable to maximise the use of public funds.
  • Creating an agile Advisory Board will be necessary to operationalise the prioritisation of investments and the coordination of national/regional TIs’ roadmaps. The board should be composed of Member States experts responsible for TIs within national ministries, as well as relevant stakeholders including RTOs, technical universities, and industry (large and small).
  • TIs need to be developed and upgraded at the same fast pace as the technologies and the products that are developed and tested. A strengthened and clearer pathway of grant-based public support for CAPEX investments for the creation and upgrade of TIs, as well as creating synergies for more structural support at European, national, and regional levels would be essential, as the current funding landscape is very scattered. The support for the creation of new TIs should be designed in complementarity with the support for the upgrade of existing ones, taking a balanced approach between the two.
  • Pan-European accessibility to TIs should be facilitated by fostering the use of TIs in competitively funded projects at EU level, defining harmonised principles for access to TIs, and adopting a one-stop-shop approach in specific value-chains.
  • Creating thematic networks of TIs with a value-chain approach would enable to better integrate and structure the European landscape for TIs, foster capacity building across regions, and spread excellence and expertise to overcome the European innovation divide. Dedicated support and funding for network orchestration activities is needed to explore the full potential of TIs’ networks.
Leave a comment , ,

Pipeline Safety: Manufacturing Defects in Pipeline Components Rarely Contribute to Accidents

Agency News, Industry News, Power/Energy/Oil & Gas sector

Almost 350,000 miles of interstate gas and hazardous liquid transmission pipelines transport products across the U.S. The quality of individual components used in constructing these pipelines is critical to protect life, property, and the environment.

The GAO reviewed data on the quality of fittings, flanges, and valves on interstate transmission pipelines, and found that manufacturing defects rarely contribute to accidents. For instance, such defects contributed to less than 2% of all accidents between 2016-2020. They caused zero deaths or hospitalizations, and spilled fewer gallons of hazardous liquid (on average) than other types of accidents.

Manufacturing defects involving certain pipelines components—specifically fittings, flanges, and valves—accounted for less than 2 percent (23 of 1,529) of all accidents on gas and hazardous liquid interstate transmission pipelines from 2016 through 2020, according to GAO's analysis of Pipeline and Hazardous Materials Safety Administration (PHMSA) data. During this period, none of the reported 10 fatalities or 24 injuries requiring in-patient hospitalizations were related to accidents involving such defects. The amount of product released was also lower than average for all accidents that GAO reviewed. For example, accidents involving manufacturing defects in these pipeline components resulted in the spillage of 69 barrels of hazardous liquid on average, compared to an average release of 242 barrels for all accidents. Many selected stakeholders GAO interviewed also said that manufacturing defects in pipeline components rarely contribute to accidents.

All selected operators GAO interviewed described taking a number of steps to design, inspect, and test pipeline components to ensure quality prior to placing the components into service. Many of these selected operators described taking steps above PHMSA's minimum safety standards. For example, some operators described conducting inspections of manufacturers' processes or requiring manufacturers to maintain voluntary management and design certifications. According to these selected operators, these actions help ensure that manufacturers have the skills and expertise to construct high-quality pipeline components. While selected operators generally did not describe additional testing steps, many of these operators and other stakeholders agreed that defects are often identified during the testing of components. Specifically, PHMSA generally requires that operators conduct a hydrostatic test—whereby the pipeline is pressurized to a level above the normal operating pressure—to ensure the integrity of the pipe and components prior to the pipeline being placed in service.

The U.S. pipeline network includes almost 350,000 miles of interstate gas and hazardous liquid transmission pipelines that operate at high pressures and transport products across the country. The integrity of individual components used in constructing these pipelines is critical to protect life, property, and the environment. These components include fittings to accommodate changes in terrain or direction of the pipe; flanges to connect pipes and other equipment together; and valves to help control the flow and pressure of product in the pipe.

Within the U.S. Department of Transportation, PHMSA sets and enforces the federal minimum pipeline safety standards for pipelines and pipeline facilities, including for the design and manufacture of components. The minimum safety standards apply to owners and operators of pipeline facilities rather than the manufacturers of components.

Due to potential concerns about the manufacturing process for pipeline components, GAO was asked to review the quality of fittings, flanges, and valves on interstate transmission pipelines. This report describes: (1) the extent to which manufacturing defects in pipeline components have contributed to accidents from 2016 through 2020, and (2) the actions selected pipeline operators have taken to ensure the quality of components manufactured for their pipelines.

GAO analyzed PHMSA's accident data on interstate transmission pipelines for gas and hazardous liquid—including number, item involved, cause, related fatalities and injuries, and amount of product released—from 2016 through 2020, the most recent 5-year period for which data were available. GAO assessed the reliability of the data by reviewing PHMSA reports and interviewing PHMSA officials, among other things, and found the data to be sufficiently reliable to describe the frequency in which manufacturing defects contributed to reportable pipeline accidents.

GAO also reviewed relevant pipeline safety statutes and regulations, including those addressing the safety of pipeline components. GAO interviewed officials from PHMSA and the National Transportation Safety Board, as well as representatives from 10 pipeline operators, six industry associations, four pipeline manufacturers, three standards-setting organizations, and one safety group. GAO selected operators that manage interstate transmission pipelines, but vary in size (number of pipeline miles managed); commodities transported (i.e., natural gas and hazardous liquids); accident history; and geographic location. GAO selected the remaining stakeholders based on, among other things, inclusion in prior GAO reports, recommendations from stakeholders, or references in PHMSA's regulations.

Leave a comment , ,

Deputy Secretary General stresses NATO will continue to increase Ukraine’s cyber defences

Agency News, Cyber Security CII sector, Industry News

Deputy Secretary General Mircea Geoană participated virtually at the Cybersec Global 2022 event. Focusing on the tensions between Russia and Ukraine during his keynote speech, the Deputy Secretary General stressed that NATO has been working with Ukraine for years to increase its cyber defences, and will continue to do so at pace.

He said: “The use of hybrid attacks against Ukraine, including cyber-attacks and disinformation, as well as the massing of advanced weapons on its borders, underlines the key role of advanced technology in modern warfare”.

The Deputy Secretary General pointed out that “China and Russia are investing heavily and deploying new technologies with little regard for human rights or international law, aggressively challenging our technological edge”. He recalled that last summer Allies had agreed a new comprehensive cyber defence policy for NATO and went on to say that “we are strengthening our cyber defences and increasing the resilience of our critical infrastructure and supply chains to reduce our vulnerabilities”.

The Deputy Secretary General also noted NATO’s leading role with regard to the new technologies, in areas such as artificial intelligence, autonomous systems, biotechnology, big data, hypersonics, quantum computing and space. He underlined that to avoid any technology gaps, “we are making sure that transatlantic innovation benefits all Allies”. Mr. Geoană emphasized that NATO’s strength comes from its unity and its ability to adapt to remain strong and “retaining our technological edge is a big part of this”, he added.

Leave a comment , , ,

Dstl trials autonomous maritime asset protection system (AMAPS)

Agency News, Industry News, Transport sector

Working with the Royal Navy, industry partners and the US Naval Undersea Warfare Centre, the Defence Science and Technology Laboratory (Dstl) conducted research to improve detection, tracking, classification and defeat capabilities against surface and subsurface threats to high value assets and critical infrastructure, using autonomous systems alongside traditional systems.

Dstl worked collaboratively with an industry consortium comprising QinetiQ, SeeByte, L3 Harris ASV and Thales, to develop a concept demonstrator based on open architectures and autonomous systems. This demonstrator was tested in a synthetic environment to ensure the viability of the concept before experimentation during a 2 week trial in Portland Harbour in October 2021 using Dstl’s containerised system and the Maritime Autonomy Surface Testbed vessel MAST-13.

Different levels of autonomy were evaluated, enabling a better assessment of the role that maritime autonomous systems can play in protecting vulnerable assets while also furthering understanding of the current maturity of the technology.

The trial successfully demonstrated end-to-end autonomy with the remote operation of a long range acoustic device and firing of a vessel arrestor system with the aim to stop a suspect craft.

Future trials will look to stress the system with the aim to assess robustness while completing interoperability tests with the US that were impacted by COVID-19.

Dstl Programme Manager, Alasdair Gilchrist MBE, commented:

The research showed the benefit of integrating multiple sensors, fixed and on uncrewed vessels (UXVs), into a common tactical picture to aid command decisions.

We have progressed maritime Artificial Intelligence/machine learning by developing apps that enable multiple UXVs to be command and controlled from a single operator to protect assets.

We have also developed algorithms to autonomously control and launch non-lethal effectors from uncrewed surface vessels (USVs) to deter aggressors and protect our valuable maritime assets.

Leave a comment

CISA Urges Organizations to Implement Immediate Cybersecurity Measures to Protect Against Potential Threats

Agency News, Cyber Security CII sector, Industry News

In response to recent malicious cyber incidents in Ukraine—including the defacement of government websites and the presence of potentially destructive malware on Ukrainian systems—CISA has published CISA Insights: Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats. The CISA Insights strongly urges leaders and network defenders to be on alert for malicious cyber activity and provides a checklist of concrete actions that every organization—regardless of sector or size—can take immediately to:

- Reduce the likelihood of a damaging cyber intrusion,
- Detect a potential intrusion,
- Ensure the organization is prepared to respond if an intrusion occurs, and
- Maximize the organization’s resilience to a destructive cyber incident.

CISA urges senior leaders and network defenders to review the CISA Insights and implement the cybersecurity measures on the checklist.

Leave a comment , ,

TSA leaders share tips to get through airport security during the pandemic

Agency News, Industry News, Transport sector

There are a handful of actions that travelers can take in an effort to get through Transportation Security Administration (TSA) airport checkpoints during the pandemic in ways that may help reduce the likelihood of contracting COVID-19.

While security is TSA’s top priority, the health and safety of TSA employees and the traveling public is of utmost importance. TSA remains in close communication with medical professionals, the CDC, and various government agencies as we continue to carry out its security mission during the pandemic.

Here are a few suggestions that TSA Federal Security Directors want to share with travelers who are scheduled to fly during the pandemic.

  • John Bambury, TSA Federal Security Director for John F. Kennedy International Airport: “You’ve heard it a thousand times—wear a mask. I wear a mask every single day at the airport, which is one of the top recommendations from the CDC. If you’re flying, you should also consider carrying an extra mask so that if the elastic band snaps on your mask, you’ve got a spare one handy. Also, you may want to change into a fresh mask upon arrival at your destination. If you don’t have a mask, the TSA officer at the travel document checking podium will offer you one for free. When you get to the travel document podium, the TSA officer will ask you to remove your mask for just a few seconds to verify that your face matches the ID that you are presenting.”
  • Scott T. Johnson, TSA Federal Security Director for Washington Dulles International and Ronald Reagan Washington National Airports: “Consider enrolling in TSA PreCheck® because it gets you through the checkpoint conveniently and more quickly than a standard checkpoint lane, making it even more valuable in today’s travel climate. TSA PreCheck passengers spend less time waiting in line and keep their shoes, belts and jackets on during screening and electronics in their carry-ons, reducing overall contact during screening. Travelers in the program also are permitted to leave their 3-1-1 liquids bag in their carry-on bags.”
  • Gerardo Spero, TSA Federal Security Director for Philadelphia International Airport: “Know before you go. By that I mean that you need to know what is in your carry-on bag before you head to the airport to ensure that you have nothing prohibited with you. Prohibited items such as large liquids, knives, pepper spray, loose ammunition, and other prohibited items result in our need to open your carry-on bag and remove them. This keeps you in the checkpoint for an extra few minutes while one of our TSA officers opens your carry-on to search and eventually remove the item. We want to get you through the security checkpoint efficiently and quickly. Prohibited items slow you down.”
  • Thomas Carter, TSA Federal Security Director for Newark Liberty International Airport: “The CDC recommends washing your hands frequently. Consider washing your hands before and after completing the security screening process. If it is not possible to wash your hands, please use hand sanitizer. TSA has instituted a temporary exemption from the 3-1-1 rule, that permits travelers to carry up to one 12-ounce container of liquid hand sanitizer per passenger, in carry-on bags. You can also bring individual hand wipes or a large tub of hand wipes with you to help wipe down your hands and even handles of your carry-on bags.”
  • John C. Allen, TSA Federal Security Director for Yeager Airport: “Do your best to socially distance from others whenever possible. By that I mean, leave some extra space between the traveler in line ahead of you. Take that an extra step back. After you go through the checkpoint scanner, that’s another opportunity to take an extra step back while you wait for your carry-on items along the conveyor belt. Look around, see where you can wait for your carry-on items a little farther away from fellow passengers. Then take your belongings off to the side to put on your shoes, jacket and other items so that you’ve got some extra space of your own to recompose.”
  • Grant Goodlett, TSA Federal Security director for Baltimore/Washington International-Thurgood Marshall Airport: “If you haven’t traveled in a while, you will notice that TSA has installed acrylic shields in checkpoints in an effort to make the screening process safer for passengers and our workforce by reducing the potential of exposure to the coronavirus. Please don’t walk around these acrylic shields to interact with our TSA officers. The shields have small vents to allow for conversation, questions and answers to be shared.”

[Source: TSA]

Leave a comment , ,

How Parliamentarians can L.A.B.O.R. for disaster resilience

Agency News, Industry News, University/Research/Academia sector

While hazards may be natural, disasters are not. The choices we make can either increase or decrease risk. As the planet slowly warms, parliamentarians can help. Indeed, they can L.A.B.O.R. for resilience.

The global pandemic caused by Covid-19 has been a wake-up call for the whole world. Appalling losses of life, economic devastation and ripples of insecurity have touched every corner of the planet. No one has been immune and the power (or lack thereof) of the state to prevent, prepare and respond has been severely tested. While there’s no way to guess how the pandemic would have unfolded had the world been more prepared, research repeatedly shows that disaster risk reduction and preparedness mitigate losses by large margins. Just 24 hours warning of a coming storm or heat wave can cut the ensuing damage by 30 percent.

As public tolerance for risk is decreasing; citizens around the world are increasingly exposed to growing and compounded risks, with losses now reaching between $250 and $300 billion annually, up from about $50 billion in the 1980s. Climate change interacts with other hazards - technological, biological, chemical and geopolitical, among others – which creates greater risk complexity. The impacts of disaster know no bounds, but those living in more vulnerable circumstances tend to be the hardest hit, with poorer countries registering the highest post-disaster mortality rates.

While hazards may be natural, disasters are not

Flood, earthquakes, landslides or storms become disasters because of the exposure and vulnerability of people and places. The choices we make can either increase or decrease risk. Therefore, each stakeholder has a role in reducing disaster risk. Parliamentarians are uniquely situated to help societies weather all kind of disasters with more resilience and preparation. Last year, the United Nations Office for Disaster Risk Reduction (UNDRR) and the Inter-Parliamentary Union (IPU) launched a toolkit for parliamentarians detailing how they can help build resilience for their communities. The guidance features ten recommendations grouped into five categories: Legislate; Advocate; Budget; Oversee; Represent (L.A.B.O.R.).

Read below for a snapshot of how parliamentarians can L.A.B.O.R. for their constituency’s resilience.

Legislate
Creating legislation is one of parliamentarians’ key jobs. In this regard, using risk and vulnerability assessments, they can create both DRR (disaster risk reduction) legislation, as well as amend existing legislation to reflect and support international DRR commitments.

Advocate
Parliamentarians can advocate for governments to shift from their current event-centered, response and recovery approach to DRR to a multi-hazard approach that considers vulnerability. They can also advocate for the use of data, expertise and experience from national and international institutions, as well as from other countries, to inform their own DRR frameworks and strategies. Finally, parliamentarians can advocate for DRR to be integrated into climate change plans and initiatives.

Budget (and finance)
Determining budget allocation is another vital task for parliamentarians and here they can focus on funding long-term DRR initiatives – including allocating funds for the oversight of data collection, reporting purposes and regulation enforcement – at all levels of government. Parliamentarians can also integrate and mainstream DRR into public and private investment decisions, ensuring that investments are risk-informed.

Oversee
Accountability is an important aspect of any government investment decision. Parliamentarians can use their oversight role to evaluate government performance, effectiveness and spending for DRR initiatives, thus demonstrating their effectiveness. They can also make people aware of the impacts of regulation, enforcement and penalties. In order to support ease of use and to compare different initiatives, parliamentarians can ensure information is provided in standardized, consistent formats.

Represent
Finally, as elected officials, parliamentarians are responsible for representing all of their constituents and ensuring that DRR policies and plans meet their specific needs. This all-of-society approach must include those most vulnerable in disasters: the poor, women, girls, ethnic minorities and persons with disabilities. Parliaments can ensure that DRR strategies and commitments are durable and will survive electoral changes by using a non-partisan, holistic approach to developing DRR plans.

Using the L.A.B.O.R. framework, parliamentarians can help create disaster-ready communities, both saving lives and protecting economic resources.

[Source: UNDRR]

Leave a comment , ,
1 24 25 26 27 28 54