The IAIP combined the legacy capabilities of the Department of Energy's Office
of Energy Assurance, the General Services Administration's Federal Computer
Incident Reporting Center (FedCIRC), the Federal Bureau of Investigation's
National Infrastructure Protection Center, the Department of Commerce's Critical
Infrastructure Assurance Office, and the Department of Defense's National
Communications System, with the mission requirement to leverage these existing
capabilities, and to broaden and enhance them to provide information and services
to the federal government, state and local officials, and the private sector. As an
example of this broadening of legacy missions, IAIP maintains continual
situational awareness of the nation and its borders through the Homeland Security |~-? \J. ^.j 7-
Operations Center (HSOC). HSOC currently houses 26 federal (both Intelligence
and law enforcement) and local agencies, which provide a continual stream of
information which is further analyzed or transmitted to the appropriate federal or
local law enforcement agency for action.
Today, IAIP is providing the full range of intelligence support to DHS leadership,
mapping terrorist threats to the homeland against assessed vulnerabilities in order
to protect against terrorist attacks, conducting independent analysis of terrorist
threats to the homeland in the form of tailored, competitive and red team analysis,
developing requirements for collection of intelligence and threat-related
information, and coordinating information exchanges between the Department
and state and local governments and the private sector. Please see attached Fact
Sheet on IAIP, and its relationship to the Terrorist Threat Integration Center.
Tom Ridge, ensures that the responsibilities of the Department, including those
regarding information analysis and infrastructure protection, are carried out
through the Under Secretary for Information Analysis and Infrastructure
Protection, Frank Libutti. IAIP itself is not an intelligence collection agency, but
has access to foreign and domestically collected intelligence and other information
from throughout the government, as well as developing mechanisms to gain such
information from state and local governments and the private sector. In addition,
~T>K-'
IAIP plays a leading role in developing unique collection requirements related to ^ /- (,
protecting the homeland from terrorist attacks, both for the elements within DHS n Lf\k •, .;
which do have collection authority (e.g., the Coast Guard, Customs and Border </£ i
Patrol, Immigration and Customs Enforcement, Transportation Security £ '& *
Administration, and the Secret Service), and for other USG elements involved in
terrorism and homeland-security-related information collection.
The Assistant Secretary for Information Analysis, Patrick Hughes, has primary
responsibility for developing collection requirements, including domestic
collection requirements, for the Intelligence Community and other entities
including, but not limited to, those directly involved in counterterrorism activities
as part of their own missions. Those requirements are informed by the integration
of the Office of Mbrmation Analysis (IA), headed by Assistant Secretary Hughes,
with the Office of Infrastructure Protection (IP), headed by Assistant Secretary
Robert Liscouski. Those offices constantly exchange information about threats,
terrorist capabilities and planning, critical infrastructure vulnerabilities and
protective measures in place to gauge the likelihood of success and potential
impact of terrorist acts. This information exchange enables, for the first time, a
real pro-active, risk mitigation strategyfemerge for our Nation, as opposed to what
once was a primarily reactive strategy.
vulnerabilities of the key resources and critical infrastructure of the United States,
to integrate relevant information, analyses, and vulnerability assessments in order
to identify priorities for protective and support measures by the Department, other
agencies of the Federal Government, State and local government agencies and
authorities, the private sector, and other entities.
IAIP consults with State and local governments and private sector entities to
ensure appropriate exchanges of information, including law enforcement-related
information, relating to threats of terrorism against the United States. To the
extent that this question seeks information about non-terrorism-related
intelligence collection and analysis and the relative priority of such activities vis-a-
vis counterterrorism activities, given lAIP's overriding statutory mission, the
question is largely inapplicable to IAIP.
IAIP has allocated the resources it received from the passage of the Homeland
Security Act after extensive consultation by the leadership team, though some
flexibility will be required as DHS continues to mature and develop an operational
history of its own in order to determine how best to allocate resources to better
meet mission requirements.
4. How are your organization's priorities linked to guidance from the Secretary
of Defense and/or the Director of Central Intelligence? Are your priorities
solely directed by the cabinet secretary or agency head that leads your
department or agency?
The priorities for IAIP are set forth in the Homeland Security Act and by applicable
Presidential Directives, and are administered by the Secretary for Homeland Security,
Tom Ridge, and the Under Secretary for Information Analysis and Infrastructure
719/04 THU 10:43 FAX 1^1005
Protection, Frank Libutti. Within IAIP, the Office of Infonnation Analysis, headed by
Assistant Secretary Patrick Hughes, communicates with the Central Intelligence
Agency and other Intelligence Community entities under the direction of the DCI,
along with numerous Department of Defense elements, in order to ensure that DHS'
activities are informed by the broader counterterrorism and related priorities of the
USG and, equally important, to ensure that priorities and requirements developed by
IAIP and other DHS elements are appropriately integrated with collection activities of
all other USG counterterrorism elements. IAIP, both at DHS Headquarters and
through IAIP analysts physically located at TTIC, conducts its own, independent
analysis, in the form of competitive, tailored and "red team." analysis, and utilizes the
analytic resources of the Federal Bureau of Investigation, Central Intelligence Agency,
Department of Defense, and other entities in this effort. As such, DHS and its
leadership set forth priorities for the Department and the Office of Information
Analysis works with its fellow members of the Intelligence Community, coordinating
intelligence requirements.
Among other things, IAIP is responsible for mapping terrorist planning, tactics and
capability against our vulnerabilities. IAIP does this by independently analyzing all
intelligence it receives and through constant and seamless communication with lAIP's
assignees at the TTIC and throughout the intelligence, law-enforcement, and
homeland security communities, in order to compile the most accurate domestic threat
picture possible. As stated before, the work of the HSOC informs this mission,
providing an unprecedented real time threat picture of the country. Warning products
are then produced and disseminated to the federal government, state and local
officials, and the private sector as is appropriate. IAIP implements its goal of
protecting the homeland by enabling, developing, and sustaining the capability to
continuously identify, assess, and prioritize current and future threats to the homeland
and map those threats against vulnerabilities. IAIP also issues timely warnings and
advisories containing preventive and protective measures for critical infrastructure
owners-and operators, and provides actionable information to state and local officials
and law enforcement to prevent and disrupt terrorist planning and activity.
As noted above, IAJP is a full partner in - in effecCa "part owner of' ~TI]0; our
officers work day-in-day-out at TTIC, participating in processing and analyzing
terrorist threat-related information, shaping and disseminating TTIC products,
assessing gaps in available information, and ensuring that TTIC products reach
appropriate DHS Headquarters elements, as well as appropriate state, local and
private sector officials. The CIA, DOD, and FBI, as well as others, also are full
partners in the TTIC joint venture, and, as a result, IAIP is closely linked to them
through its work at TTIC.
IAIP, of course, did not exist until March 2003. From our perspective, however,
information sharing on Counterterrorism issues has increased greatly even since
IAIP came into being. Not only are members of the 1C communicating well,
including through frequent face-to-face and electronic meetings, vastly enhanced
dissemination of information throughout not just the traditional "1C," but with the
broader law enforcement and homeland security communities. New ways of
doing business, including IAIP itself, as well as, of course, the TTIC, and the
Terrorist Screening Center, are improving every day our ability not onlyto better
develop a better threat picture but to act rapidly to reduce our vulnerabilities and
to prevent threatened attacks against us. IAIP is currently assessing and analyzing
threat information from all sources, including the 1C, and sharing the results at an
unprecedented rate, at appropriate levels, with state and local homeland security
officials and the private sector.
8. Please identify the responsible policy official for CT issues in the Intelligence
Community from whom you take direction and guidance.
FACT SHEET:
DHS Directorate of Information Analysis and Infrastructure Protection
Summary
!
• Supporting the work of all of DHS' components, including the Directorates of Border
and Transportation Security, Science and Technology, and Emergency Preparedness
and Response. This analytic support will also be provided to DHS' decisionmakers
under pending Bioshield legislation, if enacted;
\ • Analyzing terrorist threats to the homeland, both at DHS Headquarters, and through
IA analysts physically located at ljTIC;
i
• Developing requirements for the collection of intelligence and other information
related to terrorist threats to the homeland for use by the Intelligence Community and
U.S. law enforcement agencies; j
• Managing the collection and processing of information into usable intelligence from
DHS' inherited intelligence components, e.g., Customs, Coast Guard, Secret Service.
To carry out these critical responsibilities, the President and Congress have provided
DHS/IAIP with unique and powerful authorities and capabilities, outlined in greater detail
below.
• Robust, comprehensive, and independent access, mandated by the President and in the
law, to information relevant to homeland security, whether raw or processed;
• Mission and authority to obtain information and intelligence, including through DHS
components, analyze that data, and take action to prevent, and respond to, terrorist
attacks directed at the U.S. homeland; and
• Ability to conduct its own, independent threat and other analysis and to leverage the
analytic resources of the Federal Bureau of Investigation (FBI), Central Intelligence
Agency (CIA), Department of Defense (DOD), TTIC, and other entities, to manage
the protection of the homeland.
Central Role. Central to the success of this singular DHS mission is the
coordination of the Office of Information Analysis ("IA) with the Office of Infrastructure
Protection (8TP") to ensure that threat information is correlated with critical infrastructure
vulnerabilities and protective programs. This correlation provides the essential context to
determine the relevance and efficacy of threat information to the protection of critical
infrastructure components and key assets. IAIP is the center of strategy coordination for
all of DHS' Critical Infrastructure Protection efforts. Working through its Headquarters-
based analysts, IA, in close collaboration and coordination with IP, will choreograph an
interactive relationship between analysis of terrorist threats against the United States
homeland, comprehensive vulnerability assessments, and domestic preventative and
protective measures. The IA-IP partnership significantly reduces the potential for
./19/04 THU 10:44 FAX B010
intelligence gaps and communications failures. This linkage of information access and
analysis on the one hand and vulnerabilities Analysis and protective measures on the other
is what is entirely new, and unduplicated elsewhere, about the President's vision for
DHS. ! i •; i
Partnership with State and Local Governments and the Private Sector.
Unlike other members of the Intelligence Community, including others represented at the
TTIC, IA has both the authority and responsibility for providing Federally-collected and
analyzed homeland security information to first responders and other state and local
officials and, as appropriate, security managers and other key private sector contacts.
Likewise, only IA, in coordination with IP, is in the position effectively to manage the
collection from state and local governments, jand private sector officials, of the crucial
homeland security-related information that may be, in the first instance, available only to
those officials. DHS will work closely with pther U.S. Government agencies to
coordinate relations with state, local, and private sector officials, including coordinating
with FBI on contacts with state and local law enforcement.
; : !
I i :
Beyond the unique IA-IP partnership] IA is also the central information nerve
center of DHS' efforts to coordinate the protection of U.S. homeland security. IA will:
M i .
i [ | •
• Ensure (in coordination with FBI and others) that homeland security-related
intelligence information is shared with pthers who need it, in the Federal, state, and
local governments, as well as the private!sector; and
1 '• i •
• Support the Homeland Security Advispry System. lA's activities also will be in
support of the Secretary's responsibility to administer the Homeland Security
Advisory System, including independently analyzing information supporting
decisions to raise or lower the national warning level.
! 3
U
'19/04 THU 10:45 FAX
IA "Doing Business As" TTIC \n IA officers will be located at TTIC, working day-in-day-out, pa
With the early fall 2004 co-location of TTIC (including the IA analysts working
for DHS there), with CIA's Counterterrorist Center, and the FBI's Counterterrorism
Division, DHS will be able to leverage the presence of its personnel at this combined
facility to: reduce transmission and coordination time for critical information; and
facilitate comprehensive assessment of not only domestic threats but also foreign-based
threats that may ultimately impact thejhomeland. As provided by Congress and the
President, authorities and capabilities to deter and disrupt terrorist threats, particularly
overseas, are shared among a number of departments and agencies and such activities
often must be undertaken in concert with state, local, and foreign governments. Recent
experience has shown that terrorist groups may attempt to coordinate multiple attacks,
both overseas and within the United States! and that threats that appear to be directed
overseas may actually be directed towards the homeland, and vice versa.
In carrying out their analysis, IA analysts at DHS Headquarters not only will have
access to all relevant information from U.S^ intelligence and law enforcement agencies
and from officials in state and local governments andi the private sector, but they will be
able to reach out, via the IA analysts located at TTICJ to leverage their expertise and
direct contacts to the overall U.S. counterterrorism operational and analytic efforts co-
located there. DHS/IP will rely upon the analysis produced by LA, to help determine
priorities for protective and support measures and provide them to federal, state, and local
government agencies and authorities, and to private sjector entities. In support of its
mission, DHS/IP will drive, through and with lA, reduirements to the Intelligence
Community, law enforcement, and other parts of DHS, to ensure that vulnerabilities and
threats are correlated and appropriate protective actioins are defined and implemented.
\: j
IA's Independent Analytic Work '•• ' \n addition to the critical role, outlined above' of mappin
vulnerabilities against threats to the homeland, IA als,o will conduct other analysis distinct
from that hi which IA analysts participate at TTIC, including:
Red-Teaming. lA's tailored and, at times, comp btitive terrorism threat analysis, will
take another form as well: "red teaming." lA's arialysts will not only look
independently at threat data from a traditional analytical perspective, i.e., "connecting
the dots," but will also undertake "red team" anal; reis. In this mode, analysts will
view the United States from the perspective of;th«i terrorists, seeking to discern and
predict the methods, means and targets of the terri >ristB. The analysis produced as part
of this red teaming will then be utilized to uncbve r weaknesses, and to set priorities
for long-term protective action and target hardeni ig.
TTIC's Mission
TTIC is an interagency joint venture: of its partners. The TTIC members include,
but are not limited to, the Department of Justice/FBIj DHS, CIA, National Security
Agency, National Imagery and Mapping Agency, Peiense Intelligence Agency, and the
Department of State. Through the input and participj tion of these partners, TTIC will
merge and analyze terrorist threat-related informatiorj, collected domestically and abroad,
in order to form the most comprehensive possible thr jat picture, and disseminate such
information to appropriate recipients. TTIC, through its structure, will draw on the
particular expertise of its participating members - such as DHS' focus on homeland
security and CIA's focus on terrorism information; collected overseas - thereby ensuring
that the terrorist analytic product takes advantage of, land incorporates, the specialized
perspectives of relevant federal agencies, hi addition! TTIC will have access to, and will
aggressively seek to analyze, information from state and local entities, as well as
voluntarily provided data from the private sector. TIJIC will work with appropriate
partners to ensure that TTIC's products reach not 6rJy federal customers, but also state
and local, as well as private sector, partners.
' This chart is intended only to describe in general terms lAff'S-divlsion of Ik or with regard to functions assigned DHS by the
nd all other federal Departments and Agencies, remain
responsible, with regard to their own work and information in t&eir poiseesi&r for many of these same functions, e.g., protecting
information against unauthorized disclosure. :| :
i i "',• •
:|v ^!: ' ! •:
•'• i-7^!.
; i : l : ' !* =