Agency or Department Name Here (for pda/handhelds)

Accomplishments for Core Goal #6 Vulnerability Assessment

Vulnerability Assessment
Under Governor O’Malley, Maryland’s critical infrastructure program was expanded and integrated into the intelligence fusion center to improve information sharing between law enforcement and the private sector.  The State’s efforts have focused on developing a common set of definitions for critical infrastructure, a standardized site Critical Infrastructure Protection tool, and a common database accessible to all critical stakeholders.  Vulnerability assessments are underway on infrastructure and key resources such as Maryland’s waterways, power grid, bridges tunnels, stadiums, and water supply.  These assessments provide information to assist in implementing new protective measures to harden key facilities and critical systems.  The program’s priority is to continue to complete a continually updated inventory of all public and private critical infrastructures in Maryland – a list which will be continuously update, expanded, and improved.  Following are key projects and accomplishments:

• Conducted the first Governor and Cabinet level drill focused on cyber security, leveraging key outside experts. Working with DHS's Cyber Exercise team and the Maryland National Guard's 175th Network Warfare Squadron, Maryland conducted a Cabinet level exercise on August 4, 2011 that focused solely on cyber security, assessing key aspects of the State's systems, and developing a resource guide for agencies.

• Expanded the Critical Infrastructure Protection program and integrated it into the State’s intelligence fusion center.  In 2007, Maryland State Police aligned its Critical Infrastructure Protection Program (CIP) with the Maryland Coordination and Analysis Center (MCAC), the State’s intelligence fusion center.  The Critical Infrastructure Team has been expanded to include both operational and analytical staff. The Operational Team is responsible for conducting on-site physical vulnerability assessments and providing critical infrastructure owners/operators with recommendations for security enhancement.  The analytical component is responsible for conducting threat assessments for the 18 Critical Infrastructure Sectors established by the U.S. Department of Homeland Security (DHS).

• Cataloged 3,800 critical infrastructure sites into an electronic database, up from 500 cataloged sites in 2007.  The State adopted DHS’ Automated Critical Asset Management System (ACAMS) as Maryland’s tool for cataloguing and managing critical infrastructure and key resource vulnerability information.  In partnership with federal, state, local, and private entities, interdisciplinary assessment teams are continuing to conduct site assessments.  Today, there are nearly 4,000 critical infrastructure sites currently inventoried within the system.
  

• Conducted more than 140 vulnerability assessments since 2007 at critical infrastructure facilities throughout the State.  These assessments are used to identify existing vulnerabilities and to recommend enhancing the security at these sites.  The CIP Branch has also provided threat briefings to operators of more than 100 critical infrastructure facilities throughout the State since 2007.

• Increased inspection capabilities by leveragingstate-of-the-art technology tools.  MSP partnered with the Johns Hopkins University Applied Physics Lab to create the Critical Infrastructure Inspection Management System, which uses helicopter-based CCTV camera technology to manage inspections of critical infrastructure.  MSP has deployed 32 helicopter-based homeland security inspection missions in the first half of 2011; in 2007, just one helicopter-based inspection mission was conducted. State of the art technological tools have been deployed such as the smart cameras in the light rail and metro system which automatically alert operators to suspicious packages and the State’s new surface radar system which alerts when vessels approach bridges and maritime critical infrastructure