Based upon a fictitious organization of your choosing,you are to offer insight regarding three identified threats, where one must come from each of the three broad threat/hazard groups of natural,...

Based upon a fictitious organization of your choosing,you are to offer insight regarding three identified threats, where one must come from each of the three broad threat/hazard groups of natural, technological/accidental, and adversarial/human-caused risks. (For additional information and examples, refer to theStrategic National Risk Assessment). Regarding these threats, you are to provide details that address the following activities that will collectively produce a comprehensive security plan. In addition, highlight issues that you feel are in need of attention by the security industry to adequately deal with such risks moving forward.

• Contingency Planning


• Business Continuity Planning


• Crisis Management Activities


• Business Recovery Efforts

The Strategic National Risk Assessment in Support of PPD 8 Strategic National Risk Assessment December 2011 1 The Strategic National Risk Assessment in Support of PPD 8: A Comprehensive Risk-Based Approach toward a Secure and Resilient Nation Overview The Strategic National Risk Assessment (SNRA) was executed in support of Presidential Policy Directive 8 (PPD-8), which calls for creation of a National Preparedness Goal, a National Preparedness System, and a National Preparedness Report. Specifically, national preparedness is to be based on core capabilities that support ―strengthening the security and resilience of the United States through systematic preparation for the threats that pose the greatest risk 1 to the security of the Nation, including acts of terrorism, cyber attacks, pandemics, and catastrophic natural disasters.‖ As part of the effort to develop the National Preparedness Goal and identify core capabilities, the Secretary of Homeland Security led an effort to conduct a strategic national risk assessment to help identify the types of incidents that pose the greatest threat to the Nation’s homeland security. Representatives from the offices of the Director of National Intelligence and the Attorney General, as well as other members of the Federal interagency, supported this effort. The assessment was used: To identify high risk factors that supported development of the core capabilities and capability targets in the National Preparedness Goal; To support the development of collaborative thinking about strategic needs across prevention, protection, mitigation, response, and recovery requirements, and; To promote the ability for all levels of Government to share common understanding and awareness of National threats and hazards and resulting risks so that they are ready to act and can do so independently but collaboratively. The subsequent pages provide an overview of the unclassified findings and the analytic approach used to conduct the SNRA. It should be emphasized, however, that although the initial version of the SNRA is a significant step toward the establishment of a new homeland security risk baseline, it contains data limitations and assumptions that will require additional study, review, and revision as the National Preparedness System is developed. These limitations are discussed below, and future iterations of the assessment are expected to reflect an enhanced methodology and improved data sets. Strategic National Risk Assessment Scope To inform homeland security preparedness and resilience activities, the SNRA evaluated the risk from known threats and hazards that have the potential to significantly impact the Nation’s homeland security. These threats and hazards were grouped into a series of national-level events with the potential to test the Nation’s preparedness. 1 The DHS Lexicon defines risk as the potential for an unwanted outcome resulting from an incident, event, or occurrence, as determined by its likelihood and the associated consequences. Accessed at: http://www.dhs.gov/xlibrary/assets/dhs-risk-lexicon- 2010.pdf Strategic National Risk Assessment December 2011 2 SNRA participants – including Federal agencies, DHS Components, and the intelligence community, among others – developed a list of national-level events (see Table 1) for assessment in the initial SNRA. The events are grouped into three categories: 1) natural hazards; 2) technological/accidental hazards; and 3) adversarial, human-caused threats/hazards. For the purposes of the assessment, DHS identified thresholds of consequence necessary to create a national-level event. These thresholds were informed by subject matter expertise and available data. For some events, economic consequences were used as thresholds, while for others, fatalities or injuries/illnesses were deemed more appropriate as the threshold to determine a national-level incident. In no case, however, were economic and casualty thresholds treated as equivalent to one another (i.e., dollar values were not assigned to fatalities). Event descriptions in Table 1 that do not explicitly identify a threshold signify that no minimum consequence threshold was employed. This allows the assessment to include events for which the psychological impact of an event could cause it to become a national-level event even though it may result in a low number of casualties or a small economic loss. Only events that have a distinct beginning and end and those with an explicit nexus to homeland security missions were included. This approach excluded: Chronic societal concerns, such as immigration and border violations, and those that are generally not related to homeland security national preparedness, such as cancer or car accidents, and; Political, economic, environmental, and societal trends that may contribute to a changing risk environment but are not explicitly homeland security national-level events (e.g., demographic shifts, economic trends). These trends will be important to include in future iterations of a national risk assessment, however. Table 1: SNRA National-Level Events Threat/ Hazard Group Threat/Hazard Type National-level Event Description Natural Animal Disease Outbreak An unintentional introduction of the foot-and-mouth disease virus into the domestic livestock population in a U.S. state Earthquake An earthquake occurs within the U.S. resulting in direct economic losses greater than $100 Million Flood A flood occurs within the U.S. resulting in direct economic losses greater than $100 Million Human Pandemic Outbreak A severe outbreak of pandemic influenza with a 25% gross clinical attack rate spreads across the U.S. populace Hurricane A tropical storm or hurricane impacts the U.S. resulting in direct economic losses of greater than $100 Million Space Weather The sun emits bursts of electromagnetic radiation and energetic particles causing utility outages and damage to infrastructure Tsunami A tsunami with a wave of approximately 50 feet impacts the Pacific Coast of the U.S. Volcanic Eruption A volcano in the Pacific Northwest erupts impacting the surrounding areas with lava flows and ash and areas east with smoke and ash Wildfire A wildfire occurs within the U.S. resulting in direct economic losses greater than $100 Million Strategic National Risk Assessment December 2011 3 Threat/ Hazard Group Threat/Hazard Type National-level Event Description Technological/ Accidental Biological Food Contamination Accidental conditions where introduction of a biological agent (e.g., Salmonella, E. coli, botulinum toxin) into the food supply results in 100 hospitalizations or greater and a multi- state response Chemical Substance Spill or Release Accidental conditions where a release of a large volume of a chemical acutely toxic to human beings (a toxic inhalation hazard, or TIH) from a chemical plant, storage facility, or transportation mode results in either one or more offsite fatalities, or one or more fatalities (either on- or offsite) with offsite evacuations/shelter-in-place Dam Failure Accidental conditions where dam failure and inundation results in one fatality or greater Radiological Substance Release Accidental conditions where reactor core damage causes release of radiation Adversarial/ Human- Caused Aircraft as a Weapon A hostile non-state actor(s) crashes a commercial or general aviation aircraft into a physical target within the U.S. Armed Assault A hostile non-state actor(s) uses assault tactics to conduct strikes on vulnerable target(s) within the U.S. resulting in at least one fatality or injury Biological Terrorism Attack (non-food) A hostile non-state actor(s) acquires, weaponizes, and releases a biological agent against an outdoor, indoor, or water target, directed at a concentration of people within the U.S. Chemical/Biological Food Contamination Terrorism Attack A hostile non-state actor(s) acquires, weaponizes, and disperses a biological or chemical agent into food supplies within the U.S. supply chain Chemical Terrorism Attack (non-food) A hostile non-state actor(s) acquires, weaponizes, and releases a chemical agent against an outdoor, indoor, or water target, directed at a concentration of people using an aerosol, ingestion, or dermal route of exposure Cyber Attack against Data A cyber attack which seriously compromises the integrity or availability of data (the information contained in a computer system) or data processes resulting in economic losses of a Billion dollars or greater Cyber Attack against Physical Infrastructure An incident in which a cyber attack is used as a vector to achieve effects which are ―beyond the computer‖ (i.e., kinetic or other effects) resulting in one fatality or greater or economic losses of $100 Million or greater Explosives Terrorism Attack A hostile non-state actor(s) deploys a man-portable improvised explosive device (IED), Vehicle-borne IED, or Vessel IED in the U.S. against a concentration of people, and/or structures such as critical commercial or government facilities, transportation targets, or critical infrastructure sites, etc., resulting in at least one fatality or injury Strategic National Risk Assessment December 2011 4 Threat/ Hazard Group Threat/Hazard Type National-level Event Description Nuclear Terrorism Attack A hostile non-state actor(s) acquires an improvised nuclear weapon through manufacture from fissile material, purchase, or theft and detonates it within a major U.S. population center Radiological Terrorism Attack A hostile non-state actor(s) acquires radiological materials and disperses them through explosive or other means (e.g., a radiological dispersal device or RDD) or creates a radiation exposure device (RED) The SNRA participants identified the events listed in Table 1 as those with the potential to pose the greatest risk to the security of the Nation and formed the analytic basis of the SNRA. In some cases, tornados may also become national-level events that pose significant risk. Table 1 is not a complete list of risks that exist and will be reconsidered in future iterations of the assessment. Additional threats and hazards, such as droughts, heat waves, winter storms, rain storms, and different types of technological/accidental or human-caused hazards, can also pose a risk to jurisdictions across the country and should be considered, as appropriate, in preparedness planning. Non-influenza diseases with pandemic potential and other animal diseases should also be considered. In addition, assessment participants identified a number of