Making disaster preparedness more effective

The Center for Technology in Government (CTG) at the University at Albany has released a report titled “Exploring Regional Telecommunication Incident Response Coordination.” The report was prepared in partnership with the New York State Department of Public Service (DPS). Together with DPS, CTG conducted a workshop among members of the regional telecommunications community to discuss the stewardship of the state’s critical infrastructure in an increasingly interconnected world. “Events such as the World Trade Center attacks and Hurricane Katrina have generated new discussions among stakeholders about the coordination necessary to ensure continuity of operation of our critical infrastructure,” said Theresa Pardo, deputy director of CTG. “Neither the public nor the private sector can claim sole stewardship of the critical infrastructure, and these interdependencies require new kinds of coordination in a variety of areas, particularly in response to incidents that threaten the stability of this infrastructure.”

CTG brought together representatives of telecommunications providers, state emergency management agencies, federal communications agencies, state regulatory authorities, state departments of homeland security, state cybersecurity, and the financial sector for the one-day workshop. A key aspect of the discussion among the participants was concern about duplication of effort. In particular, participants stressed that regional coordination efforts should not duplicate capabilities in either the public or private sectors. They noted, however, that currently held knowledge is not sufficient to determine where duplication might be an issue. Participants agreed that regional incident response requires leveraging resources in innovative and potentially more efficient ways, as well as the establishment of new business processes, communication flows, and a system of governance to balance the needs of all stakeholders. Here are other recomendations made by the participants:

* Jointly establish guiding principles. Bring together key actors from across the sectors to collaboratively establish guiding principles.

* Conduct current research practice regarding regional coordination of infrastructure incident response. The research should specify focus on regional coordination of telecommunications incident response, as well as models for governance and information sharing agreements of existing regional response efforts.

* Increase knowledge about current information resources, practices, and capabilities, and avoid duplicating response capabilities in either the public or private sectors.

* Invest in process improvements. Develop information flow models through collaborative group model building sessions to allow for shared understanding. Analysis of these models will inform decision making concerning process improvements.

*Secure funding for continued exploration. A comprehensive study of potential value of regional coordination would serve as an investment in capability in, for example, the northeast region, and as a model process for other regions.

Among the conclusions of the report:

* Knowledge gaps exist. Regardless of future investments in future coordination, the gap in current knowledge about the roles and responsibilities of individual organizations in sub-national incidents needs to be addressed.

* Roles and responsibilities remain unclear. Participants in the workshop were unclear about who is responsible at what point in time in the event of an incident. This lack of clarity about responsibility echoes findings in the President’s National Security Telecommunications Committee (NSTAC) Report to the President on National Coordinating Center.

* Currently held information resources can be leveraged. Regional incident response requires leveraging currently held information resources in innovative and potentially more efficient ways, as well as the establishment of new business processes, communication flows, and a system of governance that satisfies the needs of all stakeholders.

* Trust and collaboration are pivotal. Trust, collaboration, and timely cross-boundary information sharing play pivotal roles in coordinated response.

* Quality and timely data. Receiving detailed information quickly becomes especially important in regional, multi-state, or multi-jurisdictional responses. Real-time data and cross-organizational information sharing are even more significant in the smaller, localized events where only one critical infrastructure is involved. A telecommunications incident can be severely hindered if the response team lacks quality and timely data.

* Contextual knowledge matters. Contextual knowledge of a region is imperative for decisions concerning resource distribution, response time estimates, and deployment of special equipment in response to an incident.

* National Communications System (NCS) may provide a model. The NCS roles and responsibilities as documented through the NRP is one example of an information and disaster management model in the event of a national incident. The question remains, however, to what extent might a similar model be relevant when an incident is localized to either a specific geographic area or jurisdiction beneath the federal radar.

http://www.ctg.albany.edu/publications/reports/exploring_regional