Al Qaeda’s Christmas attempt to blow up a Delta Airlines airplane should serve as a wake-up call about the information sharing issues impeding security. Instead, officials are narrowly focused, as usual, on screening passengers for bombs.

No single organization operating alone can mitigate a serious threat or respond to a major crisis. Success depends on the rapid sharing of information between agencies. Those who gather the intelligence that can help prevent an attack need to coordinate with those tasked with stopping an attack, and they in turn need to communicate operational information to coordinate emergency responders. When a crisis unfolds, there is no time to do the planning required to figure out whom to alert, nor for the alerted units to start their planning on how to respond.

During a crisis, information rarely flows effectively within or between organizations without fully developed plans and regular practice exercising procedures. Notable examples of communication breakdowns include the World Trade Center bombing in 1993, the World Trade Center attack in 2001, and Hurricane Katrina in 2005. Where local agencies like the New York Police Department have engaged with federal agencies like the FBI and CIA, terrorists have been caught before they attacked.

A coordinated homeland security effort requires more than just having “fusion centers” with information sharing and communication technology. Radios, email, phones, or “Information Sharing Environment” web portals alone will not ensure that information reaches the right people at the right time.

In a crisis, information will not spontaneously flow across these systems as needed unless organizations plan ahead and create actionable information sharing procedures. More than a phone directory that lists points of contact, to be actionable, information sharing plans and procedures should indicate what information needs to be sent or received given different trigger events. These procedures need to be exercised, and audited for completeness and policy compliance at least annually.

The United States has 15 national planning scenarios, but today no single agency or role “owns” the information sharing planning process of creating an end-to-end map of the flow of information across all the relevant agencies and the private sector.

Nobody can honestly say: we have systematically determined the information needs of all the relevant entities in this scenario; we have documented information sharing procedures and commitments, and through exercises we have assessed the flow of information between jurisdictions, levels of government, disciplines, and sectors to ensure that requirements for timely, accurate, secure and policy-compliant communication are being met.

Without a national framework for determining what information sharing constitutes good or even adequate information sharing, joint mission execution will be impeded by avoidable gaps, bottlenecks, delays, and single-points-of-failure.

The success of any effort to improve the flow of homeland security information requires commitment and continuous support by the President, Department of Homeland Security (DHS) and the various agencies that make up the Intelligence Community.

Senior leaders of security agencies should not pass the buck to information technologists. The issues that impede the flow of information across agencies are caused by the absence of an institutionalized, multidisciplinary information sharing planning and governance process, far more than by deficiencies in technology.

No homeland security strategy, standard, exercise, or plan should be approved without containing procedures for information sharing governance. Planners and operations managers – not technologists - are the ones who must lead and manage the planning process, engaging in joint planning sessions, tabletop exercises, and after-action review both within their organization and with partners.

This approach to information sharing will make the flow of vital information faster, policy-compliant, and more resilient – less likely to break down due to technical issues or human factors.

Effective information sharing can push the rings of security far beyond the airport.

Action Items for Information Sharing Preparedness

1. In order to develop actionable security and emergency operations plans, organizations in both the public and private sectors should develop, document, and maintain information sharing plans. Information sharing plans should serve as part of, or as annexes to, the organization’s general all-hazards emergency operations plan and its plans for specific types of incidents.

2. Information sharing plans should specify information sharing and communication procedures which, at a minimum:

• Identify all key participants deemed critical for the effective execution of the organization’s emergency operations plan and for achieving its objectives. “Key participants” means all internal and external roles, positions and partners who must send or receive information related to the execution of the plan. External participants include business partners and government agencies at local, state, federal and international levels, and the media.
• Specify, for each key participant, the essential information sharing and communication actions for both internal communication within the organization and external communications required to support tasks, actions, and decisions that need to be taken by the participant. An “essential information sharing and communication action” is information sharing and communication without which a task cannot be executed effectively.
• Identify the message content that needs to be sent, requested, and received by each participant.
• Identify the communication mechanism (i.e: system, tools, network) to be utilized for the communication.
• Identify critical requirements regarding the timeliness of the information sharing and communication, for both normal and emergency or other special situations.

3. Information sharing plans should be reported to senior organizational leadership.

4. Information sharing plan development, coordination, evaluation and exercise:

• For quality control, the plans and their implementation should be evaluated at least once annually by outside experts.
• The organization should develop, coordinate, evaluate and exercise the information sharing plan in coordination with internal stakeholders and external stakeholders at least once a year.
• The organization should document the processes and tools by which it develops its information sharing plans and manages relationships and communication procedures with external partners.
• The organization should document the quality assurance and quality control methodology it uses to assess the information sharing plan and the capability required to execute it.

5. Continuous updating and improvement

• Organizations should designate a person responsible for developing a plan to audit the completeness of the information sharing plan. The person shall recommend ways to correct the shortcoming identified in the plan review process and in exercises.
• The organization shall use its knowledge of information sharing issues to improve network and doctrine design. Planners and analysts shall proactively look for those links where the flow of information is most likely to break down, and identify the underlying reasons why these issues may occur so that safeguards can be built. The analysts shall regularly assess the flow of information to identify the risk of issues such as gaps, bottlenecks, single-points of failure and non-compliance with regulation and policy. The analysts shall prepare a written plan for mitigating and remediating the information sharing and communication issues, which shall be reported to organizational leadership.
• The organization shall assess its information sharing capability through tabletop and other exercises designed to measure and assess the completeness, speed, resilience and policy compliance of information sharing, and to mitigate the risks of preventable failures in communication. In assessing its information sharing and communication capability, the organization shall consider new standards, and best-practice models.

6. Third-party assessment

• On an annual basis, the organization shall engage third party experts experienced in preparing information sharing plans that meet this standard to carry out an annual assessment of its plan, the information sharing plan development process, and findings from any reviews or exercises that were conducted.
• The information sharing plan reviewers shall identify the individuals from the organization and its external partners involved in the ISC planning process.
• The information sharing plan reviewers shall validate that the individuals with roles specified in the plan have received training in their information sharing and communication requirements and confirm that they are familiar with their roles and responsibilities under the plan. Participants are expected to be capable of demonstrating that they know whom to contact and how to make contact, and what information needs to be communicated. It is desirable that they also know how the information they provide is used and how it influences actions and decisions.
• Findings from the third party assessment shall be reported to senior organizational management. These assessments could be shared, as appropriate with the relevant government agencies.
• If findings from the assessment indicate shortcomings in the plan and the ability of the organization to execute it, the organization shall revise its communication procedures, provide remedial training, and deploy relevant systems to support improvements in information sharing and communication.

Putting Information Sharing Planning Into Action for Rail Transit Security

Information sharing planning is starting to receive more attention, especially from regional and inter-agency working groups, who seek a systematic framework for improving the flow of information.

The Philadelphia Area Regional Transit Security Working Group (PARTSWG) recently received a Department of Homeland Security (DHS) transit security grant to fund the development of a regional information sharing plan for a terror attack with an Improvised Explosive Device (IED) against the rail system in Philadelphia.

Funded under the Federal Emergency Management Agency FY 2006 Transit Security Grant Program, Tier I – Rail Systems, the statement of work for the project, “Information Sharing Planning for Rail System Security Using an Improvised Explosive Device Terror Attack Scenario,” noted that “securing the rail system against an IED terror attack depends on effective communication and fast, resilient information flow, as well as physical infrastructure protection measures.”

According to Harold Neil, a former director of the New Jersey Department of Transportation’s Office of Transportation Security, regional transit security agencies must plan the sharing of information needed before, during and after an incident.

“Achieving the required communication flow – a top priority for critical infrastructure security requires not only technical interoperability of computer systems, but also governance, Standard Operating Procedures (SOPs), training, assessment, and ongoing management,” said Neil, now chairman of Homeland Defense Solutions.

According to Neil, “the continued deficiencies of information sharing remain - the most recent events illustrate those missed opportunities for advancing not just the discussion of information sharing but also the implementation of a systematic information sharing planning process.

The gaps identified in the thwarted November and December terrorist attacks continue to exist within all levels of government, but are magnified when the private sector is included or added to the equation.

Neil said the dominant questions continue to be: “How is information received from the private sector and what information does the private sector need to continue to operate in a safe and secure environment?”

“Most often the information is requested from government but there remains the gap for real time deliverance of relevant information in return,” Neil pointed out, adding that the result of the DHS-funded study “clearly presents a competent and clear solution which requires action.”

David Kamien ( This e-mail address is being protected from spam bots, you need JavaScript enabled to view it ) is editor of The McGraw-Hill Homeland Security Handbook and CEO and co-founder of Mind-Alliance Systems, a pioneer in development of information sharing planning software. He's lectured at the Office of the Director of National Intelligence, World Customs Organization, Cebrowski Institute, and the Naval Post-Graduate School. He served as Golani Brigade platoon commander in the Israel Defense Forces.

Professionals interested in observing or participating in information sharing planning sessions for a rail security project are invited to contact Harold Neil at This e-mail address is being protected from spam bots, you need JavaScript enabled to view it .