The Homeland Security Today awards annually recognize the people who devote their lives to protecting our people, our resources, and our way of life. From heroic efforts on duty to invaluable efforts behind the scenes, annually we gather to celebrate excellence, honor, and the daily successes of those working on the front lines and in a support capacity to ensure the safety of all Americans. We are proud to honor the following 2022 award recipients.
HOMELAND SECURITY PERSON OF THE YEAR
The GTSC Homeland Security Today Person of the Year is awarded to people who serve the homeland security mission in an exemplary fashion. These individuals have directly improved, executed, and/or engaged the proper people, agencies, or departments necessary to tangibly improve the nation’s prevention, protection, mitigation, or response capacity to make America safer.
PERSON OF THE YEAR: NATIONAL
L. Eric Patterson, Director, Federal Protective Service
L. Eric Patterson is the Federal Protective Service (FPS) director and will retire in January after more than 43 years of military and public service. Appointed as the FPS director in 2010, he is the longest-serving director in the agency’s 51-year history. He previously served as the deputy director of the Defense Counterintelligence and Human Intelligence Center at the Defense Intelligence Agency and as commanding general of the Air Force Office of Special Investigations, which culminated his distinguished 30-year career.
Throughout his tenure as director, Patterson provided inspirational leadership and strategic vision to a national law enforcement organization of 15,000 officers, personnel, and contractors protecting approximately 9,500 federal facilities where more than 1.4 million people work, visit, and conduct daily business with the U.S. government resulting in more than $4.5 trillion in annual economic activity. Faced with an ever-dynamic threat environment, Patterson spearheaded transformational initiatives which significantly prepared, integrated, and professionalized the FPS workforce to become a recognized leader within the facility protection and law enforcement communities, domestically and internationally.
Just a few of his career accomplishments include:
- Provided leadership among DHS law enforcement agencies to harmonize use-of-force policies, equipment issuance, and training across the department and develop new Public Order Policing policies to better protect those exercising their First Amendment rights.
- Named the Federal Law Enforcement Training Center (FLETC) 2022 Partner Agency of the Year (out of more than 150 partners) after opening a new National Training Academy on the FLETC campus this year. The building was nominated for the 2022 Law Enforcement Design Awards, which showcases new architectural designs that represent the very best innovations in security and technology today. His vision was key to this facility being constructed.
- Served as a named member of President Biden’s Safer Federal Facilities Task Force as part of the Executive Order on Protecting the Federal Workforce during the COVID-19 pandemic. His leadership was instrumental to keeping federal facilities open for business.
- Prepared FPS to protect facilities against emerging threats. This included helping agencies navigate the nexus of cyber-physical technologies and mitigate inherent vulnerabilities; additionally, FPS deployed a counter-unmanned aerial system capability and policy that resulted in DHS’s first custodial arrests for violation of national defense airspace.
- Drove the development of new systems and technology to allow FPS to automate manual processes, increase officer safety and facility protection, and collect information to make evidence‐based decisions. Notably, FPS’s Modified Infrastructure Security Tool (MIST), which assesses the security of federal facilities, has won three national homeland security “Astor” Awards. As a result of his vision, MIST has become the leading source of facility vulnerability information and mitigation efforts within the federal government.
- Spearheaded efforts to increase law‐enforcement professionalism and standardize tactics, techniques, and procedures across the nation.
Additionally, he created a Rapid Protection Force. Collectively, his leadership allowed FPS to surge forces to meet multiple national emergencies and high‐profile operations with minimal impact to daily operations. During the summer of 2022, FPS simultaneously surged officers to support the resettlement of Afghan nationals, augment the Supreme Court of the U.S. police during a period of heighted risk, and protect emergency intake sites for unaccompanied migrant children.
Patterson’s record of achievement as FPS director is nothing short of extraordinary. The result of his efforts tremendously benefits DHS, the federal workforce, and millions of Americans. He consistently demonstrates a high and unwavering commitment to public service.
PERSON OF THE YEAR: STATE
James “Chris” Stallings, Director, Georgia Emergency Management and Homeland Security Agency
James “Chris” Stallings has served as the director of the Georgia Emergency Management and Homeland Security Agency (GEMA/HS) since Sept. 1, 2020. During that time, he has faced some truly daunting challenges, assuming additional roles and responsibilities while continuing to put the people of his state first and working to find ways to increase our nation’s security. In addition to his responsibilities to Georgia, he sits as the chairman for the National Emergency Management Association’s (NEMA) Homeland Security Committee – a role in which he identifies and disseminates best practices from around the country, identifies security gaps, and facilitates coordination and communication among key stakeholders throughout the nation.
Additionally, Stallings represents the NEMA by sitting as a tri-chairman for the National Homeland Security Consortium (NHSC). The NHSC is a unique group of 22 state and local associations representing elected officials, homeland security and emergency management organizations, and the private sector who work together to address the complex challenges of homeland security. These leadership roles demonstrate the strength Stallings brings to all situations in which he finds himself, and the respect held for him by his colleagues.
In Georgia, Stallings brought over 12 years of public safety experience to his director position. During his first year in charge, he coordinated the state’s response to the COVID-19 pandemic, which included an incredible launch with minimal supplies of nine major mass vaccination sites in three days helping thousands of Georgians have shots in arms. Prior to joining GEMA/HS, Stallings served as director of the Georgia Department of Public Safety’s Dignitary Protection Section. He started his career at the agency in 2008 and was rapidly promoted through the ranks. He was often recognized as a leader among his peers. Stallings currently serves as vice chairperson on Georgia’s Board of Homeland Security, and serves on the Georgia Criminal Justice Coordinating Council and the Georgia Cybersecurity Board.
To facilitate the best mitigation and resilience efforts for his state, Stallings makes it a point to visit all his counties in the state on a regular basis. This type of commitment, down to each community, allows him to lead with the best understanding of the needs of his communities – not just what can be seen at the state level, but hearing from localities themselves.
Highlighting his innovative use of decreased federal homeland security funding, Stallings understands that the amount of money available would be ineffective split among all Georgia counties. Seeing there could be greater utilization of the funding as a statewide project, Stallings directed homeland security grant funds to be used to establish an intelligence unit within the Georgia Emergency Management Agency to specifically monitor infrastructure during all-hazards events and make the information available in real time to all counties. The intel center serves emergency management as well as law enforcement. This type of step forward is the perfect example of the progress Stallings has brought to the table in his roles.
The passion and enthusiasm for protecting our country at every level is exuded throughout Stallings’ daily activities and his career. His expertise and skillset are an asset that inherently enhances the homeland security network of this country. He swiftly executes actions with the betterment of the people of this country in mind at all steps – consistently making the correct decisions and leading by example in every aspect.
PERSON OF THE YEAR: LOCAL
Sergeant Michael Satter, Deputy Director, Kansas City Regional Fusion Center, Kansas City Missouri Police Department
Sergeant Michael Satter has demonstrated excellence in outreach and engagements with private, local, state, and federal agencies to comprehensively strengthen stakeholder capacity through education, information sharing, and information empowerment. As a sergeant with the Kansas City Missouri Police Department and as the deputy director of the Kansas City Regional Fusion Center, Satter has taken on additional duties to enhance fusion center awareness at the local, state, and national levels. His promotion of the regional fusion center and capacity building of private stakeholders in the greater Kansas City metropolitan area led to his selection as the co-chair of the National Network of Fusion Centers’ Private Sector Engagement Committee. There he continues to grow private-sector partnerships with state and regional fusion centers, while also facilitating the improved communications and information sharing of the committee with the Office of the Director of National Intelligence, the Federal Bureau of Investigation, the Domestic Security Alliance Council, the Department of Homeland Security’s Private Sector Office, and the National Council of Information Sharing and Analysis Centers.
His leadership and persistence to improve private-sector outreach helped lead to his selection as a member of the National Fusion Center Association’s Executive Board and an April 2022 appointment as co-chair for the Central Region, where he directly represents 16 of the 80 fusion centers in the national network. In 2022, Satter delivered multiple educational presentations at the federal, local, and private partnership levels. He served as a keynote presenter and trainer at the National Fusion Center Association Annual Training Event and the National Homeland Security Conference to educate and share best practices for improving information sharing and educational initiatives for private-sector partners to improve threat reporting and assessment. Satter took the lead to engage with private, local, state, and federal agencies to capture accurate regional data. He helped review the analysis on, and syntheses of, information that led to Kansas City’s metropolitan area being awarded the federal designation as an Urban Area Security Initiative (UASI) city in 2022. Satter is a recognized principal contributor for protection and resiliency planning in the multi-state (Missouri and Kansas) region. He served on several regional committees such as the Mid-America Regional Council’s Regional Homeland Security Coordinating Committee, including key participation on regional terrorism and bio/agriculture meetings to facilitate private and public understanding of threats, risks, and consequences. His insights were instrumental in these committees developing threat mitigation strategies and plans. Satter skillfully championed outreach and engagements with large private-sector lifeline critical infrastructure organizations in the region. Through his outreach, Satter facilitated discussion, planning, and information sharing that enhanced the protection level and resiliency of these large private organizations. He served as the lead municipal anti-terror outreach coordinator with the siting and security development of the future largest data center in the U.S. owned by Meta. He provided key outreach and collaboration between Kansas City and private stakeholders to include the NFL for the 2023 NFL Draft. He facilitated private, local, and federal engagement, outreach and information sharing with critical infrastructure stakeholders such as Evergy energy and AT&T communications.
Satter’s contributions in the discipline of outreach and engagements comprehensively improved the information sharing, training, and education capacities of all he has interacted with at federal, state, local, and private partner agencies and organizations. His contributions indicate his professionalism, commitment, and tireless efforts to improve community safety, protection, and resiliency.
HOMELAND’S HUMAN FIREWALL
Homeland’s Human Firewall is a new award to recognize the tireless efforts and achievements of those keeping our cyber infrastructure protected.
Kenneth Bible, Chief Information Security Officer, Department of Homeland Security
At the direction of the Department of Homeland Security’s Chief Information Officer, the Assessments Team of the Chief Information Security Officer Directorate (CISOD) along with personnel at U.S. Immigration and Customs Enforcement (ICE) developed and matured innovative concepts in data analysis in support of a risk-based cybersecurity assessment method that applies data science techniques to quantitatively measure risk that is applicable across the Department of Homeland Security and its component agencies. This novel approach led to practical applications during Fiscal Year 2022 in supply chain risk management, vulnerability management, and cybersecurity investment planning and budgeting.
The team led pathfinding work applying the statistical and analytical techniques of latent factor analysis – typically applied in the medical field – to quantify cybersecurity risk based upon correlations among observable variables, mainly those found in the well documented National Institute of Standards and Technology Cybersecurity Framework (CSF).
Based upon the Assessments Team within CISOD and ICE’s work, the Department of Homeland Security (DHS) has launched the Unified Cybersecurity Maturity Model (UCMM), upon which cybersecurity investments can be mapped to their impact in increasing cyber maturity (reducing risk) and visualizing this impact at the system, component agency, and enterprise scale. Further, this campaign directly supported the department’s delivery of a first-ever assessment of risk within the entire portfolio of a major subdivision of the department in FY 2022 based on an innovative application of existing acquisition cyber hygiene clauses.
Simply stated, the team’s work has been seminal – both in terms of the application of latent factor analysis principles, and in terms of practical application to move DHS’ information security program forward towards risk-based methods. Moreover, UCMM is being used to measure risk on DHS public facing systems providing citizen services, such as those at U.S. Customs and Border Protection, Federal Emergency Management Administration, U.S. Immigration and Customs Enforcement, and Transportation Security Administration. The application of UCMM for these systems proactively uncovers and measures cybersecurity risk for the application of appropriate risk reduction measures that can be made to protect citizen access.
FEDERAL SMALL BUSINESS CHAMPION
Federal Small Business Champion of the Year is awarded annually to a federal official who shows a distinct commitment and tangible results toward improving the environment and success for small businesses in the federal homeland and national security market.
Ali Pourghassemi, Industry Liaison, Office of the Chief Procurement Officer, Internal Revenue Service
There are extraordinary people doing extraordinary things. And there are agencies working to transform, secure, and modernize huge organizations to serve the American people. And then there is Ali Pourghassemi, who is working to support all of those things, AND provide support, intelligence, and opportunity for small business. For several years, Pourghassemi has not only been the champion for small business at IRS, he has executed programs, curriculum, and opportunities to ensure that small businesses understand the IRS, the evolving needs at the agency, and certainly where they could fit in to help meet the mission of securing PII, protecting the agency from the millions of cyber attacks and scams attempted daily, and ensuring that innovation and new ideas are not lost in the shuffle.
While many believe it is an “industry liaison’s” job to communicate and develop touchpoints for collaboration and communication between industry and government, “doing it” and having a title are often two different things. Not so for Pourghassemi.
He’s been pivotal in getting the word out about Pilot IRS to the small-business community – the iterative procurement technique focused on outcomes that allows the IRS to test new technologies on faster timelines. And he works with GTSC and other groups to ensure that information is communicated to industry in a timely and accessible way. Pourghassemi is an excellent example of what effective stakeholder outreach looks like and, more importantly, how valuable the outcomes are when executed exceptionally.
Presented to an exceptional individual who contributes in a concrete and tangible way to the efficiency, productivity, and effectiveness of the homeland and national security market. Proven as a thought leader with a belief in increasing individual opportunity, the power of free enterprise and the nurture of innovation to advance and support the homeland and national security mission.
Lindy Kyzer, ClearanceJobs.com
Lindy Kyzer is not only the Director of Content for ClearanceJobs, the largest career network for individuals with an active federal security clearance, but a thought leader in the industry. Whether it’s hard news about the security clearance process, adjudicative guidelines, career topics, or waxing philosophical about Secret Squirrels and Air Force mustaches, there are few things she loves more than the protection of national security. Kyzer previously worked as the Army’s senior social media strategist, managing the Army’s host of social networking platforms. While at the U.S. Army, she developed the U.S. Army social media training program, educated thousands of Army leaders on emerging media tools and trends, and established social media presences for a variety of organizations. She understands the national defense threat landscape from a macro level, who the key stakeholders are, the issues at hand, the progress that is being made, and how to influence change from the inside out – all while wearing the biggest, brightest smile you’ve ever seen. Personality plus passion, she’s a leader and innovator who loves the art of communication, learning new things and building communities. Her favorite pastime is connecting government and industry leaders in order to forge new relationships and direct change. She fully understands that homeland security is directly impacted by the security cleared personnel and the agencies who influence federal hiring.
Kyzer’s role is so much more than her title. She is motivated to help other solve issues surrounding military and national defense by getting to the root of the issue. Daily, she investigates the terms and turnaround times on background investigations, eligibility, classification and declassification procedures and much more. She singlehandedly stood up the social media, editorial and public relations departments of ClearanceJobs as a result of her hard work. Kyzer’s specialties include media outreach and engagement, congressional affairs and political issues, branding and marketing, public affairs strategy, social media strategies, tactics and problem-solving, new media/social media/blogs, writing, and public speaking.
The Acquisition Excellence awards recognize a division, agency or effort that has improved the speed, efficiency, and effectiveness of the acquisition of technology, products or services that support the frontline missions of homeland security. Projects must demonstrate tangible benefits and improved efficiency in the acquisition process.
TSA: Flexible Agile Scalable Teams (FAST), Richard Melrose, Branch Chief and Supervising Contracting Officer, and Cristian Rodriguez, Branch Manager, Application Development Division
With FAST, TSA is continuing to drive a system-wide modernization of its legacy systems across various portfolios, while breaking down siloes (transitioning from waterfall to Agile methodologies). It’s an iterative evolution, applying new tools and processes to create a wholly new and transformative IT culture within the TSA. The tools, resources and technologies in this transformation include enhancements made to the TSA’s public website, its public and employee mobile apps (e.g., myTSA mobile app), enterprise case management system, and a new data-tracking process that informs the agency’s No-Fly list.
For the Enterprise portfolio alone, FAST has accelerated Agile transformation with the delivery of more than 130 releases since contract inception by more than 20 active teams. Through new workforce enablement and technology modernized strategies, the team has been migrating over 85 applications from legacy SharePoint, Siebel, and Oracle APEX technologies to newer platforms, such as .NET and Java running on Azure-hosted cloud-native technologies and Salesforce Cloud. Not only is this transforming the speed and agility of the organization but also driving down costs for TSA.
Richard Melrose serves as the Branch Chief and Supervising Contracting Officer for the set of Flexible Agile Scalable Teams (FAST) contracts awarded to multiple vendors to customize and integrate software and applications for various TSA organizations. Each blanket purchase agreement (BPA) supports offices within various Flexible Agile Scalable Teams (FAST) portfolios, including enterprise support, human capital, security operations, law enforcement, and digital services and workflow collaboration. The contracting approach is one of the most innovative in the federal government, allowing TSA to quickly contract with vendors to provide agile scrum teams of a specific complexity based on a single one-page description of the scope sought for delivery. This vehicle allows TSA to quickly ramp up delivery teams with custom or software as a service/cloud skills on demand. A set of standardized, robust DevSecOps capabilities allow the agile teams to rapidly deliver code to production. The approach has not only facilitated the delivery of new mission critical services for the enterprise but also helped drive down costs by modernizing TSA IT infrastructure using SaaS cloud services.
Cristian Rodriguez serves as the Branch Manager in the Application Development Division within TSA Office of Information Technology (OIT), with oversight of the agency’s Flexible Agile Scalable Team (FAST) contracts to support the technology portfolios for the Enterprise, Security Operations, Law Enforcement, and Human Capital offices. Rodriguez combines traditional and agile principles and processes in building independent customer-funded application development programs, as well as administering more focused TSA Agile Services contracts for faster application development and deployment.
USCIS: Fusion Procurements, Contracting Officer and Component Innovation Coach Chad Parker
U.S. Citizenship and Immigration Services needed to recompete two separate task orders for development, security, and operations (DevSecOps) — one for risk and the other for fraud — to operate, maintain and enhance the current fraud detection and national security systems that support Executive Order 13780 (Protecting the Nation from Foreign Terrorist Entry into the United States) and support USCIS’s implementation of new guidelines and capability to comply with the EO. The contracting officer on the team provided procurement innovation coaching support, for the first time, while being shadowed by a Procurement Innovation Lab (PIL) coach. The team sought to streamline the evaluation process. With the two task orders expiring around the same time, USCIS wanted to recompete both requirements together in one to solicitation (but not bundle them into a single award) to streamline the approval and evaluation process for the requirement. The team used a new technique called fusion procurements to streamline the procurement process. Using this technique, USCIS issued one solicitation to solicit quotes for the two FINCH requirements with the plan of awarding two separate task order awards. Using FAR 16.505 Fair Opportunity procedures, the team used a two-phased advisory down-select approach. In Phase 1, quoters submitted a 4-page response to three questions about their specialized experience related to one or both FINCH requirements. In phase 2, vendors submitted a written past performance questionnaire and participated in an all-day coding challenge followed by an oral presentation. As a result of this streamlined approach, USCIS received 18 quotes in Phase 1 and advised 7 vendors to proceed to the second phase, with all but one vendor taking the government’s advice to proceed to Phase 2. The Phase 2 coding challenge did not go as planned! During the coding challenge, the USCIS team had an unexpected experience when the cloud platform being used did not capture the code that was written by the vendors. Having to decide on how to proceed upon learning that the cloud platform did not capture the all-day coding challenge submissions in Phase 2, the CO asked all 8 vendors to repeat the all-day coding challenge. This time, the procurement team had their subject-matter-experts (SMEs) fully test the cloud platform before hosting the repeat coding challenges to ensure it met all requirements and would save the submissions.
Using the fusion procurement process to award two task orders from one solicitation significantly cut down on the administrative processes, even with the necessary repeat of the Phase 2 coding challenge. USCIS was able to award both task orders with a combined value of $231 million just 7 months after the release of the solicitation. This was the first time the contracting officer served as the innovation coach for a procurement. Rather than panic and cancel the solicitation when something did not go as planned, he employed the PIL framework of testing and sharing by quickly learning forward from the coding challenge debacle and used the discretion allowed him in FAR Part 1 to have vendors repeat the coding challenge to keep the procurement moving forward to ensure timely delivery of the mission. All vendors were treated fairly and so there was no need to cancel simply because something did not go as planned. A learning culture of testing, sharing, obtaining feedback, and testing again creates a learning organization that is better able to adapt to unexpected challenges to better meet the mission. This USCIS FINCH team demonstrated the benefits of a learning culture and were able to timely support the mission of their frontline users by failing fast and quickly learning forward from their coding challenge.
In addition to Parker, the USCIS FINCH Team is Secondary Contracting Officers Sylwia Salkic and Morgan Skaggs, Program Lead Scott Purnell Saunders, and Legal Advisor Dana-Marie Akpan.
CBP: IT Marketplace, Betty Matias, Gloria Contreras, and Cheryl Ogden
The U.S. Customs and Border Protection’s mission of securing the nation’s borders and facilitating legal trade and travel is supported by a workforce of more than 60,000 each day. Betty Matias and Gloria Contreras, the new IT Marketplace Team, exhibit their dedication to this critical mission daily. The new venue, IT Marketplace, provides CBP offices the ability to order products via other means unavailable to CBP during the month of September. Over the course of FY22, Matias and Contreras executed innovative and performance- centered processes to successfully complete a series of procurements for multiple offices across CBP resulting in completing 1,017 task orders within 17 Procurement Requisitions and obligating approximately $29 million. Additionally, their exemplary dedication to mission and professionalism streamlined requirements and eliminated duplication of efforts by 90 percent; this differentiating factor sets them apart.
Matias and Contreras, as a team, exceeded expectations with the IT Marketplace ordering process and increased productivity, which left zero dollars in funds unspent. Their work practices and commitment to acquisition excellence are invaluable and proved the success of the IT Marketplace ordering process for CBP.
Cheryl Ogden was instrumental as a member of the IT Marketplace team of CBP. Her efforts helped to streamline all procurement acquisitions for selected IT commodity buys to reduce the number of procurement actions done by procurement and therefore maximizing procurement resources. She also consolidated the commodity buys to allow CBP to have an anticipated benefit of quantity pricing/discounts to be leveraged for the good of all CBP. In FY21 the IT Marketplace saved $4 million for CBP; for FY22 the IT Marketplace saved $2.5 million allowing the savings to be redirected for other CBP mission-critical requirements. Further, the streamlining of the commodity acquisitions also allows OIT to ensure that all devices deployed are fully imaged, patched, updated and managed for network and cybersecurity requirements by reducing the IT device sprawl through the enterprise infrastructure.
MOST INNOVATIVE CAMPAIGN TO INCREASE SECURITY
People around the nation are working to find creative and engaging ways to help the public understand and prepare for any eventuality. Educating the public about homeland priorities, threats, and vulnerabilities is a critical part of the security equation. The Most Innovative Campaign to Improve Security recognizes a federal, state, local, or private-sector campaign that has increased awareness and preparedness for a threat that requires the partnerships to mitigate and prevent physical or cyber attack, disaster preparedness, human trafficking, infrastructure protection, supply-chain security or any threat to the country.
Department of Homeland Security Office for Bombing Prevention: Douglas DeLancey, Strategy Branch Chief
Douglas DeLancey is Strategy Branch Chief at Office for Bombing Prevention, where the
Bomb-Making Materials Awareness Program (BMAP) represents one of the best ways to detect and report suspicious purchasing behaviors in the U.S. A key program of the Cybersecurity and Infrastructure Security Agency’s OBP, BMAP informs and educates retailers and the public about recognizing bomb-making materials, suspicious purchasing behaviors, and the reporting of suspicious activity.
The BMAP team led efforts in 2022 for CISA to collaborate with the FBI on Operation Flashpoint, a joint campaign between CISA and the FBI to build awareness in communities across the U.S. for preventing bomb attacks. The initiative aims to encourage businesses and the public to voluntarily report suspicious activities, such as buying large amounts, or a combination of, chemicals and materials that can be used to build bombs. Currently, approximately 250,000 businesses across the nation sell or distribute everyday materials that can be used for deadly purposes. Bomb-making materials are readily available at beauty supply stores, hardware stores, pool supply stores, sporting goods stores, home centers, and elsewhere.
Domestic violent extremism is on the rise across the U.S., and extremists increasingly plot and attack using improvised explosive devices (IEDs). Terrorists, criminals, and others often build IEDs from common household items using instructions found on the internet. Bad actors can easily purchase enough of certain chemicals and other materials that are readily available in stores to build home-made explosives. Programs that encourage voluntary reporting of suspicious activity can help avert future incidents involving such IEDs.
The Operation Flashpoint campaign has two main goals:
1. Build awareness – Reducing the threat of IED attacks by restricting access to explosive precursor chemicals (EPCs). This means helping businesses detect the illegitimate acquisition, theft, or diversion of EPCs at the retail level.
2. Encourage suspicious activity reporting – Providing businesses with training and guidance to report suspicious activity to police, consistent with the National Suspicious Activity Reporting Initiative (NSI); and encourage reporting to the FBI’s tipline for the Weapons of Mass Destruction Directorate at 1-855-CALL-FBI (1-855-835-5324).
The BMAP team has spearheaded wide-ranging campaign efforts to highlight the dangers of EPCs. For instance, the team conducted more than 8,000 outreach efforts to make point-of-sale retailers aware of EPCs. The team also developed videos and Spanish-language materials to make diverse audiences aware of bomb-making materials, threats and resources.
BMAP’s outreach team has worked with FBI Weapons of Mass Destruction Coordinators, CISA’s Field Force, representatives from CISA’s Office for Bombing Prevention, and its state, local, tribal, and territorial partners on Operation Flashpoint. BMAP visits businesses and community leaders, providing training and outreach materials. During 2022, BMAP and the FBI held numerous awareness events that featured media, legislators, retailers and many others in locations including Orlando, Fla., Fort Collins, Colo., and Phoenix, Ariz. Concurrently, the BMAP team conducted a marketing campaign that reached 700,000 businesses through an e-mailing and mailing campaign. The BMAP team utilized a database of open-source information on businesses that sell or stock explosive precursor chemicals and bomb-making materials.
From “mom and pop” hardware outlets to big-box retailers, citizens and businesses throughout the country play a key role in helping prevent a potential bombing attack, since the bomber can use chemicals and materials readily available in stores. Bomb attacks are a significant threat: In 2021, the U.S. Bomb Data Center reported 1,876 bomb threats, 4,935 suspicious or unattended packages, and 381 bombing-related incidents across the U.S. Recognizing these threats early can help law enforcement take action to try to prevent attacks. Operation Flashpoint helps store owners, managers, and employees spot suspicious activities related to bomb making. As the eyes and ears in this community, residents and business owners alike can learn what to look out for and when to alert law enforcement to large purchases of potentially dangerous chemicals or combinations of items used in homemade explosives.
CITIZEN OF MISSION
The Citizen of Mission award goes to an individual who devotes their personal time, energy, and resources to work for causes related to homeland security. Volunteers, nonprofit leaders, corporate employees — anyone is eligible for nomination as long as they devote time and dedicated effort to supporting the homeland mission.
RC Smith, Board Member, INLETS
The Citizen of Mission is awarded to someone who has volunteered their time and service in support of the homeland security mission. So after the last decade of a distinguished career in physical security, crisis management and counterintelligence, Homeland Security Today is extremely pleased to present RC Smith with the Citizen of Mission award.
A member of the volunteer-run InfraGard since 2011, he joined the Maryland chapter board of directors where he furthered the collaborative information sharing between DHS and other federal agencies by designing and hosting meetings at LM sites. He started a defense industrial base (DIB) working group in protected space where the competitors could gather and share threat concerns while facilitating the FBI and other intel agencies to share threat updates to the specific industry. He attended and graduated from the FBI Citizens Academy and serves as a member of the Baltimore chapter’s Alumni Association. There he has maintained and furthered relationships with industries with similar threat challenges and furthered discussion on resolutions.
Additionally, Smith has helped plan and deliver the INLETS training since 2013. INLETS is a nonprofit created to support law enforcement investigators and analysts with leading-edge training on the most relevant topics by the most experienced individuals possible. There, he serves on the INLETS board of directors and chairs the benefactor program, which he designed to recognize and reward those who serve our communities.
Through all these official positions, Smith is also a noted pen turner. In that quiet role, he humbly designs unique, handcrafted, one-of-a-kind writing instruments for individuals who serve our country or support those who do. For instance, his pens have been requested by organizations who presented them as tokens of appreciation to Col. Oliver North and Gary “Lt. Dan” Sinise. In his own principled way, he has never sold a pen for profit but rather as a personal gift to individuals with a servant’s heart.
In his “day jobs,” Smith became a U.S. Marine shortly after graduating high school. He served a 21-year career with distinction throughout the Pacific and then as the Senior Enlisted for Guantanamo Bay, Cuba. Once entering civilian life, he joined Lockheed Martin where for 25 years he has served in physical security, crisis management and counterintelligence roles at multiple facilities in the DMV. For over 45 years he has led, facilitated, and protected defenders of our nation.
For his 45 years of supporting the national security mission abroad and at home, as a U.S. Marine and as a defense contractor, in designing substantive training programs, and creating unique gifts of appreciation, RC Smith is a Citizen of Mission. He has lived his life in “Oscar Mike” fashion. That military phonetic alphabet stands for “On Mission.” And if you know RC, that is the way he lives — with focus, purpose, and intention.
ORGANIZATION OF MISSION
Integrated Community Solutions to Active Violence Events (ICSAVE)
Integrated Community Solutions to Active Violence Events (ICSAVE) is an Arizona-based charitable foundation created by volunteer professionals from throughout the state who are united by their dedication to the prevention of traumatic events through education, preparedness training and community outreach programs.
Living and working within their respective communities, they actively strive to develop integrated preparedness and response practices and strategies to prevent or mitigate the physical, psychological, spiritual and financial impact of incidents ranging in severity from common workplace and recreational injuries to violent mass casualty incidents. To date, they have provided lifesaving education to over 160,000 Arizonans.
Throw Away Dogs Project
The Throw Away Dogs Project is a nonprofit whose mission is to rescue high driven dogs who cannot easily be rehomed, train them and then donate them to law enforcement departments that cannot afford one. The project is living proof that you CAN teach a old dog new tricks and it provides a much needed service for departments in need.
Many dogs have already been trained and supplied to law enforcement and emergency services departments. Examples include Hansel, an arson detection dog for the Millville Fire Department, and Dubai, a dual-purpose explosives detection and patrol dog who was supplied to the Philadelphia Transit Police Department.
MOST VALUABLE PLAYER
The MVP award is given to an official or team that modernizes and improves the operations and performance of an agency, component, or division to increase capacity, speed delivery, use innovation and improve performance. These leaders also focus on the future – developing strategies and plans to address our constantly changing, dynamic threat environment.
Department of Homeland Security Enterprise Non-Person Entity (ENPE) Public Key Infrastructure (PKI) Project: Dennis Martin, Gladys Garcia, and Giuseppe Cimmino, Office of the Chief information Officer
The DHS Enterprise Non-Person Entity (ENPE) Public Key Infrastructure (PKI) Project was a joint venture between the DHS Office of the Chief Information Officer’s (OCIO) Chief Information Security Officer Directorate (CISOD) and Solutions Development Directorates Platform and Solutions Division and Identity Services Branch (ISB). The PKI Project helped increase DHS security posture, reduce operating costs, and support mission agility. The ENPE PKI provides enterprise-wide security with digital certificates to support device authentication and encryption of data in transit and at rest for DHS devices, systems, and applications.
Automation is the key to reducing operating costs, reducing system outages caused by expired device certificates and supporting mission agility. Current manual processes for certificate issuance and renewal have higher labor costs and do not scale. The need for device certificates has increased significantly as DHS implements zero trust per the Biden administration’s Executive Order 14028 and the Office of Management and Budget’s Memo M-22-09.
ENPE PKI is based on a modern Certificate Authority (CA) platform that offers multiple protocols for certificate automation, including Microsoft Auto-Enrollment (MS AE) for Active Directory integration, providing an upgrade path from Microsoft Certificate Server, Automated Certificate Management Environment, an industry standard (IETF RFC 8555) made popular via the public Let’s Encrypt certificate service, and Enrollment over Secure Transport protocol (EST), industry standard (IETF RFC 7030) to automate facing with existing Certificate Management tools in components. ENPE PKI was built by a DHS team that has the previous successful experience of operating PKIs for the Department of State, Federal Bureau of Investigation, and General Services Administration and provides a high assurance solution to increase DHS security posture.
Key security enabling aspects of the ENPE PKI design include a highly available, scalable online architecture implemented with the DHS HQ Cloud Team, storage of CA private keys in Federal Information Processing Standard 140 Level 3 hardware security modules on premise and in the cloud, implementation of an offline root CA distributed across multiple physical DHS locations, native PIV user authentication, and adherence to a high-impact security control baseline.
There are additional non-technical, security enhancing aspects of the ENPE PKI system. Centralized policy enforcement, auditing, and monitoring support better governance. Attribution of issued certificates to the system’s FISMA ID that are issued for improved visibility and enables automation of certificate expiration notifications. Having a DHS Enterprise wide root of trust enables root certificate consolidation, easing trust store management, making it easier to identify rogue root or self-signed certificates used by adversaries such as those related to the Solar Winds incident. Additionally, having a modern enterprise CA supports DHS with the crypto agility necessary to manage the migration to post quantum cryptography.
Dave Mooney, Cyber Shared Service Management Chief, Cybersecurity and Infrastructure Security Agency
As the Cyber Shared Service Management Chief within CISA’s Cybersecurity Shared Service Office, Dave Mooney leads the service delivery and adoption efforts for the Protective DNS Service, which serves the 100-plus federal civilian executive branch (FCEB) agencies. The Protective DNS service helps block the vast majority of DNS-based attacks, protecting the .gov domain across millions of devices. Mooney and his team leverage a shared service approach to allow CISA to offer agencies best-in-class and scalable capabilities that address significant threats while providing the agency increased visibility into cybersecurity threats facing FCEB agencies. This innovative approach is underpinned by the integration of cyber threat intelligence and advanced data analytics, which unleashes state-of-the-art security response measures from CISA and FCEB agencies. Beyond faster response capabilities, the data gathered enables CISA to view trends and data across the enterprise, which informs current and future collective defense strategy and impacts threat-hunting operations as they respond to the evolving threat landscape.
Protective DNS went live in March 2022, and since then the service has blocked more than 135 million attempts to penetrate network security on domain name services for FCEB agencies. Mooney and his team are future- oriented, and they continue to refine service requirements and gain a deeper understanding of the diverse adoption needs. The feedback gathered from continuous agency engagement and internal CISA stakeholders informs the future of Protective DNS and allows the team to iterate on service enhancements to further protect agencies and bolster CISA’s strategic priorities. The success of Protective DNS is the culmination of Mooney’s strategic vision to modernize the service by enhancing agency and CISA protection and improving response capabilities and efforts to stay ahead of the ever-evolving threat landscape.
ABOVE AND BEYOND
This award recognizes those who were met with extraordinary challenges and rose “above and beyond” their day-to-day job to meet them. Our inaugural winners are bound by their efforts in private and public sectors to help evacuees from Ukraine.
Dale Buckner, CEO, Global Guardian
Dale Buckner and Global Guardian, a provider of security solutions to a global client base, rose to the occasion after Russia invaded Ukraine. Utilizing the vast network that Global Guardian has established within the industry, Global Guardian was able to efficiently evacuate over 4,000 individuals under very difficult situations from Ukraine to safety. Buckner and Global Guardian continued to field requests and take action until occupation of cities made entry and exit impossible.
Buckner is a 24-year U.S. Army Veteran, retiring with the rank of colonel. He has extensive intelligence, counterterrorism and special operations experience, commanding 5 organizations including an Infantry Reconnaissance Platoon, Special Forces Scuba Team, Special Force Counter-Terrorism Team, a Special Forces Counter-Terrorism Task Force, and a Special Troops Battalion. He has numerous combat and classified deployments including Iraq, Afghanistan, Kuwait, Colombia, Cuba, El Salvador, Chile, Panama and Haiti.
Kareem Baker, Project Manager, U.S. Customs and Border Protection
Kareem Baker was able to cost-effectively innovate as well as adapt existing mechanisms, ensuring a seamless vetting and processing experience for Ukrainian citizens seeking refuge in the United States, enabling air carriers to validate an approved application, and generate a boarding pass, assisting CBP officers to confirm a noncitizen’s eligibility, and deploying a public-facing web portal that allowed Ukrainians to submit for travel approval to the US. Using the Arrival and Departure Information System (ADIS) to process I-134 forms, the team worked with stakeholders to improve data the CBP officers receive at the port, embed updated biometric information, coordinate additional vetting rules specifically for the Ukraine travelers, and provide time-sensitive status information to assist with processing. In six days, Kareem’s team deployed over 15 enhancements to existing functions, saved significant money in man hours, and collaborated with over a dozen agencies and applications.
Baker, working with airport authorities, air carriers, HHS, DoD, DHS, DoS, and OGAs, set up processing facilities and processing centers for Ukrainian evacuee arrivals, and created dashboards that promote interoperability between DoD, CBP, DoS, USCIS, and the TSA. PSPD worked with multiple stakeholders to automate traveler vetting against law enforcement databases and allow for manual vetting by the NTC as well as integrating with the NVC, and ATIS provides air carriers the ability to validate an approved application and generate a noncitizen’s boarding pass, providing CBP officers at POEs confirmation of a noncitizen’s application status. Baker’s team was able to collaborate efforts with more than a dozen agencies, internal support and application teams, and stakeholder entities to roll out completely new functionalities, automate multiple processes, increase capacity and performance of current applications, and minimize the costs normally associated with such a huge effort.
Often the “back-end” side of the mission is the most neglected, and yet often the most important. Recipients of the Backbone award have accomplished extraordinary feats to ensure that the support functions of an agency maximize efficiency, support mission and account for new advancements and technology.
Enterprise Financial Management Systems Team, Department of Homeland Security Office of Procurement Operations
The formation of the Department of Homeland Security (DHS) brought together 22 component entities with disparate missions and ways of doing business. In the two-plus decades since its creation, the department has been pursuing a Financial Systems Modernization (FSM) initiative, with the intent of transitioning DHS headquarters (HQ) and all components to standard business processes that will streamline systems and services, reduce costs, improve efficiency and data quality and strengthen internal controls. It has been a herculean undertaking with myriad starts and stops along the way. Thanks to the efforts of the Enterprise Financial Management Systems (EFiMS) team within the DHS Office of Procurement Operations (OPO), the department’s FSM initiative of replacing internal legacy financial management systems with a single unified solution is ever closer to fruition.
The $3 billion EFiMS procurement provides the department with a suite of integrated financial management software options that DHS components can choose from when supporting financial systems modernization efforts. EFiMS was developed alongside the $1 billion Enterprise Financial Systems Integrator (EFSI) strategically sourced vehicle to provide the products and services needed to facilitate the migration and integration of financial, procurement, and asset management systems across the agency. Both of these procurements are enabling DHS to sustain clean audits and enhance its ability to remove itself from GAO’s high-risk list.
The EFiMS team has spent countless hours working collaboratively across DHS’s Management Directorate and component organizations in every phase of the procurement, from acquisition planning to final solicitation, and everything in between: all this while also keeping industry and senior DHS leadership informed. The team took the lead in helping finalize requirements, issue the solicitation, and handle multiple protests that required them to reset and refocus efforts anew. Undaunted, they continued their work with the Joint Program Management Office, the Chief Procurement Office, the Chief Financial Officer (CFO), Office of General Counsel, U.S. Department of Justice, component CFOs, and industry to finally make this highly important award.
The EFiMS team who have advanced the DHS mission and made a significant inroad toward the realization of the department’s financial systems modernization initiative are David Ritter (DHS), Chris Kraft (FEMA), Rachel Harriott (DHS), Christine C. Fontenelle (DHS), Pavan Mehrotra (DHS), Charlene Storino (DHS), William Grimaldi (U.S. Department of Justice), Stephen J. Smith (U.S. Department of Justice), Chris Friedline (ICE), Ramona Thomas (S&T), Cheryl Ferguson (FEMA), Tammie Page (USCIS), Bruce Shaw (DHS), Sohl Han (DHS), Mark Hudak (DHS), Jeff Bobich (DHS), Ruth Shearer (DHS), and Thaddeus Rowan (DHS).
Carol Taylor, Accounting Systems Division Chief, U.S. Coast Guard
Carol A. Taylor is recognized for her oversight, dedication, thought leadership, and exemplary contributions in supporting the successful implementation of the new DHS Financial Systems Modernization Solution (FSMS), the new financial system for USCG, TSA, and CWMD. Taylor’s contributions to helping successfully implement this important financial system while successfully operating the legacy system to meet the needs of three major components of DHS are nothing short of extraordinary.
Over 10 years ago, DHS and FINCEN began to realize the need for a consolidated financial system with improved processes, workflows, and reporting mechanisms to serve DHS components’ modern financial requirements that supports a user base of over 19,000 resources dependent upon its financial systems. Through the Financial Management Service Improvement Initiative (FMSII), Taylor, along with the Integrated Product Teams from DHS, FINCEN, and contractors, discovered disparate financial and asset systems, manual spreadsheets, and duplicate processes performed by internal stakeholders to support the delivery of complex business processing functions across a daily, weekly, monthly, and annual deadline. Compliance with federal financial regulations, laws, and standards required checklists and SMEs with historical knowledge of working with FINCEN and DHS component agencies to avoid issues or delays within these processes.
Furthermore, consistent weekend and night work was critical to business processes, patching, and security of the CAS Suite to complete processes on time. For years, FINCEN used the CAS Suite to manage the financial, asset, and procurement functions for the CG, and other DHS component customers, including the Transportation Security Administration (TSA) and the Countering of Weapons of Mass Destruction Office (CWMD). FINCEN also used an integrated master schedule to run the business processes for these components. The CAS Suite consisted of 14 systems and feeder applications to meet the varying financial and reporting needs to support each component’s financial requirements.
To successfully move to the FSMS, Taylor ensured the following:
- CAS Suite availability while the data migration occurred for millions of lines of code for each DHS component.
- Continuation of complex month-end closing on schedule and by the processing deadline for each DHS component.
- More than 800 million records and transactions FINCEN is responsible for annually were consistently maintained.
Taylor did this successfully and, in the process, continued to lead FINCEN staff and contractors in producing workarounds in CAS Suite to provide cost and time savings while preparing each component for their respective FSMS migration. As part of her FSMS migration efforts, Taylor implemented a dedicated training center to teach staff how to use the system and continue to be successful in their respective financial roles. Taylor also understood that a dedicated specialized help desk team would need to be established to support the administrative and systems requirements for each DHS component customer’s successful move to the FSMS.
Taylor is a key contributor and thought leader in the overall success of the FSMS. The complexity and detail required to understand major facets of the federal, DHS, and each DHS component’s needs are critical for her to be able to guide and provide recommendations from the everyday user to the DHS executive stakeholders throughout the business process re-engineering efforts. When delays occurred throughout the transition of the FSMS with the developers, Taylor provided key workarounds. She has also enabled quicker service time by using the same standards across business processes, organizing a true help center for resources to get answers quickly and readily, and ensuring the security of FSMS to thwart the ever-growing cybersecurity needs DHS faces. FINCEN is a better organization due to Taylor’s undeniable and critical leadership.
Department of Homeland Security Security, Development, and Operations (SecDevOps) Team: Robert Foster and Chakris Raungtriphop, Office of the Chief Information Officer (OCIO)
The Security, Development, and Operations (SecDevOps) team has made significant impact realizing the Deputy Chief Information Officer’s (DCIO) vision of making SecDevOps the standard way of delivering software and transforming the development process at DHS. All aspects of these performance goals were accomplished by the team on schedule and surpassed the FY21 performance goals of the Strategic Technology Management (STM) Director, Chief Technology Officer (CTO), and DCIO for this initiative. The SecDevOps Team built on the efforts of the Agile Acquisition Working Group (AAWG) by gathering data from programs across DHS to identify who has implemented SecDevOps and the level of maturity achieved. The team created a SecDevOps campaign plan that incorporates lessons learned and several discussions with industry. A set of 15 multifaceted action plans were created focused on people, technology, process, and governance to ensure that DHS achieves SecDevOps mastery.
To support the action plan’s success, the team established partnerships with Management Directorate Lines of Business (MGMT LOB) offices that participated in the AAWG to ensure equity across DHS as the agency implements modern IT delivery. Briefings were developed to share with partners and the team met with OCIO and Management directorates to solicit input and support for the campaign. SecDevOps working groups were created that collaborate with components and directorates to receive and incorporate feedback to finalize the action plans. The SecDevOps Campaign plan was briefed to OCIO Executive Directors, the DCIO, the CIO, the CIO Council, and the AUSM and was well-received by all.
EXCELLENCE IN OUTREACH
Much of partnership requires knowledge and understanding. Communication between industry and government to achieve the best products and services requires outreach in all stages: requirements building, request for information, effective industry days, outreach through engagement and much more. The Excellence in Outreach award recognizes the agency, department, or individual that has excelled at engaging, explaining and educating to benefit the mission of securing the nation.
Curtis Tilley, Branch Chief, Office for Bombing Prevention, Cybersecurity and Infrastructure Security Agency
Branch Chief Curtis Tilley at the Department of Homeland Security’s Office for Bombing Prevention, within the Cybersecurity and Infrastructure Security Agency, consistently displays the agency’s core values of honesty, professionalism, and public service. He understands the importance of building connections, developing relationships and collaboration to drive smarter, more insightful engagements with national and international public safety organizations and security professionals. Tilley was instrumental in the federal government’s response to bomb threats that targeted Historically Black Colleges and Universities (HBCU). He developed a communication strategy and outreach plan to provide just-in-time products specifically for HBCUs. He led the effort to develop a suite of resources to assist universities in responding to bomb threats, including critical resources for handling bomb threats that provide an overview of available resources, a bomb threat response plan template, bomb threat awareness, and a tabletop exercise package. This was followed by numerous training events for HBCUs in face-to-face and virtual deliveries.
Tilley’s innovative strategies were key in the office’s international engagements with Canada, Mexico, Romania, and the United Nations to help build counter-IED core capabilities and enhance awareness of terrorist threats. This strategy called for a shared approach to security in which the partnering countries work together to address threats to critical infrastructure and citizenry. He led the office’s outreach efforts with Public Safety Canada and the Royal Canadian Mounted Police in the Beyond the Border initiative to enhance understanding of the bomb threat environment and share information and training products to help enhance cross-border critical infrastructure protection and resilience. Tilley, in cooperation with the Department of State’s Export Control and Related Border Security (EXBS) Program, led the international collaboration efforts with the Mexican government to share bombing prevention practices and awareness training products. The benefits of the yearlong outreach effort were realized when the Office for Bombing Prevention delivered training to members of the Mexican Secretariat of the Navy, Secretariat of Defense, Ministry of Security and Citizen Protection, Federal Protective Service and the National Coordination of Civil Protection. Tilley was instrumental in the office’s efforts to protect life and critical infrastructure by building capabilities within the general public and across the public and private sectors to prevent, protect against, respond to, and mitigate bombing incidents. The OBP Training Branch under his leadership recently reached a milestone of training its 150,000th person in bombing prevention.
Harris County Office of Homeland Security and Emergency Management
The Harris County Office of Homeland Security and Emergency Management (HCOHSEM) is recognized for outreach excellence for its Ready Harris Kids campaign, Olivia the Preparedness Opossum.
In the emergency management world, campaigns are often focused on educating adults, seniors, small businesses, etc., on preparedness and available resources. Oftentimes the younger, but equally important, demographic of children can be overlooked. This inspired HCOHSEM to create a campaign that would inform and educate children on disasters that can occur right in their backyard.
Launched in 2020 in partnership with the Texas Wildlife Rehabilitation Coalition, the aim of the Olivia the Preparedness Opossum campaign was to educate children on different types of disasters they can face in their lives, and how they can safely prepare for these times. The campaign first began with the creation of the mascot, Olivia. The cartoon opossum is regularly featured on HCOHSEM’s social media accounts, reminding children to stay safe and informed in their communities. To further outreach into the community, HCOHSEM also created a Kids Preparedness Activity Book. This interactive book features Olivia the Preparedness Opossum, who teaches kids about different types of disasters, what to wear in various emergencies, and how to create an emergency kit. The book also includes a family communication plan, which encourages children to memorize their name, address, guardians’ names, phone numbers and more.
Not only is the Kids Preparedness Activity Book available for free to the public, but it is also accessible in English, Spanish, Chinese, Vietnamese and Arabic. The initiative to make this activity book available in multiple languages allowed it to reach a large demographic in diverse Harris County. As of today, more than 5,000 activity books have been distributed to children all throughout Harris County, and the Olivia Preparedness Campaign continues to grow on social media. With COVID-19 restrictions being lifted, there is now greater opportunity to continue expanding this campaign. HCOHSEM continues to increase their efforts on preparing children for any type of disaster.
Tania Bougebrayel Cohn, Community Engagement and Resilience Manager, Arlington County Department of Emergency Management
Tania Bougebrayel Cohn works tirelessly to protect and promote the well-being of all she serves, building inclusive, equitable, and proactive community outreach and engagement programming in line with the homeland security mission to “Ensure Resilience to Disasters.” Tania is new to the emergency management and homeland security field, with just two years of experience after over a decade working in community empowerment. Still, she brings firsthand experience of the importance of homeland security and emergency management after moving to the U.S. as a refugee from Lebanon. Bougebrayel Cohn’s lived experience with social and political instability, her professional community empowerment background, and tireless work ethic led to an exceptional whole community approach to COVID-19 vaccine outreach that resulted in the county’s 88.8 percent vaccination rate, one of the highest in the nation. She capitalized on the momentum of this work to found the county’s first grassroots, community-based emergency management citizen advisory group, Community Advancing Readiness and Resilience Together (CARRT).
Bougebrayel Cohn founded and led the county’s Complete Vaccine Committee (CVC), a volunteer group made up of more than 150 diverse community leaders who served as ambassadors, sharing COVID-19 updates and vaccination information across their network and community. The group donated more than 2,000 hours to hosting over 70 multi-language outdoor, socially distanced community listening events, assisting hundreds of residents in registering for the vaccine and sponsoring special all-volunteer events at houses of worship, food pantries, and at pop-up sites throughout the county. The CVC focused on underserved communities most impacted by the pandemic, and members met monthly to share community needs and strategize the best ways to address them. For example, CVC members shared feedback that many working mothers in an affordable housing complex had trouble scheduling leave or securing childcare to get vaccinated. As such, the CVC and Emergency Management hosted pop-up vaccine clinics at the housing complex to help residents overcome transportation, work, and childcare barriers to vaccination. This sort of grassroots strategizing built overall community resilience by bringing information and services to those least likely to have access to it.
Bougebrayel Cohn capitalized on the success of the CVC throughout the pandemic to launch CARRT, an agile, diverse, and sustainable resident-driven group that works alongside the county’s emergency management team to identify barriers and solutions for enhancing community resilience. CARRT uses a whole community and equity lens to bring emergency preparedness, response, and recovery information to underserved communities through trusted partners such as faith leaders and social services providers. The group meets monthly at roundtable sessions facilitated by Bougebrayel Cohn and the emergency management team to discuss community needs to build emergency preparedness and overall resilience and to identify grassroots solutions to address them. This group is the first of its kind in Northern Virginia and will provide a landmark shift in delivering a sustained, diverse, community-driven lens to ground emergency planning and response. The planning and launch of this group took over a year of data analysis and community engagement. Her work occurred while also navigating emergency response priorities including hazardous weather response, COVID-19 response and planning for significant events such as Independence Day celebrations on the National Mall. Through it all, Bougebrayel Cohn maintained her focus on the homeland security mission of Ensuring Resilience to Disasters and has built a more secure, united, and empowered community.
EXCELLENCE IN EDUCATION AND TRAINING
This award recognizes an organization’s exceptional efforts in building partnerships and capacity for entities to be able to better detect, prevent and respond to a range of threats.
The purpose of the Intel & Law Enforcement Training Services organization is the definition of the acronym: Just as an inlet connects large oceans to smaller bays, rivers, and tributaries, the INLETS connects large law enforcement agencies to the smaller agencies and organizations and, together, all are made more effective. Over the past 11 years, INLETS has collaborated with the private sector and all levels of law enforcement to provide the most relevant training by experienced instructors at the most affordable registration cost for attendees. Based in Annapolis, Md., it was created in 2011 by four FBI agents who responded to the Pentagon and the World Trade Center on 9/11. They were tasked with creating a training program for state and local law enforcement in matters of violent crime and terrorism. To develop a holistic approach, they partnered with the Maryland state fusion center and with local InfraGard chapters. The intentional design and triangular approach allowed for the greatest impact, benefit, and collaboration. They use the strengths of each element: the FBI has connection to subject matter experts, the state has connection to the local jurisdictions, and InfraGard has connection to the private-sector practitioners and supporting partners.
Using this model, the team has created agendas that are equally important to both the private and public sectors. INLETS has reached over 10,000 attendees from more than 1,000 agencies and companies, over 20 InfraGard chapters, 30 state fusion centers, and 40 institutions of higher education from 47 states and seven countries. A one-day program on active shooters was requested through the private sector including faith-based organizations, schools, and retail companies. While among the most common topics offered by hundreds of entities, this agenda averages 150 attendees from 100 entities and companies traveling from seven states for the one-day program. Similarly, the team offers a one-day program on cyber-based financial institution fraud. With an average of 120 attendees traveling from the four largest financial institution markets, they learn from law enforcement and industry experts on the current and emerging threats. After the onset of the pandemic, the team identified and worked with an academic partner to use these same presenters in webinar programs (INLETS Online) so that the attendees could safely maintain their professional development while complying with health department and company policies. And in the past two years, the team has focused on returning to traditional training platforms.
The five-day program (2021-22) is regarded as the best violent crime and terrorism training available. Referred to as “an experience, not a training,” the program averages 9.3 out of 10 with 175 attendees from 100 agencies across 15 states in three time zones. It is mandatory training for a number of police agencies. In 2023, it heads to New Orleans for its third visit. Newly added focused training includes a 4-day agenda specifically on homicide investigations (2021, 2022) with a 9.7 survey evaluation. Using that same format, new for 2023 are investigative social media and tech resources and another on behavioral threat assessment. With the academic partner, these programs are also being evaluated for academic credit in addition to CEUs. Through 2022, INLETS has been collaborating on expanding the training aspect of the program to include investigative support. And INLETS is developing a platform to support law enforcement with cold case consultations and investigative genealogy set for late 2023. This team, made up of federal, state, and private-sector colleagues, has been afforded great opportunity to successfully support, collaborate, and train attendees from the federal, state, and private-sector communities.
EXCELLENCE IN EDUCATION AND TRAINING: CYBER
Department of Homeland Security Office of the Chief Information Officer Workforce Phishing Campaigns: Steven Friend, Lisa Cooper, and Lawrence Knachel
Steven Friend, Director, Program Management and Governance Division; Lisa Cooper, Information Technology Specialist/Program Manager for the Enterprise and Headquarters-as-a-Component Cybersecurity Awareness and Training Programs; and Lawrence Knachel, Information Technology Specialist/Penetration Test, Vulnerability Disclosure, and Bug Bounty Lead have shown exemplary dedication to the Department of Homeland Security’s (DHS) mission and a strong desire to enhance the cybersecurity knowledge of the workforce through the implementation of quarterly Phishing Campaigns for Headquarters (HQ).
Friend, Cooper, and Knachel routinely show initiative in improving performance and productivity throughout DHS management. They identified a solution to conduct phishing exercises for Local Area Network (LAN) A users and HQ to resolve Fiscal Year (FY) 2019 and FY20 Office of the Inspector General Audit findings for not conducting exercises as required in DHS Policy Continuous Improvement of Department of Homeland Security Cyber Defenses, November 2017. They consistently deliver exceptional business services to customers and serve as stewards of supporting the DHS mission. Quarterly phishing exercises are conducted across HQ organizations whose employees and contractors use LAN A to gauge overall cybersecurity awareness, capture metrics for training effectiveness, and assist some components in meeting the FY22 Information Security Performance Plan (ISPP) requirements.
Friend and Cooper identified and communicated Social Engineering metrics across the Enterprise, to include HQ. These metrics were incorporated into the FY22 ISPP. Additionally, each quarter, they create and publish a landing page where users who click phishing links will be taken. This page identifies the campaigns as phishing exercises, highlights the cues in each email that indicate they are a phishing attempt, and provides micro-training for users who were phished.
Cooper leads the phishing effort across HQ and its organizations while ensuring customer service remains a priority. Scheduling and rules of engagement approvals were obtained by Chief Information Security Officers from the Cybersecurity and Infrastructure Security Agency, Countering Weapons of Mass Destruction Office, HQ, Intelligence and Analysis, OIG, and the Science and Technology Directorate at the start of the phishing campaign. Cooper coordinates with stakeholders to include component CISOs, the DHS Network Operations and Security Center, and the Information Technology Service Desk to ensure there are no questions or concerns prior to launch. Additionally, she coordinates content review for select stakeholders such as I&A Counterintelligence, Office of the Chief Human Capital Officer, and Office of the Chief Security Officer. At the conclusion of each phishing exercise, Cooper gleans lessons learned from various stakeholders, analyzes the results provided by Knachel and the Network Operation Security Center, and develops reporting metrics for each component stakeholder, as well as an executive report for Chief Information Officer Eric Hysen.
Knachel is instrumental in the development, review, and dissemination of phishing email content as well as providing insight into possible reasons for the results we have seen.
All three individuals play a crucial role in DHS’ commitment to provide high- quality services by ensuring that each email follows a progressive complexity model throughout the fiscal year. This was accomplished by drafting each email based on the National Institute of Standards and Technology Phish Scale. The first email was intended to be an obvious phishing attempt in Q2 with each successive email increasing in difficulty throughout FY22. Emails were recognized by several HQ organizations as being real-world focused and increasingly harder to detect as being part of a phishing simulation.
Kiersten Todt, Chief of Staff, DHS Cybersecurity and Infrastructure Security Agency
Kiersten E. Todt is the Chief of Staff at the Cybersecurity and Infrastructure Security Agency (CISA). She is responsible for the planning, allocation of resources, and development of long-range objectives in support of the department’s goals and milestones; she provides strategic vision, guidance, and direction to ensure the federal government is prepared to interdict or respond to cyber threats to the homeland. Todt has brought private-sector best practices and procedures to CISA. She has deepened private sector and government collaboration in all areas of cybersecurity. She has spearheaded adding cybersecurity to the K-12 curriculum in order to develop new generations of cyber warriors. She has also been a champion for building the cyber workforce. Her combination on intellect, experience, drive, insight, and collegiality has made CISA a much more effective agency.
Prior to her role at CISA, Kiersten served as the Managing Director of the Cyber Readiness Institute (CRI), a nonprofit initiative that convenes senior executives of global companies to develop free cybersecurity tools and resources for small businesses, worldwide. She co-founded CRI in 2017 with the CEOs of Mastercard, Microsoft, PSP Partners, and the retired CEO of IBM. She was also the non-resident scholar at the University of Pittsburgh Institute for Cyber Law, Policy, and Security. She most recently served in the federal government in 2016 as the Executive Director of President Obama’s independent, bipartisan Commission on Enhancing National Cybersecurity.
The “Hack DHS” bug bounty program has directly led to the discovery of more than 180 vulnerabilities in public-facing Department of Homeland Security (DHS) systems. The most critical of these vulnerabilities, if used by an adversary, would have caused Personally Identifiable Information (PII) theft, account takeover, denial of service, execution of malicious code, data insertion/modification/deletion, or further compromise of the DHS Enterprise, severely hindering the DHS mission and causing significant reputational harm.
Amanda Day was instrumental in standing up the “Hack DHS” program. She was the lead for creating the rules of engagement that govern the program, identifying the first set of systems assessed under the program, building a relationship with the team at Cybersecurity and Infrastructure Agency’s Quality Services Management Office who owned the contract the program executed and providing key guidance to the execution of the events. Lawrence Knachel played a critical role in the lead-up to the event, performing the initial outreach to system owners to explain the purpose of the program, completing the rules of engagement for the assessment, training system teams on how to use the platform, and assisting with determining which assets would be assessed. During the event, Knachel conducted daily meetings in which system teams were briefed on new vulnerability findings, presented explanations of the risk those findings presented, and provided guidance on mitigating the vulnerabilities. He regularly briefed leadership with updates, observations, trends, and insights that came from the program. Knachel also represented DHS in interactions with the security researcher community and bounty program vendor. This involved answering questions about the relevancy of findings, ensuring that system owner equities were represented, and making changes to the program as needed based on how it was affecting production systems. Knachel also served as the authority for payout determinations to the researcher community, ensuring payments matched the severity of submitted vulnerability reports.
EDUCATION AND TRAINING HERO OF THE YEAR
This award recognizes an individual’s exceptional efforts in building partnerships and capacity for entities to be able to better detect, prevent and respond to a range of threats.
Jason Kepp, Assistant Director for Training and Professional Development, Federal Protective Service
Jason Kepp is the assistant director for the Training and Professional Development (TPD) directorate within the Federal Protective Service (FPS). He leads training and professional development for both sworn and non-sworn employees, which includes administrating basic and advanced training programs, formulating strategic and operational plans, and providing executive-level direction and guidance to managers. Kepp understands that cultivating a culture of continuous learning at FPS means embracing innovative technologies, researching modernized approaches, predicting the future by learning from the past, engaging diverse perspectives, and building coalitions.
The mission of the FPS covers all U.S. states and U.S. territories. To reach the entire workforce, Kepp constantly identifies new ways to deliver consistent and quality training efficiently with limited resources. For example, he integrated virtual reality (VR) training with existing in-person and computer-based training. To improve his understanding of this technology and see if it could enhance TPD’s capabilities, Kepp first inquired about the capabilities with a half-dozen vendors in the private sector that offered VR-based training. This outreach led him to the New York Police Department (NYPD), which was using the technology to learn about its effectiveness within law enforcement. The knowledge-sharing with the NYPD eventually led to Kepp teaching others about VR in law enforcement training. Not only did he speak on the topic during a Protective Agency Comparison group meeting — this FPS-founded group brings together 13 federal, state, and local law enforcement agencies that are similar to FPS in mission, size, and capabilities — but he took representatives from the D.C. Metropolitan Police, Baltimore City Police Department, and Federal Law Enforcement Training Center (FLETC) to New York to determine if VR training was advantageous to the law enforcement industry.
In the past several years, Kepp has worked to shift law enforcement training toward law enforcement education. This new focus trains officers to use a skill and explains why they should use it. This has been prevalent in his work developing the Public Order Policing Program and improving use-of-force training. To develop a training and learning program that can increase public trust and safety, he knew both programs had to be evidence-based and backed by research. To achieve this, he reached out and benchmarked with several different agencies, departments, academic institutions, and police forces, both domestically and abroad, to make certain the programs and policies he built would encompass worldwide best practices.
Kepp reached out to and developed longstanding relationships with the U.K. College of Policing Public Order Public Safety Standards, the U.K. National Police Chiefs Counsel, and the U.K. Metropolitan Police Specialist Training Centre in Gravesend, to name a few. In January 2022, Kepp and other FPS leadership traveled to the United Kingdom to benchmark the U.K.’s national Public Order Training program. Through this strategic engagement, the team learned more about crowd psychology, the National Decision Model and Joint Decision Model, and the importance of policy legitimacy and community engagement. The Public Order Policing Program equips our federal law enforcement officers with the training and knowledge to properly prepare for the unpredictable environment of public order policing. This groundbreaking program in the U.S. that Kepp put together will directly contribute to protecting our law enforcement officers and the public. Participants attending the kickoff of the Public Order Policing Program in November 2022 are from other federal, state, and local police departments, showing how Kepp continues to reach out to others to ensure the protection of the homeland.
Kepp is an outstanding example of how learning and sharing between industry and government partners leads to a robust and better product. In his case, the training and policies he developed based on the relationships he cultivated are some of the best representations of the FPS. Kepp’s ability to reach across any aisle, border, or industry for the sake of the mission of DHS and FPS is unmatched.