The Homeland Security Today awards annually recognize the people who devote their lives to protecting our people, our resources, and our way of life. From heroic efforts on duty to invaluable efforts behind the scenes, annually we gather to celebrate excellence, honor, and the daily successes of those working on the front lines and in a support capacity to ensure the safety of all Americans. We are proud to honor the following 2022 award recipients.
HOMELAND SECURITY PERSON OF THE YEAR
The GTSC Homeland Security Today Person of the Year is awarded to people who serve the homeland security mission in an exemplary fashion. These individuals have directly improved, executed, and/or engaged the proper people, agencies, or departments necessary to tangibly improve the nation’s prevention, protection, mitigation, or response capacity to make America safer.
PERSON OF THE YEAR: NATIONAL
L. Eric Patterson, Director, Federal Protective Service
Throughout his tenure as director, Patterson provided inspirational leadership and strategic vision to a national law enforcement organization of 15,000 officers, personnel, and contractors protecting approximately 9,500 federal facilities where more than 1.4 million people work, visit, and conduct daily business with the U.S. government resulting in more than $4.5 trillion in annual economic activity. Faced with an ever-dynamic threat environment, Patterson spearheaded transformational initiatives which significantly prepared, integrated, and professionalized the FPS workforce to become a recognized leader within the facility protection and law enforcement communities, domestically and internationally.
Just a few of his career accomplishments include:
- Provided leadership among DHS law enforcement agencies to harmonize use-of-force policies, equipment issuance, and training across the department and develop new Public Order Policing policies to better protect those exercising their First Amendment rights.
- Named the Federal Law Enforcement Training Center (FLETC) 2022 Partner Agency of the Year (out of more than 150 partners) after opening a new National Training Academy on the FLETC campus this year. The building was nominated for the 2022 Law Enforcement Design Awards, which showcases new architectural designs that represent the very best innovations in security and technology today. His vision was key to this facility being constructed.
- Served as a named member of President Biden’s Safer Federal Facilities Task Force as part of the Executive Order on Protecting the Federal Workforce during the COVID-19 pandemic. His leadership was instrumental to keeping federal facilities open for business.
- Prepared FPS to protect facilities against emerging threats. This included helping agencies navigate the nexus of cyber-physical technologies and mitigate inherent vulnerabilities; additionally, FPS deployed a counter-unmanned aerial system capability and policy that resulted in DHS’s first custodial arrests for violation of national defense airspace.
- Drove the development of new systems and technology to allow FPS to automate manual processes, increase officer safety and facility protection, and collect information to make evidence‐based decisions. Notably, FPS’s Modified Infrastructure Security Tool (MIST), which assesses the security of federal facilities, has won three national homeland security “Astor” Awards. As a result of his vision, MIST has become the leading source of facility vulnerability information and mitigation efforts within the federal government.
- Spearheaded efforts to increase law‐enforcement professionalism and standardize tactics, techniques, and procedures across the nation.
Additionally, he created a Rapid Protection Force. Collectively, his leadership allowed FPS to surge forces to meet multiple national emergencies and high‐profile operations with minimal impact to daily operations. During the summer of 2022, FPS simultaneously surged officers to support the resettlement of Afghan nationals, augment the Supreme Court of the U.S. police during a period of heighted risk, and protect emergency intake sites for unaccompanied migrant children.
Patterson’s record of achievement as FPS director is nothing short of extraordinary. The result of his efforts tremendously benefits DHS, the federal workforce, and millions of Americans. He consistently demonstrates a high and unwavering commitment to public service.
PERSON OF THE YEAR: STATE
James “Chris” Stallings, Director, Georgia Emergency Management and Homeland Security Agency
Additionally, Stallings represents the NEMA by sitting as a tri-chairman for the National Homeland Security Consortium (NHSC). The NHSC is a unique group of 22 state and local associations representing elected officials, homeland security and emergency management organizations, and the private sector who work together to address the complex challenges of homeland security. These leadership roles demonstrate the strength Stallings brings to all situations in which he finds himself, and the respect held for him by his colleagues.
In Georgia, Stallings brought over 12 years of public safety experience to his director position. During his first year in charge, he coordinated the state’s response to the COVID-19 pandemic, which included an incredible launch with minimal supplies of nine major mass vaccination sites in three days helping thousands of Georgians have shots in arms. Prior to joining GEMA/HS, Stallings served as director of the Georgia Department of Public Safety’s Dignitary Protection Section. He started his career at the agency in 2008 and was rapidly promoted through the ranks. He was often recognized as a leader among his peers. Stallings currently serves as vice chairperson on Georgia’s Board of Homeland Security, and serves on the Georgia Criminal Justice Coordinating Council and the Georgia Cybersecurity Board.
To facilitate the best mitigation and resilience efforts for his state, Stallings makes it a point to visit all his counties in the state on a regular basis. This type of commitment, down to each community, allows him to lead with the best understanding of the needs of his communities – not just what can be seen at the state level, but hearing from localities themselves.
Highlighting his innovative use of decreased federal homeland security funding, Stallings understands that the amount of money available would be ineffective split among all Georgia counties. Seeing there could be greater utilization of the funding as a statewide project, Stallings directed homeland security grant funds to be used to establish an intelligence unit within the Georgia Emergency Management Agency to specifically monitor infrastructure during all-hazards events and make the information available in real time to all counties. The intel center serves emergency management as well as law enforcement. This type of step forward is the perfect example of the progress Stallings has brought to the table in his roles.
The passion and enthusiasm for protecting our country at every level is exuded throughout Stallings’ daily activities and his career. His expertise and skillset are an asset that inherently enhances the homeland security network of this country. He swiftly executes actions with the betterment of the people of this country in mind at all steps – consistently making the correct decisions and leading by example in every aspect.
PERSON OF THE YEAR: LOCAL
Sergeant Michael Satter, Deputy Director, Kansas City Regional Fusion Center, Kansas City Missouri Police Department
Sergeant Michael Satter has demonstrated excellence in outreach and engagements with private, local, state, and federal agencies to comprehensively strengthen stakeholder capacity through education, information sharing, and information empowerment. As the Kansas City Missouri Police Department’s deputy director of the Kansas City Regional Fusion Center, Satter has taken on additional duties to enhance fusion center awareness at the local and national levels. His promotion of the regional fusion center and capacity building of private stakeholders in the greater Kansas City metropolitan area led to his selection as the co-chair of the National Network of Fusion Centers’ Private Sector Engagement Committee. There he grew private-sector partnerships with regional fusion centers, while also facilitating the improved communications and information sharing of the committee with the Office of the Director of National Intelligence, the Federal Bureau of Investigation, the Department of Security Alliance Council, the Department of Homeland Security’s Office of Private Sector, and the National Council of Information Sharing and Analysis Centers.
His leadership and persistence to improve private-sector outreach led to his selection as a member of the National Fusion Center Association’s Executive Board and an April 2022 appointment as co-chair for the Central Region, where he directly represents 16 of the 80 fusion centers in the national network. In 2022, Satter delivered multiple educational presentations at the federal, local, and private partnership levels. He served as a keynote presenter and trainer at the National Fusion Center Association Annual Training Event and the National Homeland Security Conference to educate and share best practices for improving information sharing and educational initiatives for private-sector partners to improve threat reporting and assessment. Satter took the lead to engage with private, local, state, and federal agencies to capture accurate regional data. He led the analysis on, and syntheses of, information that led to Kansas City’s metropolitan area being awarded the federal designation as an Urban Area Security Initiative (UASI) city in 2022. Satter is a recognized principal contributor for protection and resiliency planning in the multi-state (Missouri and Kansas) region. He served on several regional committees such as the Mid-America Regional Council and Regional Homeland Security Coordinating Councils, including key participation on regional bio/agriculture meetings to facilitate private and public understanding of threats, risks, and consequences. His insights were instrumental in these committees developing threat mitigation strategies and plans. Satter skillfully championed outreach and engagements with large private-sector lifeline critical infrastructure organizations in the region. Through his outreach, Satter facilitated discussion, planning, and information sharing that enhanced the protection level and resiliency of these large private organizations. He served as the lead municipal anti-terror outreach coordinator with the siting and security development of the largest data center in the U.S. owned by Meta. He provided key outreach and collaboration between Kansas City and private stakeholders to include the NFL for the 2023 NFL Draft. He facilitated private, local, and federal engagement, outreach and information sharing with critical infrastructure stakeholders such as Evergy energy and AT&T communications.
Satter’s contributions in the discipline of outreach and engagements comprehensively improved the information sharing, training, and education capacities of all he has interacted with at federal, state, local, and private partner agencies and organizations. His contributions indicate his professionalism, commitment, and tireless efforts to improve community safety, protection, and resiliency.
HOMELAND’S HUMAN FIREWALL
Homeland’s Human Firewall is a new award to recognize the tireless efforts and achievements of those keeping our cyber infrastructure protected.
Kenneth Bible, Chief Information Security Officer, Department of Homeland Security
The team led pathfinding work applying the statistical and analytical techniques of latent factor analysis – typically applied in the medical field – to quantify cybersecurity risk based upon correlations among observable variables, mainly those found in the well documented National Institute of Standards and Technology Cybersecurity Framework (CSF).
Based upon the Assessments Team within CISOD and ICE’s work, the Department of Homeland Security (DHS) has launched the Unified Cybersecurity Maturity Model (UCMM), upon which cybersecurity investments can be mapped to their impact in increasing cyber maturity (reducing risk) and visualizing this impact at the system, component agency, and enterprise scale. Further, this campaign directly supported the department’s delivery of a first-ever assessment of risk within the entire portfolio of a major subdivision of the department in FY 2022 based on an innovative application of existing acquisition cyber hygiene clauses.
Simply stated, the team’s work has been seminal – both in terms of the application of latent factor analysis principles, and in terms of practical application to move DHS’ information security program forward towards risk-based methods. Moreover, UCMM is being used to measure risk on DHS public facing systems providing citizen services, such as those at U.S. Customs and Border Protection, Federal Emergency Management Administration, U.S. Immigration and Customs Enforcement, and Transportation Security Administration. The application of UCMM for these systems proactively uncovers and measures cybersecurity risk for the application of appropriate risk reduction measures that can be made to protect citizen access.
FEDERAL SMALL BUSINESS CHAMPION
Federal Small Business Champion of the Year is awarded annually to a federal official who shows a distinct commitment and tangible results toward improving the environment and success for small businesses in the federal homeland and national security market.
Ali Pourghassemi, Industry Liaison, Office of the Chief Procurement Officer, Internal Revenue Service
While many believe it is an “industry liaison’s” job to communicate and develop touchpoints for collaboration and communication between industry and government, “doing it” and having a title are often two different things. Not so for Pourghassemi.
He’s been pivotal in getting the word out about Pilot IRS to the small-business community – the iterative procurement technique focused on outcomes that allows the IRS to test new technologies on faster timelines. And he works with GTSC and other groups to ensure that information is communicated to industry in a timely and accessible way. Pourghassemi is an excellent example of what effective stakeholder outreach looks like and, more importantly, how valuable the outcomes are when executed exceptionally.
Presented to an exceptional individual who contributes in a concrete and tangible way to the efficiency, productivity, and effectiveness of the homeland and national security market. Proven as a thought leader with a belief in increasing individual opportunity, the power of free enterprise and the nurture of innovation to advance and support the homeland and national security mission.
Lindy Kyzer, ClearanceJobs.com
Kyzer’s role is so much more than her title. She is motivated to help other solve issues surrounding military and national defense by getting to the root of the issue. Daily, she investigates the terms and turnaround times on background investigations, eligibility, classification and declassification procedures and much more. She singlehandedly stood up the social media, editorial and public relations departments of ClearanceJobs as a result of her hard work. Kyzer’s specialties include media outreach and engagement, congressional affairs and political issues, branding and marketing, public affairs strategy, social media strategies, tactics and problem-solving, new media/social media/blogs, writing, and public speaking.
The Acquisition Excellence awards recognize a division, agency or effort that has improved the speed, efficiency, and effectiveness of the acquisition of technology, products or services that support the frontline missions of homeland security. Projects must demonstrate tangible benefits and improved efficiency in the acquisition process.
TSA: Flexible Agile Scalable Teams (FAST), Richard Melrose, Branch Chief and Supervising Contracting Officer, and Cristian Rodriguez, Branch Manager, Application Development Division
With FAST, TSA is continuing to drive a system-wide modernization of its legacy systems across various portfolios, while breaking down siloes (transitioning from waterfall to Agile methodologies). It’s an iterative evolution, applying new tools and processes to create a wholly new and transformative IT culture within the TSA. The tools, resources and technologies in this transformation include enhancements made to the TSA’s public website, its public and employee mobile apps (e.g., myTSA mobile app), enterprise case management system, and a new data-tracking process that informs the agency’s No-Fly list.
For the Enterprise portfolio alone, FAST has accelerated Agile transformation with the delivery of more than 130 releases since contract inception by more than 20 active teams. Through new workforce enablement and technology modernized strategies, the team has been migrating over 85 applications from legacy SharePoint, Siebel, and Oracle APEX technologies to newer platforms, such as .NET and Java running on Azure-hosted cloud-native technologies and Salesforce Cloud. Not only is this transforming the speed and agility of the organization but also driving down costs for TSA.
Richard Melrose serves as the Branch Chief and Supervising Contracting Officer for the set of Flexible Agile Scalable Teams (FAST) contracts awarded to multiple vendors to customize and integrate software and applications for various TSA organizations. Each blanket purchase agreement (BPA) supports offices within various Flexible Agile Scalable Teams (FAST) portfolios, including enterprise support, human capital, security operations, law enforcement, and digital services and workflow collaboration. The contracting approach is one of the most innovative in the federal government, allowing TSA to quickly contract with vendors to provide agile scrum teams of a specific complexity based on a single one-page description of the scope sought for delivery. This vehicle allows TSA to quickly ramp up delivery teams with custom or software as a service/cloud skills on demand. A set of standardized, robust DevSecOps capabilities allow the agile teams to rapidly deliver code to production. The approach has not only facilitated the delivery of new mission critical services for the enterprise but also helped drive down costs by modernizing TSA IT infrastructure using SaaS cloud services.
Cristian Rodriguez serves as the Branch Manager in the Application Development Division within TSA Office of Information Technology (OIT), with oversight of the agency’s Flexible Agile Scalable Team (FAST) contracts to support the technology portfolios for the Enterprise, Security Operations, Law Enforcement, and Human Capital offices. Rodriguez combines traditional and agile principles and processes in building independent customer-funded application development programs, as well as administering more focused TSA Agile Services contracts for faster application development and deployment.
USCIS: Fusion Procurements, Contracting Officer and Component Innovation Coach Chad Parker
Using the fusion procurement process to award two task orders from one solicitation significantly cut down on the administrative processes, even with the necessary repeat of the Phase 2 coding challenge. USCIS was able to award both task orders with a combined value of $231 million just 7 months after the release of the solicitation. This was the first time the contracting officer served as the innovation coach for a procurement. Rather than panic and cancel the solicitation when something did not go as planned, he employed the PIL framework of testing and sharing by quickly learning forward from the coding challenge debacle and used the discretion allowed him in FAR Part 1 to have vendors repeat the coding challenge to keep the procurement moving forward to ensure timely delivery of the mission. All vendors were treated fairly and so there was no need to cancel simply because something did not go as planned. A learning culture of testing, sharing, obtaining feedback, and testing again creates a learning organization that is better able to adapt to unexpected challenges to better meet the mission. This USCIS FINCH team demonstrated the benefits of a learning culture and were able to timely support the mission of their frontline users by failing fast and quickly learning forward from their coding challenge.
In addition to Parker, the USCIS FINCH Team is Secondary Contracting Officers Sylwia Salkic and Morgan Skaggs, Program Lead Scott Purnell Saunders, and Legal Advisor Dana-Marie Akpan.
CBP: IT Marketplace, Betty Matias, Gloria Contreras, and Cheryl Ogden
Matias and Contreras, as a team, exceeded expectations with the IT Marketplace ordering process and increased productivity, which left zero dollars in funds unspent. Their work practices and commitment to acquisition excellence are invaluable and proved the success of the IT Marketplace ordering process for CBP.
Cheryl Ogden was instrumental as a member of the IT Marketplace team of CBP. Her efforts helped to streamline all procurement acquisitions for selected IT commodity buys to reduce the number of procurement actions done by procurement and therefore maximizing procurement resources. She also consolidated the commodity buys to allow CBP to have an anticipated benefit of quantity pricing/discounts to be leveraged for the good of all CBP. In FY21 the IT Marketplace saved $4 million for CBP; for FY22 the IT Marketplace saved $2.5 million allowing the savings to be redirected for other CBP mission-critical requirements. Further, the streamlining of the commodity acquisitions also allows OIT to ensure that all devices deployed are fully imaged, patched, updated and managed for network and cybersecurity requirements by reducing the IT device sprawl through the enterprise infrastructure.
MOST INNOVATIVE CAMPAIGN TO INCREASE SECURITY
People around the nation are working to find creative and engaging ways to help the public understand and prepare for any eventuality. Educating the public about homeland priorities, threats, and vulnerabilities is a critical part of the security equation. The Most Innovative Campaign to Improve Security recognizes a federal, state, local, or private-sector campaign that has increased awareness and preparedness for a threat that requires the partnerships to mitigate and prevent physical or cyber attack, disaster preparedness, human trafficking, infrastructure protection, supply-chain security or any threat to the country.
Department of Homeland Security Office for Bombing Prevention: Douglas DeLancey, Strategy Branch Chief
Douglas DeLancey is Strategy Branch Chief at Office for Bombing Prevention, where the Bomb-Making Materials Awareness Program (BMAP) represents one of the best ways to detect and report suspicious purchasing behaviors in the U.S. A key program of the Cybersecurity and Infrastructure Security Agency’s OBP, BMAP informs and educates retailers and the public about recognizing bomb-making materials, suspicious purchasing behaviors, and the reporting of suspicious activity.
The BMAP team led efforts in 2022 for CISA to collaborate with the FBI on Operation Flashpoint, a joint campaign between CISA and the FBI to build awareness in communities across the U.S. for preventing bomb attacks. The initiative aims to encourage businesses and the public to voluntarily report suspicious activities, such as buying large amounts, or a combination of, chemicals and materials that can be used to build bombs. Currently, approximately 250,000 businesses across the nation sell or distribute everyday materials that can be used for deadly purposes. Bomb-making materials are readily available at beauty supply stores, hardware stores, pool supply stores, sporting goods stores, home centers, and elsewhere.
Domestic violent extremism is on the rise across the U.S., and extremists increasingly plot and attack using improvised explosive devices (IEDs). Terrorists, criminals, and others often build IEDs from common household items using instructions found on the internet. Bad actors can easily purchase enough of certain chemicals and other materials that are readily available in stores to build home-made explosives. Programs that encourage voluntary reporting of suspicious activity can help avert future incidents involving such IEDs.
The Operation Flashpoint campaign has two main goals:
1. Build awareness – Reducing the threat of IED attacks by restricting access to explosive precursor chemicals (EPCs). This means helping businesses detect the illegitimate acquisition, theft, or diversion of EPCs at the retail level.
2. Encourage suspicious activity reporting – Providing businesses with training and guidance to report suspicious activity to police, consistent with the National Suspicious Activity Reporting Initiative (NSI); and encourage reporting to the FBI’s tipline for the Weapons of Mass Destruction Directorate at 1-855-CALL-FBI (1-855-835-5324).
The BMAP team has spearheaded wide-ranging campaign efforts to highlight the dangers of EPCs. For instance, the team conducted more than 8,000 outreach efforts to make point-of-sale retailers aware of EPCs. The team also developed videos and Spanish-language materials to make diverse audiences aware of bomb-making materials, threats and resources.
BMAP’s outreach team has worked with FBI Weapons of Mass Destruction Coordinators, CISA’s Field Force, representatives from CISA’s Office for Bombing Prevention, and its state, local, tribal, and territorial partners on Operation Flashpoint. BMAP visits businesses and community leaders, providing training and outreach materials. During 2022, BMAP and the FBI held numerous awareness events that featured media, legislators, retailers and many others in locations including Orlando, Fla., Fort Collins, Colo., and Phoenix, Ariz. Concurrently, the BMAP team conducted a marketing campaign that reached 700,000 businesses through an e-mailing and mailing campaign. The BMAP team utilized a database of open-source information on businesses that sell or stock explosive precursor chemicals and bomb-making materials.
From “mom and pop” hardware outlets to big-box retailers, citizens and businesses throughout the country play a key role in helping prevent a potential bombing attack, since the bomber can use chemicals and materials readily available in stores. Bomb attacks are a significant threat: In 2021, the U.S. Bomb Data Center reported 1,876 bomb threats, 4,935 suspicious or unattended packages, and 381 bombing-related incidents across the U.S. Recognizing these threats early can help law enforcement take action to try to prevent attacks. Operation Flashpoint helps store owners, managers, and employees spot suspicious activities related to bomb making. As the eyes and ears in this community, residents and business owners alike can learn what to look out for and when to alert law enforcement to large purchases of potentially dangerous chemicals or combinations of items used in homemade explosives.
CITIZEN OF MISSION
The Citizen of Mission award goes to an individual who devotes their personal time, energy, and resources to work for causes related to homeland security. Volunteers, nonprofit leaders, corporate employees — anyone is eligible for nomination as long as they devote time and dedicated effort to supporting the homeland mission.
RC Smith, Board Member, INLETS
A member of the volunteer-run InfraGard since 2011, he joined the Maryland chapter board of directors where he furthered the collaborative information sharing between DHS and other federal agencies by designing and hosting meetings at LM sites. He started a defense industrial base (DIB) working group in protected space where the competitors could gather and share threat concerns while facilitating the FBI and other intel agencies to share threat updates to the specific industry. He attended and graduated from the FBI Citizens Academy and serves as a member of the Baltimore chapter’s Alumni Association. There he has maintained and furthered relationships with industries with similar threat challenges and furthered discussion on resolutions.
Additionally, Smith has helped plan and deliver the INLETS training since 2013. INLETS is a nonprofit created to support law enforcement investigators and analysts with leading-edge training on the most relevant topics by the most experienced individuals possible. There, he serves on the INLETS board of directors and chairs the benefactor program, which he designed to recognize and reward those who serve our communities.
Through all these official positions, Smith is also a noted pen turner. In that quiet role, he humbly designs unique, handcrafted, one-of-a-kind writing instruments for individuals who serve our country or support those who do. For instance, his pens have been requested by organizations who presented them as tokens of appreciation to Col. Oliver North and Gary “Lt. Dan” Sinise. In his own principled way, he has never sold a pen for profit but rather as a personal gift to individuals with a servant’s heart.
In his “day jobs,” Smith became a U.S. Marine shortly after graduating high school. He served a 21-year career with distinction throughout the Pacific and then as the Senior Enlisted for Guantanamo Bay, Cuba. Once entering civilian life, he joined Lockheed Martin where for 25 years he has served in physical security, crisis management and counterintelligence roles at multiple facilities in the DMV. For over 45 years he has led, facilitated, and protected defenders of our nation.
For his 45 years of supporting the national security mission abroad and at home, as a U.S. Marine and as a defense contractor, in designing substantive training programs, and creating unique gifts of appreciation, RC Smith is a Citizen of Mission. He has lived his life in “Oscar Mike” fashion. That military phonetic alphabet stands for “On Mission.” And if you know RC, that is the way he lives — with focus, purpose, and intention.
ORGANIZATION OF MISSION
Integrated Community Solutions to Active Violence Events (ICSAVE)
Living and working within their respective communities, they actively strive to develop integrated preparedness and response practices and strategies to prevent or mitigate the physical, psychological, spiritual and financial impact of incidents ranging in severity from common workplace and recreational injuries to violent mass casualty incidents. To date, they have provided lifesaving education to over 160,000 Arizonans.
Throw Away Dogs Project
Many dogs have already been trained and supplied to law enforcement and emergency services departments. Examples include Hansel, an arson detection dog for the Millville Fire Department, and Dubai, a dual-purpose explosives detection and patrol dog who was supplied to the Philadelphia Transit Police Department.
MOST VALUABLE PLAYER
The MVP award is given to an official or team that modernizes and improves the operations and performance of an agency, component, or division to increase capacity, speed delivery, use innovation and improve performance. These leaders also focus on the future – developing strategies and plans to address our constantly changing, dynamic threat environment.
Department of Homeland Security Enterprise Non-Person Entity (ENPE) Public Key Infrastructure (PKI) Project: Dennis Martin, Gladys Garcia, and Giuseppe Cimmino, Office of the Chief information Officer
Automation is the key to reducing operating costs, reducing system outages caused by expired device certificates and supporting mission agility. Current manual processes for certificate issuance and renewal have higher labor costs and do not scale. The need for device certificates has increased significantly as DHS implements zero trust per the Biden administration’s Executive Order 14028 and the Office of Management and Budget’s Memo M-22-09.
ENPE PKI is based on a modern Certificate Authority (CA) platform that offers multiple protocols for certificate automation, including Microsoft Auto-Enrollment (MS AE) for Active Directory integration, providing an upgrade path from Microsoft Certificate Server, Automated Certificate Management Environment, an industry standard (IETF RFC 8555) made popular via the public Let’s Encrypt certificate service, and Enrollment over Secure Transport protocol (EST), industry standard (IETF RFC 7030) to automate facing with existing Certificate Management tools in components. ENPE PKI was built by a DHS team that has the previous successful experience of operating PKIs for the Department of State, Federal Bureau of Investigation, and General Services Administration and provides a high assurance solution to increase DHS security posture.
Key security enabling aspects of the ENPE PKI design include a highly available, scalable online architecture implemented with the DHS HQ Cloud Team, storage of CA private keys in Federal Information Processing Standard 140 Level 3 hardware security modules on premise and in the cloud, implementation of an offline root CA distributed across multiple physical DHS locations, native PIV user authentication, and adherence to a high-impact security control baseline.
There are additional non-technical, security enhancing aspects of the ENPE PKI system. Centralized policy enforcement, auditing, and monitoring support better governance. Attribution of issued certificates to the system’s FISMA ID that are issued for improved visibility and enables automation of certificate expiration notifications. Having a DHS Enterprise wide root of trust enables root certificate consolidation, easing trust store management, making it easier to identify rogue root or self-signed certificates used by adversaries such as those related to the Solar Winds incident. Additionally, having a modern enterprise CA supports DHS with the crypto agility necessary to manage the migration to post quantum cryptography.
Dave Mooney, Cyber Shared Service Management Chief, Cybersecurity and Infrastructure Security Agency
Protective DNS went live in March 2022, and since then the service has blocked more than 135 million attempts to penetrate network security on domain name services for FCEB agencies. Mooney and his team are future- oriented, and they continue to refine service requirements and gain a deeper understanding of the diverse adoption needs. The feedback gathered from continuous agency engagement and internal CISA stakeholders informs the future of Protective DNS and allows the team to iterate on service enhancements to further protect agencies and bolster CISA’s strategic priorities. The success of Protective DNS is the culmination of Mooney’s strategic vision to modernize the service by enhancing agency and CISA protection and improving response capabilities and efforts to stay ahead of the ever-evolving threat landscape.
ABOVE AND BEYOND
This award recognizes those who were met with extraordinary challenges and rose “above and beyond” their day-to-day job to meet them. Our inaugural winners are bound by their efforts in private and public sectors to help evacuees from Ukraine.
Dale Buckner, CEO, Global Guardian
Buckner is a 24-year U.S. Army Veteran, retiring with the rank of colonel. He has extensive intelligence, counterterrorism and special operations experience, commanding 5 organizations including an Infantry Reconnaissance Platoon, Special Forces Scuba Team, Special Force Counter-Terrorism Team, a Special Forces Counter-Terrorism Task Force, and a Special Troops Battalion. He has numerous combat and classified deployments including Iraq, Afghanistan, Kuwait, Colombia, Cuba, El Salvador, Chile, Panama and Haiti.
Kareem Baker, Project Manager, U.S. Customs and Border Protection
Baker, working with airport authorities, air carriers, HHS, DoD, DHS, DoS, and OGAs, set up processing facilities and processing centers for Ukrainian evacuee arrivals, and created dashboards that promote interoperability between DoD, CBP, DoS, USCIS, and the TSA. PSPD worked with multiple stakeholders to automate traveler vetting against law enforcement databases and allow for manual vetting by the NTC as well as integrating with the NVC, and ATIS provides air carriers the ability to validate an approved application and generate a noncitizen’s boarding pass, providing CBP officers at POEs confirmation of a noncitizen’s application status. Baker’s team was able to collaborate efforts with more than a dozen agencies, internal support and application teams, and stakeholder entities to roll out completely new functionalities, automate multiple processes, increase capacity and performance of current applications, and minimize the costs normally associated with such a huge effort.
Often the “back-end” side of the mission is the most neglected, and yet often the most important. Recipients of the Backbone award have accomplished extraordinary feats to ensure that the support functions of an agency maximize efficiency, support mission and account for new advancements and technology.
Enterprise Financial Management Systems Team, Department of Homeland Security Office of Procurement Operations
The $3 billion EFiMS procurement provides the department with a suite of integrated financial management software options that DHS components can choose from when supporting financial systems modernization efforts. EFiMS was developed alongside the $1 billion Enterprise Financial Systems Integrator (EFSI) strategically sourced vehicle to provide the products and services needed to facilitate the migration and integration of financial, procurement, and asset management systems across the agency. Both of these procurements are enabling DHS to sustain clean audits and enhance its ability to remove itself from GAO’s high-risk list.
The EFiMS team has spent countless hours working collaboratively across DHS’s Management Directorate and component organizations in every phase of the procurement, from acquisition planning to final solicitation, and everything in between: all this while also keeping industry and senior DHS leadership informed. The team took the lead in helping finalize requirements, issue the solicitation, and handle multiple protests that required them to reset and refocus efforts anew. Undaunted, they continued their work with the Joint Program Management Office, the Chief Procurement Office, the Chief Financial Officer (CFO), Office of General Counsel, U.S. Department of Justice, component CFOs, and industry to finally make this highly important award.
The EFiMS team who have advanced the DHS mission and made a significant inroad toward the realization of the department’s financial systems modernization initiative are David Ritter (DHS), Chris Kraft (FEMA), Rachel Harriott (DHS), Christine C. Fontenelle (DHS), Pavan Mehrotra (DHS), Charlene Storino (DHS), William Grimaldi (U.S. Department of Justice), Stephen J. Smith (U.S. Department of Justice), Chris Friedline (ICE), Ramona Thomas (S&T), Cheryl Ferguson (FEMA), Tammie Page (USCIS), Bruce Shaw (DHS), Sohl Han (DHS), Mark Hudak (DHS), Jeff Bobich (DHS), Ruth Shearer (DHS), and Thaddeus Rowan (DHS).
Carol Taylor, Accounting Systems Division Chief, U.S. Coast Guard
Over 10 years ago, DHS and FINCEN began to realize the need for a consolidated financial system with improved processes, workflows, and reporting mechanisms to serve DHS components’ modern financial requirements that supports a user base of over 19,000 resources dependent upon its financial systems. Through the Financial Management Service Improvement Initiative (FMSII), Taylor, along with the Integrated Product Teams from DHS, FINCEN, and contractors, discovered disparate financial and asset systems, manual spreadsheets, and duplicate processes performed by internal stakeholders to support the delivery of complex business processing functions across a daily, weekly, monthly, and annual deadline. Compliance with federal financial regulations, laws, and standards required checklists and SMEs with historical knowledge of working with FINCEN and DHS component agencies to avoid issues or delays within these processes.
Furthermore, consistent weekend and night work was critical to business processes, patching, and security of the CAS Suite to complete processes on time. For years, FINCEN used the CAS Suite to manage the financial, asset, and procurement functions for the CG, and other DHS component customers, including the Transportation Security Administration (TSA) and the Countering of Weapons of Mass Destruction Office (CWMD). FINCEN also used an integrated master schedule to run the business processes for these components. The CAS Suite consisted of 14 systems and feeder applications to meet the varying financial and reporting needs to support each component’s financial requirements.
To successfully move to the FSMS, Taylor ensured the following:
- CAS Suite availability while the data migration occurred for millions of lines of code for each DHS component.
- Continuation of complex month-end closing on schedule and by the processing deadline for each DHS component.
- More than 800 million records and transactions FINCEN is responsible for annually were consistently maintained.
Taylor did this successfully and, in the process, continued to lead FINCEN staff and contractors in producing workarounds in CAS Suite to provide cost and time savings while preparing each component for their respective FSMS migration. As part of her FSMS migration efforts, Taylor implemented a dedicated training center to teach staff how to use the system and continue to be successful in their respective financial roles. Taylor also understood that a dedicated specialized help desk team would need to be established to support the administrative and systems requirements for each DHS component customer’s successful move to the FSMS.
Taylor is a key contributor and thought leader in the overall success of the FSMS. The complexity and detail required to understand major facets of the federal, DHS, and each DHS component’s needs are critical for her to be able to guide and provide recommendations from the everyday user to the DHS executive stakeholders throughout the business process re-engineering efforts. When delays occurred throughout the transition of the FSMS with the developers, Taylor provided key workarounds. She has also enabled quicker service time by using the same standards across business processes, organizing a true help center for resources to get answers quickly and readily, and ensuring the security of FSMS to thwart the ever-growing cybersecurity needs DHS faces. FINCEN is a better organization due to Taylor’s undeniable and critical leadership.
Department of Homeland Security Security, Development, and Operations (SecDevOps) Team: Robert Foster and Chakris Raungtriphop, Office of the Chief Information Officer (OCIO)
To support the action plan’s success, the team established partnerships with Management Directorate Lines of Business (MGMT LOB) offices that participated in the AAWG to ensure equity across DHS as the agency implements modern IT delivery. Briefings were developed to share with partners and the team met with OCIO and Management directorates to solicit input and support for the campaign. SecDevOps working groups were created that collaborate with components and directorates to receive and incorporate feedback to finalize the action plans. The SecDevOps Campaign plan was briefed to OCIO Executive Directors, the DCIO, the CIO, the CIO Council, and the AUSM and was well-received by all.
EXCELLENCE IN OUTREACH
Much of partnership requires knowledge and understanding. Communication between industry and government to achieve the best products and services requires outreach in all stages: requirements building, request for information, effective industry days, outreach through engagement and much more. The Excellence in Outreach award recognizes the agency, department, or individual that has excelled at engaging, explaining and educating to benefit the mission of securing the nation.
Curtis Tilley, Branch Chief, Office for Bombing Prevention, Cybersecurity and Infrastructure Security Agency
Branch Chief Curtis Tilley at the Department of Homeland Security’s Office for Bombing Prevention, within the Cybersecurity and Infrastructure Security Agency, consistently displays the agency’s core values of honesty, professionalism, and public service. He understands the importance of building connections, developing relationships and collaboration to drive smarter, more insightful engagements with national and international public safety organizations and security professionals. Tilley was instrumental in the federal government’s response to bomb threats that targeted Historically Black Colleges and Universities (HBCU). He developed a communication strategy and outreach plan to provide just-in-time products specifically for HBCUs. He led the effort to develop a suite of resources to assist universities in responding to bomb threats, including critical resources for handling bomb threats that provide an overview of available resources, a bomb threat response plan template, bomb threat awareness, and a tabletop exercise package. This was followed by numerous training events for HBCUs in face-to-face and virtual deliveries.
Tilley’s innovative strategies were key in the office’s international engagements with Canada, Mexico, Romania, and the United Nations to help build counter-IED core capabilities and enhance awareness of terrorist threats. This strategy called for a shared approach to security in which the partnering countries work together to address threats to critical infrastructure and citizenry. He led the office’s outreach efforts with Public Safety Canada and the Royal Canadian Mounted Police in the Beyond the Border initiative to enhance understanding of the bomb threat environment and share information and training products to help enhance cross-border critical infrastructure protection and resilience. Tilley, in cooperation with the Department of State’s Export Control and Related Border Security (EXBS) Program, led the international collaboration efforts with the Mexican government to share bombing prevention practices and awareness training products. The benefits of the yearlong outreach effort were realized when the Office for Bombing Prevention delivered training to members of the Mexican Secretariat of the Navy, Secretariat of Defense, Ministry of Security and Citizen Protection, Federal Protective Service and the National Coordination of Civil Protection. Tilley was instrumental in the office’s efforts to protect life and critical infrastructure by building capabilities within the general public and across the public and private sectors to prevent, protect against, respond to, and mitigate bombing incidents. The OBP Training Branch under his leadership recently reached a milestone of training its 150,000th person in bombing prevention.
Harris County Office of Homeland Security and Emergency Management
In the emergency management world, campaigns are often focused on educating adults, seniors, small businesses, etc., on preparedness and available resources. Oftentimes the younger, but equally important, demographic of children can be overlooked. This inspired HCOHSEM to create a campaign that would inform and educate children on disasters that can occur right in their backyard.
Launched in 2020 in partnership with the Texas Wildlife Rehabilitation Coalition, the aim of the Olivia the Preparedness Opossum campaign was to educate children on different types of disasters they can face in their lives, and how they can safely prepare for these times. The campaign first began with the creation of the mascot, Olivia. The cartoon opossum is regularly featured on HCOHSEM’s social media accounts, reminding children to stay safe and informed in their communities. To further outreach into the community, HCOHSEM also created a Kids Preparedness Activity Book. This interactive book features Olivia the Preparedness Opossum, who teaches kids about different types of disasters, what to wear in various emergencies, and how to create an emergency kit. The book also includes a family communication plan, which encourages children to memorize their name, address, guardians’ names, phone numbers and more.
Not only is the Kids Preparedness Activity Book available for free to the public, but it is also accessible in English, Spanish, Chinese, Vietnamese and Arabic. The initiative to make this activity book available in multiple languages allowed it to reach a large demographic in diverse Harris County. As of today, more than 5,000 activity books have been distributed to children all throughout Harris County, and the Olivia Preparedness Campaign continues to grow on social media. With COVID-19 restrictions being lifted, there is now greater opportunity to continue expanding this campaign. HCOHSEM continues to increase their efforts on preparing children for any type of disaster.
Tania Bougebrayel Cohn, Community Engagement and Resilience Manager, Arlington County Department of Emergency Management
Bougebrayel Cohn founded and led the county’s Complete Vaccine Committee (CVC), a volunteer group made up of more than 150 diverse community leaders who served as ambassadors, sharing COVID-19 updates and vaccination information across their network and community. The group donated more than 2,000 hours to hosting over 70 multi-language outdoor, socially distanced community listening events, assisting hundreds of residents in registering for the vaccine and sponsoring special all-volunteer events at houses of worship, food pantries, and at pop-up sites throughout the county. The CVC focused on underserved communities most impacted by the pandemic, and members met monthly to share community needs and strategize the best ways to address them. For example, CVC members shared feedback that many working mothers in an affordable housing complex had trouble scheduling leave or securing childcare to get vaccinated. As such, the CVC and Emergency Management hosted pop-up vaccine clinics at the housing complex to help residents overcome transportation, work, and childcare barriers to vaccination. This sort of grassroots strategizing built overall community resilience by bringing information and services to those least likely to have access to it.
Bougebrayel Cohn capitalized on the success of the CVC throughout the pandemic to launch CARRT, an agile, diverse, and sustainable resident-driven group that works alongside the county’s emergency management team to identify barriers and solutions for enhancing community resilience. CARRT uses a whole community and equity lens to bring emergency preparedness, response, and recovery information to underserved communities through trusted partners such as faith leaders and social services providers. The group meets monthly at roundtable sessions facilitated by Bougebrayel Cohn and the emergency management team to discuss community needs to build emergency preparedness and overall resilience and to identify grassroots solutions to address them. This group is the first of its kind in Northern Virginia and will provide a landmark shift in delivering a sustained, diverse, community-driven lens to ground emergency planning and response. The planning and launch of this group took over a year of data analysis and community engagement. Her work occurred while also navigating emergency response priorities including hazardous weather response, COVID-19 response and planning for significant events such as Independence Day celebrations on the National Mall. Through it all, Bougebrayel Cohn maintained her focus on the homeland security mission of Ensuring Resilience to Disasters and has built a more secure, united, and empowered community.
EXCELLENCE IN EDUCATION AND TRAINING
This award recognizes an organization’s exceptional efforts in building partnerships and capacity for entities to be able to better detect, prevent and respond to a range of threats.
Using this model, the team has created agendas that are equally important to both the private and public sectors. INLETS has reached over 10,000 attendees from more than 1,000 agencies and companies, over 20 InfraGard chapters, 30 state fusion centers, and 40 institutions of higher education from 47 states and seven countries. A one-day program on active shooters was requested through the private sector including faith-based organizations, schools, and retail companies. While among the most common topics offered by hundreds of entities, this agenda averages 150 attendees from 100 entities and companies traveling from seven states for the one-day program. Similarly, the team offers a one-day program on cyber-based financial institution fraud. With an average of 120 attendees traveling from the four largest financial institution markets, they learn from law enforcement and industry experts on the current and emerging threats. After the onset of the pandemic, the team identified and worked with an academic partner to use these same presenters in webinar programs (INLETS Online) so that the attendees could safely maintain their professional development while complying with health department and company policies. And in the past two years, the team has focused on returning to traditional training platforms.
The five-day program (2021-22) is regarded as the best violent crime and terrorism training available. Referred to as “an experience, not a training,” the program averages 9.3 out of 10 with 175 attendees from 100 agencies across 15 states in three time zones. It is mandatory training for a number of police agencies. In 2023, it heads to New Orleans for its third visit. Newly added focused training includes a 4-day agenda specifically on homicide investigations (2021, 2022) with a 9.7 survey evaluation. Using that same format, new for 2023 are investigative social media and tech resources and another on behavioral threat assessment. With the academic partner, these programs are also being evaluated for academic credit in addition to CEUs. Through 2022, INLETS has been collaborating on expanding the training aspect of the program to include investigative support. And INLETS is developing a platform to support law enforcement with cold case consultations and investigative genealogy set for late 2023. This team, made up of federal, state, and private-sector colleagues, has been afforded great opportunity to successfully support, collaborate, and train attendees from the federal, state, and private-sector communities.
EXCELLENCE IN EDUCATION AND TRAINING: CYBER
Department of Homeland Security Office of the Chief Information Officer Workforce Phishing Campaigns: Steven Friend, Lisa Cooper, and Lawrence Knachel
Friend, Cooper, and Knachel routinely show initiative in improving performance and productivity throughout DHS management. They identified a solution to conduct phishing exercises for Local Area Network (LAN) A users and HQ to resolve Fiscal Year (FY) 2019 and FY20 Office of the Inspector General Audit findings for not conducting exercises as required in DHS Policy Continuous Improvement of Department of Homeland Security Cyber Defenses, November 2017. They consistently deliver exceptional business services to customers and serve as stewards of supporting the DHS mission. Quarterly phishing exercises are conducted across HQ organizations whose employees and contractors use LAN A to gauge overall cybersecurity awareness, capture metrics for training effectiveness, and assist some components in meeting the FY22 Information Security Performance Plan (ISPP) requirements.
Friend and Cooper identified and communicated Social Engineering metrics across the Enterprise, to include HQ. These metrics were incorporated into the FY22 ISPP. Additionally, each quarter, they create and publish a landing page where users who click phishing links will be taken. This page identifies the campaigns as phishing exercises, highlights the cues in each email that indicate they are a phishing attempt, and provides micro-training for users who were phished.
Cooper leads the phishing effort across HQ and its organizations while ensuring customer service remains a priority. Scheduling and rules of engagement approvals were obtained by Chief Information Security Officers from the Cybersecurity and Infrastructure Security Agency, Countering Weapons of Mass Destruction Office, HQ, Intelligence and Analysis, OIG, and the Science and Technology Directorate at the start of the phishing campaign. Cooper coordinates with stakeholders to include component CISOs, the DHS Network Operations and Security Center, and the Information Technology Service Desk to ensure there are no questions or concerns prior to launch. Additionally, she coordinates content review for select stakeholders such as I&A Counterintelligence, Office of the Chief Human Capital Officer, and Office of the Chief Security Officer. At the conclusion of each phishing exercise, Cooper gleans lessons learned from various stakeholders, analyzes the results provided by Knachel and the Network Operation Security Center, and develops reporting metrics for each component stakeholder, as well as an executive report for Chief Information Officer Eric Hysen.
Knachel is instrumental in the development, review, and dissemination of phishing email content as well as providing insight into possible reasons for the results we have seen.
All three individuals play a crucial role in DHS’ commitment to provide high- quality services by ensuring that each email follows a progressive complexity model throughout the fiscal year. This was accomplished by drafting each email based on the National Institute of Standards and Technology Phish Scale. The first email was intended to be an obvious phishing attempt in Q2 with each successive email increasing in difficulty throughout FY22. Emails were recognized by several HQ organizations as being real-world focused and increasingly harder to detect as being part of a phishing simulation.
Kiersten Todt, Chief of Staff, DHS Cybersecurity and Infrastructure Security Agency
Prior to her role at CISA, Kiersten served as the Managing Director of the Cyber Readiness Institute (CRI), a nonprofit initiative that convenes senior executives of global companies to develop free cybersecurity tools and resources for small businesses, worldwide. She co-founded CRI in 2017 with the CEOs of Mastercard, Microsoft, PSP Partners, and the retired CEO of IBM. She was also the non-resident scholar at the University of Pittsburgh Institute for Cyber Law, Policy, and Security. She most recently served in the federal government in 2016 as the Executive Director of President Obama’s independent, bipartisan Commission on Enhancing National Cybersecurity.
Amanda Day was instrumental in standing up the “Hack DHS” program. She was the lead for creating the rules of engagement that govern the program, identifying the first set of systems assessed under the program, building a relationship with the team at Cybersecurity and Infrastructure Agency’s Quality Services Management Office who owned the contract the program executed and providing key guidance to the execution of the events. Lawrence Knachel played a critical role in the lead-up to the event, performing the initial outreach to system owners to explain the purpose of the program, completing the rules of engagement for the assessment, training system teams on how to use the platform, and assisting with determining which assets would be assessed. During the event, Knachel conducted daily meetings in which system teams were briefed on new vulnerability findings, presented explanations of the risk those findings presented, and provided guidance on mitigating the vulnerabilities. He regularly briefed leadership with updates, observations, trends, and insights that came from the program. Knachel also represented DHS in interactions with the security researcher community and bounty program vendor. This involved answering questions about the relevancy of findings, ensuring that system owner equities were represented, and making changes to the program as needed based on how it was affecting production systems. Knachel also served as the authority for payout determinations to the researcher community, ensuring payments matched the severity of submitted vulnerability reports.
EDUCATION AND TRAINING HERO OF THE YEAR
This award recognizes an individual’s exceptional efforts in building partnerships and capacity for entities to be able to better detect, prevent and respond to a range of threats.
Jason Kepp, Assistant Director for Training and Professional Development, Federal Protective Service
The mission of the FPS covers all U.S. states and U.S. territories. To reach the entire workforce, Kepp constantly identifies new ways to deliver consistent and quality training efficiently with limited resources. For example, he integrated virtual reality (VR) training with existing in-person and computer-based training. To improve his understanding of this technology and see if it could enhance TPD’s capabilities, Kepp first inquired about the capabilities with a half-dozen vendors in the private sector that offered VR-based training. This outreach led him to the New York Police Department (NYPD), which was using the technology to learn about its effectiveness within law enforcement. The knowledge-sharing with the NYPD eventually led to Kepp teaching others about VR in law enforcement training. Not only did he speak on the topic during a Protective Agency Comparison group meeting — this FPS-founded group brings together 13 federal, state, and local law enforcement agencies that are similar to FPS in mission, size, and capabilities — but he took representatives from the D.C. Metropolitan Police, Baltimore City Police Department, and Federal Law Enforcement Training Center (FLETC) to New York to determine if VR training was advantageous to the law enforcement industry.
In the past several years, Kepp has worked to shift law enforcement training toward law enforcement education. This new focus trains officers to use a skill and explains why they should use it. This has been prevalent in his work developing the Public Order Policing Program and improving use-of-force training. To develop a training and learning program that can increase public trust and safety, he knew both programs had to be evidence-based and backed by research. To achieve this, he reached out and benchmarked with several different agencies, departments, academic institutions, and police forces, both domestically and abroad, to make certain the programs and policies he built would encompass worldwide best practices.
Kepp reached out to and developed longstanding relationships with the U.K. College of Policing Public Order Public Safety Standards, the U.K. National Police Chiefs Counsel, and the U.K. Metropolitan Police Specialist Training Centre in Gravesend, to name a few. In January 2022, Kepp and other FPS leadership traveled to the United Kingdom to benchmark the U.K.’s national Public Order Training program. Through this strategic engagement, the team learned more about crowd psychology, the National Decision Model and Joint Decision Model, and the importance of policy legitimacy and community engagement. The Public Order Policing Program equips our federal law enforcement officers with the training and knowledge to properly prepare for the unpredictable environment of public order policing. This groundbreaking program in the U.S. that Kepp put together will directly contribute to protecting our law enforcement officers and the public. Participants attending the kickoff of the Public Order Policing Program in November 2022 are from other federal, state, and local police departments, showing how Kepp continues to reach out to others to ensure the protection of the homeland.
Kepp is an outstanding example of how learning and sharing between industry and government partners leads to a robust and better product. In his case, the training and policies he developed based on the relationships he cultivated are some of the best representations of the FPS. Kepp’s ability to reach across any aisle, border, or industry for the sake of the mission of DHS and FPS is unmatched.