Articles/Minutes

This section will contain featured articles and minutes from our monthly and quarterly meetings; and any special events that members or officers may participate in and want to provide feedback.

To submit an article for this section, please send your document to: barbara.mccrary@infragard.org

December 1, 2010 Monthly Meeting

Our December monthly meeting was held in OKC at the Symposium Conference Room of the Presbyterian Health Foundation (PHF) Conference Center. Elaine Dodd, our InfraGard Banking and Finance Sector Chief (see below), discussed recent fraud activities related to bankers and customers (both personal and retail), which included a discussion of the recent debit card breaches, ACH batch fraud and other scams. Elaine discussed the layers of security that banks are now employing and explore ways that our cyber experts can help on this frontier. As the issues change daily, this was an up-to-the-minute exploration of a topic that impacts us all.

Elaine1 Elaine2

Additionally, Supervisory Special Agent Matt Harper (not shown) provided an overview of "US v Petrov, Krivosheev, and Illarionov", which was an online wire fraud case where a small Oklahoma company initially lost approximately $1.2 million via unauthorized wire transfers out of their bank account. The Oklahoma FBI Office worked the investigation, which recently concluded in a trial where two of the subjects were convicted.

November 3, 2010 Monthly Meeting

Our November 3rd monthly meeting was held in OKC, at the Symposium Conference Room of the Presbyterian Health Foundation (PHF) Conference Center; and was broadcast via video conference to our Satellite Organizations at OSU Tulsa and to our Satellite at Western Oklahoma State College in Altus.

The presentation addressed "Education Sector", which is 1 of the 18 Critical Infrastructure and Key Resource (CI/KR) sectors established by the U.S. Department of Homeland Security (DHS). Our scheduled speaker was Troy Milligan and his presentation will focus on the Family Educational Rights and Privacy Act (FERPA).

Troy is Director of Institutional Research at Redlands Community College, the President, 2009-2012, of the Oklahoma Association for Institutional Research & Planning (OKAIRP) and a member, 2010-2013, of the POISE Users Group to advance the effective utilization of the software products sold by Campus America, Incorporated.

Ken Ontko opened the Meeting with several announcements prior to introducing Troy Milligan. Our first order of business was to recognize several members of the management from on of our Platinum Sponsors, the Presbyterian Health Foundation. Accepting on behalf of Michael D. Anderson, Foundation President and CEO., J.R. Caton, Vice President and Tim Finkle, Director, Executive Conference Center was Tim Finkle (shown below) receiving all three "certificates of appreciation" from Assistant Special Agent in Charge of the Oklahoma FBI Office, Greg Melzer.

Tim and Greg Tim and Greg

Following the awards ceremony, Ken introduced Troy, who proceeded to provide a concise, but thorough review of FERPA. The Family Education Rights and Privacy Act of 1974, commonly known as FERPA, is a federal law that protects the privacy of student education records. Students have specific, protected rights regarding the release of such records and FERPA requires that institutions adhere strictly to these guidelines. Therefore, it is imperative that the faculty and staff have a working knowledge of FERPA guidelines before releasing educational records.

Troy Milligan Troy Milligan

October 6, 2010 Quarterly Conference

On October 6th, we held our third Quarterly Conference, which was at the Francis Tuttle Bruce Gray Center, 3500 NW 150th St., Oklahoma City, OK 73134. The Critical Infrastructure and Key Resource (CI/KR) theme for October was the Information Technology sector in general and Cyber Security specifically.

This was a "joint conference" with the Information Systems Security Association (ISSA), the InfraGard Oklahoma Members Alliance (IOMA) and the Association for Contingency Planners (ACP).

October was "National Cyber Security Month"

http://www.staysafeonline.org/content/national-cyber-security-awareness-month

National Cyber Security Month Banner

Information Warfare Summit III Agenda

7:30 Registration Opens -- 170 IOMA members and guests participated in this event

8:15 Opening Remarks by Ken Ontko, Eryn Tribble and Kevin Turner (MC) [below left]; and Assistant Special Agent in Charge of the Oklahoma FBI office, Greg Melzer [below right], acknowledged the FBI's commitment to InfraGard, explaining the value of the information his office receives from our members; ASAC Melzer expressed his appreciation for the contributions from the InfraGard officers, board, ISSA, ACP and others involved in the planning and preparation for this event.

Ken Ontko, Eryn Tribble and Kevin Turner Greg Melzer

8:30 Tim Elrod - "Adventures in Limited User Post Exploitation"

Just how much damage *can* be done with EIP under a non-Administrative Windows environment? Much, much more than you likely think. Through new techniques and live examples, attendees will be guided through the modern day attack surface of a restrictive corporate Windows world. Based purely on the Windows privilege model, demonstrations and new code will cover techniques related to collecting and replaying passwords and password hashes, destroying the browser trust model, attacking the network and the domain, and more, all without administrative access.

Moving into a world of Windows Vista, 7, and hardened XP environments, the days of easily popping shells with Admin access are becoming less common. When a Limited User is exploited via client side vulnerability, damage is often believed to be lessened due to the inability of attacker code to access sensitive portions of the OS, such as those containing passwords and password hashes, without an additional privilege escalation exploit. Despite conventional wisdom from vendors and security press, taking your users out of the 'Local Administrators' OU doesn't mean your environment is magically protected from privilege-agnostic attackers.

9:30 Sean Satterlee - "Egress: What's better than walking out the door?"

Long gone are the days where hackers simply broke in to a network to read data, break a system, or deface a website. The modern hacker is interested in stealing data for profit. This can be realized by a short-term vulnerability where the hacker is in and out, but often it's a long term penetration where the intruder sits for months inside your system collecting data. Hear this explanation of how easy it is to remove data from a secured network and how that stolen information is exploited.

Sean Satterlee

10:15-10:45 am Justin Williams - iPhone Hacking--Jail Breaking iPhone 3 and 4

Justin demonstrated several established vulnerabilities on the iPhone 3 and Wowed the audience with a "zero day" weakness on the iPhone 4.

Justin Williams

10:45-Noon - DC405 Presents "Hacking in Real Time" — a real time demonstration of what hackers do: finding vulnerabilities and exploiting them.

DC405 is a information security/technology user group located in Oklahoma City, OK. Organized in October 2007, the DC405 group was created under the DEFCON groups' banner to provide group members an opportunity to discuss interests and share technical presentations. DC405 members are active in the IT, InfoSec, and technology industries. Below, Sean, Justin, Tim and Kevin collectively showed their collective skills on several different platforms and operating system vulnerabilities.

DC405 Hacking Demo

Noon-1:00pm  - Box Lunches for a majority of our attendees, courtesy of FishNet Security

1:30-2:25 pm - Lloyd Smith - "Improving Total Continuity of Operations"

To meet the threats of the future (including Cyber attacks) total Continuity of Operations is required. Effective emergency response, disaster recovery for IT, business continuity for functional continuity and government and community continuity to ensure public safety, the protection of our infrastructure and continuation of necessary and desired services for communities, employees and families are required. Col Smith discussed the compelling case for continuity planning to include issues and considerations. If all components don't recover effectively, severe operational, economic, community and personal impacts will likely result. He discussed essential basics and best practice principles for successful contingency planning as well as shared responsibilities. The presentation included lessons learned from disasters and trends and challenged future contingency planning to include these requirements for effective cyber security.

Lloyd Smith

2:30-3:45 pm - Dr. John Hale - "Transforming the Risk Assessment Pipeline"

Information security risk assessment methodologies are typically driven by a loosely connected set of processes that integrate a mixture of quantitative and qualitative data. The ad hoc and subjective nature of these methodologies hinders objective analysis of security risk and stunts the opportunity for a more systematic and sweeping application of risk management principles in the system development life cycle. This presentation characterizes the risk assessment pipeline and describes on-going research in the Institute for Information Security at The University of Tulsa to develop next generation technologies for IT. iSec researchers are developing an array of technologies -- centered around adversary profiling, mission modeling, adaptive attack graphs, and real time attack management -- to improve the state of the art for risk assessment. Their efforts are aimed at seamlessly integrating an objective and unified collection of solutions into the pipeline, affording a more refined view of risk to support informed security decision making.

Dr John Hale

4:00 Closing remarks and door prizes.

Door prizes included two Kindle wireless electronic readers, two 500GB external hard drives, two $100 American Express gift certificates and a many other nice items donated by several of our generous sponsors.

September 1, 2010 Monthly Meeting

Our September 1st monthly meeting was held in OKC at the Symposium Conference Room of the Presbyterian Health Foundation (PHF) Conference Center; and was broadcast via video conference to our Satellite Organizations at OSU Tulsa and to our newest Satellite at Western Oklahoma State College in Altus.

The presentation addressed "National Monuments", which is 1 of the 18 Critical Infrastructure and Key Resource (CI/KR) sectors established by the U.S. Department of Homeland Security (DHS). Our scheduled speaker was Leon Gillum, Director of Security for the Oklahoma City National Memorial.

Leon Gillum

Ken Ontko opened the Meeting and introduced Mr. Gillum (below).

Mr. Gillum's topic was on our very own Oklahoma City National Memorial-Then and Now. He talked about the events that led to the creation and building of the Memorial and discuss the ownership and operations of the Memorial focusing on general safety, security issues and the resolutions.

Leon came to the Memorial after retiring from the Oklahoma State Bureau of Investigation as Inspector-in charge of the Criminal Intelligence Unit. He was a responder and investigator with the FEMA-DMORT team during the April 19, 1995 bombing of the Alfred P. Murrah Federal Building. A former police officer, undercover narcotics agent and US Marine, Mr. Gillum holds a Bachelors Degree in Social Psychology and a Masters Degree in Criminal Justice Administration.

Leon Gillum Presenting

August 4, 2010 Monthly Meeting

Our August 4th monthly meeting was held in OKC at the Symposium Conference Room of the Presbyterian Health Foundation (PHF) Conference Center; and was broadcast via video conference to our Satellite Organizations at OSU Tulsa and to our newest Satellite at Western Oklahoma State College in Altus.

The presentation addressed "Healthcare and Public Health", which is 1 of the 18 Critical Infrastructure and Key Resource (CI/KR) sectors established by the U.S. Department of Homeland Security (DHS). The topic was the Oklahoma Medical Reserve Corps (OKMRC), which is Oklahoma's only medical and public health volunteer program. The OKMRC is a statewide system comprised of specialty teams, and county units operating under the authority of local county health departments. In a large-scale event that impacts or threatens the health of a community, local emergency response systems and personnel will likely become overwhelmed and OKMRC volunteers may be requested to assist with preparedness, response and recovery efforts. The OKMRC may also be utilized to strengthen Oklahoma's public health infrastructure by participating in activities which promote the U.S. Surgeon General's initiatives.

Ken Ontko opened the Meeting and introduced the speakers:  Kendal Darby (below left) and Debra Wagner (below right)

Kendal & Debi

Kendal Darby received her Bachelor of Science degree from Oklahoma State University in 1997. In 2005, she completed a Master of Public Health at The University of Oklahoma and was the first graduate with a degree in Public Health Preparedness and Terrorism Response. Kendal currently works for the Emergency Medical Services Authority (EMSA) as the Oklahoma Medical Reserve Corps State Administrator.

Debra Wagner, CVA, is a native of Western New York. She earned a Bachelor's Degree with honors in Criminal Justice and Sociology from Alfred University in May of 1988. She has experience in security management, law enforcement, child protective services, and mental health case management. Debra earned her Professional Certification in Volunteer Administration in October of 2008, and is one of less than 1,000 individuals worldwide who hold this credential. She has been featured twice in the Volunteer Management Report publication, and presented at the National Healthcare Preparedness Evaluation and Improvement Conference in Washington, D.C. in July of 2009, and the Public Health Preparedness Summit in Atlanta, GA in February 2010. She recently earned licensure as an EMT-B, and will begin work on a Masters in Public Safety Administration in August.

July 14, 2010 Quarterly Conference

On July 14th, we held our second Quarterly Conference at the Francis Tuttle Bruce Gray Center, 3500 NW 150th St., Oklahoma City, OK 73134. The conference focused on the "Chemical and Transportation Sectors", which are 2 of the 18 Critical Infrastructure and Key Resource (CI/KR) sectors established by the U.S. Department of Homeland Security (DHS).

Chemical and Transportation Sector Conference Agenda

8:00-8:30am Registration

51 IOMA members and guests registered the day of this event

8:30-8:50am Welcome and Opening Comments

Ken Ontko, IOMA President, welcomed those in attendance; following a brief review of the facilities and emergency exits, Ken asked Linda Baggett to come to the podium and she was recognized for all the work she did in preparation for the event.

Linda Baggett Award

Assistant Special Agent in Charge of the Oklahoma FBI Office, Greg Melzer, acknowledged the FBI's commitment to InfraGard, explaining the value of the information his office receives from our members; ASAC Melzer expressed his appreciation for the contributions from the InfraGard officers, board and others involved in the planning and preparation for this event.

Ken Ontko introduced Martin Rojas.

Martin & Ken

8:55-9:50 am Martin Rojas - VP of Security, American Trucking Association

Presentation: Trucking industry security/Information sharing update: An overview of current ATA Industry security standards and trends

Martin provided a view of the challenges associated with establishing and ensuring that appropriate security measures are in place to protect drivers and to classify the categories of freight being transported across the U.S. He explained that 80% of U.S. communities depend solely on trucking industry deliveries.

Bio: Martin Rojas serves as Vice President for Security and Operations at the American Trucking Associations ("ATA"). Prior to his present job he was Executive Director for Safety, Security and Operations since 2004 and Director of the Office of Customs, Immigration and Cross-Border Operations since 1999 at ATA. He joined ATA in 1996 as its Director for International Affairs. Established in 1933, ATA is the national trade organization representing the interests of the U.S. trucking industry. His primary duties are to coordinate ATA's security related policies and activities impacting the trucking industry, focusing on making the movement of trucks throughout North America as safe, efficient, effective and secure as possible. He served as the first Chair of the Highway and Motor Carrier Sector Coordinating Council ("SCC") established by the Department of Homeland Security ("DHS") and served as an industry representative to the Subcommittee on Transportation of the Commercial Operations Advisory Committee ("COAC") designing the Customs - Trade Partnership Against Terrorism ("C-TPAT") and the Free and Secure Trade Program ("FAST"). He has been active in the implementation of various security and trade programs including background-check programs, such as the TWIC and for Hazmat Endorsements, the Bioterrorism Act, Air Cargo Security, Trade Act requirements, among others. Mr. Rojas works closely with ATA's private sector counterparts in both Canada and Mexico in improving cross-border operations throughout North America, and in finalizing the implementation of the North American Free Trade Agreement ("NAFTA"). He also serves as ATA's representative before the International Road Transport Union (IRU), based in Geneva, Switzerland. Prior to joining ATA, Mr. Rojas worked since 1992 for the U.S.-Mexico Chamber of Commerce representing and developing positions for private sector interests towards the implementation of NAFTA. Mr. Rojas holds a BA in International Affairs and a Masters in Public Administration, both from the George Washington University in Washington, D.C.

10:00-10:50 am Steve Niswander - VP Safety Policy and Regulatory Relations, Groendyke Transport, IOMA Member

Steve Niswander

Presentation: Hazardous Materials Security in the Tank Industry (shipper & consignee), in the Chemical Sector Steve took a deeper dive into the risks and threats associated with transporting hazardous materials, including the regulations and standards that must be observed to avoid mixing volatile combinations in the same shipment. He also pointed out the danger associated with improper cleaning and maintenance of transport container trailers and what can happen if improper maintenance allows leakage between compartments.

Bio: Steve Niswander grew up in Ohio and came to Enid Oklahoma in 1967 in the United States Air Force stationed at Vance Air Force Base. He graduated from Phillips University in 1975 with a BS in Business Management and Economics and has been employed at Groendyke Transport for over 32 years in the Safety arena, the last 17 years as Vice President of Safety for Groendyke. Steve is a member of the American Trucking Association, currently the Chairman of the Hazardous Material Committee. He is also a member of the National Tank Truck Carriers (NTTC), having served as Chairman of the NTTC Safety Management Council and over the past 5 years has been Chairman of the Tank Truck Rollover Committee. For the past 25 plus years a member of the Commercial Vehicle Safety Alliance and have served on the Hazardous Material Committee the entire time, also the past chairman of the Industry Advisory Committee at CVSA. Steve has been the past chairman of the Oklahoma Trucking Association and twice Chairman of the Oklahoma Safety Management Council. For the past 5 years he has served on the Committee for the "Transportation of Hazardous Materials in the United States" under the direction of the Transportation Research Board appointed by the National Academies and have just been appointed to the HM-13 Project Panel on "Cargo Tank Rollover Factors, Prevention, and Mitigation", by the Transportation Research Board. Steve is also a member of American Transportation Research Institute (ATRI), Research Advisory Committee (RAC) and has served on the Industry Advisory Committee of the American Law Firms Association.

10:55-Noon - T.W. Shannon - Oklahoma State House of Representatives, 51st Legislature

T.W. Shannon

Presentation:Oklahoma Transportation Update TW Shannon provided a transportation update that was Oklahoma centric, and addressed transportation funding, critical infrastructure updates, and recent funding increases to deal with the aging and failing roads and bridges. He reviewed the legislative budgeting process and the challenges associated with the Transportation Committee, which he chairs.

Bio: T.W. Shannon is a Business Consultant, a graduate of Cameron University, with a B.A. in Communications and has a Juris Doctorate from Oklahoma City University. He is a 6th generation Oklahoman and 3rd generation Lawtonian. T.W. is an enrolled member of the Chickasaw Nation. He is a former Congressional Staffer having worked for U.S. Representatives JC Watts and Tom Cole.

Noon-1:30pm Lunch

1:30-2:25 pm - Rod Fulenwider - Managing Director, Pinkerton Consulting and Investigation, Member of InfraGard, South Texas

Rod Fulenwider

Presentation: "2010 Transportation Security" Product/cargo theft, profile of perpetrators, and analysis of transportation best practices

Rod Fulenwider detailed out the current threat environment facing the trucking industry in general, including sabotage, insider threats, and load theft. He also addressed how to go about analyzing the transportation security vulnerabilities for our organizations.

Bio: Rod Fulenwider is the Managing Director for the South Central Region of Pinkerton Consulting and Investigations. Prior to Pinkerton he was the Sales Director for RCI Safe Solutions (specializing in creating custom Loss Prevention and Safety Awareness Programs). Rod has also served as Vice President of Operations for INEX Worldwide (Homeland Security Company) and as Division Security/Investigations Director for Loomis Fargo (cash handling, investigations, risk avoidance, claims management). Prior to Loomis Rod was the Corporate Director of Loss Prevention for Blockbuster Entertainment (responsible for internal investigations, LP for franchise stores, distribution/supply chain, RFID, EAS, CCTV, safety policies and security procedures for stores and distribution center, executive security, disaster recovery and workplace violence). Rod was a Regional Asset Protection Manager for Sears in Ohio, West Virginia and Michigan. Prior to his time with Sears Rod was also the first Corporate Security Manager for Exel Logistics focusing mostly on internal and external theft both domestically and abroad. His start within the Loss Prevention profession began as an Assistant LP Manager for Neiman Marcus Direct investigating internal theft, credit fraud, mail fraud, and supplier / vendor diversion as well as performing loss prevention functions for Neiman Marcus outlet stores. Prior to moving into the corporate world he worked as an Adult Probation Officer for the State of Texas and he also served seven years in the United States Navy. Rod has a BS in Criminal Science and a Masters in Professional Development. Rod has been involved with the International Cargo Security Council (served as the Retail Chair while at Blockbuster), National Retail Federation, National Safety Council, American Society of Safety Engineers and the American Society of Industrial Security. He also helped to co-found the Alliance Security Group (a group of dedicated loss prevention and law enforcement professionals in North Fort Worth. Rod has written and produced one book (A Manager's Guide to Workplace Violence Prevention) and several articles for professional periodicals. Rod is also a graduate and alumni of the FBI Citizens Academy. He has been married since 1984 and has two daughters. Rod has attended Oklahoma Baptist University, National University and Amberton University.

2:45-3:45 pm - Mike Ray - Regional Response System Coordinator, Oklahoma Office of Homeland Security

Mike Ray

Presentation: Oklahoma Regional Response System

Michael Ray finished up the event, speaking on the subject of regional response units, including technical rescue, decontamination, foreign animal disease decontamination, and CBRNE (Chemical, Biological, Radiological, Nuclear, and Enhanced explosives threats).

Bio: Mike began his career in firefighting in Louisville, KY before joining the Tinker AFB Fire Department where he advance through the ranks, progressing from Firefighter, Driver, Captain then to upper management as Shift Commander and Chief of Training before retiring as Director of Special Operations. During his 25 year career at Tinker, he was a member of the AF Inspector General's office as an Evaluator and Coordinator for Disaster Training Exercises. Mike worked for Oklahoma State University Fire Service Training where he taught Hazardous Material Technician courses. Mike is a nationally registered EMT and EMS Instructor for Oklahoma State. Mike has a Bachelors degree in Human Resource Management from Southern Nazarene University. He did post-graduate work at Langston University. He has also completed numerous Fire Science-related courses from OSU. Mike currently works for the Oklahoma Office of Homeland Security Office at the Regional Response Coordinator. He is responsible for overseeing 107 Regional Response Units that range from different disciplines to include CBRNE, RESCUE, Decontamination, Bomb Squads, Emergency Medical and Agriculture Units.

3:45-4:00pm Closing Comments and Adjournment

June 2, 2010 Meeting

On June 2nd, our meeting was held in OKC at the Symposium Conference Room of the Presbyterian Health Foundation (PHF) Conference Center; and was broadcast via video conference to our Satellite Organizations at OSU Tulsa and to our newest Satellite at Western Oklahoma State College in Altus. The presentation addressed "Commercial Facilities Protection Efforts", which is 1 of the 18 Critical Infrastructure and Key Resource (CI/KR) sectors established by the U.S. Department of Homeland Security (DHS).

Ken Ontko opened the Meeting and introduced the speaker

Ken opened the meeting

Our speaker was Mr. Glenn Moore, who is the United States Department of Homeland Security's (DHS) Protective Security Advisor for the Oklahoma district and has been serving in this role since 2005. Glenn represents US DHS in Oklahoma, serving as a liaison and fostering cooperation between DHS, the private sector and federal, state, local and tribal entities in coordinating the efforts to reduce the risk to our critical infrastructures and key resources posed by acts of terrorism, as well as enable national preparedness, timely response and rapid recovery in the event of an attack, natural disaster or other emergency.

May 19, 2010 Joint Meeting with ISSA and Special FishNet Sponsored Event

Our May 19th meeting was held at the Skirvin before the kick-off of FishNet Security's Oklahoma City Enterprise Security Solutions Summit. There was a brief and informal membership meeting, together with the Information Systems Security Association (ISSA) OKC chapter.

The ES3 agenda is shown below:

9:30 - 10:00 AM: Breakout Session 1

Compliance Track: Data Attack Anatomy - Stopping Bad Guys / Satisfying Auditors with Pragmatic Database Security

Efficiency Track: Network Operating Systems & Central Management

Risk Track: Security in a Virtualized World

10:15 - 10:45 AM: Breakout Session 2

Compliance Track: Staying the Course in a Sea of Change

Efficiency Track: Anytime, Anywhere, Consistency, Efficiency, Accuracy - A Moving Target

Risk Track: Anatomy of a Breach: Hydraq Highlights)

11:00 - 11:30 AM: Breakout Session 3

Compliance Track: The New Thinking on Security and Compliance

Efficiency Track: Riverbed WAN Optimization Solutions

Risk Track: Increasing Operational Efficiency While Reducing IT Costs

1:00 - 1:30 PM: Breakout Session 4

Compliance Track: Shared Administrative and Embedded Application Passwords - How to Secure, Effectively Manage, and Meet Compliance Requirements

Efficiency Track: Palo Alto Enterprise 2.0 & Network Security - Regain Control of your Network & Safely Enable E2.0 Applications

Risk Track: CheckPoint;

1:45 - 2:15 PM: Breakout Session 5

Compliance Track: FishNet Security

Efficiency Track: FishNet Security

Risk Track: FishNet Security / Emerging Threats

2:15 - 2:45 PM: Sponsor Exhibits Open

2:45 - 4:00 PM: C-Level Industry Panel (Keynote)

April 27, 2010 Special Event

Our April 27th meeting was a joint meeting with the Industrial Security Awareness Council (ISAC) of Oklahoma and was co-sponsored by Rose State College, the Oklahoma Small Business Development Center and by Hobby Lobby.

This was a Security Awareness Conference focusing on the Defense Industrial Base. The presentations included:

  1. Intellectual Property Protection (Speaker: Kevin Swailes, Global Security Director, General Electric);
  2. Economic Espionage (Speaker: Brett Kingstone, Founder, Super Vision);
  3. Regulatory and Compliance Updates (Speaker: Rick Dakin, Co-Founder, Coalfire Systems, Inc.);
  4. Iran and the Western World, (Speaker: Reza Safa, Founder, Harvesters World Outreach); and
  5. Cyber Threats and Attacks (Dan McWhorter, Director of Education, Mandiant).

Too bad, if you missed this one, because every speaker was outstanding and kept us on the edge of our seats throughout the day. Below are some candid photos from each presentation.

Kevin Swailes on Intellectual Property Protection

Kevin ailes on Intellectual Property Protection…

Brett Kingstone on Economic Espionage

Brett Kingstone on Economic Espionage…

Ken Ontko, Rick Dakin

Ken Ontko introducing Rick Dakin from Coalfire Systems and Rick delivers on Regulatory Compliance updates…

Reza Safa covered the spectrum of differences between Muslim and Christian beliefs

Reza Safa covered the spectrum of differences between Muslim and Christian beliefs…

Dan McWhorter covered the "ins and outs" of Cyber Threats and Attacks with examples of each

Dan McWhorter covered the "ins and outs" of Cyber Threats and Attacks with examples of each…

April 7, 2010 Annual Meeting

April 7th was our Annual meeting, during which we held nominations for and election of InfraGard Officers and Board members. Nominations Committee Chair, Joe Calvery, explained the nominations and voting processes. Having received no new nominations for Officers or Board members prior to the meeting, we asked for nominations from the floor. There being none, it was moved and seconded that we elect all candidates by acclamation. This motion carried and we now have a renewed slate of Officers and Board members for the 2010-2011 year.

IOMA Officers
President Ken Ontko
President Elect George Lewellyn
Vice President Marian Millican
Secretary Delpha Goodman
Treasurer John Schlichting

IOMA Board
Member Dennis Beyer
Member Joe Calvery
Member Mark Gower
Member Mark Hogan
Member Girard Jergensen
Member Barbara McCrary
Member Cynthia Shackelford
Member Jayson Street
Member Kevin Turner
Member David Williams

IOMA FBI Coordinators
Special Agent Martha Justice
Special Agent Jimmy Looney (Tulsa)

Past Presidents
Dan Biby
Jim Sehon
Van Schallenberg

IOMA Sector Chiefs and Deputies
Agriculture and Food Dr. Leslie Cole, DVM
Banking and Finance Elaine Dodd
Deputy John Quinton
Communications Van Schallenberg
Dams Tommy Parker
Defense Industrial Base Britt Morrison
Emergency Services Dan Biby
Deputy David Williams
Health Care and Public Health Ed Kostiuk
Transportation Andy Walker
Transportation Andy Walker
Water Mark Hildebrand
Deputy Monte Hannon

Following the elections, Lacey Callahan, Assistant Public Affairs Coordinator for the Oklahoma Office of Homeland Security, provided an overview of their "Red Dirt Ready" initiative, which is designed to help Oklahomans get prepared for any emergency.

Lacey Callahan

Lacey Callahan presenting "Red Dirt Ready" campaign details to the OKC and Tulsa members and guests.

Following Ms. Callahan's presentation, Special Agent in Charge (SAC) of the Oklahoma FBI office, James Finch, made an impromptu presentation and awarded "certificates of appreciation" to the outgoing (and in this case returning) IOMA Officers.

Ken Ontko thanking Lacey for her presentation

Ken Ontko thanking Lacey for her presentation (left). SAC James Finch expressing his appreciation to the group (right).

James Finch thanking Treasurer, John Schlichting

SAC James Finch thanking Treasurer, John Schlichting (left) and Secretary, Delpha Goodman (right).

SAC James Finch thanking Vice President, George Lewellyn

SAC James Finch thanking Vice President, George Lewellyn (left) and President, Ken Ontko (right).

March 3, 2010 Monthly Meeting

We started the meeting with brief introductions of Officers and Board members present, followed by introductions of the members and guests present in OKC and Tulsa.

Our speaker was Mr. Mike Bower, Director of Emergency Management for Midwest City. Mr. Bower's presentation focused on the Emergency Response Guide and related activities. Mike has been Involved In Emergency Services for 37 years. He spent 31 Years as a firefighter serving as Midwest City Fire Chief for 16 years, before retiring in 2004. Since retirement, he has served as Director of Emergency Management for Midwest City and serves on several emergency management and homeland security committees. He is the past chairman of the Central Oklahoma UASI (Urban Area Security Initiative), Region 8 Homeland Security Council, Governors Committee on Interoperability, Vice Chair of Oklahoma County LEPC (Local Emergency Planning Committee), Vice Chair of Council on Fire Training, and Chairman of Oklahoma Emergency Management Training Committee.

Pictures from the March 3, 2010 Meeting

Speaker, Mike Bower, presenting to OKC and Tulsa members and guests. Ken Ontko expressing IOMA's appreciation for Mike's presentation and for the Emergency Response Guides he provided to the group.

February 3, 2010 IOMA Monthly Meeting

The meeting started with a brief introduction of Officers and Board members present, which was followed by introductions of the members present in OKC and Tulsa.

Following the introductions, a short summary of the IOMA Board Annual Planning meeting was discussed, including a review of the meeting schedule planned for the next 15 months.

Wednesday, March 03, 2010 Chemical/Emergency Services
Wednesday, April 07, 2010 April General Membership Meeting and Election of Officers and Board Members
Tuesday, April 27, 2010 Defense Industrial Base Sector
Wednesday, May 19, 2010 Joint Meeting with ISSA -- HD Moore scheduled to present, among others
Wednesday, June 02, 2010 Commercial Facilities
Wednesday, July 14, 2010 Transportation & Chemical Sector
Wednesday, August 04, 2010 Health Care & Privacy
Wednesday, September 01, 2010 National Monuments & Icons
Wednesday, October 06, 2010 Cybersecurity Month
Wednesday, November 03, 2010 Nuclear Facility
Wednesday, December 01, 2010 Banking & Finance
Wednesday, January 05, 2011 Year in Review
Wednesday, February 02, 2011 Education
Wednesday, March 02, 2011 Agriculture & Food
Wednesday, April 06, 2011 Annual Membership Meeting

The topic for our February monthly meeting was the "Critical Manufacturing" sector, one of the 18 Critical Infrastructure and Key Resource (CI/KR) sectors established by the U.S. Department of Homeland Security (DHS).

Our speaker was Josha D. Jordan, from the U.S. Department of Homeland Security (DHS) Office of Infrastructure Protection (IP) at DHS Headquarters in Washington, DC.  Josha is in the newly formed Critical Manufacturing Sector-Specific Agency, where he serves as the main contact for intergovernmental programs within the sector.

He is responsible for coordinating sector site visits to Manufacturing partners, identifying information and assets within the sector for the DHS Critical Foreign Dependencies Initiative, Tiering of Level 1 and 2 Critical Manufacturing Sector facilities, and infrastructure information as it relates to sector taxonomy. Mr. Jordan also serves as the sector Protective Security Advisor liaison for vulnerability and risk assessments throughout the country.

Josha provided an introduction to the Critical Infrastructure/Key Resource (CI/KR) sectors, which was followed by a Critical Manufacturing sector specific presentation.

Josha Jordon Presentation

Josha Jordan presenting overview of the 18 Critical Infrastructure and Key Resource (CI/KR) sectors.

Feb Critical Manufacturing 

OKC InfraGard members during the February monthly meeting.

Josha Jordon QuestionsA

Josha Jordan taking questions after his presentation.

January 6, 2010 IOMA Monthly Meeting

The topics for our January monthly meeting included a FBI Counterintelligence Presentation and a Review of Our 2009 Activities -- followed by a Discussion of Planned activities for 2010.

Our speaker was Supervisory Special Agent, Trey Resolute, the new supervisor of the Oklahoma City FBI Field Intelligence Group, Trey reviewed a series counterintelligence activities and several case histories.

Afterwards, Special Agent Martha Justice (our FBI InfraGard Coordinator) and Ken Ontko, IOMA Chapter President, provided an overview 2009 InfraGard activities and lead a discussion of future considerations for 2010.

This was followed by a request for comments and suggestions from the members present for ideas about future meetings, in preparation for our annual InfraGard Board planning session on scheduled for January 27th.

Special Agent Martha Justice, IOMA FBI Coordinator and Ken Ontko, Chapter President, reviewing 2009 events and activities.

Special Agent Trey Resolute, FBI Supervisor, Field Intelligence Group, reviewing counterintelligence activities -- our Tulsa Satellite organization connected via OneNet's video conferencing facilities can be seen in the screen on the left.

IOMA members listening during the review of 2009 chapter activities, from the Symposium Room of the Presbyterian Health Foundation Conference Center.

December 2, 2009 IOMA Monthly Meeting

Our December meeting was held at the new Presbyterian Health Foundation (PHF) location, at 655 Research Parkway, Oklahoma City, OK 73104, which is on Lincoln Boulevard between 10th and 8th Street. The PHF Conference Center is located on the first floor of the 655 Research Parkway facility (shown below with a redX). Short-term parking (less than 2 hours) is available in various locations around the Research Park area and longer-term parking is available on the upper level(s) of the parking garage.

The meeting began by recognizing our newest sponsors who are enabling us to implement and enjoy our new meeting format and venues. We can now reach more members statewide during our regular monthly meetings.

We broadcast the meeting from the PHF Conference Center to our first Satellite Organization at OSU Tulsa, 700 N. Greenwood Ave., Tulsa, OK 74108. The OKC and Tulsa locations were linked courtesy of the Oklahoma State Regents for Higher Education through the use of OneNet's video conferencing system. This will be our venue for the next four months and we have at least two and possibly three more Satellite locations that have expressed an interest in participating so far.

These meeting venues and the ability to reach out to other locations in Oklahoma during our monthly meetings have been made possible by the following new Sponsors:

Oklahoma State Regents for Higher Education and OneNet: Platinum
Presbyterian Health Foundation: Platinum
Oklahoma State University Tulsa: Gold
Francis Tuttle Technology Center - Bruce Gray Center: Gold

Following a round of brief introductions of our members present in OKC and Tulsa, we proceeded to introduce our speaker and turned the meeting over to him to tell us all about flood controls in Oklahoma.

The Critical Infrastructure theme for December was "Dams" and this month's presentation focused on Oklahoma's Small Watershed Flood Control Program.

Our speaker was Mr. Robert W. Toole, CPESC, CAE, Conservation Programs Division Director, Oklahoma Conservation Commission. Mr. Toole has 10 years of experience with the Oklahoma Conservation Commission, during which he served six years as the Assistant Director of the Oklahoma Conservation Commission. Prior to returning to the Oklahoma Conservation Commission, Mr. Toole worked 14 years for the National Association of Conservation Districts as a Regional Representative for Member Services and then as a Director of Leadership Services. Mr. Toole is a native Oklahoman, born and raised in Mangum, in southwest Oklahoma; and he graduated from Oklahoma State University with a Bachelor of Science degree in Zoology.

Mr. Toole provided a thorough and educational view of the Small watershed Flood Control Program throughout Oklahoma and he fielded several questions from the audience.

Following his presentation, Mr. Toole was awarded with a letter of appreciation from the FBI and InfraGard signed by James Finch, Special Agent in Charge of the Oklahoma City FBI regional office.

There were a few general topics discussed related to planning for future meetings, including the topic for January 6, 2010, which will be the year in review (2009) and planning for meetings and conferences in 2010.

Below are a few photos taken by Dan Biby, past InfraGard President and current Sector Chief for the Emergency Services sector.

Dec-09 Speaker Introduction

InfraGard chapter President Ken Ontko introducing guest speaker, Mr. Robert Toole, Conservation Programs Division Director, Oklahoma Conservation Commission.

Photo of PowerPoint slide on projection screen during presentation.

Dec-09 OKC Venue at lunch

Photo of OKC venue during lunch.

Dec-09 Tulsa venue at lunch

Photo of the OSU Tulsa venue on the video conference screen during lunch.

Photo of award to guest speaker Mr. Robert Toole in appreciation for his presentation.

November 4, 2009 IOMA Monthly Meeting

The Critical Infrastructure theme for November was "Water Resources"; and our guest speaker was Ms. Monty Elder from the Department of Environmental Quality.

Presentation Synopsis: 3.5 million people are served by public water supply systems in Oklahoma. Providing water, which supports the health of citizens and enables communities to provide fire protection, are critical functions of water treatment plants. Ms. Elder discussed the requirements for physical security at water treatment plants, along with the methods and processes for treatment of water, prior to delivery as a barrier to dispersal of agents.

Bio: Ms. Elder worked in the field of chemical safety, preparedness, planning and response for over 18 years. She is currently the Chair of the Oklahoma Hazardous Materials Emergency Response Commission, coordinating the efforts of state agencies, industry and first responders to plan for response to chemical incidents in Oklahoma. She directs the emergency planning, training and exercising for all 77 Local Emergency Planning Committees in Oklahoma. Ms. Elder is also the emergency response coordinator for the Oklahoma Department of Environmental Quality. In that position, she directs the Department's response to chemical accidents which impact public health and the environment. Her experience includes development of training materials for first responders, review of site security at chemical facilities, management of toxic chemical information, development of policy for remediation of chemical spills and preparation of county chemical hazard analysis. Ms. Elder also has wide experience with public outreach and risk communication involving hazardous chemicals. She served from 2003 through 2006 as the DEQ media spokesperson. Ms. Elder kept Oklahoma citizens informed about the impacts of hazardous chemicals in the community. She developed the risk communication strategy for the Department. During her service to DEQ, she has facilitated hundreds of public meetings covering a broad range of controversial issues surrounding hazardous chemicals including Superfund site clean-ups and chemical facility permitting. She has authored several professional articles on the process of public involvement and risk communication.

October 7, 2009 IOMA Quarterly Conference Summary

October is National Cyber Security Awareness Month

Brian Tillett Enterprise Security Strategy View 2010+: An overview of the Internet Security Threat Report and Symantec's Global Footprint to develop an Information Centric and Risk Based Security Strategy. Focus will be on where the worst case security threats exist and how to filter down to the right tools to address those areas.

Mr. Tillett, Symantec National Security Strategist, joined Symantec in early 2008 as a Public Sector Security SE Specialist. Prior to Symantec, he was the Federal Systems Engineer for Vericept Corporatio; becoming well versed in the Data Loss Prevention product space. He spent 5 years with SecureLogix Corporation, as a Systems Engineer and Federal Technical Director for their suite of voice security products. Brian's career began in the USAF, including assignment to the AF Pentagon Communications Agency, working for HQ USAF, Joint Chiefs of Staff, Ballistic Missile Defense Organization, and Office of Secretary of Defense; and continues to maintain a DoD Top Secret Clearance.

Kevin Turner -- Security in a Virtualized World:

Virtualization is taking the computer industry by storm (again). What is it and what can it do for you? If it was so great, why did it go out of style the first time? What can it do TO you and your environment? Learn the truths about virtualization, the virtual layer, and what it takes to secure your virtual environment.

Mr. Tuner is the Information Technology Manager for American Bank Systems, Inc., with primary duties related to managing the technology infrastructure. He has been an infrastructure technology architect for the last six years, with fifteen years of industry experience. His education background includes more than a dozen IT related certifications from Microsoft, Cisco, (ISC)2, ISACA, EC-Council, and CompTIA. He is a member of the Information Systems Audit and Control Association, a board member of InfraGard Oklahoma Members Alliance, and President of the OKC chapter of the Information Systems Security Association.

Tim Elrod -- Fuzzing FTW: In today's world security researchers use many tools to discover security vulnerabilities—everything from static analysis of disassembled code to Arbitrary Use cases that look for logic flaws. One of the more popular ways to find security vulnerabilities is by the use of a fuzzer. In this talk we will discuss what a fuzzer is and more importantly what a fuzzer is not. How to employee fuzzers to find security vulnerabilities and what advances have been made in fuzzer technology.

Tim "ri0t" Elrod, Founder, Ri0tnet Security; Mr. Elrod has been an Information security professional for over 7 years but his passion for information security began when he first attached a 300 baud modem to a Commodore 64 and began this wild ride. He is the founder of Ri0tnet Security an independent research company that focuses on vulnerability discovery, penetration testing, and reverse engineering. He is also a member of the Bastard Labs Vulnerability Research Team as well as the OKC2600 and a regular speaker at the DC405. He has found and exploited vulnerabilities in most major network operating systems including AIX, HPUX, Tru64, Linux, and Microsoft Windows as well as many enterprise software packages. Mr. Elrod is an open source advocate and a contributor to the Open Source Vulnerability Database and the Metasploit Exploitation Framework as well as many other open source projects. He was co creator of the DISE port scanner, as well as many other open source hacking tools.

Sean Satterlee -- WIFI Insecurities: "Open WiFi? Don't be THAT stupid. The dangers of using open WiFi and threat mitigation in the event you can't avoid it."

Sean (0hm) Satterlee, DC405, okc2600, Vegas 2.0… Mr. Satterlee is an Open Source Vulnerability Database (OSVDB) contributor, Founding Member of the developer group DC405 focusing on creating software and web applications, Producer of Security Binge, Organizer for EFF Summit @ DEFCON, Panelist/Instructor for ISSA-OKC, and Information Security Professional in the OKC area.

Jayson E. Street -- Stratagems of Social Engineering: Practicing the Art of Deception

Mr. Street has created and conducted security awareness training for a major Internet bank and has created security policies and procedures currently used by several companies. He has also created and taught a three day training course on Intrusion Detection Systems for an undisclosed government agency in Washington D.C. He has consulted with the FBI on attempted network breaches which resulted in the capture and successful prosecution of the criminals involved. In 2007 he consulted with the Secret Service on the WI-FI security posture at the White House. He has also spoken at several colleges and organizations on a variety of Information Security subjects. He has been interviewed by Forbes and Scientific American regarding research on the issue of cyber-warfare as it relates to China and their preparedness for an online war. He was an expert witness in two cases involving the RIAA, the declaration was on Slashdot and other websites. Mr. Street is on the SANS GIAC Advisory Board; a current member on the board of directors for the Oklahoma "InfraGard"; a member of the "OSVDB"; an officer for the Oklahoma City ISSA; a longtime member of the "SNOsoft" research team. He has not only adapted to new and emerging technology, but has learned quickly to integrate security technologies into an existing infrastructure.

Nathan Keltner -- Review of a Data Breach: The Heartland Payment Systems Breach 10 Months Later:

What we now know, and what we can learn to ensure security of high priority targets. In this presentation, we will walk through the history of the breach, the arrests, the anatomy of the hack, and the defenses we should all have in place.

Mr. Keltner has more than five years of experience conducting vulnerability assessments, penetration tests, Web application assessments, IT audits, PCI readiness and remediation assessments, and exploit development on the Windows platform. Leading engagements for Grant Thornton out of the Tulsa, OK office, his primary responsibilities relate to understanding risks associated with external and internal attackers. He is familiar with various offensive and defensive strategies related to network security, and frequently speaks on such topics to local and international organizations.

Rick Dakin -- Coalfire Systems, Inc.:

A Review of the Common Compliance Strategies Related to Emerging Data Privacy Laws in the Critical Infrastructure Sectors As President and Senior Security Strategist, Dakin provides strategic management IT security program guidance for Coalfire and its clients. As Coalfire's Senior Security Strategist, he is actively involved in helping clients develop balanced approaches for effective IT governance and regulatory compliance programs. Mr. Dakin's experience results from more than 25 years in senior management with leading IT firms.

Mr. Dakin combines an in-depth knowledge of IT controls with a comprehensive understanding of organizational needs and the rapidly emerging legislation affecting information technology. He is recognized nationally as a leader in IT risk management and information security solutions for regulated market sectors. He presents regularly to regional and national audiences on IT security solutions meeting privacy and confidentiality requirements for legislation covering financial services, healthcare, government and public corporations. Mr. Dakin currently serves as President of the FBI's InfraGard program, Denver chapter, and he is a member of a committee hosted by the U.S. Secret Service and organized by the Joint Council on Information Age Crime. He is a graduate of the U.S. Military Academy at West Point, and he received an M.B.A from the University of Oklahoma.

September 2, 2009 IOMA Monthly Meeting Summary

Our Critical Infrastructure theme for September was the Postal and Shipping sector. our guest speakers for September were Mr. Paul Boyd and Mr. Charlie Thigpen, both of whom are Postal Inspectors. They represented the Postal and Shipping Critical Infrastructure sector, as they discussed topics related to mail fraud, business capabilities, white powder mailings and other important issues related to this sector. This was an excellent opportunity to hear first hand about what happens behind the scenes within the Postal Service.

August 5, 2009 IOMA Monthly Meeting Summary

Focus: Defense Industrial Base Sector

The meeting opened with some announcements and discussions.

Speaker:

Tom Boyd is the Northrop Grumman Site Security Lead at Tinker Air Force Base (TAFB) in Oklahoma. Tom has a 23 year career in DoD Security; including priority resources protection, as well as physical, personnel, information, industrial, computer and special programs security disciplines.

Topic:

Tinker AFB: Mission Overview Briefing (Unclassified).

Abstract:

Tinker AFB facilitates the defensive posture of the United States as the largest intermediate jet maintenance facility in the world and as host to the Oklahoma City Air Logistics Center (OC-ALC); the largest of three in use by the USAF today. Over 28 thousand active, retired, and civil service employees support the heavy maintenance functions of the B-1, B-52, KC-135, KC-10, E-3, and E-6 aircraft in a facility comprising 5020 acres, 732 buildings, and 15.5 million square feet of indoor and ramp space. This environment leverages shared location and defense missions to maximize resources and minimize costs while supporting the operational missions of the USAF, USN, and several DoD agencies. Further, Tinker AFB supports over 40 thousand retirees who rely upon its base services; including medical, commissary, and recreation.

Discussion:

Tinker AFB incorporates the missions and responsibilities of several organizations.

Q&A:

Question: What is the likelihood of Tinker AFB closure?

Answer: There were five Air Logistics Centers; there are now three. Tinker AFB has acquired additional workloads and missions from other installations that have been closed or realigned from previous BRAC initiatives, bolstering its contributions to national defense.

Question: Who are eligible recipients for DRMS (Defense Reutilization and Marketing Service)?

Answer: DoD Service components, Federal, State and local Govt., Non profits and individuals at public auction.

Question: What role does Northrop Grumman play at Tinker AFB?

Answer: Northrop Grumman provides software development, software maintenance, hardware sustainment and Performance Based Logistics support for the B-2A Spirit, Stealth Bomber.

The meeting closed with a discussion of IOMA Sector Chiefs.

July 1, 2009 IOMA Quarterly Conference Summary

Our July quarterly conference on Physical Security was very successful, even though we were competing with the July 4th Holiday and other local events. Congratulations to our conference planning team for a job well done; and to our two speakers for delivering exceptional presentations. Following opening comments by George Lewellyn, IOMA Vice President, Glenn Moore, Protective Security Advisor for the Oklahoma District, U.S. Department of Homeland Security, presented information about a DHS tool designed to help critical infrastructure owners to manage their risk. We then proceeded with the primary programs.

Presentation #1: New Mexico Tech's "Prevention and Response to Suicide Bombing Incidents" (PRSBI)

A Homeland Security sanctioned course presented by John Clark of New Mexico Tech. This 4 hour course is CLEET accredited and provided participants with 4 hours CLEET credit. It addressed both the prevention of and response to suicide bombers; involving 9 steps from intelligence up to and including deadly force.

It was a powerful and direct presentation with serious instruction to deal with the "Not If, but When" of how to protect our school children and the public. There was a short pre-test and post-test administered to assess disseminated knowledge. This presentation was a FOUO(For Official Use Only) with no media or taping without New Mexico Tech and FBI permission. A book was provided as part of the instruction. The New Mexico Tech Web site provides additional information at http://www.emrtc.nmt.edu/training/prsbi.php

Presentation #2: "Courthouse Security"

This Homeland Security course was presented by Gary Berryhill of the U.S. Marshals Service. The 4 hour course was open only to InfraGard members, Law Enforcement and qualified First Responders as a CLEET accredited sanctioned event. Gary addressed physical courthouse security with respect to handling different incident scenarios; appropriately adapted for this event to include all law enforcement and to address the nation's critical infrastructures.

SPEAKER BIOS

John Clark

John has an Associate Degree in Police Science, Bachelor's in Criminal Justice, and is working on a Master's in Emergency Management. He was with Oklahoma City for 30 years. Culminating 27 years as an Oklahoma City Police officer, John retired a Lieutenant working out of the Chief's office as the Emergency Planner where he was the primary trainer and facilitator of the OCPD Emergency Response Team (ERT). Shortly thereafter, he accepted the Director of Emergency Management for Oklahoma City role where his duties included WMD coordinator and counterterrorism officer.

John has served as an adjunct instructor at LSU, University of Arkansas, OSU, and New Mexico Tech. He graduated from the FBI National Academy (161st session). John is now a Lead Instructor at New Mexico Tech and currently teaches two Homeland Security courses; one of which is the Prevention and Response to Suicide Bombing Incidents. John is married and has 5 children and his eleventh grandchild is due in September.

Gary Berryhill

Gary is a Senior Inspector with the United States Marshals Service, Western District of Oklahoma, and serves as the district's Judicial Security Inspector. In that role, he is responsible for the security and protection of the federal judiciary, while on and off the bench. He oversees all off-site protection details for the judiciary and coordinates physical and electronic security measures at the federal courthouses in Oklahoma City and Lawton. Gary is often called upon to conduct residential security surveys for the district judiciary, as well as other federal, state, and local government buildings. In 2005, he was asked to assess the security measures of the Oklahoma State Capitol Building.

Inspector Berryhill has served as the supervisor of the United States Marshals' General Operations Section, which is responsible for courtroom security, prisoner housing and movement in the Oklahoma City Federal Courthouse, as well as all prisoner movement involving the Western District of Oklahoma. A native of Duncan, Oklahoma, Mr. Berryhill served with the Duncan Police Department for 8 years, both as an officer and investigator. He joined the United States Marshals Service in 1990 and holds a Criminal Justice Degree from Cameron University.

June 3, 2009 IOMA Monthly Meeting Summary

Focus: Emergency Services Sector

Following opening remarks and a round of short introductions from those present at the start of the meeting, there were a few comments and brief discussions with members. We then began the program, which followed a Panel Discussion and Question and Answer format.

Panel:

Dan Biby (IOMA Emergency Services Sector Chief) President, Biby Associates

Mark Gower (IOMA Board) CISO, Oklahoma Department of Human Services

Kevin Turner (IOMA Board) IT Manager, American Bank Systems

Ken Ontko (IOMA President) ISO, Oklahoma Office of State Finance

Moderator: SA Martha Justice, FBI

Topic:

Keeping Your Business in Business: How to Apply Best Practices for Business Sustainability

Abstract:

Businesses must deal with many challenges in order to remain viable in the current economic, social and physical climate. Furthermore, the dynamics of this environment require one to work diligently and continuously to understand and mitigate risk. Whether the threat is a tornado, power outage or a perpetrated act, organizations must stand ready with well-defined and rehearsed plans to protect their mission critical resources.

A primary goal of the Emergency Services Sector (ESS) is to facilitate the linking of first-responder disciplines; including emergency management, emergency medical services, fire, hazardous material, law enforcement, bomb squads, tactical operations/special weapons assault teams, and search and rescue. The ESS seeks to support the first-responder community by serving as a platform for information sharing and interdisciplinary cooperation as they work to protect the lives, safety and security of Oklahomans and the nation with trained and tested personnel, plans, redundant systems, agreements and pacts.

Businesses, especially those serving as critical infrastructure owners, also play an integral role in protecting the lives, safety and security of Oklahomans and the nation. It is therefore equally important for them to have trained and tested personnel, plans, redundant systems, agreements and pacts supporting a Business Continuity Program.

Historically, business continuity programs were preceded by disaster recovery and business continuity plans. The term disaster recovery plan is now considered archaic in that it implies a focus on response and recovery mechanisms. On the other hand, a business continuity plan consists of documents and protocols that emphasize not only event recovery but preparedness and mitigation as well. The idea of a business continuity program builds upon both constructs as it represents an enterprise-wide, long-term program designed to sustain an organization by protecting its mission-critical resources; including people, information, systems and processes.

A business continuity program must deal with physical, technological, personnel and procedural concerns. Its plans should be reviewed and rehearsed regularly to maintain efficacy and currency. In this way the program can be adapted to address risks brought about by changes in the economic, social and physical environment. For example, a weakened economy may contribute to failures of key business partners, Internet connectivity may increase the risk of cyber espionage, or a new highway bridge may be located adjacent to a critical infrastructure.

The methodology of business continuity programs includes training, recovery and mitigation. Training involves walking personnel through defined response protocols, such as employee evacuation drills and IT viral infection drills. Drills serve to reinforce important concepts and processes. For example, it is imperative for staff to know the designated congregation areas and proper methods for checking in so as to avoid unnecessary rescue operations in the event of an evacuation.

Recovery involves response mechanisms designed to curtail the "hemorrhaging"; getting the people, systems and processes back online as soon as possible. The mechanisms may include the use of redundant systems and sites as well as joint support agreements with other organizations that guarantee the resources necessary for a successful recovery.

Mitigation endeavors to eliminate or reduce the propensity for an event to occur in the first place. To be successful, one must take into account and prioritize geographic and industry considerations. This will involve a Risk Assessment to identify the threats to and vulnerabilities of the organization. It will also include a Business Impact Analysis to determine both the impact and probability of various threats upon the operations of the business. This information may be based upon interviews and statistical analysis. In Oklahoma, organizations must consider the potential physical, financial and psychological impact of tornados, virulent diseases, shooters and cyber events upon their business and employees.

Q&A:

Question: What is the difference between a cold, warm and hot site?

Answer: A cold site is a backup processing facility that provides a basic operational environment, such as power and utilities, but lacks the systems and networks necessary for processing. A warm site is a backup processing facility that provides a basic operational environment along with limited systems and networking in standby. A hot site is a backup processing facility designed to provide a fully operational environment similar to the normal operating environment within a few hours.

Question: How can one prevent staff from experiencing "Chicken Little Fatigue?"

Answer: Chicken Little Fatigue refers to the loss of focus resulting from overexposure to an issue or concern. This may cause people to respond inappropriately or be distracted by inconsequential information. One may circumvent this process by monitoring the "grapevine" for rumors and filtering inaccurate information. One may also launch a communication and education initiative that cites factual information from credible sources and gives employees the tools to access such sources. For example, questions about the 2009 A-H1N1 "swine flu" influenza virus could be directed to the Health Department Web site.

Question: Is there a Business Continuity Program solution that is cheap, fast and good?

Answer: One can have any two of these characteristics but must necessarily sacrifice the third. In other words, if a solution is cheap and fast, it will not be good. If the solution is cheap and good, it will not be fast. If it is fast and good, it will not be cheap. Unfortunately there are no silver bullets; no one vendor. Although business continuity and disaster recovery software may be useful, one must understand that many are primarily inventory keepers with rudimentary risk measurement tools, forms, templates and spreadsheets. Remember the adage, "Garbage In, Garbage Out." One must commit the time and resources to do it well.

A Business Continuity Program is a process, a living document that must be reviewed and updated regularly to reflect and incorporate changes in the business environment. A plan on paper is worthless on its own. It must be backed by a Business Impact Analysis and appropriate testing. This requires a clear understanding of critical business functions and processes, information technology processes, human capital, and one's business partners. For example, a supplier or vendor's weakness represents risk to an organization.

One must also consider intellectual capital. Technology and plans are important but one must have people with the necessary knowledge and skills. Identify backups for critical functions, recognize and resolve deficiencies introduced by exiting and retiring employees, and ensure the safety of all staff. Provide educational and safety materials. Identify education resources and organizations such as the FEMA Citizens Corps; a volunteer organization with emergency response training. Establish and rehearse appropriate event response procedures that create a safer working environment, such as shutting off the power and gas in the event of an evacuation or tornado. Provide personal preparedness kits and safety centers appropriate for a particular environment, such as eye wash centers in chemical usage areas.

Avoid treating a Business Continuity Program as an Information Technology disaster recovery project. Do not assign it to competing functions such as Information Technology and Security. The business leaders must own, be committed to, and fund the process. The focus should be on operational issues with the understanding that this is what will keep their numbers up.

Establish service level agreement (SLA) goals, tied to money, that cover different levels of recovery. Use sales and marketing techniques to communicate needs to management. Justify recommendations with numbers; how much liability, profit loss and risk is the business willing to accept? For example, one may support the purchase of a generator in terms of maintaining the ability to operate in the event of a power outage. A business may also identify employees who have resources which may be useful in an event response scenario, such as four wheel drive and recreational vehicles. Compensation may be given in exchange for volunteering such resources in the event of an emergency.

Finally, a business continuity program is worthless if its plans and procedures can not be accessed. Avoid situations that could deny access to plans, such as a power outage that takes down the business continuity server. Maintain a secure method of distributing such plans to individuals with a need to know.