One of the Department of Homeland Security's (DHS) priorities is the protection of Federal employees and private citizens who work within and visit U.S. Government-owned or leased facilities. The Interagency Security Committee (ISC), chaired by DHS, consists of 53 Federal departments and agencies, has as its mission the development of security standards and best practices for nonmilitary Federal facilities in the United States. As Chair of the ISC, I am pleased to introduce the new ISC document titled The Risk Management Process: An Interagency Security Committee Standard (Standard). This ISC Standard defines the criteria and processes that those responsible for the security of a facility should use to determine its facility security level and provides an integrated, single source of physical security countermeasures for all nonmilitary Federal facilities. The Standard also provides guidance for customization of the countermeasures for Federal facilities.

This second edition of Critical Infrastructure Protection, Risk Management, and Resilience continues to be an essential resource for understanding and protecting critical infrastructure across the U.S. Revised and thoroughly updated throughout, the textbook reflects and addresses the many changes that have occurred in critical infrastructure protection and risk management since the publication of the first edition. This new edition retains the book’s focus on understudied topics, while also continuing its unique, policy-based approach to topics, ensuring that material is presented in a neutral and unbiased manner. An accessible and up-to-date text, Critical Infrastructure Protection, Risk Management, and Resilience is a key textbook for upper-level undergraduate or graduate-level courses across Homeland Security, Critical Infrastructure, Cybersecurity, and Public Administration.

Improvised explosive devices (IEDs) are a type of unconventional explosive weapon that can be deployed in a variety of ways, and can cause loss of life, injury, and property damage in both military and civilian environments. Terrorists, violent extremists, and criminals often choose IEDs because the ingredients, components, and instructions required to make IEDs are highly accessible. In many cases, precursor chemicals enable this criminal use of IEDs because they are used in the manufacture of homemade explosives (HMEs), which are often used as a component of IEDs. Many precursor chemicals are frequently used in industrial manufacturing and may be available as commercial products for personal use. Guides for making HMEs and instructions for constructing IEDs are widely available and can be easily found on the internet. Other countries restrict access to precursor chemicals in an effort to reduce the opportunity for HMEs to be used in IEDs. Although IED attacks have been less frequent in the United States than in other countries, IEDs remain a persistent domestic threat. Restricting access to precursor chemicals might contribute to reducing the threat of IED attacks and in turn prevent potentially devastating bombings, save lives, and reduce financial impacts. Reducing the Threat of Improvised Explosive Device Attacks by Restricting Access to Explosive Precursor Chemicals prioritizes precursor chemicals that can be used to make HMEs and analyzes the movement of those chemicals through United States commercial supply chains and identifies potential vulnerabilities. This report examines current United States and international regulation of the chemicals, and compares the economic, security, and other tradeoffs among potential control strategies.

In today’s litigious business world, cyber-related matters could land you in court. As a computer security professional, you are protecting your data, but are you protecting your company? While you know industry standards and regulations, you may not be a legal expert. Fortunately, in a few hours of reading, rather than months of classroom study, Tari Schreider’s Cybersecurity Law, Standards and Regulations (2nd Edition), lets you integrate legal issues into your security program. Tari Schreider, a board-certified information security practitioner with a criminal justice administration background, has written a much-needed book that bridges the gap between cybersecurity programs and cybersecurity law. He says, “My nearly 40 years in the fields of cybersecurity, risk management, and disaster recovery have taught me some immutable truths. One of these truths is that failure to consider the law when developing a cybersecurity program results in a protective façade or false sense of security.” In a friendly style, offering real-world business examples from his own experience supported by a wealth of court cases, Schreider covers the range of practical information you will need as you explore – and prepare to apply – cybersecurity law. His practical, easy-to-understand explanations help you to: Understand your legal duty to act reasonably and responsibly to protect assets and information. Identify which cybersecurity laws have the potential to impact your cybersecurity program. Upgrade cybersecurity policies to comply with state, federal, and regulatory statutes. Communicate effectively about cybersecurity law with corporate legal department and counsel. Understand the implications of emerging legislation for your cybersecurity program. Know how to avoid losing a cybersecurity court case on procedure – and develop strategies to handle a dispute out of court. Develop an international view of cybersecurity and data privacy – and international legal frameworks. Schreider takes you beyond security standards and regulatory controls to ensure that your current or future cybersecurity program complies with all laws and legal jurisdictions. Hundreds of citations and references allow you to dig deeper as you explore specific topics relevant to your organization or your studies. This book needs to be required reading before your next discussion with your corporate legal department. This new edition responds to the rapid changes in the cybersecurity industry, threat landscape and providers. It addresses the increasing risk of zero-day attacks, growth of state-sponsored adversaries and consolidation of cybersecurity products and services in addition to the substantial updates of standards, source links and cybersecurity products.

"Together we must affirm that domestic terrorism has no place in our society." -President Joseph R. Biden, Jr., National Strategy for Countering Domestic Terrorism (June 2021) National Strategy for Countering Domestic Terrorism (June 2021) conveys the Biden Administration's view of domestic terrorism and strategy on how to deal with it. What is domestic terrorism? As defined by this report, it is based on a range of violent ideological motivations, including racial bigotry and anti-government feeling, and it can take several forms, from lone actors and small groups to violent militias.