On our 10th Anniversary, InfraGard of the National Capital Region (InfraGardNCR) issued it's first Annual Report sharing our numerous accomplishments and programming from 2015. Read our report to find our our efforts to protect our nation's 16 critical infrastructures through improved information sharing.
InfraGard National Capital Region Members Alliance
Annual Report – 2015
3 Letter from Washington Field Office
4 Letter from Your President
5 Letter from Your Coordinators
6 Sharing Information
7 The Vision and Mission of
7 What is Critical Infrastructure?
8 Where are we on information
10 InfraGardNCR Priorities for
12 A year in the making
14 Your InfragardNCR Board FBI
14 Cyber Special Interest Group
16 Membership Report
17 Community Activities and Chapter
18 Information Sharing
19 Membership Contact Information
Dear Members Friends of InfraGard,
As we finalized this Annual Report on our activities to protect our critical infrastructure from attack, the
news is overwhelmed with details, questions, and speculation about the terrorist attack in California
that killed 14 innocents who devoted their lives to caring for people with the San Bernardino County
Department of Public Health.
My heart is heavy and my mind is frustrated – how can the media ask this question?
Meeting after meeting, our Board struggles to develop and provide the resources you need to prevent this, or other even more common attacks, from
reaching your workplace and impacting our way of life. It is such a complicated and difficult task.
Just off the top of my head, this scenario reaches nearly all of the top priorities we have identified to help you protect yourselves:
Insider threat – it seems that Syed Rizwan Farook joined his colleagues at their holiday party, then returned to the party and in a hail of bullets
Active shooter – Syed Rizwan Farook and his wife Tashfeen Malik entered the Inland Regional Center with guns and fired 65-75 rounds of ammunition
at the gathering.
Radicalization – while there are no definitive answers right now on who radicalized whom, the FBI suspects that Malik may have radicalized her
husband to perpetrate this murder. At their home were more weapons and bombs they were unable to use before being killed by law enforcement in a
While we are all prone to believe that “this won’t happen to me” – each of you has signed up for InfraGard to do everything you can to assure it does not.
But that is exceedingly difficult. And it is a heroic, noble, and often thankless job.
the same questions: Why didn’t the FBI know? Why didn’t our government put 2+2 together? How do we assure this does not happen again?
And with that, the mission of our law enforcement partners changed dramatically. Their job was no longer just to catch and convict criminals, terrorists
and other wrong-doers. Their job now was to see into people’s hearts. To find the clues that would identify people like Farook or Adam Lanza (who
killed 26 at Sandy Hook Elementary school) BEFORE they committed their horrific acts.
And, incredibly, our FBI partners do it every day. They find, and foil attacks that we know about and so many more that we do not know about. They do
this under extremely adverse circumstances often being told that they should not use even the most basic tools to combat highly technological, and
While politicians consider curtailing further law enforcement tools and grapple with modernizing the law as fast as technology demands –
YOU are faced, daily, with the realities:
YOU must find the Insider threat.
YOU must prevent and prepare for your workplace to become a bloodbath.
YOU must protect your physical and IT systems from attack.
YOU must find, mitigate, and clean-up damage from cyber attacks.
YOU are the frontline.
We recognize this, and with the deepest respect and gratitude we offer this Annual Report to let you know how we work to support you. In 2016,
WE must overcome the challenges that stymie our ability to prevent our coworkers from being murdered.
WE must rethink our strategies and approaches against a ubiquitous threat that leverages all of today’s technology to terrorize, murder, steal, and
WE must be laser focused on our mission to protect our people and critical infrastructure assets.
WE must work as a team to leverage our knowledge, to use the social media systems WE created to share information, to ask the questions that must
be asked to prevent another attack.
As a member of InfraGardNCR, you have joined this fight.
Your Board, our FBI partners, and many in the nation, thank you. We applaud and encourage you to continue our critical partnership and engage to
Help us work as a coordinated, intelligent, informed team to protect and secure our nation.
Yours in Service,
I just read an ABC headline that
said: FBI Under Fire: Why were
shooters not on FBI’s radar?
Dear NCR members,
2015 has been a busy, productive year for our chapter. Elsewhere in this annual report,
you’ll find a summary of our InfraGard programs for this calendar year as well as
highlights of our growth in membership. In short, we continue to work closely with your
Board of Directors to plan a variety of programs to help you, the owners and operators
of critical infrastructure, add value to your efforts to protect your assets more effectively
and to mitigate physical and cyber threats you face.
We spend a significant amount of our time planning and hosting programs and
processing new member applications. We offered InfraGard briefings this year to
audiences across the region, listed in the diagram among many others. We also
represented the chapter at multiple exercises this year, including a tabletop exercise
focused on a multi-sector response to a food-borne virus, and a comprehensive risk
assessment for a critical data center cluster led by the U.S. Department of Homeland
Security in our area.
We worked with the Board to continue our in-reach series, where experts from our
chapter come into FBI space to teach FBI Special Agents and Intelligence Analysts about
cutting-edge trends that directly affect our cases. This is a significant way in which you,
our members, “share information” with the FBI.
And of course, we serve as your single point of contact with the FBI. Throughout 2015,
we fielded questions and made referrals to colleagues based on a variety of issues you
brought to our attention, to include internet romance schemes, mortgage fraud, potential
acts of terrorism, spear phishing attempts, and apparent cyber intrusions. We encourage
you to reach out to us with any concerns or questions!
In 2016, we look forward to bringing you substantive programming that equips you with
tools to do your job even better. We will continue to recruit appropriate members for our
chapter. We shall maintain our publishing schedule of a weekly e-newsletter to keep you
informed about critical infrastructure intelligence products, open-source news reports,
and upcoming events of interest.
And we ask that you, in 2016, commit to sharing information with each other and with the
FBI. Since this is a founding principle of InfraGard, it’s one of our key areas of focus for
the coming year. You’ll hear more about this topic in the coming weeks – please check
your email for further details from us.
Thank you for being part of the National Capital Region chapter!
Kara Sidener Amylynn Errera
Contact Us InfragardNCR@ic.fbi.gov
Sharing and Analysis
InfraGard briefings this year offered to
audiences across the region
The Vision and Mission of InfraGardNCR
Our vision is to share information to prevent and mitigate any attack against our nation’s critical
Our mission is to develop the platforms, tools and resources for information sharing,
peer-to-peer, between the private sector critical infrastructure owners and operators, and
between the private sector and the FBI.
InfraGard is a partnership between the FBI and the private sector. Our chapter is an association
of persons who represent businesses, academic institutions, state and local law enforcement
agencies, and other participants dedicated to sharing information and intelligence to prevent
hostile acts against the critical infrastructure of the United States.
InfraGard’s information sharing mission is supported at the highest levels of the U.S.
government. As recently as February 2015, President Barack Obama signed Executive Order
13691, which encourages private companies, nonprofit organizations, executive departments, and
agencies to voluntarily share cyber security information and incidents as a way to enhance the
collective cyber security of the United States.
What is Critical Infrastructure?
“Critical infrastructure” refers to the
systems and assets, whether physical or
virtual, so vital to the United States that
the incapacity or destruction of such
systems and assets would have a
debilitating impact on security, national
economic security, national public health or
safety, or any combination of those matters.
There are 16 critical infrastructure sectors
identified by the U.S. Department of
Homeland Security, including: Chemical,
Commercial Facilities; Communications;
Critical Manufacturing; Dams; Defense
Industrial Base; Emergency Services;
Energy; Financial Services; Food and
Agriculture; Government Facilities; Health
and Public Health; Information Technology;
Nuclear Reactors, Materials, and Waste;
Transportation; and Water and Wastewater
In 2015, those critical infrastructures most
represented in InfraGardNCR include:
Information Technology, Financial Services,
Defense Industrial Base, and Government/
Where are we?
As our Board of Directors considered our strategic direction for 2016, we took some time to
look at where we are with our information sharing efforts. First – we looked to the progress
report, released in March 2015, on the FBI’s implementation of the recommendations in the 9/11
Commission report. The FBI: Protecting the Homeland in the 21st Century reviewed the FBI’s progress
on a number of fronts, ultimately concluding that the FBI “transformed itself over the last 10
years” and “made measurable progress building a threat-based, intelligence-driven national
WHERE ARE WE
InfraGard is specifically mentioned as part of this transformation and generally was evaluated
with a number of other FBI-private sector programs:
“the FBI’s relationships across government
and the private sector are in various states
of evolution depending on the partner, but
the trendlines are generally positive. The
FBI has done a good job in investing in these
relationships, and has detailed or assigned its
special agents, intelligence analysts, and other
professional staff to a wide array of federal
agencies while at the same time hosting these
agencies’ personnel at the FBI. The Review
Commission applauds these efforts and
encourages continued investment in these
The report further states specific to
InfraGard that: “The current limitations on
InfraGard stem from the fact that InfraGard
coordinators are part-time, and InfraGard
is viewed as cyber-focused, when in fact it
could have a broader portfolio. If InfraGard
were to broaden its focus, however, it would
make even more sense to realign it under
the Director of Private Sector Engagement
As our members know, although
InfraGardNCR may be perceived as a “cyber”
program, we in fact provide resources
and have a broad membership in physical
asset protection as well. One of our largest
member segments is the government
In November 2015, the Bureau acted on the
Commission’s recommendations and aligned
the InfraGard program under the Office of
Second we went back to the 9/11
Commission report. The 9/11 commission
report called for the nation to:
“Determine, with leadership from the
President, guidelines for gathering and
sharing information in the new security
systems that are needed, guidelines that
integrate safeguards for privacy and other
essential liberties.” Additionally, the report
stated that the system of “need to know”
should be replaced by a system of “need
to share” through a “unity of effort” for
Our chapter has seen the commitment and
focus of our FBI InfraGard coordinators, and
their leadership from the Washington Field
Office. There is no question that the FBI is
deeply committed to making this partnership
work. The private sector also wants to add
value and work with the FBI to enhance
InfraGard’s value but has some legitimate
and still unaddressed challenges: limitations
on the ability to share amongst each
other particularly for small and mid-sized
companies, lack of timely and actionable
intelligence, and maintaining a two-way
conversation once information is shared.
In November 2015, the Bureau acted on the
Commission’s recommendations and aligned
Given how far information sharing has come, your
InfraGardNCR board continues to focus on areas that have
been identified as challenges by both our membership
and by Commissions reporting on the progress of our
information sharing efforts since the events of September
11th. We have focused our priorities on improving these
challenges AND have adopted several mission areas that
our FBI counterparts have identified as critical, including:
• Expand the way we think about
• Utilize new platforms to share
• Work with our FBI partners to
speed the dissemination of
critical, relevant information
• Develop the proper channels for
members to share information
in a safe/trusted environment
Serve our members
• Develop and execute our strategic
plan for programming that
addresses the needs of all of our
critical infrastructure sectors
• Engage the subject matter experts
in our area of operations for more
active participation and to further
InfraGard’s goals through projects,
activities and events
• Provide more tactical, practical
resources to aid members with
their physical and cyber security
Protect our critical
sectors in our area of
• Identify and tailor events and
activities to our four largest member
• Balance the need for information
technology and physical security
• Continue the focus on cyber security
and the evolving vulnerabilities of the
“Internet of Everything”
• Expand our support for the physical
security of critical infrastructure
Serve the FBI
• Identify and develop SME interaction to
address the needs of our FBI partners
• Be THE private sector resource for best
practices and SMEs
• Align our mission, programming, and
communications to FBI priorities, to
include both timely and emerging
challenges, like data encryption and
A YEAR IN THE
Member Events Collaboration
New Year Networking,
Threats Where You
Are and How To
Tracking Center and DHS/
Summit on Cybersecurity and
Joint program with FBI-BA
and USSS WFO BA
U.S. Secret Service
Protective Analysis Group
Insider Threats for Small
and Midsize Businesses
Tools and information for
understanding the Insider
threat with partners from the
FBI, CENTRA Technology, and
Your InfraGardNCR Chapter has again executed an exceptional array of
programming that provides members with the latest information from our FBI
partners, practical tools to combat cyber intrusion and attack, and training
resources to be “up to date” on active shooter scenarios and much more. Below
is a sampling of our most critical programs:
Board prepares for Strategic
Plan Review and InfraGard
DHS Personnel Security Forum
with partners Government Technology
Services Coalition and the Industrial
Security Working Group
A Tactical and
with partners George
OPM Breach with
Cyber SIG meeting:
with U.S. Department of
Office of Infrastructure
Crowell Moring 13
Special Agent Kara Sidener
Special Agent Amylynn Errera
Chief Administrative Officer
Vice President, Technology
Chief Financial Officer
Your InfragardNCR Board
Chief Information Security Officer
Cyber Special Interest Group
Sector Chief Program
InfraGard’s Sector Chief Program (SCP) escalates communication across the organization by enlisting
industry’s top subject matter experts as liaisons to facilitate information sharing and communication
between the FBI, local InfraGard Members Alliances (IMAs), and area members. This added exchange
fuels the ability of the FBI and government partners to address threats to all 16 critical infrastructure
sectors. Sector chiefs also promote key insight into their designated industry sector. Their specific
expertise elevates the value of incident response exercises and helps tailor member training programs
that increase awareness and build a collective knowledge base toward improved national security.
Sector Chief Matt Smith
Deputy Sector Chief Abrahem Helal
Sector Chief Vernon Allen
Sector Chief Erik Gaull
Sector Chief Martin Kessler
Sector Chief Michael Cohen
Financial Services and Banking:
Co-Sector Chief JR Helmig
Sector Chief Bowman Olds
Sector Chief Jay Uphouse
Deputy Sector Chief Paul Hamman
Water, Wastewater Treatment Systems
Sector Chief Steve Bieber
Sector Chief Jodi Terhorst
Deputy Chair of Sector Chiefs:
As of November 2015, our chapter represents over 1900
individuals representing all 16 critical infrastructure sectors.
Over 80% of our membership self-identifies in one of the
following four sectors: Information Technology, Government
Facilities, Defense Industrial Base (DIB) and Banking and
Finance. With an average of one new applicant per day, and
the Board’s focus on building the representation of key critical
infrastructure holders, we anticipate an increase of at least 50%
by the end of 2016.
Community Activities Chapter Awards
• InfraGard National Members Alliance Congress
InfraGardNCR Chapter received two national
awards, including DHS Protective Security Advisor
of the Year and Rookie of the Year. Congratulations
to Kelly Wilson and Veda Woods!
• National Capital Region’s Homeland Security Plan
The Metropolitan Washington Council of
Governments briefed members at our inaugural
National Critical Infrastructure Security
Resilience Month event and our Annual Meeting
on the evolving homeland security plan for the
region. Members were able to provide substantive
comments on how to include the private sector
and best practices on information sharing
between the public and private sectors.
• Inaugural Annual Report
Issued our first Annual Report to “share
information” about our activities, priorities, and
to get member engagement and feedback on our
initiatives. If we don’t share what we’re doing, how
would you know?
The chapter this year
launched our inaugural
Resilience Month event
to bring public and private partners from around
the region together to focus on infrastructure
security, understand the threats, and build our
regional resilience. The event seeks to bring
everyone in our region together to provide our
best threat information from our FBI partners,
share information on best practices, and leverage
our collective resources for the latest tactical
tools and training to our community.
• Publications - “InfraGard: Enhancing Information
Sharing through Strategic Programming, Outreach,
and Communications,” was published in the
October 2015 issue of George Mason University’s
Critical Infrastructure Protection (CIP) Report.
• WHS BBQ Cook-Off - InfraGardNCR participated
in, and helped sponsor, the 2015 Women in
Homeland Security BBQ Cook-off that seeks
to build the homeland security community.
Our chapter won “BEST SAUCE” and helped
raise roughly $28,000 for the National Law
Enforcement Officers Memorial Fund. Special
thanks to Nagi Mei, our team leader, Tracey
Mitchell, Richard Routh, Caleb Routh, and Raj
Information sharing is the backbone and mission of
InfraGard. But what does that mean? Ultimately it is
receiving information fast enough to allow you to act and
prevent or mitigate an attack. Given burgeoning social
media and information flying around at the speed of
“share on Facebook”, your chapter has taken significant
steps to get you “up to speed” on areas critical to our
We are focusing on developing the platforms that will
allow you to share URGENT, critical, and educational
information to inform your colleagues and build our
team of critical infrastructure protectors.
But we can build platforms all day long. We need YOU to
help populate and curate them.
The following initiatives highlight our efforts in 2015:
INFORMATION SHARING WITH YOU:
Chapter Newsletter - InfraGardNCR leadership
continues to focus on communicating with our members
in ways that add value to their jobs and to their
InfraGard membership. To that end, we have added
special features, often tied to InfraGard programs and/
or critical infrastructure monthly themes as established
by the Department of Homeland Security, as well as
standing features on cyber security news and relevant
posts from the InfraGard secure portal.
PEER-TO-PEER INFORMATION SHARING:
Social Media - Social Media is here whether you like
it or not. The terrorists use it to coordinate across the
globe....isn’t it time for us to dive in?? It is. Our Chapter
has increased engagement on Facebook, LinkedIn,
and Twitter. Sharing information in every way that our
members may receive their news continues to be a key
product of our “information sharing” efforts.
In addition to traditional social media, we initiated a
Flipboard page where members of the Board, sector
chiefs, and select members can “flip” articles of interest
to share with our membership.
Interested in sharing what you’re reading? Engage
with us as an identified or “anonymous” curator to
share information! Contact us to learn how to share the
information you are reading with your peers.
SIG Meetings - Throughout the year our Cyber SIG
has hosted monthly meetings to share information on
everything from the major cyber hack on the Office of
Personnel Management (OPM) that compromised over
20 million people to the Presidential Directive on Private
Sector Cybersecurity Information Sharing issued in early
2015. The SIG also did significant in-depth training on
specific threats like the PlugX Malware.
FBI Briefings- Throughout the year our FBI partners
have joined us to provide the latest information on
cyber security threats, increased terrorist threats and
tactics, and the insider threat, in addition to extensive
information on cyber criminals and their vectors of
attack. They have discussed everything from broad
trends to more specific information on threats.
INFORMATION SHARING WITH OUR FBI,
INTELLIGENCE OTHER PARTNERS
FBI in-reach sessions
In 2015 we executed several new programs we’ve
deemed “in-reach” that came out of conversations
with our FBI partners at our 2014 Strategic Planning
meeting. These sessions bring SMEs from our chapter
in to discuss the private sector’s perspective and
strategies around top FBI priorities like alternate
currencies and the dark web.
Washington Regional Threat Analysis Center (WRTAC)
InfraGardNCR leadership met with Washington Regional
Threat Analysis Center (WRTAC) executives to assure
that we have a robust relationship and a more active
and engaged partnership. The Board is looking for a
member to represent InfraGard at the WRTAC – please
contact us to find out more.
Metropolitan Washington Council of Governments
The Board also reinvigorated our relationship with the
Metropolitan Washington Council of Governments –
providing input to their regional homeland security plan
and more systematically engaging with them on critical
Office of the Director of National Intelligence (ODNI)
InfraGardNCR leadership also met with and discussed
areas of mutual concern with the Office of the Director
of National Intelligence, Office of Public Private
Partnerships. Together we discussed working more
closely on top concerns over information sharing among
the IC community and how to leverage resources they
are developing to combat common threats.
Membership Contact information
As a member of InfraGardNCR, you are a part of
the nation’s team to protect critical infrastructure.
Along with your InfraGard membership
comes great responsibility. When approved,
you represent the nation’s largest volunteer
organization dedicated to being part of the
We sincerely value members who devote
their time, effort, and talent to help build
the community, relationships, and trusted
environment that it takes to share information and
protect our nation.
InfraGard’s vetted membership consists of
thousands of subject matter experts across all
16 critical infrastructures sectors. Members
represent professionals from business,
academia, government, state, local and tribal
government, law enforcement and the military
who are dedicated to supporting the mission and
protecting critical infrastructure.
InfraGard provides its members with a deep
understanding of the threats posed by criminals
and foreign adversaries and has access to
information and tools that equip them with the
most current best practices. Additional member
• Collaboration with peers across InfraGard
• Information sharing with FBI and Law
• Timely intelligence briefings
• Identification, prioritization, and mitigation of
• Special Interest Groups (SIGs)
• Access to iGuardian and Malware Investigator
• Training and education programs
• Discounts to local seminars and conferences
To apply for membership, go to
www.infragard.org and click on the “Join
Today!” tab. Complete the online application and
membership agreements. The application process
takes 30-120 days, and you will be notified by
email if your application is approved.
Have you logged in to the
Once a member, you must log in to the
secure portal to maintain your membership.
Membership status is segmented into the
following five categories:
1. Active – These members have logged into
the new InfraGard Network (IGN), which came
online in the summer of 2013, and are able to
freely log in without any account issues.
2. Idle – Members in this category have not
logged into the IGN in the last 91-180 days.
At this mark, the user’s password lapses and
logging in is not possible without an automated
password reset or a call to the help desk for
password reset assistance.
3. Locked – Members who attempt to login
three times without success will become locked
out. The automated password reset may be
used or the help desk called for reset assist.
4. Dormant – Those who have not logged in for
more than 181 days are required to call the help
desk for login assistance.
5. Rescinded – These members fall into 3
a. They have been removed for cause and will
not be allowed to reapply to InfraGard
b. They personally requested removal from
InfraGard but can reapply
c. They have not signed into the IGN for 366
days and will be required to reapply to
If you have other questions about membership,
please email us at InfraGardNCR@ic.fbi.gov.
Contact us at
Special thanks to Talley Philpy, Kara Sidener, and
Jen Fritz for making this Annual Report possible.