SlideShare a Scribd company logo

Question 1When it comes to disasters, some contend that governme.docx

Download as DOCX, PDF
M
makdul

Question 1 When it comes to disasters, some contend that governments still largely play the role of arriving like the cavalry after the fact. Assuming this might be at least partially true, how can emergency management policies (local, state and/or federal) be more proactive? What barriers, if any, to such proposals might exist? (For instance, should local jurisdictions consider additional efforts to regulate building, land-use, development, and other activities that may cause hazards and/or increase risk to members of the community? What lessons should we learn from the flooding that took place in South Carolina in 2015?) Question 2 Define in your own words the term “benchmarking” used in our textbook and compare it to the terms “lessons learned” or “best practices”, which are often used in emergency management. Include at least one example that you think represents one or more of these terms. Question 3 Your response to each of the questions below should be at least one brief paragraph. After reading the South Carolina Public Incident Report, consider how recent large data security breaches affects public administration. a.) How would you recommend improving policy and practice with regard to information security? (At least one paragraph) b.) Provide a statement of the problem and at least two recommendations; support your points with additional detail and references (in APA Style).  (At least one paragraph) Question 4 https://www.ecfr.gov/cgi-bin/ECFR website to external link After reading Chapter 11 in the textbook, go to the online Code of Federal Regulations (CFR) (Links to an external site.)Links to an external site., which is the compendium of federal agency regulations. Explore to find regulations of one or more of the following agencies.  Select one regulation that you think has an impact on or is related to the phases of emergency management. (Click on “Browse parts” links, if needed, to access regulations.)  Write a short summary of the purpose of the regulation you chose, including its context (what kind of regulation is it part of and what agency enforces it) and how it is related to or could impact emergency/disaster management at the local or state level; include a citation to the CFR section (for example 9 CFR 56.10). Other link for this question. Once you get to this page you can access the other external links listed. https://www.ecfr.gov/cgi-bin/ · Environmental Protection Agency (EPA) (Links to an external site.)Links to an external site. · Nuclear Regulatory Commission (NRC) (Links to an external site.)Links to an external site. · U.S. Department of Transportation Pipeline and Hazardous Material Safety Administration (PHMSA) (Links to an external site.)Links to an external site. · U.S. Coast Guard (USCG) Maritime Security (Links to an external site.)Links to an external site. · U.S. Department of Labor Occupational Safety and Health Administration (OSHA) (Links to an external site.)Links to an external site. ·  (L ...

Education
1 of 32
Question 1 When it comes to disasters, some contend that governments still largely play the role of arriving like the cavalry after the fact. Assuming this might be at least partially true, how can emergency management policies (local, state and/or federal) be more proactive? What barriers, if any, to such proposals might exist? (For instance, should local jurisdictions consider additional efforts to regulate building, land-use, development, and other activities that may cause hazards and/or increase risk to members of the community? What lessons should we learn from the flooding that took place in South Carolina in 2015?) Question 2 Define in your own words the term “benchmarking” used in our textbook and compare it to the terms “lessons learned” or “best practices”, which are often used in emergency management. Include at least one example that you think represents one or more of these terms. Question 3 Your response to each of the questions below should be at least one brief paragraph. After reading the South Carolina Public Incident Report, consider how recent large data security breaches affects public administration. a.) How would you recommend improving policy and practice with regard to information security? (At least one paragraph) b.) Provide a statement of the problem and at least two recommendations; support your points with additional detail and references (in APA Style). (At least one paragraph) Question 4 https://www.ecfr.gov/cgi-bin/ECFR website to external link After reading Chapter 11 in the textbook, go to the online Code of Federal Regulations (CFR) (Links to an external site.)Links to an external site., which is the compendium of federal agency
regulations. Explore to find regulations of one or more of the following agencies. Select one regulation that you think has an impact on or is related to the phases of emergency management. (Click on “Browse parts” links, if needed, to access regulations.) Write a short summary of the purpose of the regulation you chose, including its context (what kind of regulation is it part of and what agency enforces it) and how it is related to or could impact emergency/disaster management at the local or state level; include a citation to the CFR section (for example 9 CFR 56.10). Other link for this question. Once you get to this page you can access the other external links listed. https://www.ecfr.gov/cgi-bin/ · Environmental Protection Agency (EPA) (Links to an external site.)Links to an external site. · Nuclear Regulatory Commission (NRC) (Links to an external site.)Links to an external site. · U.S. Department of Transportation Pipeline and Hazardous Material Safety Administration (PHMSA) (Links to an external site.)Links to an external site. · U.S. Coast Guard (USCG) Maritime Security (Links to an external site.)Links to an external site. · U.S. Department of Labor Occupational Safety and Health Administration (OSHA) (Links to an external site.)Links to an external site. · (Links to an external site.)Links to an external site.U.S. Food and Drug Administration · Animal and Plant Health Inspection Service (APHIS) (Links to an external site.)Links to an external site. Question 5 Write a brief essay (at least 250 words) for question 4. Read the short article, The Politics of Disaster, by Michael Selves, former emergency management director, Johnson County, Kansas. In an essay of 250-500 words, tie or relate a point from Selves’ article to one or more concepts in our
textbook. Support your points with additional research, as needed, and include references (in-text citations and reference list in APA Style). Submit to Turnitin before uploading the assignment here. THE POLITICS OF DISASTER (Principles for Local Emergency Managers and Elected Officials) Michael D. Selves, CEM, CPM Director, Emergency Management/Homeland Security Johnson County, Kansas INTRODUCTION: This is how most members of the Emergency Management and Emergency Services disciplines typically view politicians during disasters. And, while it may be a popular attitude, it is certainly not a very practical one if we expect to achieve everything we can for our communities when disasters strike. Why should this be so?
First, we need special powers and authorities to deal with disaster situations and elected officials have the ability to provide them. As much as professional emergency managers, emergency services chiefs and other staff would like to believe we operate with autonomy, we all realize we are really just the “hired help” when it comes to many aspects of disaster response and recovery. Virtually every state has disaster legislation which allows for special powers and authorities to be exercised by duly elected officials. The general rule of thumb here is that if we have to take actions during a disaster which will infringe on the ordinary rights and privileges of the citizens, only a duly elected representative of those citizens may authorize such extraordinary measures. Secondly, we need all the help we can get. Elected officials can expedite assistance. As I’ll discuss later, most outside resources which come to a community are accessed
through a governmental (political) process. The process of requesting, justifying and acquiring such assistance is one of the most “political” of all disaster actions. Generally, elected officials are the most effective persons we have in expediting this assistance. Finally, we need public support. Elected officials represent the people and in a democratic republic, the people’s representatives hold the ultimate authority. The also are the most appropriate spokespersons when it comes to providing guidance to the public and obtaining public support for disaster related actions. The bottom line is that we work for them and the people hold them accountable and they hold us accountable. PRINCIPLES: All Disasters are Political: Whether we want to believe it or not, political considerations are a significant factor in the preparation for, response to, recovery from and mitigation of disaster events. Think back to disasters you have personally been
involved in or you’ve seen in other parts of the country. Has there ever been one where there was no political involvement? Is it likely that there every will be one? I ‘m quite sure the answer to both questions is “no”. If we really analyze the events and issues surrounding disasters, we readily see that politics is an integral element of the disaster and that element has to be dealt with just like any other disaster impact. If we are to adequately discuss this principle, it is necessary to look into why disasters are naturally so fraught with political considerations and to consider the factors which determine how political a disaster might become. There are at least three basic reasons why disasters are political in nature. First and most important, disasters affect people. Basic Emergency Management doctrine tells us that the determination of what constitutes a disaster is the impact it has on people. The
impact of a disaster is measured with regard to how people are affected. In situations where there is no impact, there is no disaster regardless of the actual occurrence of a hazardous event (e.g. an extremely violent and large tornado occurs in a totally uninhabited area of the country.) When we do hazard analyses, we look at two elements, probability and vulnerability. Vulnerability is almost always expressed in terms of the potential impact on people. A disaster then, by definition, involves people, and any event which significantly affects the lives and property of people is political. Secondly, disaster are political because the involve public policy. How well or how poorly we mitigate, prepare for, respond to and recover from disasters is directly related to how well emergency management/disaster policy is created, maintained and implemented. By definition, politics is the process of establishing and carrying out
public policy. Failures in policy or its implementation is the stuff around which political debates revolve and of which political campaigns are made. A disaster event brings this policy debate squarely into the political arena. Third, and related to the first two reasons, is the fact that disasters invariably invite public (read media) interest. In our modern culture of all-pervasive mass communications, disasters are dramatic, newsworthy events which compel intense public interest. Politicians appropriately have to respond to that kind of interest and scrutiny. There are a number of very important factors which can determine how “political” a particular disaster situation can become. First there is the nature of the disaster itself. Generally speaking a violent event tends to be more political that slow growing events which do not initially attract as much attention. In the era of terrorism, such events as Oklahoma City and 9/11 are incredibly political. The very
definition of terrorism assumes an intent to affect political attitudes. If the cause of an event is such as to involve potential blame, the politicization of the event is significantly increased. We don’t tend to blame nature (or God) for natural events. We do, however, increase the media (and therefore the political) “feeding frenzy” when there is potentially a human cause for the disaster. Events such as Three-Mile Island or the Bohpal chemical release are only the most obvious examples. The scope of the disaster affects the political nature of it. Obviously, an event which involves local, state and federal actions has more potential for political implications. A second factor is the degree to which public policies become a part of the disaster event. This can be affected by such things as the level of response involved and the requirement to deal with difficult or uncharacteristic issues which adversely affect or irritate the
public (e.g. evacuations, seizure of private property, curfews and quarantines.) Events or potential events which could have been prevented or lessened by mitigation actions (e.g. flooding, earthquakes, etc.) will necessarily bring policy questions into the disaster event. A third factor involves the quality of decisions and response actions. Such considerations as: Were response efforts handled adequately or in a timely fashion? Were mistakes made or was the response slow and poorly coordinated? What is the level of perceived public dissatisfaction? Such elements combined with public (or media) questions and controversy will increase the political aspect of the event significantly. Fourth, the nature of the political environment in the community will have an impact on the disaster situation. Such things as whether the political players are on the same “team”, whether previous partisan divisions existed or whether disaster policy
disagreements have been a factor in the past all affect, to one degree or another the disaster’s political climate. Are the political players adversaries generally and disinclined to cooperate or do they share a common political agenda? Two different scenarios come to mind. During the Loma Prieta earthquake, the national administration was Republican and the city of San Francisco was Democrat. There was significant conflict regarding response and recovery issues attributable to this political reality. Conversely, when the Republican Mayor of New York City, the Republican Governor of New York and the Republican President were from the same party, that fact also had an (in this case a positive) impact on the aftermath of the World Trade Center attack. Of course (and this is meant sincerely, not cynically) the fact that a disaster occurs during an election year is not an insignificant consideration. Disaster Policy is Difficult to Create and Maintain: One very
frustrating factor confronting emergency managers at all levels of government is that it is often difficult to get policy support for senior elected officials before a disaster event occurs. The problem is that disaster policy issues are often monumental and very complicated, involving conflicting interests at every level of government. Generally there is a real reluctance on the part of elected officials to create controversy and debate until the need is immediate and unavoidable. Obviously this reluctance is at odds with the emergency manager’s requirement to establish the “ground rules” regarding disaster activities in advance of an actual disaster occurrence. At the local level, this problem is compounded by the fact that local jurisdictions are the most immediately affected, but tend to be the least interested in disaster issues. Beverly Cigler has observed, for example, that “…the governments least likely to perceive emergency management as a key priority – local governments – are at center stage in terms of responsibility for
emergency management.” Even when the need to establish policy in advance of disasters is accepted and understood, the process of establishing and maintaining such policy is a challenging undertaking. It is virtually impossible to design policies and programs that meet all needs and satisfy all of the competing interests. These conflicting interests can be about broad national policy, for example, should we mitigate the impacts of flooding by the use of flood management structures (dikes, levees, stream clearance/widening, etc.) or by buyouts of flood prone properties and/or relocation of communities in the floodplain? They are often about specific local issues which often are of great political and economic import to the communities involved. (I once knew of a small county emergency manager who almost lost her job because she proposed to open the local armory to blizzard-
stranded travelers before the local motels were full!) Of course, during the current fiscal difficulties, this complex process must constantly attempt to balance the need to provide disaster services while being fiscally responsible with tax dollars. Add to this complexity the fact that needs are constantly changing and that public expectations in response to a disaster are invariably (and often unreasonably) high, perhaps it is amazing that we can get politicians to tackle disaster policy making at all. Disasters have Political Consequences: One widely observed but not fully understood principle of the disaster/politics relationship is the fact that disasters and their aftermath have significant potential to affect the political environment of a community, state or nation. A disaster can alter the public’s perceptions about the ability and concern of the political players. It also causes them to be more sensitive to criticism of response/relief efforts. Each of us can relate instances where political futures and political landscapes
were changed by a disaster event and the resulting leadership (or lack thereof). Perhaps the current political result of the attacks on the World Trade Center is the most striking in recent history. An American President is elected by the barest of electoral majorities and actually looses the popular vote, is perceived to be weak with questionable leadership skills. September 11, 2001 occurs, that same President handling of the resulting impact of the attack is perceived as masterful and, as of this writing, enjoys one of the most popular presidencies of modern times. A “lame duck” mayor of New York, beset by personal problems, becomes the very symbol of political leadership and is immensely popular both in New York and nationally. Approximately a decade earlier, the father of the current President was perceived to have been slow and insensitive in response to the catastrophic impact of Hurricane Andrew in South Florida. This perception coupled with a sluggish economy changed the political fortunes of that
administration in exactly the opposite direction. Similar examples at all levels of government also exist. Sometimes the political impact of a disaster can have mixed results over time. In one midwestern community which experienced massive flooding, the mayor was initially hailed as providing excellent leadership. As the problems of the recovery began to mount, however, she became so unpopular that she failed reelection just two years later. While these examples are of Presidents and mayors, all elected political leaders are subject to the political impact of disasters. Who are the major political players in a disaster and how can they be affected? The political impacts differ most notably between executives and legislators. In a crisis the initial stress is on elected executives (President, governors, county commission chairs, mayors, etc.) They are the decision makers who must act and communicate in a crisis. The primary challenge
for such executives is the constant need to balance what is necessary to deal with a crisis as opposed to what is “popular”. While good response is usually a positive thing, sometimes decisions necessary to a good response must infringe upon the rights, convenience and interests of members of the public. Decisions to impose curfews, limit sales of certain items, force evacuation or closure of businesses, and, certainly, involuntary quarantine, are significant measures which may be necessary, but extremely unpopular. While the role of members of Congress and state and local legislative bodies is less direct, they are key players as well. This is especially true when it comes to policy issues and recovery efforts. One of the most important roles of congressional members involves the process of obtaining Federal declarations after disasters. Congressional and legislative officials also play a critical role in constituent services after a disaster in helping citizens and local governments deal with the rules and
policies involved in recovery programs. Ultimately, any changes related to disaster policy become a legislative initiative and the interest and understanding of the implications of such policy by these elected officials is critical. Likewise, the involvement of political staffers and policy assistants in disaster-related activities and discussions is an important factor. Most political staff members are not routinely involved in such matters and only become so when the attention of their elected boss is directed there as a result of an event. The ability of state and local emergency managers to make contact with and provide valuable information and insights to staff members is an often-overlooked strategy which will bear considerable benefit during future disasters. Politics can have Disastrous Consequences: Just as politicians and the political
environment can be affected by a disaster, our response and recovery actions are almost inevitably driven, in part, by political considerations. Sometimes these political considerations can produce very negative consequences. These consequences can range from mere inconveniences (tours by elected officials of disaster sites) to major interference in the accomplishment of response and recovery objectives (lack of funds, refusal to grant necessary authority, etc.) On rare occasions, these consequences can result in illegal or unethical actions (use of disaster powers for personal gain or influence.) It is important for local emergency managers to become aware of the potential for such political consideration to get out of hand and be able to devise tactful strategies for dealing with them. Well-established emergency operating plans and processes, for example, go a long way toward lessening the “politicization” of disaster response and
recovery act ivies. Frequent orientation, training and exercising also will help elected officials understand the importance of pre-established roles, responsibilities and relationships and the necessity of operating as a team with a plan when disaster strikes. This necessity of having a plan brings us to the final principle. Politicians, Like Nature, Abhor a Vacuum: For an emergency manager working to “get a handle” on the political dimensions of a disaster situation, this principle may be the most important. While in a minority of cases, there may be unwanted and excessive political interference in disaster operations, experience of most of our colleagues is that as long as things are under control and there is a cogent, integrated effort during the response and recovery, political operatives are content to “play by the rules”. It is generally when there is a real or perceived lack of control or coordination and things
either are or appear to be in chaos, that political leaders tend to “take charge”. On some occasions, this might even be beneficial, but more often than not, the results are not positive. Most often, we, as emergency managers, have the power to determine our own fate in dealing with the political side of disaster activities. This power is relatively simple. We need to be as professional as we can be. We need to understand the emergency management process and principles and be able to communicate them – before, during and after the disaster strikes. We need to make sure that our plans are sound, complete and flexible to deal with the contingencies which inevitably occur during a disaster event. In this respect, as in all of emergency management work, the establishment of good relationships prior to the event is crucial. This is no less true when it comes to the political players. An additional consideration is to establish good prior relationships with
the local media, since political actions are most often reactions to public perceptions as influenced by the media. The bottom line is that we need to do our jobs professionally and have developed a strong framework of coordination and understanding before disaster strikes. Remember, if you provide a leadership vacuum during times of crises, the political leadership will, either by desire or necessity, fill it. We ignore these political principles at our own and our communities’ peril. South Carolina Department of Revenue Public Incident Response Report
November 20, 2012 Page 2 This public incident response report and its publication is not intended nor should it be construed as a waiver of any privilege or immunity from disclosure that may attach to Mandiant’s privileged work, investigation, and reports. EXECUTIVE SUMMARY BACKGROUND On October 10, 2012, a law enforcement agency contacted the South Carolina Department of Revenue (DoR) with evidence that Personally Identifiable Information (PII) of three individuals had been stolen. The Department of Revenue reviewed the data provided and identified that the data provided would have been stored within databases managed by the Department of Revenue. On October 12, 2012, Mandiant was contracted by the Department of Revenue to perform an incident response. Mandiant’s objectives were to:
and long term remediation plans. Mandiant performed the following activities to achieve these objectives: Division of State Information Technology (DSIT) representatives to discuss initial evidence preservation requirements. forensic analysis of the web, application, and database systems that housed the PII data provided in the law enforcement notification. of Revenue computer systems with the Mandiant Intelligent Response (MIR) technology for indicators of compromise (IOCs). MIR is a tool used by experienced investigators to look for evidence of malicious activities across a large number of systems. Monitored all network traffic from the Department of Revenue’s single Internet egress point for
evidence of ongoing malicious activity. indicators of compromise. and forensic images from key systems as well as network and system logs. compromise. additional indicators of compromise. dings and remediation recommendations. the Department of Revenue’s acquiring bank, First Data. Mandiant performed both on-site and off-site incident response activities from October 13, 2012 through November 16, 2012. FINDINGS Mandiant’s major findings are provided below. Summary of the Attack A high level understanding of the most important aspects of the compromise are detailed below. 1. August 13, 2012: A malicious (phishing) email was sent to multiple Department of Revenue
employees. At least one Department of Revenue user clicked on the embedded link, unwittingly executed malware, and became compromised. The malware likely stole the user’s username and password. This theory is based on other facts discovered during the investigation; however, Mandiant was unable to conclusively determine if this is how the user’s credentials were obtained by the attacker. Page 3 This public incident response report and its publication is not intended nor should it be construed as a waiver of any privilege or immunity from disclosure that may attach to Mandiant’s privileged work, investigation, and reports. 2. August 27, 2012: The attacker logged into the remote access service (Citrix) using legitimate Department of Revenue user credentials. The credentials used belonged to one of the users who had received and opened the malicious email on August 13, 2012. The attacker used the Citrix portal to log into the user’s workstation and then leveraged the user’s access rights to access other Department of Revenue systems and databases with the user’s credentials. 3. August 29, 2012: The attacker executed utilities designed to
obtain user account passwords on six servers. 4. September 1, 2012: The attacker executed a utility to obtain user account passwords for all Windows user accounts. The attacker also installed malicious software (“backdoor”) on one server. 5. September 2, 2012: The attacker interacted with twenty one servers using a compromised account and performed reconnaissance activities. The attacker also authenticated to a web server that handled payment maintenance information for the Department of Revenue, but was not able to accomplish anything malicious. 6. September 3, 2012: The attacker interacted with eight servers using a compromised account and performed reconnaissance activities. The attacker again authenticated to a web server that handled payment maintenance information for the Department of Revenue, but was not able to accomplish anything malicious. 7. September 4, 2012: The attacker interacted with six systems using a compromised account and performed reconnaissance activities. 8. September 5 - 10, 2012: No evidence of attacker activity was identified. 9. September 11, 2012: The attacker interacted with three systems using a compromised
account and performed reconnaissance activities. 10. September 12, 2012: The attacker copied database backup files to a staging directory. 11. September 13 and 14, 2012: The attacker compressed the database backup files into fourteen (of the fifteen total) encrypted 7-zip 1 archives. The attacker then moved the 7-zip archives from the database server to another server and sent the data to a system on the Internet. The attacker then deleted the backup files and 7-zip archives. 12. September 15, 2012: The attacker interacted with ten systems using a compromised account and performed reconnaissance activities. 13. September 16, 2012 – October 16, 2012: No evidence of attacker activity was identified. 14. October 17, 2012: The attacker checked connectivity to a server using the backdoor previously installed on September 1, 2012. No evidence of additional activity was discovered. 15. October 19 and 20, 2012: The Department of Revenue executed remediation activities based on short term recommendations provided by Mandiant. The intent of the remediation activities was to remove the attacker’s access to the environment and detect a re- compromise.
16. October 21, 2012 – Present: No evidence of related malicious activity post-remediation has been discovered. Extent of Compromise The following points describe the extent of the compromise: 1. The attacker compromised a total of 44 systems: the attacker he attacker (the attacker performed such activities as reconnaissance and password hash dumping) 2. The attacker used at least 33 unique pieces of malicious software and utilities to perform the attack and data theft activities including: or databases 1 A publicly available utility used to compress and decompress files (http://www.7-zip.org/)
Page 4 This public incident response report and its publication is not intended nor should it be construed as a waiver of any privilege or immunity from disclosure that may attach to Mandiant’s privileged work, investigation, and reports. 3. The attacker remotely accessed the Department of Revenue environment using at least four IP addresses. 4. The attacker used at least four valid Department of Revenue user accounts during the attack. Information Exposure A high level description of stolen or potentially stolen information is provided below. 1. The attacker created fifteen encrypted 7-zip archives totaling approximately 8.2 GB of compressed data. The data decompressed into approximately 74.7 GB of data. The data was comprised of: -zip archives that contained twenty three database backup files -zip archive that contained ~1,200 files related to the sctax.org web site and an
encrypted version of the data encryption key 2. The twenty three database backup files contained a combination of encrypted and unencrypted data. According to the Department of Revenue, all instances of encrypted data within the various databases were encrypted using an industry standard two-key method that leveraged the AES 256-bit encryption standard. One key was used to encrypt the data (“encryption key”); the second key was used to protect the encryption key by encrypting it (“key encrypting key” or KEK). encryption key or accessed, the key encrypting key REMEDIATION Mandiant developed an immediate containment plan to deny the attacker access to the environment using the known methods of access. A containment plan is critical in a compromise involving potential PII and/or cardholder data loss. The Department of Revenue started implementing the containment plan on October 19, 2012 and completed containment activities on October 20, 2012. Mandiant then developed a plan to implement intermediate and longer term
recommendations to enhance the Department of Revenue’s security against future compromise. Those longer term recommendations are in the process of being implemented. No evidence of ongoing attacker activity post-remediation has been identified. Public Incident Response Report Submitted By: Marshall Heilman Director Christopher Glyer Manager

Recommended

The Reality Of Health Care Policies
The Reality Of Health Care PoliciesThe Reality Of Health Care Policies
The Reality Of Health Care PoliciesSandra Arveseth
 
Emergency Management Laws And Act
Emergency Management Laws And ActEmergency Management Laws And Act
Emergency Management Laws And ActRachel Phillips
 
Melanie McBrideIt seems as if when It comes to emergency res.docx
Melanie McBrideIt seems as if when It comes to emergency res.docxMelanie McBrideIt seems as if when It comes to emergency res.docx
Melanie McBrideIt seems as if when It comes to emergency res.docxARIV4
 
Week Three– The Six Strategic ChallengesEvery four years, the De.docx
Week Three– The Six Strategic ChallengesEvery four years, the De.docxWeek Three– The Six Strategic ChallengesEvery four years, the De.docx
Week Three– The Six Strategic ChallengesEvery four years, the De.docxphilipnelson29183
 
LESSON NOTES WEEK 5HLSS215 Regulatory Issues in Weapons of Ma.docx
LESSON NOTES WEEK 5HLSS215 Regulatory Issues in Weapons of Ma.docxLESSON NOTES WEEK 5HLSS215 Regulatory Issues in Weapons of Ma.docx
LESSON NOTES WEEK 5HLSS215 Regulatory Issues in Weapons of Ma.docxsmile790243
 
National Response Framework And National Incident...
National Response Framework And National Incident...National Response Framework And National Incident...
National Response Framework And National Incident...Deb Birch
 
commen on thoese 21- Richard Lennon    After reviewing t.docx
commen on thoese 21- Richard Lennon    After reviewing t.docxcommen on thoese 21- Richard Lennon    After reviewing t.docx
commen on thoese 21- Richard Lennon    After reviewing t.docxdivinapavey
 
This weeks problem is a little tricky. You are asked to evaluate a .docx
This weeks problem is a little tricky. You are asked to evaluate a .docxThis weeks problem is a little tricky. You are asked to evaluate a .docx
This weeks problem is a little tricky. You are asked to evaluate a .docxrowthechang
 

Recommended

The Reality Of Health Care Policies
The Reality Of Health Care PoliciesThe Reality Of Health Care Policies
The Reality Of Health Care PoliciesSandra Arveseth
 
Emergency Management Laws And Act
Emergency Management Laws And ActEmergency Management Laws And Act
Emergency Management Laws And ActRachel Phillips
 
Melanie McBrideIt seems as if when It comes to emergency res.docx
Melanie McBrideIt seems as if when It comes to emergency res.docxMelanie McBrideIt seems as if when It comes to emergency res.docx
Melanie McBrideIt seems as if when It comes to emergency res.docxARIV4
 
Week Three– The Six Strategic ChallengesEvery four years, the De.docx
Week Three– The Six Strategic ChallengesEvery four years, the De.docxWeek Three– The Six Strategic ChallengesEvery four years, the De.docx
Week Three– The Six Strategic ChallengesEvery four years, the De.docxphilipnelson29183
 
LESSON NOTES WEEK 5HLSS215 Regulatory Issues in Weapons of Ma.docx
LESSON NOTES WEEK 5HLSS215 Regulatory Issues in Weapons of Ma.docxLESSON NOTES WEEK 5HLSS215 Regulatory Issues in Weapons of Ma.docx
LESSON NOTES WEEK 5HLSS215 Regulatory Issues in Weapons of Ma.docxsmile790243
 
National Response Framework And National Incident...
National Response Framework And National Incident...National Response Framework And National Incident...
National Response Framework And National Incident...Deb Birch
 
commen on thoese 21- Richard Lennon    After reviewing t.docx
commen on thoese 21- Richard Lennon    After reviewing t.docxcommen on thoese 21- Richard Lennon    After reviewing t.docx
commen on thoese 21- Richard Lennon    After reviewing t.docxdivinapavey
 
This weeks problem is a little tricky. You are asked to evaluate a .docx
This weeks problem is a little tricky. You are asked to evaluate a .docxThis weeks problem is a little tricky. You are asked to evaluate a .docx
This weeks problem is a little tricky. You are asked to evaluate a .docxrowthechang
 
ANSWER THIS QUESTION 250 WORDS MIN EACH Discussion Que.docx
ANSWER THIS QUESTION 250 WORDS MIN EACH Discussion Que.docxANSWER THIS QUESTION 250 WORDS MIN EACH Discussion Que.docx
ANSWER THIS QUESTION 250 WORDS MIN EACH Discussion Que.docxRAHUL126667
 
Untapped Potential – An Analysis of Online Newsrooms on State Emergency Manag...
Untapped Potential – An Analysis of Online Newsrooms on State Emergency Manag...Untapped Potential – An Analysis of Online Newsrooms on State Emergency Manag...
Untapped Potential – An Analysis of Online Newsrooms on State Emergency Manag...Dawn Dawson
 
A suicide bomber has detonated his incendiary device on the Pink Lin.docx
A suicide bomber has detonated his incendiary device on the Pink Lin.docxA suicide bomber has detonated his incendiary device on the Pink Lin.docx
A suicide bomber has detonated his incendiary device on the Pink Lin.docxstelzriedemarla
 
Nonprofits respond as intergovernmental organizations post katrina
Nonprofits respond as intergovernmental organizations post katrinaNonprofits respond as intergovernmental organizations post katrina
Nonprofits respond as intergovernmental organizations post katrinaMichael Youngblood
 
Fema And The Federal Emergency Management Agency
Fema And The Federal Emergency Management AgencyFema And The Federal Emergency Management Agency
Fema And The Federal Emergency Management AgencyDenise Enriquez
 
CRJ Module 8 OverviewTerrorism and the Future of Emergency Manag.docx
CRJ Module 8 OverviewTerrorism and the Future of Emergency Manag.docxCRJ Module 8 OverviewTerrorism and the Future of Emergency Manag.docx
CRJ Module 8 OverviewTerrorism and the Future of Emergency Manag.docxfaithxdunce63732
 
Week One – Risk and the All Hazards ApproachIt seems logical for.docx
Week One – Risk and the All Hazards ApproachIt seems logical for.docxWeek One – Risk and the All Hazards ApproachIt seems logical for.docx
Week One – Risk and the All Hazards ApproachIt seems logical for.docxphilipnelson29183
 
Discussion Question  Looking over the next five years, in your op.docx
Discussion Question  Looking over the next five years, in your op.docxDiscussion Question  Looking over the next five years, in your op.docx
Discussion Question  Looking over the next five years, in your op.docxelinoraudley582231
 
According to Davenport (2014) social media and health care are c.docx
According to Davenport (2014) social media and health care are c.docxAccording to Davenport (2014) social media and health care are c.docx
According to Davenport (2014) social media and health care are c.docxmakdul
 
According to (Fatehi, Gordon & Florida, N.D.) theoretical orient.docx
According to (Fatehi, Gordon & Florida, N.D.) theoretical orient.docxAccording to (Fatehi, Gordon & Florida, N.D.) theoretical orient.docx
According to (Fatehi, Gordon & Florida, N.D.) theoretical orient.docxmakdul
 
According to Libertarianism, there is no right to any social service.docx
According to Libertarianism, there is no right to any social service.docxAccording to Libertarianism, there is no right to any social service.docx
According to Libertarianism, there is no right to any social service.docxmakdul
 
According to Kirk (2016), most of your time will be spent working wi.docx
According to Kirk (2016), most of your time will be spent working wi.docxAccording to Kirk (2016), most of your time will be spent working wi.docx
According to Kirk (2016), most of your time will be spent working wi.docxmakdul
 
According to cultural deviance theorists like Cohen, deviant sub.docx
According to cultural deviance theorists like Cohen, deviant sub.docxAccording to cultural deviance theorists like Cohen, deviant sub.docx
According to cultural deviance theorists like Cohen, deviant sub.docxmakdul
 
According to Gray et al, (2017) critical appraisal is the proce.docx
According to Gray et al, (2017) critical appraisal is the proce.docxAccording to Gray et al, (2017) critical appraisal is the proce.docx
According to Gray et al, (2017) critical appraisal is the proce.docxmakdul
 
According to article Insecure Policing Under Racial Capitalism by.docx
According to article Insecure Policing Under Racial Capitalism by.docxAccording to article Insecure Policing Under Racial Capitalism by.docx
According to article Insecure Policing Under Racial Capitalism by.docxmakdul
 
Abstract In this experiment, examining the equivalence poi.docx
Abstract In this experiment, examining the equivalence poi.docxAbstract In this experiment, examining the equivalence poi.docx
Abstract In this experiment, examining the equivalence poi.docxmakdul
 
ACC 403- ASSIGNMENT 2 RUBRIC!!!Points 280Assignment 2 Audi.docx
ACC 403- ASSIGNMENT 2 RUBRIC!!!Points 280Assignment 2 Audi.docxACC 403- ASSIGNMENT 2 RUBRIC!!!Points 280Assignment 2 Audi.docx
ACC 403- ASSIGNMENT 2 RUBRIC!!!Points 280Assignment 2 Audi.docxmakdul
 
ACC 601 Managerial Accounting Group Case 3 (160 points) .docx
ACC 601 Managerial Accounting Group Case 3 (160 points) .docxACC 601 Managerial Accounting Group Case 3 (160 points) .docx
ACC 601 Managerial Accounting Group Case 3 (160 points) .docxmakdul
 
Academic Integrity A Letter to My Students[1] Bill T.docx
Academic Integrity A Letter to My Students[1] Bill T.docxAcademic Integrity A Letter to My Students[1] Bill T.docx
Academic Integrity A Letter to My Students[1] Bill T.docxmakdul
 
Access the Center for Disease Control and Prevention’s (CDC’s) Nu.docx
Access the Center for Disease Control and Prevention’s (CDC’s) Nu.docxAccess the Center for Disease Control and Prevention’s (CDC’s) Nu.docx
Access the Center for Disease Control and Prevention’s (CDC’s) Nu.docxmakdul
 
According to DSM 5 This patient had very many symptoms that sugg.docx
According to DSM 5 This patient had very many symptoms that sugg.docxAccording to DSM 5 This patient had very many symptoms that sugg.docx
According to DSM 5 This patient had very many symptoms that sugg.docxmakdul
 
Acceptable concerts include professional orchestras, soloists, jazz,.docx
Acceptable concerts include professional orchestras, soloists, jazz,.docxAcceptable concerts include professional orchestras, soloists, jazz,.docx
Acceptable concerts include professional orchestras, soloists, jazz,.docxmakdul
 

More Related Content

Similar to Question 1When it comes to disasters, some contend that governme.docx

ANSWER THIS QUESTION 250 WORDS MIN EACH Discussion Que.docx
ANSWER THIS QUESTION 250 WORDS MIN EACH Discussion Que.docxANSWER THIS QUESTION 250 WORDS MIN EACH Discussion Que.docx
ANSWER THIS QUESTION 250 WORDS MIN EACH Discussion Que.docxRAHUL126667
 
Untapped Potential – An Analysis of Online Newsrooms on State Emergency Manag...
Untapped Potential – An Analysis of Online Newsrooms on State Emergency Manag...Untapped Potential – An Analysis of Online Newsrooms on State Emergency Manag...
Untapped Potential – An Analysis of Online Newsrooms on State Emergency Manag...Dawn Dawson
 
A suicide bomber has detonated his incendiary device on the Pink Lin.docx
A suicide bomber has detonated his incendiary device on the Pink Lin.docxA suicide bomber has detonated his incendiary device on the Pink Lin.docx
A suicide bomber has detonated his incendiary device on the Pink Lin.docxstelzriedemarla
 
Nonprofits respond as intergovernmental organizations post katrina
Nonprofits respond as intergovernmental organizations post katrinaNonprofits respond as intergovernmental organizations post katrina
Nonprofits respond as intergovernmental organizations post katrinaMichael Youngblood
 
Fema And The Federal Emergency Management Agency
Fema And The Federal Emergency Management AgencyFema And The Federal Emergency Management Agency
Fema And The Federal Emergency Management AgencyDenise Enriquez
 
CRJ Module 8 OverviewTerrorism and the Future of Emergency Manag.docx
CRJ Module 8 OverviewTerrorism and the Future of Emergency Manag.docxCRJ Module 8 OverviewTerrorism and the Future of Emergency Manag.docx
CRJ Module 8 OverviewTerrorism and the Future of Emergency Manag.docxfaithxdunce63732
 
Week One – Risk and the All Hazards ApproachIt seems logical for.docx
Week One – Risk and the All Hazards ApproachIt seems logical for.docxWeek One – Risk and the All Hazards ApproachIt seems logical for.docx
Week One – Risk and the All Hazards ApproachIt seems logical for.docxphilipnelson29183
 
Discussion Question  Looking over the next five years, in your op.docx
Discussion Question  Looking over the next five years, in your op.docxDiscussion Question  Looking over the next five years, in your op.docx
Discussion Question  Looking over the next five years, in your op.docxelinoraudley582231
 

Similar to Question 1When it comes to disasters, some contend that governme.docx (8)

ANSWER THIS QUESTION 250 WORDS MIN EACH Discussion Que.docx
ANSWER THIS QUESTION 250 WORDS MIN EACH Discussion Que.docxANSWER THIS QUESTION 250 WORDS MIN EACH Discussion Que.docx
ANSWER THIS QUESTION 250 WORDS MIN EACH Discussion Que.docx
 
Untapped Potential – An Analysis of Online Newsrooms on State Emergency Manag...
Untapped Potential – An Analysis of Online Newsrooms on State Emergency Manag...Untapped Potential – An Analysis of Online Newsrooms on State Emergency Manag...
Untapped Potential – An Analysis of Online Newsrooms on State Emergency Manag...
 
A suicide bomber has detonated his incendiary device on the Pink Lin.docx
A suicide bomber has detonated his incendiary device on the Pink Lin.docxA suicide bomber has detonated his incendiary device on the Pink Lin.docx
A suicide bomber has detonated his incendiary device on the Pink Lin.docx
 
Nonprofits respond as intergovernmental organizations post katrina
Nonprofits respond as intergovernmental organizations post katrinaNonprofits respond as intergovernmental organizations post katrina
Nonprofits respond as intergovernmental organizations post katrina
 
Fema And The Federal Emergency Management Agency
Fema And The Federal Emergency Management AgencyFema And The Federal Emergency Management Agency
Fema And The Federal Emergency Management Agency
 
CRJ Module 8 OverviewTerrorism and the Future of Emergency Manag.docx
CRJ Module 8 OverviewTerrorism and the Future of Emergency Manag.docxCRJ Module 8 OverviewTerrorism and the Future of Emergency Manag.docx
CRJ Module 8 OverviewTerrorism and the Future of Emergency Manag.docx
 
Week One – Risk and the All Hazards ApproachIt seems logical for.docx
Week One – Risk and the All Hazards ApproachIt seems logical for.docxWeek One – Risk and the All Hazards ApproachIt seems logical for.docx
Week One – Risk and the All Hazards ApproachIt seems logical for.docx
 
Discussion Question  Looking over the next five years, in your op.docx
Discussion Question  Looking over the next five years, in your op.docxDiscussion Question  Looking over the next five years, in your op.docx
Discussion Question  Looking over the next five years, in your op.docx
 

More from makdul

According to Davenport (2014) social media and health care are c.docx
According to Davenport (2014) social media and health care are c.docxAccording to Davenport (2014) social media and health care are c.docx
According to Davenport (2014) social media and health care are c.docxmakdul
 
According to (Fatehi, Gordon & Florida, N.D.) theoretical orient.docx
According to (Fatehi, Gordon & Florida, N.D.) theoretical orient.docxAccording to (Fatehi, Gordon & Florida, N.D.) theoretical orient.docx
According to (Fatehi, Gordon & Florida, N.D.) theoretical orient.docxmakdul
 
According to Libertarianism, there is no right to any social service.docx
According to Libertarianism, there is no right to any social service.docxAccording to Libertarianism, there is no right to any social service.docx
According to Libertarianism, there is no right to any social service.docxmakdul
 
According to Kirk (2016), most of your time will be spent working wi.docx
According to Kirk (2016), most of your time will be spent working wi.docxAccording to Kirk (2016), most of your time will be spent working wi.docx
According to Kirk (2016), most of your time will be spent working wi.docxmakdul
 
According to cultural deviance theorists like Cohen, deviant sub.docx
According to cultural deviance theorists like Cohen, deviant sub.docxAccording to cultural deviance theorists like Cohen, deviant sub.docx
According to cultural deviance theorists like Cohen, deviant sub.docxmakdul
 
According to Gray et al, (2017) critical appraisal is the proce.docx
According to Gray et al, (2017) critical appraisal is the proce.docxAccording to Gray et al, (2017) critical appraisal is the proce.docx
According to Gray et al, (2017) critical appraisal is the proce.docxmakdul
 
According to article Insecure Policing Under Racial Capitalism by.docx
According to article Insecure Policing Under Racial Capitalism by.docxAccording to article Insecure Policing Under Racial Capitalism by.docx
According to article Insecure Policing Under Racial Capitalism by.docxmakdul
 
Abstract In this experiment, examining the equivalence poi.docx
Abstract In this experiment, examining the equivalence poi.docxAbstract In this experiment, examining the equivalence poi.docx
Abstract In this experiment, examining the equivalence poi.docxmakdul
 
ACC 403- ASSIGNMENT 2 RUBRIC!!!Points 280Assignment 2 Audi.docx
ACC 403- ASSIGNMENT 2 RUBRIC!!!Points 280Assignment 2 Audi.docxACC 403- ASSIGNMENT 2 RUBRIC!!!Points 280Assignment 2 Audi.docx
ACC 403- ASSIGNMENT 2 RUBRIC!!!Points 280Assignment 2 Audi.docxmakdul
 
ACC 601 Managerial Accounting Group Case 3 (160 points) .docx
ACC 601 Managerial Accounting Group Case 3 (160 points) .docxACC 601 Managerial Accounting Group Case 3 (160 points) .docx
ACC 601 Managerial Accounting Group Case 3 (160 points) .docxmakdul
 
Academic Integrity A Letter to My Students[1] Bill T.docx
Academic Integrity A Letter to My Students[1] Bill T.docxAcademic Integrity A Letter to My Students[1] Bill T.docx
Academic Integrity A Letter to My Students[1] Bill T.docxmakdul
 
Access the Center for Disease Control and Prevention’s (CDC’s) Nu.docx
Access the Center for Disease Control and Prevention’s (CDC’s) Nu.docxAccess the Center for Disease Control and Prevention’s (CDC’s) Nu.docx
Access the Center for Disease Control and Prevention’s (CDC’s) Nu.docxmakdul
 
According to DSM 5 This patient had very many symptoms that sugg.docx
According to DSM 5 This patient had very many symptoms that sugg.docxAccording to DSM 5 This patient had very many symptoms that sugg.docx
According to DSM 5 This patient had very many symptoms that sugg.docxmakdul
 
Acceptable concerts include professional orchestras, soloists, jazz,.docx
Acceptable concerts include professional orchestras, soloists, jazz,.docxAcceptable concerts include professional orchestras, soloists, jazz,.docx
Acceptable concerts include professional orchestras, soloists, jazz,.docxmakdul
 
ACA was passed in 2010, under the presidency of Barack Obama. Pr.docx
ACA was passed in 2010, under the presidency of Barack Obama. Pr.docxACA was passed in 2010, under the presidency of Barack Obama. Pr.docx
ACA was passed in 2010, under the presidency of Barack Obama. Pr.docxmakdul
 
Access the FASB website. Once you login, click the FASB Accounting S.docx
Access the FASB website. Once you login, click the FASB Accounting S.docxAccess the FASB website. Once you login, click the FASB Accounting S.docx
Access the FASB website. Once you login, click the FASB Accounting S.docxmakdul
 
Academic Paper  Overview  This performance task was intended to asse.docx
Academic Paper  Overview  This performance task was intended to asse.docxAcademic Paper  Overview  This performance task was intended to asse.docx
Academic Paper  Overview  This performance task was intended to asse.docxmakdul
 
Academic Research Team Project PaperCOVID-19 Open Research Datas.docx
Academic Research Team Project PaperCOVID-19 Open Research Datas.docxAcademic Research Team Project PaperCOVID-19 Open Research Datas.docx
Academic Research Team Project PaperCOVID-19 Open Research Datas.docxmakdul
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxmakdul
 
Abstract                                 Structure of Abstra.docx
Abstract                                 Structure of Abstra.docxAbstract                                 Structure of Abstra.docx
Abstract                                 Structure of Abstra.docxmakdul
 

More from makdul (20)

According to Davenport (2014) social media and health care are c.docx
According to Davenport (2014) social media and health care are c.docxAccording to Davenport (2014) social media and health care are c.docx
According to Davenport (2014) social media and health care are c.docx
 
According to (Fatehi, Gordon & Florida, N.D.) theoretical orient.docx
According to (Fatehi, Gordon & Florida, N.D.) theoretical orient.docxAccording to (Fatehi, Gordon & Florida, N.D.) theoretical orient.docx
According to (Fatehi, Gordon & Florida, N.D.) theoretical orient.docx
 
According to Libertarianism, there is no right to any social service.docx
According to Libertarianism, there is no right to any social service.docxAccording to Libertarianism, there is no right to any social service.docx
According to Libertarianism, there is no right to any social service.docx
 
According to Kirk (2016), most of your time will be spent working wi.docx
According to Kirk (2016), most of your time will be spent working wi.docxAccording to Kirk (2016), most of your time will be spent working wi.docx
According to Kirk (2016), most of your time will be spent working wi.docx
 
According to cultural deviance theorists like Cohen, deviant sub.docx
According to cultural deviance theorists like Cohen, deviant sub.docxAccording to cultural deviance theorists like Cohen, deviant sub.docx
According to cultural deviance theorists like Cohen, deviant sub.docx
 
According to Gray et al, (2017) critical appraisal is the proce.docx
According to Gray et al, (2017) critical appraisal is the proce.docxAccording to Gray et al, (2017) critical appraisal is the proce.docx
According to Gray et al, (2017) critical appraisal is the proce.docx
 
According to article Insecure Policing Under Racial Capitalism by.docx
According to article Insecure Policing Under Racial Capitalism by.docxAccording to article Insecure Policing Under Racial Capitalism by.docx
According to article Insecure Policing Under Racial Capitalism by.docx
 
Abstract In this experiment, examining the equivalence poi.docx
Abstract In this experiment, examining the equivalence poi.docxAbstract In this experiment, examining the equivalence poi.docx
Abstract In this experiment, examining the equivalence poi.docx
 
ACC 403- ASSIGNMENT 2 RUBRIC!!!Points 280Assignment 2 Audi.docx
ACC 403- ASSIGNMENT 2 RUBRIC!!!Points 280Assignment 2 Audi.docxACC 403- ASSIGNMENT 2 RUBRIC!!!Points 280Assignment 2 Audi.docx
ACC 403- ASSIGNMENT 2 RUBRIC!!!Points 280Assignment 2 Audi.docx
 
ACC 601 Managerial Accounting Group Case 3 (160 points) .docx
ACC 601 Managerial Accounting Group Case 3 (160 points) .docxACC 601 Managerial Accounting Group Case 3 (160 points) .docx
ACC 601 Managerial Accounting Group Case 3 (160 points) .docx
 
Academic Integrity A Letter to My Students[1] Bill T.docx
Academic Integrity A Letter to My Students[1] Bill T.docxAcademic Integrity A Letter to My Students[1] Bill T.docx
Academic Integrity A Letter to My Students[1] Bill T.docx
 
Access the Center for Disease Control and Prevention’s (CDC’s) Nu.docx
Access the Center for Disease Control and Prevention’s (CDC’s) Nu.docxAccess the Center for Disease Control and Prevention’s (CDC’s) Nu.docx
Access the Center for Disease Control and Prevention’s (CDC’s) Nu.docx
 
According to DSM 5 This patient had very many symptoms that sugg.docx
According to DSM 5 This patient had very many symptoms that sugg.docxAccording to DSM 5 This patient had very many symptoms that sugg.docx
According to DSM 5 This patient had very many symptoms that sugg.docx
 
Acceptable concerts include professional orchestras, soloists, jazz,.docx
Acceptable concerts include professional orchestras, soloists, jazz,.docxAcceptable concerts include professional orchestras, soloists, jazz,.docx
Acceptable concerts include professional orchestras, soloists, jazz,.docx
 
ACA was passed in 2010, under the presidency of Barack Obama. Pr.docx
ACA was passed in 2010, under the presidency of Barack Obama. Pr.docxACA was passed in 2010, under the presidency of Barack Obama. Pr.docx
ACA was passed in 2010, under the presidency of Barack Obama. Pr.docx
 
Access the FASB website. Once you login, click the FASB Accounting S.docx
Access the FASB website. Once you login, click the FASB Accounting S.docxAccess the FASB website. Once you login, click the FASB Accounting S.docx
Access the FASB website. Once you login, click the FASB Accounting S.docx
 
Academic Paper  Overview  This performance task was intended to asse.docx
Academic Paper  Overview  This performance task was intended to asse.docxAcademic Paper  Overview  This performance task was intended to asse.docx
Academic Paper  Overview  This performance task was intended to asse.docx
 
Academic Research Team Project PaperCOVID-19 Open Research Datas.docx
Academic Research Team Project PaperCOVID-19 Open Research Datas.docxAcademic Research Team Project PaperCOVID-19 Open Research Datas.docx
Academic Research Team Project PaperCOVID-19 Open Research Datas.docx
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
 
Abstract                                 Structure of Abstra.docx
Abstract                                 Structure of Abstra.docxAbstract                                 Structure of Abstra.docx
Abstract                                 Structure of Abstra.docx
 

Recently uploaded

Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 

Recently uploaded (20)

Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 

Question 1When it comes to disasters, some contend that governme.docx

  • 1. Question 1 When it comes to disasters, some contend that governments still largely play the role of arriving like the cavalry after the fact. Assuming this might be at least partially true, how can emergency management policies (local, state and/or federal) be more proactive? What barriers, if any, to such proposals might exist? (For instance, should local jurisdictions consider additional efforts to regulate building, land-use, development, and other activities that may cause hazards and/or increase risk to members of the community? What lessons should we learn from the flooding that took place in South Carolina in 2015?) Question 2 Define in your own words the term “benchmarking” used in our textbook and compare it to the terms “lessons learned” or “best practices”, which are often used in emergency management. Include at least one example that you think represents one or more of these terms. Question 3 Your response to each of the questions below should be at least one brief paragraph. After reading the South Carolina Public Incident Report, consider how recent large data security breaches affects public administration. a.) How would you recommend improving policy and practice with regard to information security? (At least one paragraph) b.) Provide a statement of the problem and at least two recommendations; support your points with additional detail and references (in APA Style). (At least one paragraph) Question 4 https://www.ecfr.gov/cgi-bin/ECFR website to external link After reading Chapter 11 in the textbook, go to the online Code of Federal Regulations (CFR) (Links to an external site.)Links to an external site., which is the compendium of federal agency
  • 2. regulations. Explore to find regulations of one or more of the following agencies. Select one regulation that you think has an impact on or is related to the phases of emergency management. (Click on “Browse parts” links, if needed, to access regulations.) Write a short summary of the purpose of the regulation you chose, including its context (what kind of regulation is it part of and what agency enforces it) and how it is related to or could impact emergency/disaster management at the local or state level; include a citation to the CFR section (for example 9 CFR 56.10). Other link for this question. Once you get to this page you can access the other external links listed. https://www.ecfr.gov/cgi-bin/ · Environmental Protection Agency (EPA) (Links to an external site.)Links to an external site. · Nuclear Regulatory Commission (NRC) (Links to an external site.)Links to an external site. · U.S. Department of Transportation Pipeline and Hazardous Material Safety Administration (PHMSA) (Links to an external site.)Links to an external site. · U.S. Coast Guard (USCG) Maritime Security (Links to an external site.)Links to an external site. · U.S. Department of Labor Occupational Safety and Health Administration (OSHA) (Links to an external site.)Links to an external site. · (Links to an external site.)Links to an external site.U.S. Food and Drug Administration · Animal and Plant Health Inspection Service (APHIS) (Links to an external site.)Links to an external site. Question 5 Write a brief essay (at least 250 words) for question 4. Read the short article, The Politics of Disaster, by Michael Selves, former emergency management director, Johnson County, Kansas. In an essay of 250-500 words, tie or relate a point from Selves’ article to one or more concepts in our
  • 3. textbook. Support your points with additional research, as needed, and include references (in-text citations and reference list in APA Style). Submit to Turnitin before uploading the assignment here. THE POLITICS OF DISASTER (Principles for Local Emergency Managers and Elected Officials) Michael D. Selves, CEM, CPM Director, Emergency Management/Homeland Security Johnson County, Kansas INTRODUCTION: This is how most members of the Emergency Management and Emergency Services disciplines typically view politicians during disasters. And, while it may be a popular attitude, it is certainly not a very practical one if we expect to achieve everything we can for our communities when disasters strike. Why should this be so?
  • 4. First, we need special powers and authorities to deal with disaster situations and elected officials have the ability to provide them. As much as professional emergency managers, emergency services chiefs and other staff would like to believe we operate with autonomy, we all realize we are really just the “hired help” when it comes to many aspects of disaster response and recovery. Virtually every state has disaster legislation which allows for special powers and authorities to be exercised by duly elected officials. The general rule of thumb here is that if we have to take actions during a disaster which will infringe on the ordinary rights and privileges of the citizens, only a duly elected representative of those citizens may authorize such extraordinary measures. Secondly, we need all the help we can get. Elected officials can expedite assistance. As I’ll discuss later, most outside resources which come to a community are accessed
  • 5. through a governmental (political) process. The process of requesting, justifying and acquiring such assistance is one of the most “political” of all disaster actions. Generally, elected officials are the most effective persons we have in expediting this assistance. Finally, we need public support. Elected officials represent the people and in a democratic republic, the people’s representatives hold the ultimate authority. The also are the most appropriate spokespersons when it comes to providing guidance to the public and obtaining public support for disaster related actions. The bottom line is that we work for them and the people hold them accountable and they hold us accountable. PRINCIPLES: All Disasters are Political: Whether we want to believe it or not, political considerations are a significant factor in the preparation for, response to, recovery from and mitigation of disaster events. Think back to disasters you have personally been
  • 6. involved in or you’ve seen in other parts of the country. Has there ever been one where there was no political involvement? Is it likely that there every will be one? I ‘m quite sure the answer to both questions is “no”. If we really analyze the events and issues surrounding disasters, we readily see that politics is an integral element of the disaster and that element has to be dealt with just like any other disaster impact. If we are to adequately discuss this principle, it is necessary to look into why disasters are naturally so fraught with political considerations and to consider the factors which determine how political a disaster might become. There are at least three basic reasons why disasters are political in nature. First and most important, disasters affect people. Basic Emergency Management doctrine tells us that the determination of what constitutes a disaster is the impact it has on people. The
  • 7. impact of a disaster is measured with regard to how people are affected. In situations where there is no impact, there is no disaster regardless of the actual occurrence of a hazardous event (e.g. an extremely violent and large tornado occurs in a totally uninhabited area of the country.) When we do hazard analyses, we look at two elements, probability and vulnerability. Vulnerability is almost always expressed in terms of the potential impact on people. A disaster then, by definition, involves people, and any event which significantly affects the lives and property of people is political. Secondly, disaster are political because the involve public policy. How well or how poorly we mitigate, prepare for, respond to and recover from disasters is directly related to how well emergency management/disaster policy is created, maintained and implemented. By definition, politics is the process of establishing and carrying out
  • 8. public policy. Failures in policy or its implementation is the stuff around which political debates revolve and of which political campaigns are made. A disaster event brings this policy debate squarely into the political arena. Third, and related to the first two reasons, is the fact that disasters invariably invite public (read media) interest. In our modern culture of all-pervasive mass communications, disasters are dramatic, newsworthy events which compel intense public interest. Politicians appropriately have to respond to that kind of interest and scrutiny. There are a number of very important factors which can determine how “political” a particular disaster situation can become. First there is the nature of the disaster itself. Generally speaking a violent event tends to be more political that slow growing events which do not initially attract as much attention. In the era of terrorism, such events as Oklahoma City and 9/11 are incredibly political. The very
  • 9. definition of terrorism assumes an intent to affect political attitudes. If the cause of an event is such as to involve potential blame, the politicization of the event is significantly increased. We don’t tend to blame nature (or God) for natural events. We do, however, increase the media (and therefore the political) “feeding frenzy” when there is potentially a human cause for the disaster. Events such as Three-Mile Island or the Bohpal chemical release are only the most obvious examples. The scope of the disaster affects the political nature of it. Obviously, an event which involves local, state and federal actions has more potential for political implications. A second factor is the degree to which public policies become a part of the disaster event. This can be affected by such things as the level of response involved and the requirement to deal with difficult or uncharacteristic issues which adversely affect or irritate the
  • 10. public (e.g. evacuations, seizure of private property, curfews and quarantines.) Events or potential events which could have been prevented or lessened by mitigation actions (e.g. flooding, earthquakes, etc.) will necessarily bring policy questions into the disaster event. A third factor involves the quality of decisions and response actions. Such considerations as: Were response efforts handled adequately or in a timely fashion? Were mistakes made or was the response slow and poorly coordinated? What is the level of perceived public dissatisfaction? Such elements combined with public (or media) questions and controversy will increase the political aspect of the event significantly. Fourth, the nature of the political environment in the community will have an impact on the disaster situation. Such things as whether the political players are on the same “team”, whether previous partisan divisions existed or whether disaster policy
  • 11. disagreements have been a factor in the past all affect, to one degree or another the disaster’s political climate. Are the political players adversaries generally and disinclined to cooperate or do they share a common political agenda? Two different scenarios come to mind. During the Loma Prieta earthquake, the national administration was Republican and the city of San Francisco was Democrat. There was significant conflict regarding response and recovery issues attributable to this political reality. Conversely, when the Republican Mayor of New York City, the Republican Governor of New York and the Republican President were from the same party, that fact also had an (in this case a positive) impact on the aftermath of the World Trade Center attack. Of course (and this is meant sincerely, not cynically) the fact that a disaster occurs during an election year is not an insignificant consideration. Disaster Policy is Difficult to Create and Maintain: One very
  • 12. frustrating factor confronting emergency managers at all levels of government is that it is often difficult to get policy support for senior elected officials before a disaster event occurs. The problem is that disaster policy issues are often monumental and very complicated, involving conflicting interests at every level of government. Generally there is a real reluctance on the part of elected officials to create controversy and debate until the need is immediate and unavoidable. Obviously this reluctance is at odds with the emergency manager’s requirement to establish the “ground rules” regarding disaster activities in advance of an actual disaster occurrence. At the local level, this problem is compounded by the fact that local jurisdictions are the most immediately affected, but tend to be the least interested in disaster issues. Beverly Cigler has observed, for example, that “…the governments least likely to perceive emergency management as a key priority – local governments – are at center stage in terms of responsibility for
  • 13. emergency management.” Even when the need to establish policy in advance of disasters is accepted and understood, the process of establishing and maintaining such policy is a challenging undertaking. It is virtually impossible to design policies and programs that meet all needs and satisfy all of the competing interests. These conflicting interests can be about broad national policy, for example, should we mitigate the impacts of flooding by the use of flood management structures (dikes, levees, stream clearance/widening, etc.) or by buyouts of flood prone properties and/or relocation of communities in the floodplain? They are often about specific local issues which often are of great political and economic import to the communities involved. (I once knew of a small county emergency manager who almost lost her job because she proposed to open the local armory to blizzard-
  • 14. stranded travelers before the local motels were full!) Of course, during the current fiscal difficulties, this complex process must constantly attempt to balance the need to provide disaster services while being fiscally responsible with tax dollars. Add to this complexity the fact that needs are constantly changing and that public expectations in response to a disaster are invariably (and often unreasonably) high, perhaps it is amazing that we can get politicians to tackle disaster policy making at all. Disasters have Political Consequences: One widely observed but not fully understood principle of the disaster/politics relationship is the fact that disasters and their aftermath have significant potential to affect the political environment of a community, state or nation. A disaster can alter the public’s perceptions about the ability and concern of the political players. It also causes them to be more sensitive to criticism of response/relief efforts. Each of us can relate instances where political futures and political landscapes
  • 15. were changed by a disaster event and the resulting leadership (or lack thereof). Perhaps the current political result of the attacks on the World Trade Center is the most striking in recent history. An American President is elected by the barest of electoral majorities and actually looses the popular vote, is perceived to be weak with questionable leadership skills. September 11, 2001 occurs, that same President handling of the resulting impact of the attack is perceived as masterful and, as of this writing, enjoys one of the most popular presidencies of modern times. A “lame duck” mayor of New York, beset by personal problems, becomes the very symbol of political leadership and is immensely popular both in New York and nationally. Approximately a decade earlier, the father of the current President was perceived to have been slow and insensitive in response to the catastrophic impact of Hurricane Andrew in South Florida. This perception coupled with a sluggish economy changed the political fortunes of that
  • 16. administration in exactly the opposite direction. Similar examples at all levels of government also exist. Sometimes the political impact of a disaster can have mixed results over time. In one midwestern community which experienced massive flooding, the mayor was initially hailed as providing excellent leadership. As the problems of the recovery began to mount, however, she became so unpopular that she failed reelection just two years later. While these examples are of Presidents and mayors, all elected political leaders are subject to the political impact of disasters. Who are the major political players in a disaster and how can they be affected? The political impacts differ most notably between executives and legislators. In a crisis the initial stress is on elected executives (President, governors, county commission chairs, mayors, etc.) They are the decision makers who must act and communicate in a crisis. The primary challenge
  • 17. for such executives is the constant need to balance what is necessary to deal with a crisis as opposed to what is “popular”. While good response is usually a positive thing, sometimes decisions necessary to a good response must infringe upon the rights, convenience and interests of members of the public. Decisions to impose curfews, limit sales of certain items, force evacuation or closure of businesses, and, certainly, involuntary quarantine, are significant measures which may be necessary, but extremely unpopular. While the role of members of Congress and state and local legislative bodies is less direct, they are key players as well. This is especially true when it comes to policy issues and recovery efforts. One of the most important roles of congressional members involves the process of obtaining Federal declarations after disasters. Congressional and legislative officials also play a critical role in constituent services after a disaster in helping citizens and local governments deal with the rules and
  • 18. policies involved in recovery programs. Ultimately, any changes related to disaster policy become a legislative initiative and the interest and understanding of the implications of such policy by these elected officials is critical. Likewise, the involvement of political staffers and policy assistants in disaster-related activities and discussions is an important factor. Most political staff members are not routinely involved in such matters and only become so when the attention of their elected boss is directed there as a result of an event. The ability of state and local emergency managers to make contact with and provide valuable information and insights to staff members is an often-overlooked strategy which will bear considerable benefit during future disasters. Politics can have Disastrous Consequences: Just as politicians and the political
  • 19. environment can be affected by a disaster, our response and recovery actions are almost inevitably driven, in part, by political considerations. Sometimes these political considerations can produce very negative consequences. These consequences can range from mere inconveniences (tours by elected officials of disaster sites) to major interference in the accomplishment of response and recovery objectives (lack of funds, refusal to grant necessary authority, etc.) On rare occasions, these consequences can result in illegal or unethical actions (use of disaster powers for personal gain or influence.) It is important for local emergency managers to become aware of the potential for such political consideration to get out of hand and be able to devise tactful strategies for dealing with them. Well-established emergency operating plans and processes, for example, go a long way toward lessening the “politicization” of disaster response and
  • 20. recovery act ivies. Frequent orientation, training and exercising also will help elected officials understand the importance of pre-established roles, responsibilities and relationships and the necessity of operating as a team with a plan when disaster strikes. This necessity of having a plan brings us to the final principle. Politicians, Like Nature, Abhor a Vacuum: For an emergency manager working to “get a handle” on the political dimensions of a disaster situation, this principle may be the most important. While in a minority of cases, there may be unwanted and excessive political interference in disaster operations, experience of most of our colleagues is that as long as things are under control and there is a cogent, integrated effort during the response and recovery, political operatives are content to “play by the rules”. It is generally when there is a real or perceived lack of control or coordination and things
  • 21. either are or appear to be in chaos, that political leaders tend to “take charge”. On some occasions, this might even be beneficial, but more often than not, the results are not positive. Most often, we, as emergency managers, have the power to determine our own fate in dealing with the political side of disaster activities. This power is relatively simple. We need to be as professional as we can be. We need to understand the emergency management process and principles and be able to communicate them – before, during and after the disaster strikes. We need to make sure that our plans are sound, complete and flexible to deal with the contingencies which inevitably occur during a disaster event. In this respect, as in all of emergency management work, the establishment of good relationships prior to the event is crucial. This is no less true when it comes to the political players. An additional consideration is to establish good prior relationships with
  • 22. the local media, since political actions are most often reactions to public perceptions as influenced by the media. The bottom line is that we need to do our jobs professionally and have developed a strong framework of coordination and understanding before disaster strikes. Remember, if you provide a leadership vacuum during times of crises, the political leadership will, either by desire or necessity, fill it. We ignore these political principles at our own and our communities’ peril. South Carolina Department of Revenue Public Incident Response Report
  • 23. November 20, 2012 Page 2 This public incident response report and its publication is not intended nor should it be construed as a waiver of any privilege or immunity from disclosure that may attach to Mandiant’s privileged work, investigation, and reports. EXECUTIVE SUMMARY BACKGROUND On October 10, 2012, a law enforcement agency contacted the South Carolina Department of Revenue (DoR) with evidence that Personally Identifiable Information (PII) of three individuals had been stolen. The Department of Revenue reviewed the data provided and identified that the data provided would have been stored within databases managed by the Department of Revenue. On October 12, 2012, Mandiant was contracted by the Department of Revenue to perform an incident response. Mandiant’s objectives were to:
  • 24. and long term remediation plans. Mandiant performed the following activities to achieve these objectives: Division of State Information Technology (DSIT) representatives to discuss initial evidence preservation requirements. forensic analysis of the web, application, and database systems that housed the PII data provided in the law enforcement notification. of Revenue computer systems with the Mandiant Intelligent Response (MIR) technology for indicators of compromise (IOCs). MIR is a tool used by experienced investigators to look for evidence of malicious activities across a large number of systems. Monitored all network traffic from the Department of Revenue’s single Internet egress point for
  • 25. evidence of ongoing malicious activity. indicators of compromise. and forensic images from key systems as well as network and system logs. compromise. additional indicators of compromise. dings and remediation recommendations. the Department of Revenue’s acquiring bank, First Data. Mandiant performed both on-site and off-site incident response activities from October 13, 2012 through November 16, 2012. FINDINGS Mandiant’s major findings are provided below. Summary of the Attack A high level understanding of the most important aspects of the compromise are detailed below. 1. August 13, 2012: A malicious (phishing) email was sent to multiple Department of Revenue
  • 26. employees. At least one Department of Revenue user clicked on the embedded link, unwittingly executed malware, and became compromised. The malware likely stole the user’s username and password. This theory is based on other facts discovered during the investigation; however, Mandiant was unable to conclusively determine if this is how the user’s credentials were obtained by the attacker. Page 3 This public incident response report and its publication is not intended nor should it be construed as a waiver of any privilege or immunity from disclosure that may attach to Mandiant’s privileged work, investigation, and reports. 2. August 27, 2012: The attacker logged into the remote access service (Citrix) using legitimate Department of Revenue user credentials. The credentials used belonged to one of the users who had received and opened the malicious email on August 13, 2012. The attacker used the Citrix portal to log into the user’s workstation and then leveraged the user’s access rights to access other Department of Revenue systems and databases with the user’s credentials. 3. August 29, 2012: The attacker executed utilities designed to
  • 27. obtain user account passwords on six servers. 4. September 1, 2012: The attacker executed a utility to obtain user account passwords for all Windows user accounts. The attacker also installed malicious software (“backdoor”) on one server. 5. September 2, 2012: The attacker interacted with twenty one servers using a compromised account and performed reconnaissance activities. The attacker also authenticated to a web server that handled payment maintenance information for the Department of Revenue, but was not able to accomplish anything malicious. 6. September 3, 2012: The attacker interacted with eight servers using a compromised account and performed reconnaissance activities. The attacker again authenticated to a web server that handled payment maintenance information for the Department of Revenue, but was not able to accomplish anything malicious. 7. September 4, 2012: The attacker interacted with six systems using a compromised account and performed reconnaissance activities. 8. September 5 - 10, 2012: No evidence of attacker activity was identified. 9. September 11, 2012: The attacker interacted with three systems using a compromised
  • 28. account and performed reconnaissance activities. 10. September 12, 2012: The attacker copied database backup files to a staging directory. 11. September 13 and 14, 2012: The attacker compressed the database backup files into fourteen (of the fifteen total) encrypted 7-zip 1 archives. The attacker then moved the 7-zip archives from the database server to another server and sent the data to a system on the Internet. The attacker then deleted the backup files and 7-zip archives. 12. September 15, 2012: The attacker interacted with ten systems using a compromised account and performed reconnaissance activities. 13. September 16, 2012 – October 16, 2012: No evidence of attacker activity was identified. 14. October 17, 2012: The attacker checked connectivity to a server using the backdoor previously installed on September 1, 2012. No evidence of additional activity was discovered. 15. October 19 and 20, 2012: The Department of Revenue executed remediation activities based on short term recommendations provided by Mandiant. The intent of the remediation activities was to remove the attacker’s access to the environment and detect a re- compromise.
  • 29. 16. October 21, 2012 – Present: No evidence of related malicious activity post-remediation has been discovered. Extent of Compromise The following points describe the extent of the compromise: 1. The attacker compromised a total of 44 systems: the attacker he attacker (the attacker performed such activities as reconnaissance and password hash dumping) 2. The attacker used at least 33 unique pieces of malicious software and utilities to perform the attack and data theft activities including: or databases 1 A publicly available utility used to compress and decompress files (http://www.7-zip.org/)
  • 30. Page 4 This public incident response report and its publication is not intended nor should it be construed as a waiver of any privilege or immunity from disclosure that may attach to Mandiant’s privileged work, investigation, and reports. 3. The attacker remotely accessed the Department of Revenue environment using at least four IP addresses. 4. The attacker used at least four valid Department of Revenue user accounts during the attack. Information Exposure A high level description of stolen or potentially stolen information is provided below. 1. The attacker created fifteen encrypted 7-zip archives totaling approximately 8.2 GB of compressed data. The data decompressed into approximately 74.7 GB of data. The data was comprised of: -zip archives that contained twenty three database backup files -zip archive that contained ~1,200 files related to the sctax.org web site and an
  • 31. encrypted version of the data encryption key 2. The twenty three database backup files contained a combination of encrypted and unencrypted data. According to the Department of Revenue, all instances of encrypted data within the various databases were encrypted using an industry standard two-key method that leveraged the AES 256-bit encryption standard. One key was used to encrypt the data (“encryption key”); the second key was used to protect the encryption key by encrypting it (“key encrypting key” or KEK). encryption key or accessed, the key encrypting key REMEDIATION Mandiant developed an immediate containment plan to deny the attacker access to the environment using the known methods of access. A containment plan is critical in a compromise involving potential PII and/or cardholder data loss. The Department of Revenue started implementing the containment plan on October 19, 2012 and completed containment activities on October 20, 2012. Mandiant then developed a plan to implement intermediate and longer term
  • 32. recommendations to enhance the Department of Revenue’s security against future compromise. Those longer term recommendations are in the process of being implemented. No evidence of ongoing attacker activity post-remediation has been identified. Public Incident Response Report Submitted By: Marshall Heilman Director Christopher Glyer Manager