Critical Infrastructure Protection

Jan. 27, 2009
Be the “go-to” for government contracting

Protecting the nation’s infrastructure takes an integrated approach with a host of technologies teaming up to communicate breaches, alerts, alarms and trouble conditions. From video surveillance, analytics and intrusion to access control, biometrics and perimeter sensors and detectors, they all play a role in a successful project.

One of the other important ‘components’ of these types of installations is a security dealer and integrator who has crossed the line from straight hardware installs--burglar and fire alarms--into networking and communications, because without that expertise this market isn’t for them. The end user wants a team player who can build on the existing network infrastructure and provide the level of security they specifically require for their protected premises-in a turnkey approach, of course.

While other parts of the economy are sputtering, that’s not the case here. Funding through fiscal year 2011, according to the Department of Homeland Security (DHS), will continue to increase for each sector or department, including the U.S. Coast Guard; Customs and Border Protection; Immigration and Customs Enforcement; Transportation Security Agency; and others. These segments include ports, transportation, utilities, sensitive facilities, borders and other areas. In addition, President Bush’s fiscal year 2009 budget request for the DHS represents $50.5 billion in funding, an increase of 6.8 percent over 2008.

Smart cards, access control and biometrics are becoming the norm in critical infrastructure security. Beginning in June 2009, travelers will be required to present a single Western Hemisphere Travel Initiative-compliant document denoting both citizenship and identity when entering the United States through land or sea border. In addition, as a result of Homeland Security Presidential Directive (HSPD) 12, employees and contractors of government agencies, port/harbors and other critical infrastructure entities must meet the Federal Information Processing Standard (FIPS) 201 or Transportation Workers Identification Credential (TWIC) requirements for presenting positive identification documents before gaining access into these facilities. Individuals must use a Personal Identity Verification (PIV) or TWIC card to identify themselves before they are registered into an agency’s physical access control system as well.

PSIM brings it together
According to Dave Fowler, senior vice president of Product Development and Marketing for VidSys Inc., Vienna, Va., it’s important for integrators interested in working in the critical infrastructure protection space to know the segment. “They have to know how to integrate multiple layers of security,” he said. To assist in that endeavor are software products which fall into the realm of Physical Security Information Management or PSIM. The concept integrates alarms and events from multiple security devices, correlating the alarms into manageable situations.
 “Now, intelligence is accomplished at the system level rather than the user level,” he said.

Fowler said the critical infrastructure spans different industries and the enterprise side, as well as information technologies, transportation, the public sector, including bridges, tunnels and ports and borders or homeland defense. Critical assets can also include pipelines and pumping stations.

 “An integrator has to be familiar with the sectors and not just technology,” he added. 

Core competencies
According to Eric Schneider, vice president of CRI Solutions in McLean, Va., the security dealer and integrator must understand the convergence of various skill sets, including but not limited to physical security, information security and business process engineering. “Using a security integrated system life cycle methodology supported by proven best practices, approved standards (ISO, ITIL) and lead by seasoned project management is key to any integrator providing its customers with quality services and forward-thinking solutions,” he said. Schneider said for those new to the market, the most important thing to consider is if you have the core competencies needed for the work.

“HSPD-12 is a perfect example,” he continued. “The mandate brought companies out of the woodwork offering the government all kinds of solutions to achieve compliance with the original mandate. The Office of Management and Budget, through memorandum M-05-24, designated GSA as the executive agent for government-wide acquisitions of information technology for compliance with HSPD-12. GSA in turn looked to the NIST as the authority for the standard from which GSA derived the product/service categories and the evaluation criteria for products allowing compliance with HSPD-12.This greatly simplified the marketplace and gave companies a bar to achieve in terms of their offerings. So as a company, you should become very familiar with the NIST criteria (FIPS 201), as products to be utilized are approved for federal procurement through this program and integration services, although not listed on the approved products list, must be qualified by GSA and must commit to delivering only products which have been approved and appear on the    Approved Products List.”

Schneider said critical infrastructure protection requires smart systems and a wider skill-set in software programming, IT telecommunications infrastructure, HR software, business processes, authentication certificates, computer peripheral deployment, database data migration and client and end-user program management.

Jeff Gutierrez, ADT Security Services national accounts manager,  Pleasanton, Calif., started consulting with port authorities and the city of Richmond, Calif., months before they began the bid process for a surveillance and intrusion detection system funded by a $2 million DHS grant. Gutierrez and ADT were able to provide the expertise needed to install the networked wireless mesh (BelAir Networks) and video analytics-based (Object Video) surveillance solution for the port and city. ADT also worked closely with the city’s IT department.

“One of the advantages is that the system is server-based and isn’t limited to the number of exceptions which can be created. The foundation of the system will foster future integration,” Gutierrez said. “It’s a strong backbone that we can continue to build on.”

The expertise of a security integrator is key to meeting growing demand for critical infrastructure protection. It’s much more than hardware that makes it all work. It’s expertise in hardware, software, networking and information technology rolled into one solution.

----------------------------
Update on Port Grants
Earlier this year SD&I wrote about the Security Industry Association’s (SIA), Alexandria, Va., 2008 Legislative Agenda
There have been activities on numerous fronts, but with regards to port security grants the news is good. According to Don Erickson, SIA’s director of Government Relations, the House and Senate Appropriations Committees each passed legislation that provides $400 million in Fiscal Year 2009 for the Port Security Grants Program. Those bills have not been passed by the House or Senate, although there is some belief that the House may take up their funding bill when Congress returns in September.  Most of the appropriations bills will likely be packaged as part of an omnibus appropriations bill at the end of the year or agencies will be funded at Fiscal Year 2008 levels under a continuing resolution until the next Administration takes over. For more information visit siaonline.org.

-----------------------------
SIA’s Legislation Signed Into Law
H.R. 3179, the Local Preparedness Acquisition Act, was signed by the president this summer. It is Public Law 110-248. Authored by SIA, the law ensures state and local governments can purchase fire alarm systems, access control devices, perimeter security and video surveillance systems and countless other homeland security goods and services, at GSA-approved reduced prices. This is a major legislative victory for SIA and is the first piece of legislation drafted by the organization to become law. Here’s a link to cooperative purchasing guidance: http://www.siaonline.org/CooperativePurchasingGuidance.pdf.

------------------------------
What’s a GSA Schedule?

Under the GSA Schedules (also referred to as Multiple Award Schedules and Federal Supply Schedules) Program, GSA establishes long-term government wide contracts with commercial firms to provide access to over 11 million commercial supplies (products) and services that can be ordered directly from GSA Schedule contractors or through the GSA Advantage! online shopping and ordering system.
To become a GSA Schedule contractor, a vendor must first submit an offer in response to the applicable GSA Schedule solicitation.

GSA awards contracts to responsible companies offering commercial items, at fair and reasonable prices, that fall within the generic descriptions in the GSA Schedule Solicitations. Contracting Officers determine whether prices are fair and reasonable by comparing the prices/discounts that a company offers the government with the prices/discounts that the company offers to commercial customers. This negotiation objective is commonly known as “most favored customer” pricing. GSA requires participants to furnish commercial pricelists and disclose information regarding their pricing/discounting practices.

In order to fully understand the process involved in “Getting on Schedule,” GSA recommends that all vendors take the Center for Acquisition Excellence online, self-paced training course, “How to Become a Contractor—GSA Schedules Program.” The course describes—

  • Various features of the GSA Schedules Program
  • How to submit an offer
  • The evaluation and contract award process
  • How to successfully market  supplies and services
  • Sources of information related to Schedule contract administration Source: www.gsa.gov