Tag Archives: recovery

Future Threats

Aside from hoax attacks, where credible threats occur based on purposeful counter-intelligence efforts of terrorists, I suspect large-scale events to be the modus operandi of terrorists in the next decade. According to LaFree, Yang, and Crenshaw (2009), anti-U.S. terrorists have ample intent on attacking the U.S. on our soil; however, this would be a huge and logistically complicated undertaking. For this reason, any future organized act of terror on U.S. soil will be designed to be significant, causing extreme loss of life or toppling a significant structure or both.

Biologic weapons would be the choice for terrorists who wished to inflict harm to the greatest amount of people, though releasing biologic material lacks the sudden impact usually sought, and weaponized biologics are not easily grown or economical (Levitin, 2005). Chemical weapons are typically easier and cheaper to manufacture, though they lack effectiveness and tend to merely create a scare of equivalent magnitude of a hoax (Levitin, 2005). Aside from basic explosives, this leaves the radiologic threat, a threat that I believe, coupled with a significant target, will cause devastating effects not unlike 9/11.

A dirty bomb is a conventional explosive used to disseminate radiologic materials over an area. I foresee a coordinated attack on the financial districts of the U.S. using dirty bombs. The bombs would, first, cause physical destruction to the buildings causing immediate disruption of the financial sector of the U.S. economy, along with a large death toll. Second, the radiation dispersed over the area would cause difficulty in cleaning up the area, inhibiting recovery and further impacting the financial markets.

A law enforcement response to such an attack would certainly be large in scale. The local police department would be first to respond, along with state police, then the WMD Coordinator at the local FBI field office would be apprised of the situation. As responders start arriving on scene, personal radiation detectors would start to tone indicating the release of radiologic material. This further information would prompt the WMD Dictorate in Washington, D.C., to order a full asset response by the FBI and other federal terrorism partners (e.g. the Joint Terrorism Task Force). The response to this type of incident should be trained on in cooperative exercises involving all levels of law enforcement. Additionally, personal radiation detectors (and other detectors) should, at a minimum, be placed in police vehicles for early warning of environments immediately dangerous to life and health. Adequate training, equipment, and preparation are the only ways in which to prepare for responding to large-scale terrorist attacks.


LaFree, G., Yang, S., & Crenshaw, M. (2009). Trajectories of terrorism: Attack patterns of foreign groups that have targeted the United States, 1970-2004. Criminology & Public Policy, 8(3), 445-473. doi:10.1111/j.1745-9133.2009.00570.x

Levitin, H. W. (2005). Debunking myths: How law enforcement can help diffuse the public’s fear. On the Beat. Retrieved from http://www.adl.org/learn/columns/Levitin.asp

Cyberterrorism vs. WMD

Perhaps in an Orwellian society where computers are independant and there is very little human-to-computer interaction could a cyberterrorist cause such an impact as to be equal with a weapon of mass destruction. This is not true, however, regarding the technology of today. According to James Lewis (2002) from the Center for Strategic and International Studies, “cyber attacks are less effective and less disruptive than physical attacks. Their only advantage is that they are cheaper and easier to carry out than a physical attack” (p. 2). Studies of the implementation of efforts to reduce the effectiveness of infrastructure during war show a resiliency that is poorly respected. Redundant systems in conjunction with a focused human response provides mitigation to reduce the impact of disruptive efforts on infrastructure (Wilson, 2005). It seems the more important the system, the larger and focalized the response.

The northeast blackout of 2003 provides a decent case study, although the cause was a systems failure and not related to terrorism. According to the article by Minkle (2008), within an hour and a half, 50-million subscribers lost power in eight states and parts of Canada for a few days, yet it only contributed to about 11 deaths within the affected area. While the impact was significant, geographically, it was more or less a nuisance for most people.


Lewis, J. A. (2002, December). Assessing the risks of cyber terrorism, cyber war and other cyber threats. Washington, DC: Center for Strategic and International Studies. Retrieved from http://www.steptoe.com/publications/231a.pdf

Minkle, J. R. (2008, August 13). The 2003 northeast blackout — five years later. Scientific American. Retrieved from http://www.scientificamerican.com/

Wilson, C. (2005, April 1). Computer attack and cyberterrorism: Vulnerabilities and policy issues for Congress (CRS Congressional report No. RL32114). Retrieved from http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA444799&Location=U2&doc=GetTRDoc.pdf

Hurricane Katrina: Lessons Learned

The primary and causative failure of government, according to the U.S. House report (2006), was that officials did not develop an adequate or accurate situational picture in a timely fashion. This lead to minimal preparation, ineffective evacuation plans, and an slow logistical supply chains for moving needed assets into the area to aid with the response. The second mistake, according to the report, was officials distancing themselves from the failures politically. This sole act (by many in the leadership) served only to protract the response and recovery and confuse the populace. Understandably, however, the politicians certainly wanted to be removed from the situation, as they could have lessened the burden years earlier with use of specific appropriations. Funds designed to mitigate the exposure of the Gulf coast to hurricanes were not spent as intended, if at all.

Looking back on the situation, had each government activated their EOC and staffed it with reputable public safety officials to run the response, the situational picture would have been clearer, especially with the various EOCs communicating together (Walsh et al., 2012). The plan might have coalesced into the use of an area command with resources deployed in task force and strike team convention as needed. Certainly, though, the public message would have been singular, to the point, and helpful to the public (Walsh et al., 2012). This would have lead to an expedited response and coordinated evacuations prior to landfall of Hurricane Katrina, which was said to be “predicted with unprecedented timeliness and accuracy” (U.S. House of Representatives, 2006, ix).


U.S. House of Representatives. (2006). A failure of initiative: Final report of the select bipartisan committee to investigate the preparation for and response to Hurricane Katrina. Washington, DC: U.S. Government Printing Office.

Walsh, D. W., Christen, H. T., Callsen, C. E., Miller, G. T., Maniscalco, P. M., Lord, G. C., & Dolan, N. J. (2012). National Incident Management System: principles and practice (2nd ed.). Sudbury, MA: Jones & Bartlett.

Critical Incident Response Plans

The possibility of a large-scale event threatening the health and safety of a large number of residents in Connecticut is sizable. Emergency response plans (ERPs) need to be in place to address concerns including epidemic/pandemic disease, the intentional or accidental release of a hazardous material, contamination of the food and/or water supply, and other incidents that might threaten the 3.4 million residents and could result in mass casualties. For this reason, the State of Connecticut Department of Public Health (DPH; 2005) has developed an ERP to guide the department in the event of a catastrophic threat the lives and safety of the residents of Connecticut. Additionally, the State of Connecticut has developed a State Response Framework, much like the National Response Framework, in order to allow for a modulation of an incident from a local level to a state or federal level (State of Connecticut, Department of Homeland Security, 2010; U.S. Department of Homeland Security, 2008). The ability of an incident response to grow and shrink as an incident dictates follows the natural progression of incidents starting and ending locally, whether involving state or local responses at any time during the response (Walsh et al., 2012).

The ERP (DPH, 2005) that guides the DPH allows for representation in the state EOC while forming a modular incident management team (IMT) to staff the DPH emergency command center. The DPH IMT is designed not only to support the state EOC when activated, but also supports the various local incident commands as a public health and medical service resource. In keeping with the modular aspects of the incident command philosophies and the state and national response framework, the DPS ERP becomes a valuable resource for both initiating a response to a significant threat to the public health and safety and allows for an expert resource when other incidents of magnitude, but not necessarily public health in nature, require or benefit from the availability of public health experts.

One criticism I do have, however, is that the plan (DPH, 2005) does not address the provision of emergency medical services (EMS). For some time, there has been much confusion as to where EMS falls in the realm of emergency service functions. EMS, for many jurisdictions, is a function of the fire department and may fall under the direction of ESF #4, firefighting, especially as many EMTs and paramedics are cross-trained to fight fire. However, ambulances are not firefighting apparatus. As ambulances do transport the ill and injured, perhaps EMS falls to ESF #1, transportation. This is unlikely, though, as the primary need is not the transportation provided but the care rendered. Public health and medical services, ESF #8, seems to me to be the logical category for EMS to fall under, but EMS has an expanded role that also fits ESFs #9, #10 & #13 (search & rescue, oil & hazmat response, and public safety & security, respectively), as well as the aforementioned ESFs #1 and 4. This lack of initial categorization may allow flexibility in the deployment of EMS personnel and equipment, but it could also lead to ineffective deployment strategies resulting in a shortage of EMS in one area and overutilization in another.


State of Connecticut, Department of Homeland Security. (2010, October). State response framework. Retrieved from http://www.ct.gov/demhs/lib/demhs/telecommunications/ct_state_response_framework_v1_oct_10.pdf

State of Connecticut, Department of Public Health. (2005, September). Public health emergency response plan: Emergency Support Function #8 Public health and medical services. Retrieved from http://www.ct.gov/ctfluwatch/lib/ctfluwatch/pherp.pdf

U.S. Department of Homeland Security. (2008, January). National response framework. Retrieved from http://www.fema.gov/pdf/emergency/nrf/nrf-core.pdf

Walsh, D. W., Christen, H. T., Callsen, C. E., Miller, G. T., Maniscalco, P. M., Lord, G. C., & Dolan, N. J. (2012). National Incident Management System: principles and practice (2nd ed.). Sudbury, MA: Jones & Bartlett.

Revisiting My Goals

When I applied to Walden University, there were some choices that I needed make in regards to which program I would enroll in. I relied on my past experience and some of my current goals to direct me to the Bachelor of Science degree in Computer Information Systems (BSCIS) with a concentration in Information Systems Security (ISS), a process which truly motivates me. Revisiting my goals and lending them power to help navigate the world of academia, I needed to ensure that these goals still held true. The first assignment in the Introduction to Information Systems class afforded me the opportunity to do just that, while this assignment will allow me to review my goals once again.

My affinity towards positive social change (Schadone, 2009) is unwaivering, as is my desire to achieve a position in the field of disaster management. I do feel, however, that my chosen degree program is ill-prescribed to prepare me for such ambitions. Though there has been a great incentive to involve the engineering sciences into public policy administration (Connolly, 2009), my experience with the BSCIS degree, even with the ISS concentration, leads me to believe that the curriculum does not satisfy my current needs or goals. I do believe that a career in Information Systems Security would provide an opportunity to reach many of my goals, but other academic directions would provide a more solid foundation for me to build upon.

As of this writing, I have decided to research other avenues of academia which might be better suited to providing the core educational opportunities that would benefit me the most. I have decided that the B.S. in Health Studies with a concentration in Health Administration would be a better fit at this time. I hope to use this degree to propel me forward into an opportunity to earn an MPH with a concentration in Emergency Management and, ultimately, a Ph. D. in the same.

As the H1N1 influenza virus reminds us all about the 1918 “Spanish Flu,” there is an undertone of personal responsibility and preparedness in the event of a pandemic (Bornstein & Trapp, 2009), of which conditions are favorable. I plan to take personal responsibility in this and other potential disasters to position myself as an expert in the field helping to promote plans and policies to mitigate and respond effectively to such incidences. Though, I am versed in the computer sciences, I feel that my position as a health official would be better utilized in these times of crisis. Perhaps one day in the future I will return my focus on computing, but until then, my social conscience and sense of community seem to be my only defining factors.


Bornstein, J., & Trapp, J. (2009, June). Pandemic Preparedness: Ensuring Our Best Are Ready to Respond. IAEM Bulletin, 26(6), pp. 6, 14. Retrieved August 22, 2009, from http://www.iaem.com

Connolly, J. (2008, September). Bridging the gap between engineering and public policy: A closer look at the WISE program. Mechanical Advantage, 19. Retrieved August 22, 2009, from http://www.asme.org

Schadone, M. F. (2009). Information Systems and Me: My Professional and Career Goals. Minneapolis, MN: Walden University.

A Datastore Discussion

O’Brien and Marakas (2007) explain the importance of disaster recovery in regards to a company’s computing resources, “Many firms could only survive a few days without computing facilities. That’s why organizations develop disaster recovery procedures and formalize them in a disaster recovery plan.” This is the basis of the business plan submitted in a subsequent assignment (Schadone, 2009) in which the focus is mitigating computing loss and recovering.

Information Technology relies on the acquisition, storage and retrieval of pertinent data. The development of a business plan leads one to require the adaptation of a data schema to manage the influx of information which could be useful to a growing company, if not required within the functioning business. Figure 1 reveals the core data schema for tracking customers and their needs. This schema is certainly not all-inclusive but provides a framework which can be built upon depending on the corporate direction and specific requirements.
This information can be utilized, obviously, to provide for the clients’ needs, but it can also be utilized to provide increased organization and specific solutions based on measured metrics. As figure 1 shows acquisition and storage of demographic information, it also allows for the assignment of specific roles. These roles can allow a portal application to provide only the most needed system monitors for each role, including role-specific alerts and notifications. Also, greeting the client by name, dependent on login data, provides an air of security prompting the user to logout when the session is complete. This demographic data can also be useful in providing personalized support by allowing support personnel access to each contact’s information and provide a basis to create a schema specific to Online Support Systems based on customer needs. Whether storing preferences or previous form entries, a personalized use of collected data can simplify processes for the user making the user more efficient in the end.


O’Brien, J. A., & Marakas, G. M. (2007). Introduction to information systems (14th ed.). New York: McGraw-Hill/Irwin.

Schadone, M. F. (2009). Disaster Response and Mitigation – IT: A Business Proposal. Minneapolis, MN: Walden University.

Figure 1.
Datastore Chart

“Disaster Response and Management – IT” (DRAM-IT)

With the growing focus of disaster mitigation, response and recovery, companies that rely on information systems need to prevent and minimize the impact of disasters (whether natural or man-made) to their infrastructure. Society’s focus is to regain a sense of normalcy which requires a functioning economy, thereby increasing the need for companies to recover quickly.

By providing expert philosophies, procedures, systems and tools, DRAM-IT can ensure that the client will transition seamlessly from pre-disaster to post-disaster with no negative long-term effects.

We start with employee-focused health, safety and security. We believe that the employee is the first defense against failure. Employees should be healthy and not have their minds occupied by other domestic problems (e.g. family welfare) which is why in times of a disaster affecting the community, we contract with armed security agencies to provide force security for key employees and their families. This focus allows other employees to take care of their own before returning to work. The same security force will provide on-site perimeter security allowing employees to feel safe while aiding in recovery efforts. But, before the incident occurs, we will create processes to assist each employee in staying healthy and fit, both physically and mentally, including the creation of medical response teams to manage on-site medical emergencies until EMS can arrive.

Data loss can be immeasurable and therefore cannot be tolerated. After performing a forensic analysis of current IT practices, DRAM-IT will offer methods of securing data with redundant distributed arrays with cryptographic and hashing intelligence ensuring the data has not been and cannot be manipulated. Along with distributed storage, we can offer distributed processing to ensure the business keeps running without a need for direct input by employees.

During a disaster, the focus needs to be on initiating recovery processes and requires interfacing with local authorities to be part of the solution. We will provide the internal Incident Command structure which will integrate with the local, State, and Federal efforts to ensure pooling of resources. We are also committed to the community. The faster the individual entities of a community can recover, the faster the community as a whole can heal.

With DRAM-IT Systems Mitigation, Response and Recovery, we can ensure that you can concentrate on what is important… we’ll take care of the rest.

By providing an all-encompassing approach to disaster management, our clients can be assured of continuous critical systems processing, ensuring business continuity throughout the disaster.

Table Title: Examples of Structure and IT needs
Functional Area (See Figure 7.23) Supporting Information Systems (See Figure 1.6)
Example: Human Resource Management Example: Transaction Processing Systems
Command Executive Information Systems
Operations Decision Support & Strategic Info Systems
Tactical Knowledge Management & Expert Systems
Logistics Specialized / Transaction Control Systems
Finance Specialied / Transaction Control Systems

Subject: Investment Opportunity – “Disaster Response and Management – IT (DRAM-IT)” 02/25/14
To Whom it May Concern

I am writing you as an entrepreneur in support of the community. We have faced a number of disasters recently and our economy continuously suffers. I hope to provide a host of services to companies which are key to the community infrastructure. My goal is to be able to assist these key companies in recovering from the disaster internally and allowing the economy a maximized benefit in a minimal amount of time.

As a critical care paramedic who has worked with FEMA response teams in the past years, I have the experience and education to know what is crucially important during a disaster. As a computer programmer and IT professional, I know how to apply my knowledge to critical business systems ensuring a smooth transition during the various phases of a disaster, whether large or small, internal or external.

I wish to be able to provide mitigation training, on-site employee health programs, redundant communications, secure data storage and retrieval with distributive data processing, personal and protective security and adaptive processes and philosophies that can overcome even the most destructive of forces. We will initially be focused on consulting with the promotion of best-practices in mind. During the disaster phase, we will respond directly as Incident Command Teams that will be fully self-sufficient for over 72-hours to ensure the response and recovery are as smooth as possible.

The unfortunate reality is that this endeavor will require a large amount of start-up capital. We must first hire and train appropriate personnel who can then consult to client companies and ensure they can operate effectively during and after a disaster. We also need access to distributive networks with which to operate. These will undoubtedly be fee-based services, but initial investments of processor-time and storage would be invaluable. Investing in this opportunity is investing in the community.


Michael Schadone

Academic Goals

Settling on a degree program among the vast array of choices available has been a goal of mine for a very long time. Many people that I know always assume that I have already obtained a degree, no matter how many times I tell them the opposite. They are always surprised by this. Fortunately, soon after graduating high school, I found a career where I excel, and it has always brought me financial stability and the variety which I crave; therefore, I have never felt a professional need to further my academics in my current field.

Obtaining a degree, in my mind, is a personal goal that lends to the creation of academic and professional goals, both short and long-term. I only have one long-term personal goal: leave a positive mark on the society in which I live. This creates a positive personal growth atmosphere where I feel that I can accomplish any task worth undertaking. This is where I start my journey in academia.

The educational choices presented to me were quite diverse, and I was fortunate enough to have the time to weigh the various options. One of the issues that I considered heavily is the motivation of the institutions in their recruitment processes. More students certainly equates to more money, and I do not fault any business for making money. In contrast, I needed to find an institution that promoted other values as well, specifically societal values. Walden University’s values of promoting and affecting positive social change are admirable to say the least. This agrees with my values and coincides with my goal of leaving that positive mark on society. This is why I chose Walden University for my academic growth.

One of my long-term professional goals is to gain a position to be able to help rescue and rebuild in the face of disaster. Today’s society relies heavily on the free flow of information, and in the event of disaster, improving the stream of this data is crucial to the economic prosperity of the affected region. I chose to enroll in the Computer Information Systems program and specialize in forensics to better understand the specifics in disaster-related network response. This will allow me to help more people when they need help the most.

To use a long held standard, “The best way to do is to teach many to do.” So that I may do the most good, I wish to eventually become an expert in my field and teach others in the profession. Thus, my long-term academic goal is to obtain my Ph. D. to further the research and to continue to formulate best practices of recovery in disastrous situations.