Doing business with: Information Analysis and Infrastructure Protection Directorate

General Info: NIPC<@VM>Online Extra: CIO Charles Church

Things to note

As part of the Homeland Security Department, the IAIP Web site links to relevant business information on the DHS site. However, DHS advises that, because it's a relatively new agency and comprised of so many divisions with different needs, it's best to approach the specific division with your solution or business proposition. DHS opportunities can be found on the FedBizOpps Web site: More information on doing business with DHS and its divisions is at

Critical infrastructure is defined as the assets and systems that, if disrupted, would threaten national security, public health and safety, the economy and our way of life. These are in both the public and private sectors; however, DHS estimated that more than 85 percent are in the private sector. Information on the Protected Critical Infrastructure Information Program is at www.dhs. gov/dhspublic/interapp/editorial/editorial_0404.xml.

The U.S. Computer Emergency Readiness Team, or US-CERT, is part of the National Cyber Security Division. Helpful information for securing your home and office computers, as well as a link for reporting cybersecurity violations to the team, can be found at

Remember: If you see any suspicious activity that could be connected to terrorism, call 1-800-BE-ALERT.

Number crunching

Department of Homeland Security
2005 request: $40.2 billion

2004 budget: $36.6 billion

2005 request: $864 million

2004 budget: $834 million

Information Analysis and Infrastructure Protection Directorate

935 Pennsylvania Ave. NW

Washington, DC 20528

(202) 323-3205

Founded: 2003

Undersecretary: Frank Libutti

Assistant secretary of Homeland Security for infrastructure protection:

Robert Liscouski

Employees: 737

What it does: Information Analysis and Infrastructure Protection identifies and assesses threats and then maps them against vulnerabilities in our critical infrastructure, such as telecommunications, food and water supplies and energy sources. It analyzes intelligence from other agencies, such as the CIA, FBI and National Security Agency, and then coordinates preventative actions that need to be taken.

IAIP is an amalgamation of the Critical Infrastructure Assurance Office, the Federal Computer Incident Response Center, National Communications System, National Infrastructure Protection Center and the Energy Security and Assurance Program.

Major subagencies: IAIP is part of the Homeland Security Department. It runs the Protected Critical Infrastructure Information (PCII) Program, which started in February.

The program encourages private industry and others to volunteer confidential, proprietary and business-sensitive information about critical infrastructure to the federal government. This information is used for threat analysis and warnings to identify terrorist threats and to reduce vulnerability to attacks.

The National Cyber Security Division, founded in June 2003, also comes under IAIP's auspices. The division offers round-the-clock support to identify, analyze and reduce cyberthreats and vulnerabilities, release information, coordinate incident response and assist in continuity of operations and recovery planning.

Charles Church

J. Adam Fenster

Title: Chief information officer

Took the Job: October 2003

Hometown: Vienna, Va. since 1996. Attended Fort Hunt High School in Alexandria, Va.

Hobbies: Fishing, swimming, reading and traveling

Last book read: "Homeland Security: Techniques and Technologies," by Jesus Mena

Alma Mater: Bachelor's degree from U.S. Naval Academy, master's degree in systems technology from U.S. Postgraduate School

Past life: Church was a submarine officer for 15 years. He spent six years in leadership roles at America Online (now Time Warner), UUNET (now MCI), Powersim and Onesoft.

WT: What are your main technology concerns? Security? Wireless? Patch management?

Church: The greatest challenge facing IAIP is the correct management of the information used within the directorate. IAIP is unique in the federal government in the types of information that is used and aggregated.

IAIP will hold intelligence, information derived from open-source material, information purchased from commercial services, information provided by private companies under exemptions from the Freedom of Information Act established within the Homeland Security Act of 2002, and information provided by other federal agencies relating to U.S. citizens.

Information sharing with others depends upon carefully managing information and a clear procedure on how to share it within the guidelines of security, privacy, the Freedom of Information Act and other laws.

WT: What protections are in place now for infrastructure protection that were not before the founding of DHS?

Church: Our first key success was the standup of our headquarters for the directorate at the Nebraska Avenue Complex; it now houses 250 IAIP employees and is rapidly growing. The effort included design and implementation of three data networks, two voice networks, a message handling system and a classified videoconferencing capability.

We recently upgraded the facilities for the Homeland Security Operations Center (HSOC) to increase the collaboration work environment with innovative display systems. HSOC's mission is to collect and fuse information from law enforcement and intelligence sources to help deter, detect and prevent terrorist incidents by maintaining and sharing the daily domestic situational awareness.

Our second key success was the development by the Science and Technology Directorate for IAIP of a product that maps the threats. This new capability allows our team to analyze threat information and ultimately use it to take specific targeted steps to protect key infrastructures.

By matching threat information with potential targets, we are better able to ensure that the right protections are put in place to reduce vulnerability.

Our third key success occurred with the standup of HSOC through the implementation of the most comprehensive, 24/7 warning system in the United States. This system brings 26 federal and local law enforcement agencies and intelligence community members onto the same system.

The Homeland Security Information Network, an information sharing and collaboration program that provides real-time information flow and situational awareness to DHS and its partner communities, launched in February.

The strong network created via HSIN results in a more efficient communication and more efficient responses to deter, detect, prevent and respond to terrorist actions. The country's people and critical infrastructures will be better secured with this network in place.

WT: What do you look for in companies with which you are thinking of doing business?

Church: An organization that understands government business, such as policies and procedures; a strong technology and business leadership in the marketplace; proven technology; and past business relationships with the federal government.

WT: For a company that is new to working with the IAIP and has something to offer you, where is a good place to start?

Church: Understand IAIP's mission and objectives. Learn the organization and how it is structured. Make sure the value proposition you are bringing to IAIP can really create value for the organization, such as meeting our mission or one of our objectives.

WT: A year from now, where do you see IAIP's technology capabilities?

Church: Priority No. 1 is a robust information sharing and infrastructure protection capability for the nation. Critical to DHS' mission is the ability to effectively share information with homeland-security partners across the country to better protect the nation's critical infrastructure.

Within the next year, IAIP and DHS will dramatically expand the department's vertical information sharing capability and its ability to identify critical infrastructure throughout the country, as well as additional protective measures that may be needed to increase protections of critical infrastructures. The directorate is taking a systemized, risk-based approach to this important challenge.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here


  • POWER TRAINING: How to engage your customers

    Don't miss our Aug. 2 Washington Technology Power Training session on Mastering Stakeholder Engagement, where you'll learned the critical skills you need to more fully connect with your customers and win more business. Read More


    In our latest Project 38 Podcast, editor Nick Wakeman interviews Tom Romeo, the leader of Maximus Federal about how it has zoomed up the 2019 Top 100. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.