FB-ISAO

Tag: faith-based

  • FB-ISAO: How We Got Here

    FB-ISAO: How We Got Here

    By Andy Jabbour

    TL;DR:

    • The idea of ISAOs was codified in 2015’s Executive Order 13691 and follows from the success of the ISACs, first developed in 1998.
    • The idea of FB-ISAO followed shortly after, and the initial undertaking began in late 2015.
    • Initially, the effort struggled and was reenergized in early 2018.
    • In May of 2018, FB-ISAO entered into its Initial Operating Capability phase, establishing capabilities, reporting, tools, and the community.
    • In May 2019, FB-ISAO is excited to enter the next phase of our operational development and organizational maturity as we transition to our membership model and enhanced engagement and capabilities.

    Information Sharing and Analysis Centers (ISACs) got their start in 1998 through an executive order from then-President Clinton. Over the ensuing years, ISACs developed across critical infrastructure, each developing uniquely to its community – or Sector. As the model succeeded, and as the cyber threat landscape developed and became more threatening, in February 2015 then-President Obama issued Executive Order 13691, Promoting Private Sector Cybersecurity Information Sharing, which stated that, “The Secretary of Homeland Security (Secretary) shall strongly encourage the development and formation of Information Sharing and Analysis Organizations (ISAOs)… ISAOs may be organized on the basis of sector, sub-sector, region, or any other affinity, including in response to particular emerging threats or vulnerabilities.”

    Having spent a few years in support of DHS, working with many of the ISACs, and then going to work directly for the ISAC community, I began to discuss the wisdom of this initiative with a few of my close colleagues and we pondered where this idea made sense. At first, we struggled, but over time, a few areas began to make sense. Among those, most notably to a couple of us was the community of faith. Based on a combination of our personal faith and concern over a vulnerable community, we determined to develop the Faith-Based Information Sharing and Analysis Organization, or FB-ISAO. By late 2015 we were developing the concept and working with trusted partners in government and industry to begin to gain support for the initiative.

    Turns out, it was really hard. There simply wasn’t a lot of interest from the community and after several months of frustrated efforts, in summer 2016, we sadly decided to table the project until we could more deliberately pick it back up. Over the following year and change, one trusted partner moved on, but new opportunities brought new resources and new team members with a passion for their faith and the security of our country. After a few months of discussion, as 2018 began, we renewed the effort to develop FB-ISAO and in May 2018, the organization was formally established.

    The Faith-Based Information Sharing & Analysis Organization (FB-ISAO) provides members with information, analysis, and capabilities to help reduce risk while enhancing preparedness, security, and resilience. We perform our mission across the all-hazards threat environment – including physical security, cybersecurity, public health, and natural disasters.

    Underwritten by Gate 15 resources and personnel, FB-ISAO began its Initial Operating Capability phase, establishing baseline reporting and communications capabilities, reengaging with partners across government, establishing a trusted Advisory Board of leaders, and engaging the community of faith at events, through reporting, and other outreach. As we developed the community, we also continued to mature our capabilities, building on our start and, with good counsel from our Board and others, developed new tools, capabilities and a reasonable membership model that could be accepted by the community.

    This year has seen tragedy and high-impact incidents to faith-based facilities and believers around the world and across the all-hazards threat environment. From the horrendous killings in New Zealand and Sri Lanka to our own nation with the hateful attack in San Diego, to high-dollar cybersecurity incidents and data breaches, the first few months of 2019 have underscored in a terrible way the very reason FB-ISAO needs to succeed.

    As many organizations ponder their security posture and their readiness to meet the threats they face, to protect their facilities, their staff, those that come to work, those that come to worship and all those that come to seek God and find the fulfillment in faith that is a vital part of our American story, we – as a community – must work together. With our partners in the private and public sectors, we must take the reasonable and responsible steps to understand the threats, assess the risks, and take appropriate preparedness and operational actions to support the National Preparedness Goal of: “A secure and resilient Nation with the capabilities required across the whole community to prevent, protect against, mitigate, respond to, and recover from the threats and hazards that pose the greatest risk,” especially as it pertains to Faith-Based Organizations.

    As we progress into the next phase of our operational development and organizational maturity and transition to our membership model and enhanced engagement and capabilities, we hope to continue to grow our community, our collaboration, and the security and resilience of our nation’s community of faith. This will be a process, will take time, and will take commitment from the community itself. I hope many of you will join us. For the good of our country and for all who seek to serve and know God, FB-ISAO will continue to do everything we can to help FBOs “protect against, mitigate, respond to, and recover from the threats and hazards that pose the greatest risk” to our community and our way of life. We are stronger together. We are better together. I hope you’ll join us. We need leaders, we need collaboration – we need you to help our country and our community. Find out more at FB-ISAO.

    Read more on membership from the link at left and below.

  • Hostile Events: A Real & Ongoing Threat to Faith-Based Organizations

    Hostile Events: A Real & Ongoing Threat to Faith-Based Organizations

    by Andy Jabbour, Managing Director, FB-ISAO

    Every month, FB-ISAO provides a TLP GREEN report, the FB-ISAO Monthly Threat Overview. The report is developed over a specific reporting period by a team of analysts. The report addresses all-hazards – to include physical, cyber, natural hazards, and health threats. Reviewing the draft of the most recent report, finalized and distributed on 24 May and covering the period from 25 April – 22 May 2019, I was amazed by the remarkable number of incidents that were included. 

    Addressing the area of hostile events, the report notes, “The persistence of domestic arrests, incidents, and continued jihadist and other extremist rhetoric remains a direct threat to the Faith-Based Organizations (FBOs). We continue to consider the threat of lone actor or a small group of extremists to be a credible threat. Over the past month, there were several events and arrests that continue to serve as reminders of the continuous physical security threats facing the sector.” 

    “Our right to worship freely and without fear is fundamental to life in America.”

    Renn Cannon, Special Agent in Charge of the FBI in Oregon

    The complete physical security section includes incidents involving vandalism, theft, harassment, arrests and other notable events. But it was the section covering Active Shooter & Hostile Events that jumped out at me. An excerpt from that section follows. I encourage you to review the list of incidents and let that sit with you for a few moments. 

    Image by Free-Photos from Pixabay

    Is your organization properly, reasonably, and responsibly addressing the risks you are facing? Are you actively working on preparedness and operations to protect and prepare your people and places?

    FB-ISAO will be providing our second offering of the Hostile Events Preparedness Series educational presentation on 20 June. It is free, and only costs you an hour and a half of your time. Contact our team for more information on that event. Consider joining FB-ISAO, tying in to our growing community of security-focused faith leaders and help enhance the security and resilience of your FBO and our collective community of faith. As recently stated by Renn Cannon, Special Agent in Charge of the FBI in Oregon, “Our right to worship freely and without fear is fundamental to life in America.” Are you doing everything you can to help protect and prepare your people and places so all Americans, and those within our boarders, are able to “worship freely and without fear?” 

    The complete FB-ISAO Monthly Threat Overview goes into additional incidents, other threat vectors and provides resources for members. As a TLP GREEN report, it is available to all Standard and Professional members, as well as our Government and Law Enforcement members (read more on membership here). 

    Active Shooter & Hostile Events, for period from 25 April – 22 May 2019.

    • Over the weekend of 18 to 19 May in Chicago, Illinois, separate incidents of attempted arson and vandalism occurred at local synagogues. Worshipers who arrived at one synagogue Sunday morning discovered broken glass and charred black rags outside the building. Police later confirmed that an unknown assailant twice attempted to set the building on fire around midnight on Saturday. No one was injured and there was no damage to the synagogue. Police were also investigating vandalism outside several synagogues in the city’s West Rogers Park neighborhood, where the windows of cars parked outside the building were smashed early Sunday morning.
    • On 15 May in Kalamazoo, Michigan, a fire destroyed a church. It took two dozen firefighters over four hours to douse the fire. The building is a total loss, and a home next door suffered exterior damage from the intense heat. The fire marshal didn’t yet know what sparked the fire; federal agents joined the investigation.
    • On 12 May in New Haven, Connecticut, a fire broke out at a mosque that is still under construction. Officials said they believe the fire was intentionally set. The fire started on the first floor of the building and spread to the second level.
    • On 12 May in Dablo, Burkina Faso, gunmen killed six people, including a priest, as Mass was being celebrated in a church. The attackers, said to number between 20 and 30, then burned down the church. The town’s mayor said there was panic as other buildings were burned down and a health center looted. As noted below, a Protestant church was attacked in Burkina Faso on 28 April, resulting in the deaths of a pastor and five congregants. Islamist groups have been blamed for a number of attacks in the West African nation in recent years.
    • On 11 May in Arlington, Massachusetts, a fire was set outside the home of a rabbi that serves at a Jewish center. The incident is being investigated as a hate crime. Police asked for the public’s help in identifying a person caught on a neighbor’s video camera walking away from the home around the time of the fire. Firefighters put out the small fire that burned the shingles of one side of the building. Police and town officials have no evidence yet that the location or its Jewish homeowners were targeted because of their religion, but “are leaving open and actively investigating the possibility of a hate crime.” On 16 May, another fire was set at the Jewish center. The fire, which was on the home’s exterior wood shingles, was small, and firefighters were able to put it out using a hand-held extinguisher. 
    • On 10 May in Couva, Trinidad, a 57-year-old businessman was killed inside a mosque, although the country’s attorney general said the incident should not be labelled as an act of terrorism nor a hate crime. eyewitnesses said the businessman was mingling with fellow Muslims outside the mosque when he was approached by a gunman. He then ran up a flight of stairs and into a prayer room, where he was killed.
    • On 9 May in Charlottesville, Virginia, a hit and run occurred near a mosque. Police said a dark colored Sedan struck a man’s arm while he was walking along the street. Another member of the mosque claims a car with the same description swerved at her while she was walking to the mosque earlier the same week but at the time, she did not think anything of it. The mosque had been bolstering its security measures in previous months.
    • On 9 May in London, England, a man fired a shot outside a mosque during evening prayers for Ramadan. The man was reported to have entered the mosque but was “ushered out” by those inside, police said. A shot was heard shortly after. Police said there were no injuries and they were not treating it as a terrorist incident. They said they believed the shot came from a blank-firing handgun. One theory police are considering is that the gunshot followed a dispute linked to gangs or criminality which started in the street and then moved into the mosque.
    • On 6 May in Brooklyn, New York, a Hasidic Jewish man was assaulted in an unprovoked attacked. Without saying a word, one of the men walked up to the victim and punched him in the face. Another suspect yelled anti-Semitic slurs at the man. The group fled the area. The man was not seriously injured.
    • On 6 May, French police arrested a 16 year old in Strasbourg, France for actions in conjunction with a plot to attack security forces and possibly Elysees Palace. This arrest is in connection to the arrests in April of three adults and one teenager who had allegedly planned an attack “to coincide with the start of the Muslim holy month of Ramadan… with officials saying the suspects had scouted out areas near the Elysee and a police station in the Parisian suburb of Aulnay-sous-Bois.” French authorities believe this individual published a video pledging allegiance to the Islamic State. 
    • On 28 April in Cincinnati, Ohio, a family of four Sikhs were shot and killed inside their apartment complex. Locals in neighboring apartments said they heard a barrage of gunfire, which forced them to rush out on the streets. However, the alleged killer had fled from the spot. Local police launched a probe into the attack, which is as of now being suspected as an act of “hate crime.” 
    • On 28 April in Burkina Faso, unidentified gunmen killed a pastor and five congregants at a Protestant church, the first attack on a church in a country that has seen an upsurge of Islamist violence this year. Burkina Faso, which boasts of a history of religious tolerance, has been beset by a rise in attacks as groups based in neighboring Mali seek to extend their influence over the Sahel, the arid scrubland south of the Sahara. The government declared a state of emergency in several northern provinces bordering Mali in December because of deadly Islamist attacks, including in Soum, the region where Sunday’s attack took place.
    • On 27 April near San Diego, California, a shooter who appears to have posted an open letter riddled with anti-Semitism and racial epithets opened fire at a San Diego County synagogue on the last day of Passover. Police said the man opened fire with a rifle, killing one woman and wounding a girl and two men, including a rabbi. Police said the shooter left after his rifle possibly jammed and was fired upon as he fled by an off-duty Border Patrol agent working as a synagogue security guard; the agent struck the getaway car but did not wound the man. A San Diego police officer en route to the synagogue heard details on the radio and confronted the suspect where he had pulled over along the road near Interstate 15. Officials said he surrendered without incident and a rifle was discovered on the front seat.
    • On 26 April in Los Angeles, California, a man deliberately drove a vehicle into a crowd of people, doing so because he thought they were Muslim, police said. Eight people were injured in the incident, including three members of the same family. A lawyer for the man said the incident “was clearly the result of a mental disorder”, and he would seek psychiatric treatment for his client, who he described as a military veteran possibly suffering from PTSD.
    • On 25 and 23 April in Bethlehem, Pennsylvania, fires were set at a church. The first fire built a thick, black smoke cloud around the building, but had burned out by the time authorities arrived. It was ruled arson by the Bethlehem city fire marshal. The motive was unclear, according to a statement from the Bethlehem police, but the fire appeared to have been started in the sanctuary area of the church. Then, just two days later, firefighters were at the church again, extinguishing a blaze which was contained to the roof of the structure, right above the sanctuary area. By 26 April, police had arrested a man in connection with the fires, charging him with arson, burglary, and criminal trespass.
    • On 23 April in Austin, Texas, a man attempted to commit arson at a mosque. He was captured on security video just after midnight pouring what appears to be gasoline on the side of the building and then attempting to light the fluid. The mosque was the target of repeated vandalism last fall. It hired an armed security guard after tires were slashed and the building’s front doors and windows were shattered in September.
    • On 22 April in Sri Lanka, a van parked near a church that was bombed on Easter Sunday exploded; no injuries have been reported. Police went to inspect the van Monday after people reported it had been parked near St. Anthony’s Shrine since Sunday. They discovered three bombs that they tried to defuse. Instead, the bombs detonated, sending pedestrians fleeing in panic.
      • On 7 May, it was reported that there have been increasingly violent clashes in Negombo, the site of St. Sebastian’s Church (one of the three churches that was bombed on Easter), with mostly-Catholic mobs attacking and vandalizing Muslim-owned shops, homes, and vehicles. Negombo suffered the highest death toll in the Easter Sunday attacks. The bomb at St. Sebastian’s killed more than 100 worshippers. The violent attacks prompted Sri Lanka’s Roman Catholic Church to call for the hostility against Muslims to end.
      • On 2 May, Sri Lanka’s Catholic Church said it would not resume Sunday services as planned on May 5 after the government warned of more possible attacks by an Islamic State-linked group. It was the second week following the attacks in which the Catholic diocese canceled services. Instead of public services the first Sunday after the attacks, the cardinal delivered a homily at his residence that was broadcast live on television.
      • On 12 May, Sri Lanka’s Catholic Church held the first regular Sunday Mass since the attacks. Military forces and police armed with assault rifles patrolled the streets leading to churches and stood guard outside the compounds. Everyone entering was required to produce identity cards and be body searched. Volunteers were stationed at the gates of churches to identify parishioners and look out for any suspicious individuals. Parking was banned near the churches and officials urged worshippers to bring only minimum baggage.
      • On 29 April, Sri Lanka announced a ban on Muslim women wearing face veils. Although the niqab and the burka, which are worn by Muslim women, were not specifically named in the ban, any face garment which “hinders identification” is no longer permitted to ensure national security, the president’s office said.
      • On 23 April, the Islamic State claimed credit for the bombings. Independent media groups that produce posters and videos supporting the Islamic State have used the attack to push for more jihadist operations. One poster depicts a jihadist with dark blond hair in military fatigues entering a bombed-out church: “O worshippers of the Cross you will not enjoy your living, you have opened up the gats of hell to yourselves by waring [sp] us, so wait for what will embitter your life, and what is coming is more bitter and more disastrous.”
      • As reported in the Monthly Threat Brief for April, on 21 April coordinated suicide bombings occurred at three churches and three hotels in Sri Lanka, killing approximately 250 people and injuring at least 500 more. The three churches, all of which were conducting Easter services at the time of the explosions, are located in the cities of Colombo, Negombo, and Batticaloa. The three hotels targeted by the bombings are all located in the Colombo, Sri Lanka’s capital, and are popular with foreign tourists and the country’s business community.
    • On 21 April in San Diego, California, members of a church tackled a woman carrying a baby and handgun as she threatened to blow up the building. San Diego Police arrived within two minutes of the first call and took the woman into custody, the department said in a statement. Churchgoers were able to take the baby from the woman’s arms and pry the gun from her hands before tackling her to the ground. A bomb-sniffing dog found nothing in a sweep of the building and the suspect’s car, police said. Police said her gun was not loaded.
    • On 16 April in Winnipeg, Canada, an employee of a café was attacked and the inside of the building was spray-painted with a swastika in what was described as an anti-Semitic attack. A local church was planning a vigil to support Winnipeg’s Jewish community after the incident.

  • Improving Resiliency Through the Nonprofit Security Grant

    Our partners at FEMA, developed an FAQ on the Fiscal Year (FY) 2019 Nonprofit Security Grant Program (NSGP).

    The Fiscal Year (FY) 2019 Nonprofit Security Grant Program (NSGP) provides funding support for security related activities to nonprofit organizations at risk of a terrorist attack. For a nonprofit to qualify for the grant, it must meet the description under section 501(c)(3) of the Internal Revenue Code of 1986 (IRC) and exempt from tax under section 501(a) of such code. A nonprofit can be considered vulnerable to attack (e.g. verbal threats, vandalization) if an attack has occurred at the facility. A nonprofit may also qualify if current events indicate that a nonprofit may be a target because other organizations have been targeted due to a similar mission, belief, or ideology.

    Grant allocations can be used for emergency response planning activities, equipment, training and exercises.

    The application window opened on April 12, 2019. The deadline for applications is determined at the state level. Links to state contacts can be found here. The Fiscal Year (FY) 2019 Nonprofit Security Grant Program (NSGP) is a program that Faith-Based Organizations can benefit from, directly, to improve their security posture and resiliency. Questions about the grant application process and deadlines can be directed to [email protected].

  • Working Groups: One of the Cornerstones of an Effective ISAO

    Working Groups: One of the Cornerstones of an Effective ISAO

    By Andy Jabbour

    As FB-ISAO transitions to our membership model, we’re excited to also begin our working group collaboration and Slack member channels. Collaborative groups are essential to a successful ISAO and our working groups will be a vital part of that for FB-ISAO. As we begin this next phase in FB-ISAO’s maturity, we are establishing five initial Working Groups (WGs). What follows are overviews of these initial WGs and an explanation of some of the ways members can use Slack as a means of participating in the working groups.

    Working Groups. WGs are ongoing collaborative groups comprised of FB-ISAO members and staff focusing on specific areas that are important to enhancing FB-ISAO’s capabilities and the ways in which our organization can support members’ threat and risk awareness, preparedness, security, and operations. WGs are co-chaired by FB-ISAO staff and FB-ISAO members. Initially, we are establishing WGs as follows:

    • Cyber Threat Intelligence;
    • Business Resilience;
    • Threat and Incident Response Group
    • Preparedness;
    • Communications; and,
    • Outreach & Engagement

    Additional WGs may be developed over time based on needs our staff identify or at the request of members and the approval of our Advisory Board. FB-ISAO Professional Members may join most WGs so long as they meet the criteria established by that WG (those requirements will be developed by each WG). Brief descriptions of our initial WGs follow.

    Cyber Threat Intelligence. The CTIWG will focus on identifying information security / cybersecurity-related threats relevant to the community and the associated risks, helping to inform the FB-ISAO cybersecurity threat level, developing actions members can consider given a specific threat level, and other activities relating to enhancing the awareness, security and resilience of our members and community, during both routine operations and during incidents relevant to the community. Members may also help inform FB-ISAO staff efforts relating to cybersecurity analysis, reporting, and services. The CTIWG may help vet physical security-related ideas and initiatives from members and staff. Some issues and concerns crossing over from or into other domains, such as blended threats, may be addressed in collaboration with the BRWG.

    Business Resilience. The BRWG will focus on identifying non-cybersecurity-related threats – those pertaining to man-made threats, natural hazards and health issues – relevant to the community and the associated risks, helping to inform the FB-ISAO physical threat level, developing actions members can consider given a specific threat level, and other activities relating to enhancing the awareness, security and resilience of our members and community, during both routine operations and during incidents relevant to the community. Members may also help inform FB-ISAO staff efforts relating to analysis, reporting, and services. The BRWG may help vet physical security-related ideas and initiatives from members and staff. Some issues and concerns crossing over from or into the cyber domain, such as blended threats, may be addressed in collaboration with the CTIWG.

    Threat & Incident Response Group. During active threats, incidents, or for other issues identified by FB-ISAO staff, FB-ISAO may convene joint meetings of the CTIWG and BRWG under the banner of the TIRG.

    Preparedness. The PWG will focus on both collaboration among members relating to facility and operational preparedness, as well as helping to inform and develop FB-ISAO lead preparedness events, such as exercises. Members may also help inform FB-ISAO staff efforts relating to analysis, reporting, and services and may be asked to assist in the development of input to assist the CTIWG and BRWG.

    Communications. The CWG will focus on ensuring effective communications and reporting, both internally from FB-ISAO to members and among members, and externally with FB-ISAO partners. This may include reviewing reports, formats, organization and appearance, as well as reviews of the traffic-light protocol and other communications related activities.

    Outreach & Engagement. The OEWG will focus on increasing awareness of FB-ISAO among our community of FBOs and partner organizations. The OEWG may develop campaigns to increase awareness and engage the community, identify events to help raise awareness and interest in FB-ISAO, and consider member engagement to help ensure FB-ISAO members are being afforded ample opportunities to be involved with FB-ISAO.

    In addition to WG activities, Professional Members are strongly encouraged to actively participate on FB-ISAO Slack. Initial channels in Slack have been set-up to facilitate some initial information sharing and awareness, such as the feed informed by the content in the Faith-Based Journal (FBJ) and general channels. Additional channels are to support WG communications and how WG collaboration will primarily occur. However, additional channels may be set up to support any number of interests members have, from topical groups – focusing on issues and concerns members have, to geographic groups, to groups based on size, or specialty (charities, houses of worship, or for those with personnel operating internationally), to just for fun groups based on member interests. Pro members can request FB-ISAO establish channels anytime! Learn more about our membership levels: https://faithbased-isao.org/membership-levels/

    “Sounds Interesting, But How Much Time Does This Require?” That may be a question you’re asking, and a fair one! Our WGs will typically meet for monthly virtual meetings. These will be opportunities to check in, update progress or outcomes of various projects and initiatives and to discuss relevant issues. We ask all WG members to participate in at least two out of three meetings per quarter. Co-Chairs will be more involved, helping to guide the group, set the agenda, and ensure progress is being made on various WG activities. Some WG members may volunteer to lead or support WG efforts, but that will be optional. Our goal is to keep the burden light but to also ensure we have effective means for members to get involved and help shape FB-ISAOs efforts and to really be a part of building the security and resilience of the community of faith.

    Our “big vision” is to connect every FBO to FB-ISAO to allow for a means for peer engagement and, in the event of an urgent communication for our community, a means by which we can get that out. While we recognize that for many, Basic and Subscriber-level Membership will suffice, we hope you may find interest in a more active Professional Membership and being an active participant in shaping the activities and efforts of FB-ISAO and our community. FB-ISAO is you! And only your participation can make it great!

Show Buttons
Hide Buttons