The use of unmanned aerial vehicles (UAV) is rapidly growing in momentum in both the public and private sectors. UAV usage is moving quickly from mere hobbyists and real estate agencies to full-fledge usage of systems that can have sophisticated cameras and other sensors, that when linked with other technologies can make a significant impact on the cost of operations and the capabilities of agencies and companies.

Federal regulation also continues to evolve and there is a corresponding dialog about the regulation of this new disruptive technology at the state and local government levels. As with any new technology, there is a possibility for it to be used for both the public good or, in some cases, by criminal elements in our society.

Collectively, we can expect to see new uses and new systems fielded that will aid people and organizations in providing services and products to citizens and customers. One area of particular interest is the use of UAV to assist in the assessment of critical infrastructure following a disaster. This may include the generalized assessment of impacts and the use of new technologies and their adaptation to provide better decision-making tools to government and private sector leaders coping with disasters.

Infrastructure owners and operators can use UAV technology as can emergency management and a wide variety of public and private organizations that will respond to emergencies and disasters here in the Pacific Northwest.

We are already seeing governments form informal working groups of users, either by geographical, e.g., county, region or by discipline, e.g. law enforcement.

The Purpose
With the rapid advancement of the UAV technology and use it is appropriate to establish an informal users group that includes both the public and private sector representatives and their associated organizations. The potential for collaboration and information sharing between the public and private sector UAV users is significant.

This users group would serve as a forum for the sharing of information between participating personnel and organizations. This users group is not for the purpose of replacing existing associations already in existence or usurping the legislatively-mandated responsibilities of any one agency.

Likely topics for information sharing could include:

• The interpretation and implementation of new regulations as they are being promulgated
  
• The sharing of new uses for the technology for infrastructure inspections and other purposes
• Briefings on new systems, both UAV and onboard sensors, etc.
  
• Best practices briefings by participating organizations as their frequency of use and expansion of mission perimeters broaden 
  
• Lessons learned from specific missions or events that are applicable to a wide variety of agencies and businesses
  
• Advances in the use of UAV to assess critical infrastructure
  

The Scope
A Users Group will be established for Washington, Oregon, Idaho and Montana. Potentially, the users group could be expanded to NW Canadian Provinces as the usage of UAV expands along with the potential for cross-border coordination and uses by government agencies and commerce.

Membership
There would be no “formal” membership other than the sharing of contact information of individuals who wish to be informed of users group conference calls so that they can be contacted and kept in the loop. Membership will not include hobbyists.

​​The Center for Regional Disaster Resilience (CRDR) and the Pacific NorthWest Economic Region, in partnership with the Washington State Department of Transportation Aviation Division, organized a workshop geared towards working professionals in the local and state government and the private sector. The workshop focused on applications of unmanned aerial systems (UAS)/drones in Washington State and featured expert speakers, UAS users, and interactive discussions. Read the report here.  

Development of a regional UAS working group

• Users Group Proposal 
• Join Users Group 

Inventory of activity in Washington State

• Survey (click here to participate)
• Inventory Summary

Identify policy, legislative and regulatory opportunities and hurdles
​Technical guides and references for attendees by Northeastern University's Global Resilience Institute

• In development- technical information HERE

Press Release from Washington State Department of Transportation 
July 5, 2018

• Exploring the possibilities of drones: Workshop brings together UAS experts and interested parties from public and private sectors

Using LAANC For Unmanned Aerial System Pilots

• Garth Bruce, June 2018

UAS / Drone Capabilities and Washington's Emergency Ecosystem

• Tom Hagen, June 2018

FirstNet is Here! Smart Communities, Smart Public Safety

• Bill Schrier, First Net

The Pacific Northwest Economic Region (PNWER) and its Center for Regional Disaster Resilience (CRDR) were awarded a 2017 National Infrastructure Protection Plan (NIPP) Security and Resilience Challenge grant. The primary objective of this project was to establish a regional industry information-sharing and analysis process and to work with existing regulatory and standards organizations to create a robust cyber resource and information sharing community.

​View the final CONOPS.

The Gap
Today, there are few standards, processes, or procedures to define a cyber incident or clear protocols or processes for reporting cybersecurity incidents to local, state, and federal authorities. This shortfall has been a recurring deficiency that was identified in numerous after-action reports following workshops and exercises and real world events.

Project Scope
The purpose of the Cybersecurity Situational Awareness Project is to create a clear process and method for reporting cybersecurity incidents, enhance situational awareness, and foster a regional information and resource sharing community across jurisdictions and sectors. The overarching goal of the project is to develop a Concept of Operations (CONOPS) for a standardized regional reporting method for significant
cyber incidents and to define the who, what, when, and where of that process.

This project prioritized expanding the emphasis on government and private sector partnerships, regional management of risk, disaster resilience/recovery, and business continuity/resumption of trade by looking at cyber threats and resiliency from a regional perspective with a project that emphasizes coordinated planning, training, and exercises with public and private sector partners. 

Three workshops were held to develop and refine the CONOPS:

• Cyber Resilience Workshop | March 6, 2018
• Situational Awareness Workshop | June 18, 2018
  • Read the workshop report here. 
• Cybersecurity Incident Reporting Exercise | September 12, 2018
  • Read the workshop report here.

The Pacific Northwest Economic Region (PNWER) and its Center for Regional Disaster Resilience (CRDR) in partnership with Northeastern University’s Global Resilience Institute (GRI) were awarded a 2017 National Infrastructure Protection Plan (NIPP) Security and Resilience Challenge grant for critical infrastructure. The project sought to develop technologies for UAS (drone) employment to technically inspect critical infrastructure in post disaster scenarios. Read the project description here. 

​There is a need for rapid damage assessment of critical infrastructure immediately following a disaster. Emerging UAS technology is allowing for an expedited and detailed damage assessment of infrastructure such as bridges and other steel and concrete structures within the built environment.

​This project investigated the technical capabilities of UAS to enhance the efficiency, fidelity, speed and safety of current critical infrastructure inspection methods by using machine intelligence. The policy, legislative and regulatory opportunities and hurdles were also identified.

Technical guides and references for attendees by Northeastern University's Global Resilience Institute

• Rapid Automated Damage Detection with Autonomous Robots Project

Project Wrap-up: Critical Infrastructure Inspection Project
Using Drone to Detect Damage to Bridges Workshop
When: December 13, 2018
Where: Puget Sound Area
More information HERE
Report HERE

Establishing a Professional Micro-Aviation (Drone) Program
When: October 23, 2018
Where: Webinar
More information HERE
Report HERE

Exploring Government and Private Sector Applications of UAS/Drones in Washington
When: June 28, 2018
Where: Lakewood, Washington
More information HERE
Report HERE

2018 Pacific Northwest Disaster Resilience Symposium
When: July 23, 2018
Where: Spokane, Washington
More information HERE
Report HERE

​Eric Holdeman, Director, CRDR, 
253-376-6683,  [email protected]

​Philip Anderson, PhD, Associate Director for Research and Innovation, GRI, 
(703) 772-0132, [email protected]

Welcome and Overview of Transportation Group Work Plan

• Sen. Chuck Winder, Idaho State Legislature
• Bruce Agnew, Director, Cascadia Center

 
Oil and petroleum based commodities are extracted and transported to West Coast refineries and shipped to export markets through the environmentally sensitive Salish Sea. Product comes from Alaska, Alberta and North Dakota by pipeline, rail, tankers and barges. Previous PNWER Transportation Group sessions have explored rail safety. This session will expand our view to learn more about global energy developments that affect how and when the commodity travels from its source to its refinement or export.

Introductory Remarks

• Jay Derr, Partner, Van Ness Feldman

 
Update of Oil Movement in Washington State

• Dale Jensen, Program Manager, Spill Prevention, Preparedness & Response Program, Department of Ecology     

 
Canada Action - Ocean Protection Plan

• Robert Dick, Assistant Deputy Minister, Pacific Region, Transport Canada

Markets and Exports: Global Picture for Movement of Oil

• Robin Rorick, Group Director of Midstream and Industry Operations, American Petroleum Institute

 
Mode Overview
Operators overview the transportation of oil to market and their safety measures. Panel will discuss the impact of global markets on capacity.
 
Moderated by Robin Rorick, Group Director of Midstream and Industry Operations, American Petroleum Institute

• Jamie Kereliuk, Director, Emergency Management, Kinder Morgan Canada
• Teresa Perkins, Assistant Vice President, Petroleum Sales, BNSF Railway
• Captain Robert Wenz, Assurance and HSSE Team Leader, Alaska Tanker Company
• Frank Holmes,  Director, Northwest Region & Marine Issues, Western States Petroleum Association

 
Update on Vancouver Energy Terminal

• Jared Larrabee, General Manager, Vancouver Energy

 
Legislative Response Panel
Moderated by Jay Derr, Partner, Van Ness Feldman and Robin Rorick, Group Director of Midstream and Industry Operations, American Petroleum Institute

• Rep. Mark Johnson, Vice-Chair, House Committee on Energy and Environment, Oregon State Legislature
• Sen. Curtis King, Chair, Senate Transportation Committee,  Washington State Legislature
• Rep. David Talerico, Member, House Resources Committee, Alaska State Legislature
• Rep. Rick Youngblood, Member, House Transportation and Defense Committee, Idaho State Legislature

​When: February 16, 2017
Where: Lakewood WA, 98499

Government personnel, critical infrastructure managers and major employers put their understanding of cyber threats and resources into action Thursday, February 16 at the Emerald Down V Regional Cybersecurity Exercise. 

The daylong exercise held at the Clover Park Technical College brought together 133 attendees looking to improve their organizations' cyber plans, build relationships with other regional technology and security practitioners, and practice community cyber security response within an interactive cybersecurity board game. 

The game is one in a series of Sand Table Resilience Games created by James Rollins, Managing Partner at Takouba. This cybergame simulates methods used by different types of hackers to access and exploit a network, such as a phishing attack for sensitive information. Network defenders then use tools and policies to try and stave off attacks, and can call for help from available resources. 

"We're not looking for winners and losers. We want participants to understand how the types of cyberattacks that might occur and what tools they have to counter them," said Eric Holdeman, director of the Center for Regional Disaster Resilience (CRDR). "The goal is for guests to learn how to report a cyber attack, who can help and what resources they might expect in response." 

Holdeman said a main theme of the exercise is to develop community cybersecurity response capability, where public and private entities are encouraged to securely share information on an attack to alert each other and hopefully and collectively or find solutions. 

"A growing number of attacks are not immediately detected. If businesses and governments can share information about an ongoing problem, they have a better chance to collectively develop a patch or counter as a coordinated whole instead of reacting as individual organizations," Holdeman said. 

This year marks the fifth Emerald Down cybersecurity event organized by the CRDR in support of the public-private partnership efforts being led and funded by the King County Office of Emergency Management, and their Critical Infrastructure Committee.

"Today's exercise brought together a wide array of stakeholders to focus on improving preparedness and resilience to the growing threat of cyber intrusions," said Walt Hubbard, director of King County Office of Emergency Management. "This is a great example of what we're striving to achieve in all areas of emergency management in King County." 

Exercise features:
Free cyber incident response template
Interactive scenario based board game
Discussion on viability of emergency cyber credentialing system​

In attendance: 

• Emergency managers
• Business continuity professionals
• Law enforcement community
• Control systems technicians
• Security managers and affiliated IT staff
• Operations support
• Critical infrastructure managers/operators
• Major employers
• Public/private organizations that impact the regional economy

 
More information

The 2016 Idaho Cybersecurity Interdependencies Workshop explored the growing challenges of cybersecurity and its impact on overall economic and physical security. Hosted by the Idaho Office for Emergency Management and the Center for Regional Disaster Resilience, this meeting also featured a special track for small business leaders.

​Idaho Cyber Interdependencies Agenda
Small Business Information

In the face of emerging risks to economic and national security, action is needed to address crucial regional infrastructure interdependencies in energy, telecommunications, transportation, water systems and other infrastructures. Third in a three year series meant to develop an Idaho Partnership for Infrastructure Security, the workshop advances several cross-sector initiatives. 

One of the outcomes of these meetings was the creation of a stakeholder-prioritized action plan for the state of Idaho that is a culmination of recommendations from workshops, projects, and activities over the past three years. Stakeholders identified these recommendations as high priorities for the state. Recommendations include

• Develop training materials and a cyber resource website for the State of Idaho
• Continue to host annual statewide Cyber Interdependencies Workshops
• Develop a public-private information sharing platform to send alerts, warnings, and share updates with vetted, trusted stakeholders across the state. 

The Pacific Northwest Economic Region (PNWER) and the Center for Regional Disaster Resilience (CRDR) hosted an Oil Train Safety Symposium at Clover Park Technical College in Lakewood, Washington on April 27, 2016. The event drew representatives from a multitude of jurisdictions and disciplines: railroads, ports, emergency management, legislators from multiple states, Canadian officials, and federal agencies like the National Weather Service and the Department of Homeland Security. Presentations from 17 speakers gave the audience an overview of oil-by-rail in the region, explained current and proposed oil train safety regulations, reviewed public safety planning for incidents, examined local capabilities for ecological spill response and gave responses from legislators and public officials. The Transportation Working Group, co-chaired by Idaho Senator Chuck Winder and Bruce Agnew, Director of the Cascadia Center for Regional Development, has addressed oil by rail concerns at several PNWER meetings. View the PNWER Transportation Working Group page for further information and links to past presentations. 

This symposium provided a comprehensive overview of the current and future status of oil by rail transportation and emphasize partnerships to help ensure oil transport safety is being addressed across the region. By fostering dialogue between public and private sector entities, PNWER and CRDR hope to increase mutual understanding of oil train safety issues in a broad and holistic manner by including stakeholders from all parts of the supply chain both in the U.S. and Canada. The Symposium topics include an overview of the transportation of hazardous material by rail, the driving factors behind the rise of oil transportation by rail, potential safety hazards, incident response, and planning for future movement of other fuel products. Background information regarding the transport of crude oil by rail and other informational resources can be found below.

The Idaho Cyber Security Interdependencies Workshop was held October 8, 2015 in Boise Idaho at the St. Alphonsus Regional Medical Center. More than 130 participants from both public and private sectors, and from across the Pacific Northwest, took part in the exercise that focused on current cyber threats, common challenges for securing data and continuing operations despite cyber disruptions.

Idaho Lieutenant Governor Brad Little and Brigadier General Brad Richy, Chief of the Idaho Bureau of Homeland Security, spoke at the event along with other experts on cyber security preparedness, response, supervisory control and data acquisition systems.
​
Through this event, participants sought to improve their own cyber plans by challenging their planning assumptions, gained a greater understanding of their interdependencies and built relationships with others across the state and region.

View the Event Summary and Report
View the Agenda

​This workshop was the second event in a three year initiative to develop a public/private sector partnership for resilience in the state of Idaho. In 2016, Idaho Bureau of Homeland Security (IBHS) and the Pacific NorthWest Economic Region (PNWER) Center for Regional Disaster Resilience (CRDR) will develop an Action Plan for the development of an Idaho Public/Private Sector Resilience Partnership.

One of the most prevalent topics of the workshop was around the need for holistic cyber security—calling on organizations to move cyber security planning beyond the Information Technology departments and involve executive leadership, legal, and human resources. There is a strong need to train all staff members. According to IBM’s 2014 Cyber Security Intelligence Index, 95 percent of all security incidents involve human error. This can take many forms, from clicking on links, giving away passwords, or failing to follow security protocols.

Every company has cyber security risk and should have a cyber security plan. From small businesses to sectors that are not typically seen as cyber focused, like agriculture, there are cyber security risks. There are also many great tools in the State of Idaho for getting assistance in building cyber security plans and responding to cyber security incidents that need to be shared and made more easily accessible to all organizations.

For all organizations, it is essential to have governance and policies around cyber security in place before having to respond to an incident. These would include policies around protecting data and procedure for response, including structure (the incident command system was recommended) and involvement of law enforcement. With these policies in place, organizations can test their systems through exercises and help build a security culture in an organization.

A common theme was the acceptance of breach. Not all information within an organization is equally sensitive and critical. By accepting that some cyber attacks will be successful, and focusing extra levels of security on the most important data, organizations can use their limited resources more effectively.
​
Identifying key information is a vital part of assessing the risk in each organization. The risk assessment also includes security protocols, equipment, software, public presence, business type, and all other aspects of a business that might make it an easy or desirable target for cyber attackers. Risk will never be fully eliminated—as long as computers, automation and the internet are needed to complete business tasks, an organization will have cyber risk.  All parts of a cyber plan should attempt to mitigate that risk, while helping identify procedures for protection of critical data and detecting access to or loss of that data. Too often companies don’t know they have been breached until they are informed by an outside agency. 

Based on participant feedback, planning team input, discussion outcomes, and common themes from the day’s speakers, the following recommendations were developed:

• Develop training materials and regular webinars and other training opportunities to help organizations grow cyber security plans and facilitate information sharing.
• Provide training for executive leadership, legal departments, human resources, and other key departments to encourage organization-wide cyber security.
• Grow state-wide knowledge of the Idaho cyber security annex through training and outreach.
• Provide resources specific to small businesses and sectors where cyber security may not be prioritized (example: agriculture).
• Develop a single repository for cyber security preparedness information
• Develop formal partnership for information sharing around cyber security and other critical infrastructure concerns