Public Transit Security Information Sharing: DHS Could Improve Information Sharing through Streamlining and Increased Outreach
Highlights
The Transportation Security Administration (TSA), in the Department of Homeland Security (DHS), is committed to sharing information with public transit agencies. The Implementing Recommendations of the 9/11 Commission Act directed GAO to report on public transit information sharing. This report describes (1) the primary mechanisms used to share security information with public transit agencies; and evaluates (2) public transit agencies' satisfaction with federal efforts to share security-related information (e.g., security threats) and opportunities to improve these efforts; and (3) the extent to which DHS has identified goals and measures for sharing information. GAO surveyed 96 of the 694 U.S. public transit agencies based on 2008 ridership and received 80 responses. The 96 public transit agencies surveyed represent about 91 percent of total 2008 ridership. GAO also reviewed documents, such as DHS's Information Sharing Strategy, and interviewed agency officials.
According to the American Public Transportation Association (APTA)--which represents the public transit industry--and TSA officials, the Public Transportation Information Sharing and Analysis Center (PT-ISAC) and the public transit subportal on DHS's Homeland Security Information Network (HSIN-PT) were established as primary mechanisms for sharing security-related information with public transit agencies. The public transit agencies GAO surveyed also cited additional mechanisms for obtaining such information, including other public transit agencies. Further, in March 2010 TSA introduced the Transportation Security Information Sharing and Analysis Center (TS-ISAC), which is a subportal on HSIN focused on sharing security-related information with transportation stakeholders. Seventy-five percent of the public transit agencies GAO surveyed reported being generally satisfied with the security-related information they received; however, federal efforts to share security-related information could be improved. Specifically, three-fourths of public transit agencies reported being either very satisfied or somewhat satisfied with the information they received. Public transit agencies also reported that among the 12 most frequently cited mechanisms, they were the least satisfied with HSIN in terms of general satisfaction (19 of 33) and for each of six dimensions of quality--relevance, validity, timeliness, completeness, actionability, and ease of use. Twenty-four survey respondents also cited the need to streamline the information they received. GAO identified the potential for overlap between the PT-ISAC, the HSIN-PT, and the TS-ISAC, which all communicate similar unclassified and security-related information to public transit agencies. Federal and transit industry officials that GAO interviewed reported the need to streamline information sharing. Moreover, a greater proportion of survey respondents who were unaware of the PT-ISAC or HSIN were from midsize agencies, nonrail agencies, and those without their own police department. Federal and industry officials formed a working group to assess the effectiveness of information-sharing mechanisms, including developing options for streamlining these mechanisms. TSA officials stated that these options will also impact future outreach activities; however, no time frame has been established for completing this effort. Establishing such a time frame could help to ensure that this effort is completed. DHS and TSA have established goals and performance measures for some of their information-sharing activities to help gauge the effectiveness of their overall information-sharing efforts; however, they have not developed goals and outcome-oriented measures of results of activities for the mechanisms established as primary information sources for the public transit industry. TSA officials acknowledged the importance of establishing such goals and measures, but were unable to provide time frames for doing so. Establishing time frames for developing goals and outcome measures, once the working group effort is complete, could assist TSA in gauging the effectiveness of its efforts to share information with public transit agencies. GAO recommends that DHS, among other things, (1) establish time frames for its working group to develop options for improving information sharing, including assessing opportunities to streamline mechanisms and conducting targeted outreach; and (2) establish time frames for developing goals and outcome-oriented measures of results. DHS concurred. GAO is issuing an electronic supplement with this report--GAO-10-896SP--which provides survey results.
Recommendations
Recommendations for Executive Action
| Agency Affected | Recommendation | Status |
|---|---|---|
| Department of Homeland Security | To help strengthen information sharing with public transit agencies, the Secretary of Homeland Security should direct the Assistant Secretary for the Transportation Security Administration in coordination with FTA and public transit agencies to establish time frames for the Sector Coordinating Council/Government Coordinating Council (SCC/GCC) Information Sharing Working Group to develop options for improving information sharing to public transit agencies and complete this effort, including the Working Group's efforts to (1) assess opportunities to streamline existing information-sharing mechanisms that target similar user groups with similar information to reduce overlap, where appropriate; and (2) conduct targeted outreach efforts to increase awareness of the PT-ISAC and HSIN among agencies that are not currently using or aware of these systems. | In September 2010, we reported that there was potential overlap among the Public Transit Information Sharing and Analysis Center (PT-ISAC), the public transit portal on the Department of Homeland Security's (DHS) information network (HSIN-PT), and the Transportation Security Administration's (TSA) page on DHS's information network (formerly known as TS-ISAC), which all communicate similar unclassified and security-related information to public transit agencies. As a result, we recommended that DHS establish time frames for its information-sharing working group to develop options for improving its information sharing efforts with transit agencies. DHS concurred. In response, DHS and the... transit industry have taken steps to streamline information sharing. TSA and key industry groups developed the Transit and Rail Intelligence Awareness Daily (TRIAD) report and associated Transportation Information Library. The intent of TRIAD is to streamline the analysis, sharing, and exchange of intelligence and security information that had been disseminated by multiple sources. Among other things, TRIAD includes a daily publication to enhance situational awareness and an alert message notifying users of a developing threat or incident. In March 2012, the American Public Transportation Association (APTA) reported that in an effort to incorporate feedback received through surveys conducted of public transit agencies in August 2011 and January 2012, it initiated discussions with TSA related to further streamlining security-related information through TRIAD, such as including links to DHS security-related information that is posted to HSIN-CS and HSIN-PT. However, an APTA official we spoke to stated that for law enforcement sensitive or sensitive security information, users would still have to log-on to HSIN because it is a secure portal. In addition, security officials from transit agencies we spoke with from February through June 2012 said that they continue to receive overlapping information from a variety of federal sources and have difficulty sorting through it to find what is useful. More recently, in November 2012, the Director of TSA's Surface Transportation Division, Office of Security Policy and Industry Engagement, stated that the agency is developing an enterprise information-sharing strategy that will discuss ways to streamline information sharing with the surface transportation industry, including public transit. As TSA develops this strategy, the agency plans to identify opportunities to streamline existing information-sharing mechanisms, including HSIN-PT and the PT-ISAC. According to the Director of TSA's Surface Transportation Division, TSA plans to employ this strategy and resulting implementation plan in June 2013. Because the strategy has not been developed and implemented, it is too early to determine its effectiveness. We will continue to monitor TSA's efforts to streamline information sharing with public transit agencies. In the meantime, however, TSA has provided us with sufficient information about planned actions and time frames to meet the intent of our recommendation. Regarding their outreach efforts, in August 2012, TSA reported that the agency had compiled a "superlist" of contact information for more than 1,000 public transit agencies of various sizes and modes, including nonrail and small and midsized agencies. TSA sent members of the superlist a PT-ISAC and HSIN membership campaign letter and requested that they complete a survey on the quality of information provided by PT-ISAC and HSIN. Another survey was conducted in November and December 2012. These outreach efforts may increase public transit agencies' awareness of the PT-ISAC and HSIN to obtain security information. This recommendation is closed as implemented.
View More |
| Department of Transportation | To help ensure that the PT-ISAC is meeting its objectives for sharing security-related information with public transit agencies, the Secretaries of Homeland Security and Transportation should direct the Assistant Secretary of the Transportation Security Administration and Administrator of the Federal Transit Administration to take steps to ensure the PT-ISAC fulfills its responsibilities and completes agreed-upon tasks. | We found that the Public Transportation Information Sharing and Analysis Center (PT-ISAC) was not performing all of its responsibilities as agreed upon through a cooperative agreement between its contractor and the Department of Transportation (DOT), and that while the Department of Homeland Security (DHS) and DOT oversee the expenditures of the PT-ISAC, DHS and DOT could not be assured that this mechanism was meeting the security information needs of public transit agencies. As a result, we recommended that DHS and DOT take steps to ensure the PT-ISAC fulfills its responsibilities and completes its agreed-upon tasks. In January 2011, DOT reported that, as necessary, it will request...
|
| Department of Homeland Security | To help strengthen DHS's efforts to share security-related information with public transit agencies, the Secretary of Homeland Security should develop a process for systematically gathering feedback on public transit agencies' satisfaction with the PT-ISAC and HSIN-PT. | In September 2010, we reported that the Transportation Security Administration (TSA) had not established a systematic process to obtain public transit agencies' feedback on information shared through the Public Transit Information Sharing and Analysis Center (PT-ISAC) and through the public transit portal on the Homeland Security Information Network (HSIN-PT), which are the primary mechanisms designed to share security-related information with public transit agencies. We recommended that the Department of Homeland Security (DHS) develop such a process. In January 2011, DHS officials stated that updates to HSIN will enable the department to efficiently capture user feedback, and that...
|
| Department of Homeland Security | To help ensure that the PT-ISAC is meeting its objectives for sharing security-related information with public transit agencies, the Secretaries of Homeland Security and Transportation should direct the Assistant Secretary of the Transportation Security Administration and Administrator of the Federal Transit Administration to take steps to ensure the PT-ISAC fulfills its responsibilities and completes agreed-upon tasks. | We found that the cooperative agreement between the Department of Transportation's Federal Transit Administration (FTA) and the American Public Transportation Association (APTA) that provides funding for the Public Transit Information Sharing and Analysis Center (PT-ISAC) specifies that the ISAC perform several functions related to the Homeland Security Information Network public transit subportal (HSIN-PT), but the PT-ISAC was not performing these functions. For example, the agreement states that the PT-ISAC is to control access to the HSIN-PT subportal, manage the information that is available on the subportal, and take steps to enhance its user-friendliness. In January 2012, TSA...
|
| Department of Homeland Security | To help strengthen DHS's efforts to share security-related information with public transit agencies, the Secretary of Homeland Security should take steps to ensure that public transit agencies can access and readily utilize HSIN and that the HSIN-PT subportal contains security-related information that is of value to public transit agencies. | We reported that concerns among public transit agencies about the Department of Homeland Security's (DHS) Homeland Security Information Network's (HSIN) accessibility may reduce its value as a source of security-related information. Industry officials characterized HSIN as a "pull" system that requires users to log in and extract what is relevant to their agency, but public transit security personnel do not necessarily have time to log into such a system every day and sift through excess information to extract what is relevant to their agency. In addition, users had to call the HSIN help desk to obtain a new password when theirs expired, but the contact information for the HSIN help desk...
|
| Department of Homeland Security | To help strengthen DHS's efforts to share security-related information with public transit agencies, the Secretary of Homeland Security should once the SCC/GCC Information Sharing Working Group has developed options for improving information sharing with public transit agencies, establish time frames for developing goals and related outcome-oriented performance measures specific to the PT-ISAC, HSIN-PT, and TS-ISAC. | In September 2010, we reported that the Department of Homeland Security (DHS) and the Transportation Security Administration (TSA) had established goals and output-oriented performance measures for their overall information-sharing activities but not for gauging the effectiveness of their information-sharing efforts specific to public transit agencies. Specifically, DHS and TSA had not developed such goals and measures for the Homeland Security Information Network public transit portal (HSIN-PT) and the Public Transit Information Sharing and Analysis Center (PT-ISAC) - mechanisms designed to serve as the primary information sources for the public transit agencies - or for TSA's page on...
|