A Conversation with Frank Pisciotta

Frank Pisciotta is the president of Business Protection Specialists Inc., a security consulting firm that works in a number of different verticals, including chemical security. We sat down with him to find out the on-the-ground view of CFATS compliance.

Q. Tell me about what your firm does to help facilities become CFATS-compliant.

A. We are a physical and technical security consulting firm, and we’ve been working in the chemical sector for about 21 years. As far as CFATS goes, we work alongside clients of all different sizes and types to help them achieve regulatory compliance, complete their security vulnerability assessment, develop their site security plan, and train facility security officers to comply and designing security programs. We do the front-end engineering and design to enable companies to understand what compliance with the regulations is going to cost them as soon as their plans are approved.

Q. Where in the compliance process are a lot of the facilities you are working with?

A. There are probably somewhere between five and six thousand regulated facilities in the U.S. Most have received their final determination letters, though there are still still a few a hundred that haven’t. The issue really is that DHS is understaffed for the amount of work they have to do to meet up with the regulations. While there are only five to six thousand facilities regulated, they received 38,000 topscreens from organizations with chemicals of interest. So they’ve had to wade through all of that.

The law also provides a provision to request a redetermination of your initial determination, and anyone who can get out of having to comply with this law is going to try as hard as they can to do so. So DHS has had thousands of requests for redetermination. This has slowed DHS down in terms of getting through the SSP reviews.

DHS will also tell you that their data collection tool didn’t serve them the way they thought they did – it wasn’t thorough enough. So now they have to go back to their Tier-One facilities to ask them to more clearly interpret the information that they’ve submitted. It seems that there’s one delay after another here, which means there aren’t very many companies that have SSPs approved and in place. Of the 60 facilities that we’re working with right now, none have received approval yet.

Q. What are some common challenges that facilities you’re working with are facing?

A. Prior to CFATS, you had companies that arguably had adequate security programs for their security design basis. If you looked at all the criminal threats, insider threats, workplace violence threats they faced, companies were fairly well put together to address those types of threats. When the government comes along and says, “You now have to contend with highly motivated adversaries and terrorists,” all of that drops, and you essentially have to start building your security program from the ground up again.

Also, DHS isn’t done figuring out how they’re going to implement all of this stuff. For example, there’s a requirement that people with unlimited access to these chemicals of interest undergo a terrorist background screening. But DHS doesn’t know what system they want people to use to screen these people yet.


  • Cloud Adoption Gives Way to Hybrid Deployments

    Cloud adoption is growing at an astonishing rate, with Gartner forecasting that worldwide public cloud end-user spending will approach $600 billion by the end of this year—an increase of more than 21% over 2022. McKinsey believes that number could eclipse $1 trillion by the end of the decade, further underscoring the industry’s exponential growth. Read Now

  • AI on the Edge

    Discussions about the merits (or misgivings) around AI (artificial intelligence) are everywhere. In fact, you’d be hard-pressed to find an article or product literature without mention of it in our industry. If you’re not using AI by now in some capacity, congratulations may be in order since most people are using it in some form daily even without realizing it. Read Now

  • Securing the Future

    In an increasingly turbulent world, chief security officers (CSOs) are facing a multitude of challenges that threaten the stability of businesses worldwide. Read Now

    • Guard Services
  • Security Entrances Move to Center Stage

    Most organizations want to show a friendly face to the public. In today’s world, however, the need to keep people safe and secure has become a prime directive when designing and building facilities of all kinds. Fortunately, there is no need to construct a fortress-like entry that provides that high level of security. Today’s secured entry solutions make it possible to create a welcoming, attractive look and feel at the entry without compromising security. It is for this reason that security entrances have moved to the mainstream. Read Now

Featured Cybersecurity

New Products

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3

  • ResponderLink


    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3