ChemLock Security Goals

The Cybersecurity and Infrastructure Security Agency (CISA) is a recognized international leader in chemical security with more than a decade of experience assisting facilities in building tailored security plans to prevent terrorist exploitation of their chemicals. From on-site consultations to chemical security training, the ChemLock program offers scalable, tailored options for facilities looking to enhance their chemical security posture and reduce the risk of dangerous chemicals being weaponized.

Since each facility that possesses dangerous chemicals faces different security challenges, facilities will benefit most from a flexible, holistic approach that can address their unique security challenges. To help facilities apply a comprehensive approach to security that can address different threats and hazards, the ChemLock program presents five security goals for facilities to think through as they formulate a facility security plan:

Can you DETECT an attack or suspicious activity?
Can you DELAY the adversary?
Are you able to RESPOND in a timely manner?
Are you protecting your CYBER assets?
Do you have the appropriate POLICIES, PLANS, and PROCEDURES to implement your plan?

By considering a variety of potential avenues of attack and approaching security from this integrated approach, facilities can choose cost-effective, efficient security measures that work best to protect the dangerous chemicals at their facility from the threats and hazards most likely to occur at their facility.

ChemLock: Detection Security Goal

Detection is the ability to identify potential attacks or precursors to an attack and to communicate that information as appropriate. Learn more about the detection security goal that can enhance your facility's chemical security posture.

ChemLock: Delay Security Goal

Delay includes limiting access to your facility or assets to reduce the likelihood of an adversary successfully breaching the perimeter or assets and allowing sufficient time to initiate a response to the attack. Learn more about the delay security goal.

ChemLock: Response Security Goal

Response includes the capability to communicate, report, and manage the appropriate reaction(s) to potential attacks and/or adversary actions, and/or to reduce the effect of security-related events. Learn more about how response measures enhance your chemical security posture.

ChemLock: Policies, Plans, and Procedures Security Goal

Policies, plans, and procedures ensure you have the capability to manage your facility security plan, including the development of processes that support security plan implementation and oversight. Learn more about this security goal that enhances your chemical security posture.

CISA Cybersecurity Resources

CISA has a variety of resources to help you accomplish your cybersecurity goals.

Free Cybersecurity Services and Tools

In addition to offering a range of no-cost CISA-provided cybersecurity services, CISA has compiled a list of free services and tools provided by private and public sector organizations across the cyber community.

Hands typing on keyboard with cyber-related icons floating around

Cyber Guidance for Small Businesses

CISA offers a different kind of cybersecurity advice for small businesses and their employees. Learn more about how your small business can address cyber threats.

Cybersecurity Best Practices

CISA provides information on cybersecurity best practices to help individuals and organizations implement preventative measures and manage cyber risks.

ChemLock Security Plan

To help facilities use these security goals to develop a security plan or evaluate an existing plan, CISA has a guidance document and security plan template that facilities can download and customize for their facility.

ChemLock Security Plan

Building on these five security goals, the ChemLock program also provides information to help facilities think through a variety of chemical security topics to ensure that your facility security plan is holistic and comprehensive.

Additional Chemical Security Considerations

The ChemLock program provides a variety of chemical security topics—from drones to no-notice events—that facilities with dangerous chemicals should consider as they develop and implement a facility security plan.

ChemLock Services and Tools

Not sure where to start? CISA has security experts across the country that can come to your facility to help you evaluate whether your current security measures adequately address these security goals.

If you want to learn more about these security goals, ChemLock provides training that will walk you through them in greater detail so that you can build a facility security plan tailored for your facility.

To request any of these ChemLock services, please fill out the ChemLock Services Request Form.

Request ChemLock Services

ChemLock On-Site Assessments and Assistance

CISA's ChemLock program can provide on-site assistance and assessments that help facilities identify the security risks their on-site chemicals present and offer scalable, tailored suggestions for security measures that will best enhance their security posture.

ChemLock Training

The ChemLock program provides live, on-demand training to assist owners, operators, and facility personnel with understanding the threats that chemicals pose and what security measures can be put into place to reduce the risk of dangerous chemicals being weaponized.

Contact Information

For more information or questions, please email ChemLock@cisa.dhs.gov.

Note: Participation in any portion of CISA's ChemLock program does not replace any reporting or compliance requirements under CISA's Chemical Facility Anti-Terrorism Standards (CFATS) regulation (6 CFR part 27). Some ChemLock activities may fulfill CFATS requirements, depending on your specific security plan. Contact local CISA Chemical Security personnel or visit the CFATS webpage to learn more about CFATS regulatory requirements.