Fundamentals of Critical Infrastructure Protection

Student’s Name

Institutional Affiliation

Fundamentals of Critical Infrastructure Protection

The National Infrastructure Protection Plan (NIPP) is a manuscript called by Homeland Security Presidential Directive 7 (HSPD-7) that purposes at unifying Critical Infrastructure and Key Resource (CIKR), safeguarding efforts through the country (Homeland Security, 2006). The core goal of NIPP is to protect the key resource and critical infrastructure and ensures resiliency. This protects and ensures that the United States critical infrastructure and key resources (CIKR) continuity is essential to public health and safety, Nation’s Security, the way of life and economic vitality (NIPP, 2013). Homeland Security (2006) describes that, CKIR includes virtual or physical assets, network, and systems that are vital to the United States where the destruction or incapacity of such systems, networks or assets would have a devastating consequence on public health or safety, national economic security, security or the combination of these matters. 

The 2002 Homeland Security Act gives the fundamentals of Department of Homeland Security (DHS) duties in protecting the Nation’s CI/KR. The Act designed DHS with responsibilities in the development of the comprehensive national plan to secure CI/KR and recommending processes that protect the key infrastructures and key resources of United States as it coordinates with other federal government agencies. There is cooperation between the local and state government agencies, the private sector and other agencies to fulfill its purpose. The CI/KR protection national approach was provided through a unifying network established in Homeland Security Presidential Directive 7 (HSPD-7) (Homeland Security, 2006)

The overarching goal of NIPP creation was to build a more resilient, safe and secure America by improving the defense of Nation’s CI/KR to deter, neutralize, mitigate or prevent the consequences of deliberate efforts by terrorist to exploit, incapacitate or destroy them; to reinforce national preparedness, rapid recovery and timely response after an event; of natural disaster, terrorist attack or any other emergency (NIPP, 2013). The national plan was created to provide a unifying structure that integrates the future and the present efforts of CIKR protection in a solitary national program. NIPP was formed to assist in the prioritization of protection investments and initiatives through sectors to certify the private sector and the government are applied where they give more assistance in risk mitigation by lowering vulnerabilities, minimizing consequences and deterring threats of man-made disasters, terrorist attacks, and natural disasters.

The NIPP cornerstone is its framework on risk management by establishing the processes that combine threat, vulnerability and consequence information that produces a systematic, comprehensive and rational assessment of sector or national at risk. The structure of risk management framework helps in promoting a continuous improvement that enhances CIKR protecting by focusing on accomplishments efforts that set security goals (NIPP, 2013). This framework relates to the strategic threat environment in shaping the planning of the program as well as specifying incidents or threats situation. In the implementation of this strategy the SSAs, the DHS other security partners share responsibilities in managing the framework.

Strengths in Critical Infrastructure Protection

Critical infrastructure protection helps to determine vulnerabilities and scrutinize alternatives in order to prepare for incidences. CIP links between infrastructure assurance and risk management. The strength of CIP is its provision of capabilities that are required in eliminating critical infrastructure vulnerabilities. CIP has inter-relationships that help in unifying a national capability that protects the interrelated country’s infrastructure aspects. CIP understand the relationship between elements which assists in securing national infrastructure.

Weakness in Critical Infrastructure Protection

NIPP (2013) explains that, in the past, infrastructure elements’ network and systems were logically and physically separate and independent.  With technology advances, each sector system has become interlinked and automated through communication facilities and computers. This results to a link between oil, gas, telecommunication and electricity blurring the traditional security borders. The system lacks consensus on how infrastructure elements combine together, how each individual element function and affect the other.

Private operators and owners are in defense of CKIR in the first line. They are responsible for taking action that maintains risk management in investments and planning in security as important in prudent business planning and operations. The private sector performs comprehensive risk assessments personalized to their specific enterprise, sector or facility landscape. The level of investment in security among private sectors reflects the tradeoffs of risks versus consequences that are based on two factors. The first factor represents what is identified about the environment risk, while the second represents what is economically sustained and justified in the environment or competitive marketplace of limited sources.

In the article, Dhs.gov (2016), the federal government in the first factor is positioned uniquely in informing critical security operational planning and investment decisions. For example, private operators and owners view the government as a home of best practices that are security related and for violence threat assessments, indications, and warning. In the second factor, private operators and owners rely on the federal government in addressing risks that are outside their situations or properties, where the present threat exceeds the capability of the enterprise to mitigate risk or protect itself beyond additional investment reasonable level. In such a circumstance the private sector security partners collaborate in addressing the provision of timely warning, protection of national-level CI/KR and promote an environment where the operators and the owners undertake their specific protection responsibilities. 

According to Dhs.gov (2016), DHS is responsible for protecting sensitive information from unauthorized use or disclosure. The federal government has a statutory responsibility of safeguarding information about or from CKIR activities. In the Homeland Security Act Section 201(d)(12)(a), dictates that the DHS together with other federal agencies utilizes different procedures and programs like PCII program that ensures CKIR information is safely guarded. Sensitive security information (SSI) may be withheld from private owners if the information is revealed trade secrets. Unclassified Controlled Nuclear Information is withheld from private owners if it affects national security and public health and safety. Other information held from the private sector is the weapon of mass destruction, military plans, and foreign government information.

References

Dhs.gov,. (2016). National Infrastructure Protection Plan | Homeland Security. Dhs.gov. Retrieved 6 October 2016, from https://www.dhs.gov/national-infrastructure-protection-plan

Homeland Security,. (2006). National Infrastructure Protection Plan. Homeland Security. Retrieved from https://www.dhs.gov/xlibrary/assets/NIPP_Plan_noApps.pdf

National infrastructure protection plan 2013. (2013). [Washington, D.C.?].