Case Study Phase 2: National Infrastructure Protection Plan
Case
Study Phase 2: National
Infrastructure Protection Plan
Amare
Alemu
Strayer
University
CIS
502: Theory of Security Management
Professor
Mark O. Afolabi, Ph.D.
August
9, 2017
Case
Study Phase 2: National
Infrastructure Protection Plan
Introduction
Protection
of the Nation’s physical and cyber infrastructure and the people who operate
and use these vital systems is a highly
challenging portion of the overall homeland security effort. The
national architecture of Critical Infrastructures and Key Resources (CIKR) assets and systems
continually grow more complex and more interdependent. Therefore, plans must
cut across a broad range of sectors, Federal and non-Federal governmental
entities, and critical industries. In
this paper, first, the communication plan will be visually demonstrated. Secondly, the paper
will analyze how to manage risk. Next, the paper will communicate how CIKR protection is an essential part
of the Homeland Security Mission. Further, the article will ensure an Effective, Efficient
Program Over the Long Term. Lastly, the article
will provide a summary of National
Infrastructure Protection Plan.
According to Michael Chertoff, (2009), the author, the
communication plan will be visually demonstrated by addressing five primary
communications channels which will communicate with Department of Homeland
Security, DHS. First, Sector-Specific Agency communicates with DHS. Given their unique capabilities and individual risk
landscapes, CIKR sectors each face different challenges. For instance,
some sectors have distinct, easily identifiable assets that can be logically
prioritized. Some are characterized by thousands of distributed assets, not all
of which are equally critical. Others are made up of systems or networks for
which the identification of specific protective measures may prove to be incredibly complicated,
but should be attempted nonetheless. Furthermore, interdependencies among
sectors can cause duplicative efforts or lead to gaps in funding for CIKR
protection. To ensure that government resources are allocated according to
national priorities and are based on national risk, need, and effective
risk-reduction opportunities, DHS must be able to accurately assess priorities,
requirements, and efforts across these diverse sectors. Requirements driven by
regulations, statutes, congressional mandates, and presidential directives
should also be considered. As DHS conducts this assessment, the SSAs, supported
by their respective SCCs and GCCs, provide information regarding their sectors’
individual CIKR protection efforts. The SCCs participate in the process to
ensure that private sector input is reflected in SSA reporting on industry priorities and requirements. The first
step for an SSA in the risk-informed resource allocation process is to
coordinate with industry partners,
including SCCs and GCCs, as appropriate, to determine sector priorities,
program requirements, and resource needs for CIKR protection. HSPD-7 requires each SSA to provide an annual report
to the Secretary of Homeland Security on their efforts to identify, prioritize,
and coordinate CIKR protection and resiliency in their respective
sectors. Consistent with this requirement, DHS provides the SSAs with reporting
guidance and templates that include requests for specific information, such as
CIKR protection priorities, needs, and
resources. Second, State Government communicates with
DHS. Like sectors,
State governments face diverse CIKR protection challenges and have different
priorities, needs, and available
resources. Furthermore, State CIKR protection efforts are closely intertwined
with those of other government and private sector partners. In particular,
States work in close collaboration with
local and tribal governments to address CIKR protection challenges at those
levels. To accurately assess the CIKR protection effort and identify needs that
warrant attention at a national level, DHS must aggregate information across
State jurisdictions as it does across sectors. DHS requires that each State develop a homeland security strategy that
establishes goals and objectives for its homeland security program, which
includes CIKR protection as a core element. State administrative agencies
develop a Program and Capability Enhancement Plan that prioritizes statewide
resource needs to support this program.
Third, State, Local, Tribal, and Territorial Government Coordinating
Council communicates with DHS. The intent of
the SLTTGCC is to provide input and suggestions for implementation of the NIPP,
including sector protection programs and initiatives. These types of engagements
foster broad public sector partner involvement in actively developing CIKR
protection priorities and requirements. Through the SLTTGCC Annual Report, the
Council provides annual updates on CIKR programs and initiatives that are being
conducted or planned by the Council, DHS, other Federal partners, or private
sector partners. Fourth, Regional Consortium Coordinating Council communicates
with DHS. Cross-sector and multi-jurisdictional CIKR protection challenges
provide an opportunity to manage interdependent risks at the regional level.
Individually, the activities of the local
consortium enhance the physical security, cyber security,
emergency preparedness, and overall public-private continuity and resiliency of
one or more States, urban areas, or municipalities. The RCCC provides a unique
mechanism to integrate NIPP implementation on a regional scale and details its
efforts in the RCCC Annual Report. Fifth, Aggregating Submissions to DHS.
DHS uses the information collected from the Sector
CIKR Protection Annual Reports, the SLTTGCC Annual Report, the RCCC Annual
Report, and State reports to assess CIKR protection status and requirements
across the country. As national priorities and
requirements are established, DHS will develop funding recommendations for
programs and initiatives designed to reduce national-level risk in the
CIKR protection mission area. In cases where gaps or duplicative efforts exist,
DHS will work with the SSA and the States to
identify strategies or additional funding sources to help ensure that national
CIKR protection priorities are efficiently and more
addressed. Secondly, according to Michael Chertoff, (2009), the author, the
paper analyzed the risk management and discussed that DHS, in collaboration
with the SSA and other sector partners, undertakes many protective programs,
resiliency strategies, initiatives, activities, and reports that support CIKR
protection. Many of these are available to or provide resources for CIKR
partners. Furthermore, the above mentioned five communication plans are mainly
meant to address on how to manage risk in protecting the CIKR. The NIPP uses
the risk management framework to support coordination between CIKR partners
outside the Federal Government. Each step of the risk management framework
presents opportunities for collaboration between and among all CIKR partners.
Coordination between State and local agencies and the sectors themselves
ensures that cross-sector needs and priorities are more accurately identified
and understood. Government coordination with private sector owners and
operators at all levels is required throughout the process to: ensure a unified
national CIKR protection effort; provide accurate, secure identification of
CIKR assets and systems; provide and protect risk-related information; ensure
implementation of appropriate protective measures; measure program
effectiveness; and make required improvements. Next, the author Michael
Chertoff, (2009), discussed and communicated that the result of the
interrelated set of national authorities, strategies, and initiatives is a standard, holistic approach to achieving the
homeland security mission that includes an emphasis on preparedness across the
board and on the protection of America’s CIKR as a steady-state component of
routine, day-to-day business operations for government and private sector
partners. The NIPP and NRF are complementary plans that span a spectrum of
prevention, protection, response, and recovery activities to enable this
coordinated approach on a day-to-day basis, as well as during periods of
heightened threat. The NIPP and its associated
SSPs establish the Nation’s steady-state level of protection by helping
to focus resources where investment yields the greatest return in terms of
national risk management. The NRF addresses response and short-term recovery in
the context of domestic threat and incident management. The National
Preparedness Guidelines support implementation of both the NIPP and the NRF by
establishing national priorities and guidance for building the requisite
capabilities to support both plans at all levels of government. Each of the
guiding elements includes specific requirements for DHS and other Federal
departments and agencies to build engaged partnerships and work in cooperation
and collaboration with State, local, tribal, and private sector partners. This partnership
and cooperation between government and
private sector owners and operators is specifically applicable to the CIKR
protection efforts outlined in the NIPP. Furthermore, According to Sujeet
Shenoi, (2017), The critical infrastructure sectors
include: information technology, telecommunications, energy, banking and
finance, transportation systems, chemicals, significant manufacturing,
agriculture and food, defense industrial base, public health and health care,
national monuments and icons, drinking water and water treatment systems,
commercial facilities, dams, emergency services, nuclear reactors, materials
and waste, postal and shipping, and government facilities. Protecting and
ensuring the continuity of operation of critical infrastructure assets are
vital to national security, public health and safety, economic vitality, and
societal well-being. According to
Michael Chertoff, (2009), the author, the paper discussed to ensuring an
effective and efficient program over the Long Term. The key activities that are
needed for achieving this are 1. Building national awareness to support the
CIKR protection program and related investments by ensuring a focused
understanding of the all-hazards risk environment and what is being done to
protect and enable the timely restoration of the Nation’s CIKR considering such
threats; 2. Enabling education, training, and exercise programs to ensure that
skilled and knowledgeable professionals and experienced organizations can
undertake NIPP-related responsibilities in the future; 3. Conducting R&D
and using technology to improve protective capabilities or resiliency
strategies or to lower the costs of existing capabilities so that CIKR partners
can afford to do more with limited budgets; 4. Developing, protecting, and
maintaining data systems and simulations to enable continuously refined risk
assessment within and across sectors and to ensure preparedness for domestic
incident management; and 5. Continually
improving the NIPP and associated plans and programs through ongoing management
and revision, as required.
In
conclusion, the paper, firstly, discussed and visually demonstrated the
communication scheme. Secondly, the paper
analyzed how to manage risk. Next, the paper presented
and communicated how CIKR protection is an essential part of the Homeland
Security Mission. Lastly, the article
discussed the topic of Ensuring an Effective, Efficient Program Over the Long
Term.
References
Chertoff,
M. (2009). National Infrastructure Protection Plan. Retrieved on August 07, 2017 from
http://www.dhs.gov/xlibrary/assets/NIPP_Plan.pdf
Shenoi S. (2017).
International Journal of Critical Infrastructure Protection. Retrieved on
August
07, 2017 from https://www.journals.elsevier.com/international journal-of-critical
infrastructure-protection/
Comments
Post a Comment