Introduction
Critical infrastructure vulnerability is a major issue that needs an appropriate level of protection from natural disasters and cyberattacks. The paper will primarily focus on the United States’ approach to critical infrastructure protection in order to thoroughly understand the essential elements of ensuring nationwide resilience. Both natural disasters and cybercrime are major threats to the critically important units of the US, which is why one needs to comprehend the evolution of the defensive strategies and current methods of minimizing the damage. Therefore, it is important to understand the concept of critical infrastructure units, determine essential sectors, identify key problems, and assess the implications through possible solutions in order to increase the nation’s resilience to natural disasters.
Critical Units
Background
The concepts of “critical sectors,” “critical industries,” and “critical infrastructure” appeared in the United States at the beginning of the last century and were used most often in the context of the proper organization and functioning of socially significant systems, including roads and channels. Although these concepts have already been widely used by politicians and experts, a unified approach to their definition at that time has not yet developed (Lewis, 2020). Nevertheless, critical sectors, industries, and critical infrastructure are vital to society. Any problems with them can be dangerous for people who often do not realize the importance of essential sectors, industries, and critical infrastructure.
The vital importance of critical sectors, industries, and critical infrastructure becomes dramatically apparent to the public only during natural and man-made disasters, wars, and terrorist attacks. The most important component of the essence of critical sectors, industries, and critical infrastructure is the fact that they are all in varying degrees of interdependence. Thus, the destruction or partial destruction of one segment, industry, or critical infrastructure leads to an immediate negative impact on the adjacent critical sector, industry, critical infrastructure, or its components.
Moreover, the stability of critical sectors, industries, and critical infrastructure of nation-states is often determined only by internal determinants and instruments of state regulation, but also by external factors that are often outside the linear control of the nation-state. It is important to determine the importance of studying global approaches to the regulation of critical sectors, industries, and critical infrastructure in order to identify the most effective tools for such an impact. The United States, as a state, has traditionally been distinguished by a clear and consistent focus on its national economic and geopolitical interests (Viira, 2018). It has ensured the institutionalization of the most complex system of state regulation of critical sectors, industries, and critical infrastructure, which has quite effective mechanisms, successfully adapted in one form or another by a number of other countries.
Regulation
The concept of regulating critical sectors, industries, and critical infrastructure, categorizing infrastructure objects as objects of protection from the point of view of ensuring national security interests has evolved in the United States gradually, gaining its own characteristics and signs determined by decisions based on a number of objective reasons and factors. It is stated that natural disasters can lead to community-wide stress among post-disaster infrastructure, and thus proper regulations need to be integrated (Choi et al., 2016). A procedure was introduced for the creation and operation of a new structure, which is the President’s Commission on Critical Infrastructure Protection. The commission was composed of government officials, including the FBI, the CIA, National Intelligence, the Department of Defense, the Department of Energy, the Department of Transportation (Baggett & Simpkins, 2018). These experts from various sectors and industries began to conduct a comprehensive analysis of all sectors and industries that are key to US security.
The main mission was to identify critical infrastructure in the context of analyzing possible threats to national security, identifying political and legal issues related to addressing national security interests. The most important task was to develop the concept of an appropriate comprehensive federal program aimed at creating the proper tools to ensure the protection of critical infrastructure facilities of the relevant sectors and industries with the mapping of all the specific solutions required.
Sectors Involved
Critical Infrastructure (CI) received special attention in connection with changes in the national investment policy of some countries, which in turn plays a large role in various national strategies to protect CI. Many states have plans to safeguard CI, and these plans define critical infrastructure as tangible or intangible assets, the destruction or disruption of which will seriously undermine public safety, order, and disrupt the work of the government. Such harm can be catastrophic and have great consequences. Sources of risks to critical infrastructure can be natural or man-made. Natural disasters include various natural disasters, such as earthquakes, floods, landslides, and others (Alcaraz & Zeadally, 2015). Technological ones are terrorist acts, sabotage, and military operations. In general, a risk management strategy includes measures such as recovery, response, preparedness, and prevention (Baggett & Simpkins, 2018). The policy related to critical infrastructure is trying to coordinate the role of private operators of such infrastructure, whether they are domestic or foreign, in order to protect critical infrastructure, covering a wide range of public interests. However, the role intended by investment policy in protecting critical infrastructure is changing. Many countries attach a minimal or minor role in investment policies (Viira, 2018). All sectors are tightly interconnected, and all this can result in a phenomenon called the cascade effect (Karagiannis et al., 2017). Therefore, there are a number of sectors that are included in the category of CI. The agricultural and food sector includes food, animal and animal products supply chains, crop production and supply chains for grain, fertilizers, and other necessary materials. It also involves everything essential at the stages of processing, production, packaging, storage, and distribution of products.
Furthermore, the Banking and Finance sector includes institutions involved in the provision of goods and services such as deposits, consumer loans and payment systems, credit and liquidity products, investment products, and transfer risk products, including insurance. The chemistry sector can be divided into five segments based on the final outcome of production. These are basic chemicals, specialty chemicals, agricultural chemicals, pharmaceuticals, and consumer products. The commercial property sector consists of eight segments, such as crowded facilities, sports leagues, housing, open-air events, entertainment and media, real estate, and retail locations. The communication sector includes such physical property as, for example, wire lines, wireless, satellite, cable infrastructure, as well as services such as the Internet, information services, and cable television networks. This particular category’s level of development can significantly mitigate the overall damage from natural disasters (Freeman & Hancock, 2016).
The critical manufacturing category includes manufacturers who design, manufacture, and distribute products not covered by other sectors. These are the initial metals, mechanical engineering, electrical equipment, and transport equipment, including aerospace engineering. Dams category is a sector that covers the assets, systems, networks, and functions associated with dike projects, navigation locks, storm surge barriers, reservoirs, or other similar means of controlling or containing water flows. This provides a wide range of economic, environmental, and social benefits, including hydropower, river navigation, water supply, wildlife habitat, waste management, flood control, and land reclamation. The defense industry sector is divided into segments that produce weapons systems, platforms, and components. The main sections include missiles, aircraft, space, combat vehicles, ammunition, weapons, information technology, shipbuilding, and electronics. Products include mechanical components and systems, structural and electrical components, and electronics.
Emergency services are a system of feedback and restoration of elements that form the first line of defense of the state and the prevention and mitigation of the consequences of a terrorist attack. This is a sector of trained and trusted personnel, plans, contracts, and covenants that ensure life safety through emergency response services, consisting of federal, regional, local, and private partners. Emergency response disciplines include emergency management, emergency medical services, fire and combat teams, law enforcement, tactical and assault teams, and search and rescue teams.
Energy sector infrastructure is divided into three interconnected segments, such as electricity, oil, and natural gas. It is stated that the given infrastructure can be highly important in reducing the damage from natural disasters (Freeman & Hancock, 2016). The category of state-owned enterprises includes a wide variety of buildings owned or rented by federal, state, provincial, territorial, or local governments located within the country or abroad. Many government enterprises are open to the public for business, business, or entertainment. Others, not open to the public, contain highly relevant information, materials, processes, and equipment. This category includes embassies, courthouses, state laboratories, general-purpose administrative buildings and special military installations, and structures that may contain critical systems, functions, networks, and equipment.
The health sector consists of state and local health departments, health clinics, psychological clinics, nursing homes, hospitals, blood supply services, laboratories, morgues, and pharmaceutical stores (Forzieri et al., 2018). The Information Technology category consists of virtual functions essential for providing IT products and services, including hardware, software, and IT systems. National monuments are a sector that consists of a diverse array of assets located in the country. These include monuments, physical structures, or objects that are recognized as national heritage, Tradition, and value with national cultural, religious, historical, or political significance. They also serve the purpose of perpetuating the memory or representing significant aspects of the national heritage, traditions, or values and serve as places of interest for visitors and educational activities.
The category of nuclear reactors, materials, and waste includes atomic power plants and nuclear reactors used for research, testing, and training. It also involves nuclear materials used for medical, industrial and academic purposes, nuclear fuel, shut down reactors, transportation, storage, and destruction of nuclear materials and waste. The sector of postal services and delivery services daily drives a huge number of messages, products, and financial transactions. The postal service and delivery service differentiates from general freight operations, as they focus on small and medium shipments and services. Sector-specific assets include large-volume automated processing facilities, local delivery units, a large number, and a wide range of collection, acceptance, and distribution operations. In addition, these include postal vehicles and information and communication networks. The category of transport systems covers all transport methods (Lu et al., 2019). It is an extensive, open, interdependent network system that moves millions of passengers and millions of goods every year. The last sector is water, which includes drinking water and water pipes (Forzieri et al., 2018). Therefore, each sector is considered to be critical infrastructure element, which requires the highest level of protection.
Key Issues
The key problems of critical sectors, industries, and their infrastructures are the exclusive and increasing dependence of all sectors and industries on information and communication systems, which, accordingly, require special protection. In addition, this is the manifestation of a significant part of the critical infrastructure facilities of critical sectors and industries in private ownership or operational management, the need for specific regulation and protection tools. It is important to understand that only the institutionalization of effective mechanisms of interaction between the state and the private sector can guarantee the security of critical areas and industries with their critical infrastructures for many years to come. The list of potential threats includes physical threats of destruction or damage, cyber threats with their various varieties, depending on the purpose of the alleged intervention, the risk of the Internet as a basic communication platform (Lewis, 2020). It also involves threats of interference in the tactical actions of the US armed forces when they conduct an information war as part of specific military operations.
Therefore, it is important to improve state regulation of critical infrastructure facilities and ensure that they are protected from the point of view of US national security interests. Critical infrastructure is a complex of interconnected networks and systems consisting of identified industries, management structures and distribution capacities that ensure the reliable flow of products and services vital to the protection and economic security of the United States, and the smooth functioning of the government at all levels and society as a whole. It is necessary to point out the increasing interdependence of the infrastructures of various critical sectors and industries and determine the interdependence factor as a separate element that requires special attention from the point of view of ensuring the interests of US national security.
It is necessary to present not only clearly reasoned conclusions about potential threats to US critical infrastructure but also to present detailed proposals for each sector to ensure adequate protection of these critical infrastructure facilities, accompanied by a list of specific measures. In general, the toolkit of the approach involves institutionalizing the key role of the federal government as a regulator of the status of critical sectors, industries, and critical infrastructure. It also consists of the creation of mechanisms for continuous multifactorial interaction between government bodies and the private sector, in whose ownership or operational management are critical infrastructure facilities (Lewis, 2020). In addition, it is important to create the necessary institutions to ensure interaction between all federal government bodies responsible for both national platforms for providing national security of critical infrastructure and sectoral and industrial spheres.
Implications
The overall implications of the critical infrastructure protection across all sectors can be observed in current response measures of the United States. An important component is the provision of immediate response measures to the destruction or damage of critical infrastructure or part of it that has already occurred. It is necessary to create a fairly coherent concept of a system of federal bodies that can provide adequate protection for critical sectors, industries, and infrastructure in the context of ensuring US national security. However, it is also mandatory to immediately assess the nature and degree of danger of an emergency that has already arisen, regardless of its constitution, and, accordingly, take all necessary and sufficient measures to minimize its possible negative consequences. General recommendations are needed on the nature of regulation of critical sectors, industries, and critical infrastructure, specific proposals for each category and industry. They should contain separate sections on the algorithm for the practical implementation of such, including, including highly detailed projects.
The Presidential Decision Directive 63 “Critical Infrastructure Protection” is a milestone of particular importance in the evolution of the critical infrastructure security concept and the development of critical infrastructure management tools. It contains a clearly formatted concept for managing critical infrastructures across sectors and industries. For example, Directive 62, along with provisions defining the tasks of a number of government agencies to protect the United States from terrorist threats, contains a separate regulation on the importance of minimizing the risks of possible attacks on critical infrastructure and cyber systems and developing all necessary measures to prevent attacks of any type on these objects and frameworks, and the quick and effective elimination of possible such effects (Hemme, 2015). The second part of the goal-setting is essential for understanding the new multi-component task of the regulator, recognizing the possibility of destruction of critical infrastructure.
Directive automatically dictates the need to expand the spectrum of regulatory impact, which should now include properly structured systems for assessing the nature and degree of danger of the threat, a warning system, as well as measures to restore the resilience of critical infrastructure and other necessary actions dictated by the regulatory protocols. The most important part of Directive 63 has become the definitions determining the departments and persons responsible for ensuring the protection of critical infrastructure, which is defined as the key objective (Hemme, 2015). It was in this document that new solutions were proposed for the structural configuration of the institutional platforms needed to protect critical infrastructure.
Thus, on the basis of Directive 63, the National Infrastructure Protection Center is created in the status of the FBI unit, whose tasks were to ensure the protection of computer and information systems that are critical for US infrastructure. In addition, the Critical Infrastructure Assurance Office is formed in the Ministry of Commerce system, which is responsible for coordinating critical infrastructure security for critical sectors (Hemme, 2015). To ensure close interaction and cooperation with representatives of the private sector, which owned or managed critical infrastructure, the Information Sharing, and Analysis Center and the National Infrastructure Assurance Council were formed (Viira, 2018). The given measures ensured the multi-vector approach on conducting effective critical infrastructure protection.
Conclusion
In conclusion, interdependence is the main test for risk management in the theory of critical infrastructures due to the fact that the economy and society rely on the interconnectedness and interconnection of infrastructure subsystems. Its essence is that one destruction can be the cause of others that take place inside the processes and systems connected in the infrastructure. Due to this concept of addressing all threats, the protection of critical infrastructures involves the involvement of a wide range of different agencies and institutions, including government agencies at various levels and international organizations. Private CI operators are also an important part of protecting critical infrastructures.
References
Alcaraz, C., & Zeadally, S. (2015). Critical infrastructure protection: Requirements and challenges for the 21st century. International Journal of Critical Infrastructure Protection, 8, 53-66.
Baggett, R. K., & Simpkins, B. K. (2018). Homeland security and critical infrastructure protection. Praeger.
Choi, J., Deshmukh, A., & Hastak, M. (2016). Increase in stress on infrastructure facilities due to natural disasters. International Journal of Urban Sciences, 20(1), 77-89.
Forzieri, G., Bianchi, A., Silva, F. B. E, Marin Herrera, M. A., Leblois, A., Lavalle, C., Aerts, J. C. J. H., & Feyen, L. (2018). Escalating impacts of climate extremes on critical infrastructures in Europe. Global Environmental Change, 48, 97-107.
Freeman, J., & Hancock, L. (2016). Energy and communication infrastructure for disaster resilience in rural and regional Australia. Regional Studies, 51(6), 933-944.
Hemme, K. (2015). Critical infrastructure protection: Maintenance is national security. Journal of Strategic Security, 8(3), 25-39.
Karagiannis, G., Chondrogiannis, S., Krausmann, E., & Turksezer, Z. (2017). Power grid recovery after natural hazard impact. European Commision. Web.
Lewis, T. G. (2020). Critical infrastructure protection in homeland security: Defending a networked nation. Wiley.
Lu, H., Chen, M., & Kuang, W. (2019). The impacts of abnormal weather and natural disasters on transport and strategies for enhancing ability for disaster prevention and mitigation. Transport Policy, 1-16.
Viira, T. (2018). Lessons learned: Critical information infrastructure protection: How to protect critical information infrastructure. IT Governance Publishing.