Critical Infrastructure Protection Research Paper

Introduction

Critical infrastructure is defined as an asset, network, or system, either real or virtual, which is of crucial importance to the United States. The destruction of critical infrastructure may cause a devastating effect on the economic security, public safety, and health well-being of the citizens (Lewis, 2006).

The power that is used across the nation, water used in households, transportation used for mobility, and the system of communication used for connectivity all belongs to the existence of such critical infrastructures (Morton, 2012).

Technological advancement has facilitated interconnections of infrastructures in most countries, thus making them vulnerable to terrorist attacks. Since they are of very sensitive nature, their security is paramount, and thus precaution measures are needed to secure them.

Define Critical Infrastructure Protection and explain why it is important

Critical infrastructure protection (CIP) refers to a concept adopted by the US in 1998 in the fight against terrorism (Lopez, Setola & Wolthusen, 2012). The concept was launched by Bill Clinton, the then president of the US, under the PPD-63. The concept requires all the involved stakeholders to ensure that the infrastructure remains protected from terrorist attacks.

The US adopted the concept against the backdrop of the rising cases of cybercrimes directed to the nation’s cyber space (White, Boult, & Chow, 2014).President Bush added to the concept by launching the Homeland Security through the Presidential Directive HSPD-7. The Obama administration, through the PPD-21, altered the CIP further in 2013 in a bid to increase its effectiveness.

CIP initiatives aim at improving interoperability across communities coupled with improving collaboration with the federal government to detect, prevent, plan for, respond to, and recover from natural and human threats to telecommunications, water resources, oil and gas, government, transportation, emergency response, electric power, and health services infrastructure (Lopez, Setola, & Wolthusen, 2012).

As a collaborative effort, CIP is being conducted in coordination with federal, state, local government, commercial, and non-government Sponsors (De Bruijne, & Van Eeten, 2007).

DHS’s Mission

The Homeland Security Act of 2002 created the Department of Homeland Security (DHS). The DHS started its operations in 2003, and it was charged with critical infrastructure protection responsibilities and its goals and objectives are to prevent, protect, respond, and recover, as well as build in-security, ensure resilience, and facilitate customs and exchange (Lewis, 2006).

The DHS’ core mission entails five homeland security aspects, viz. “Prevent terrorism and enhance security, secure and manage American borders, enforce and administer immigration laws, safeguard and secure cyberspace, and ensure resilience to disasters” (Morton, 2012, p. 112). Failure to address the DHS’s mission effectively would have serious consequences for the American national and economic security.

The DHS’s Operations

With the passing of the Homeland Security Act of 2002, the DHS was officially formed and as part of its remit, its aim was to co-ordinate and streamline efforts of the nation’s assorted security and federal agencies.

Ensuring the security of the cyberspace and other critical infrastructures is the only way that the US can deter terrorist attacks that have had an increasing trend over the past few decades (Lopez, Setola, & Wolthusen, 2012). The DHS incorporated twenty-two other agencies under its umbrella.

The DHS’s main objective is to ensure that the security of the US citizens is maintained at all cost. In a bid to achieve this objective, the DHS has to protect its waters and ports to prevent illegal entry of dangerous weapons such as nuclear bombs. The DHS has put in place viable strategies regarding the security of its territories.

The DHS’s Responsibilities

The DHS’ main objective is to detect and prevent terrorist attacks in the US (De Bruijne, & Van Eeten, 2007). The U.S Department of Homeland Security was established after the 9/11 attacks to counter terrorist activities towards the United States.

The concept of homeland security is formally described in the “National Strategy for Homeland Security as a concerted national effort to prevent terrorist attacks within the United States, cut down the nation’s susceptibility to terror attacks, curtail the harm, and recuperate from terrorist attacks that take place” (Morton, 2012, p. 128).

Why is Critical Infrastructure Protection Important?

Attacks on critical infrastructure are likely to cause significant disruption on the operations of the government and businesses at large (Lewis, 2006). Critical Infrastructures have become targets for terrorists, thus their protection is necessary if a nation has to remain secure. Such attack may result in mass destruction of properties and many death incidents (Lopez, Setola, & Wolthusen, 2012).

In the past, Critical Infrastructure Protection initiatives have successfully cut down incidences of terrorist attacks. CIP is important since it requires every industry, which is classified as a critical economic sector, to assess and develop strategies to eradicate vulnerabilities to cyber-attacks.

Some of the sectors identified as critical sectors under the program include banking and finance, transportation, power, information, and communications (Morton, 2012).

The importance of information and intelligence sharing and its impact on CIP

Information sharing amongst federal, state, and local agencies is a key element of the American government’s homeland security strategy. According to political analysts, the post-9/11 threat calls for a reliable partnership amongst federal and all other local authorities in order to facilitate information sharing.

All the security organs ought to work together and create conducive environment that would in turn increase information sharing and thus lead to a reduction in terrorist attacks (Lewis, 2006).

Federal departments and authorities have the responsibility of availing relevant security information to the Secretary of DHS and the national critical infrastructure centers. The information is necessary to support cross-sector analysis and inform the situational awareness capability for critical infrastructure (Lopez, Setola, & Wolthusen, 2012).

Critical infrastructure security is a function that requires interdependence of all the federal agencies. Listed below are some of the departments and agencies that are key departments to the critical infrastructure security.

The Department of State, in coordination with other relevant Federal departments and agencies, engages foreign governments to strengthen the security and resilience of critical infrastructure located outside the United States and facilitates the best methods and lessons learned for maintaining the security and resilience of critical infrastructure on which the United States depends upon (Morton, 2012).

The US has the best intelligence community in the world (Lopez, Setola, & Wolthusen, 2012). The intelligence community is charged with the responsibility of providing warnings to security agents of threats prior to their occurrence. The Director of National Intelligence (DNI) is mandated to use all the relevant departments and recourses to produce intelligence information.

The IC is composed of highly trained crime detectives with the ability to detect crime before it is accomplished. It is composed of both the military and civilians. The security officers in charge of providing global security rely greatly on the IC’s report to combat terrorism and to protect the citizens around the world.

All the intelligence departments are under the DoD and intelligence reports are submitted to the DoD, which in turn presents it to the president (Lewis, 2006). The report on intelligence is then submitted to the relevant security organs for execution. The intelligence report is important to a nation’s security since it warns the country of an attack before it is accomplished.

The Nuclear Regulatory Commission (NRC) is mandated to offer licenses to eligible institutions, and for an institution to acquire such license, it must meet some set requirements.

The Federal Communications Commission, its authority and expertise on “identifying and prioritizing communications infrastructure, identifying communications sector vulnerabilities and working with industry to correct vulnerabilities, and coordinate with industry and engage foreign governments to increase the security and resilience of critical infrastructure within the communications sector on which the United States depends upon” (Morton, 2012, p. 126).

The Critical Infrastructure Protection (CIP) policies established by PPD-21

The PPD-21 created additional policies on critical infrastructure security and resilience created under the PPD- 63 by Bill Clinton in 1998 (Morton, 2012). The directive identified and specified various critical infrastructures and defined the role of each department involved. The key policies established by PPD-21 are explained below:

Defining and elucidating the functional relationships throughout the federal government

Under this strategy, the directive refines the structure of the CIP by creating two national critical infrastructure centers operated by DHS (White, Boult, & Chow, 2014). One department is responsible for security of the physical infrastructure while the other is responsible for the security of the cyber space.

The two departments work hand in hand to deter terrorism activities through the critical infrastructures. Responsibilities of each of the two departments is clearly defined and manned by experienced staff.

Enabling timely and effective information exchange

This strategy aims at increasing information exchange between all the federal departments involved (De Bruijne & Van Eeten, 2007). It is meant to enhance timely receipt of intelligence information to counter attacks. The policy establishes the standard requirements for data and information formats and accessibility while at the same time observing the privacy principles provided under the constitution (Lewis, 2006).

Creating an integration and analysis function

This final strategy is founded on the first two strategies and it establishes an integration and analysis function for critical infrastructure (Morton, 2012). The integration and analysis function for critical infrastructure is charged with the responsibility of analyzing incidences of attacks, prospective threats, as well as up-and-coming risks.

The department works in collaboration with other departments including the intelligence department, but the scope of each is clearly defined (Lopez, Setola, & Wolthusen, 2012). Therefore, the function of each department is well spelt to avoid conflicts.

Conclusion

The US Critical Infrastructure Protection was established by Bill Clinton in 1998 through the PPD-63. The directive identified key sectors and classified them as key infrastructures that needed to be secured at all costs. Since its establishment in 1998, it has received the support of the successive governments and the recent PPD-21 of 2013 refined the concept further. Protecting critical infrastructures is an important endeavor towards fighting terrorism that has had an increasing trend over the past decades.

References

De Bruijne, M., & Van Eeten, M. (2007). Systems that should have failed: critical infrastructure protection in an institutionally fragmented environment. Journal of Contingencies and Crisis Management, 15(1), 18-29.

Lewis, T. (2006). Critical infrastructure protection in homeland security: defending a networked nation. New York, NY: John Wiley & Sons.

Lopez, J., Setola, R., & Wolthusen, S. (2012). Critical Infrastructure Protection: Advances in Critical Infrastructure Protection: Information Infrastructure Models, Analysis, and Defense. New York, NY: Springer.

Morton, J. (2012). Next-Generation Homeland Security: Network Federalism and the Course to National Preparedness. Annapolis, MD: Naval Institute Press.

White, R., Boult, T., & Chow, E. (2014). A computational asset vulnerability model for the strategic protection of the critical infrastructure. International Journal of Critical Infrastructure Protection, 7(3), 167-177.