Critical Infrastructure Protection Essay

The mission of the Department of fatherland protection is s teetotum acts of terrorist within the unite States, non have the United States be vulnerable to terrorist attacks, and reduce the damage to the United States if there would be a terrorist attack. Since this department inception in 2003, the Department of Homeland Security has a component in place to support its mission and has been a member of the U.S. Intelligence Community. In July of 2005, the DHS was reorganized and called the Second Stage refreshen or 2SR. The former Secretary of DHS, Michael Chertoff, began a strengthened office of Intelligence and Analysis (I&A) and made the Assistant Secretary for Information Analysis the Chief administrator Officer for that department. He also tasked I&A with ensuring that intelligence is coordinated, fused, and analyzed within the Department to support a common operational picture provide a primary connection between DHS and the IC as a whole and to act as a primary source o f information for state, topical anesthetic and private sector partners.The Homeland Security Act of 2002, assigned the original DHS intelligence componentthe Directorate of Information Analysis and Infrastructure Protectionwith responsibleness to receive, analyze, and integrate law enforcement and intelligence information in order to (A) identify and assess the nature and scope of terrorist threats to the homeland (B) detect and identify threats of terrorism against the United States and (C) understand such(prenominal) threats in light of actual and potential vulnerabilities of the homeland. Congress also made information sharing a top priority of the refreshed DHS intelligence disposal, requiring it to disseminate, as appropriate, information analyzed by the Department within the Department, to other agencies of the Federal authorities with responsibilities related to homeland security, and to agencies of State and local government and private sector entities, with such respo nsibilities inorder to assist in the deterrence, prevention, preemption of, or response to, terrorist attacks against the United States (Randol, 2010).A critical pedestal is specify as any facility, musical arrangement, or function which provides the foundation for national security, governance, economic vitality, reputation, and way of life. In short, critical substructure is by definition inseparable for the survival of the nation. The US Patriot Act defines it as systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters. FEMA defines critical infrastructure as personnel, physical assets, and communication (cyber) systems that must be intact and operational 24x7x365 in order to ensure survivability, continuity of operations, and mission success, or in o ther words, the essential people, equipment, and systems needed to deter or mitigate the catastrophic results of disasters.Critical Infrastructure Protection (CIP) consists of all proactive activities to protect indispensable people, physical assets, and systems (especially communications or cyber systems) which are guided by a systematic and reliable decision making process which assists leaders to determine exactly what needs protection, where, and how. It is proactive in the same sense that mitigation in emergency precaution is proactive and goes beyond normal security, defensive postures. The basic steps of CIP consist of identifying the critical infrastructures, find the threats against those infrastructures, analyzing the vulnerabilities of threatened infrastructures, assessing the risks of degradation or loss of a critical infrastructure, and applying countermeasures where risk is unacceptable (The Safety, 2014). Within the Department of Defense, a streamlined command and aver structure and growth of the cyber force in size and skills, including offensive capabilities, are required to effectively operate as well as to provide more or less deterrent to attack.Meanwhile, legal code for cybersecurity has not kept pace with technological developments. Comprehensive cybersecurity legislation is requiredbeginning with mandatory participation of critical infrastructure owners and operators in federal information-sharing programs in a way that incorporates appropriate safeguards for industry liability and citizen privacyin order to completelybridge the current public-private naval division of responsibilities for collective defense. Cybersecurity has grown to be a key issue for the administration and indeed for the nation in the last several years even though line for the integrity of Critical Infrastructure (CI) functions was evident in the 1990s. For CI, which includes a range of sensitive data and performs valuable functions that support the health, sa fety, and economic vitality of our advanced nation, the growth of networked connections in cyberspace has meant the introduction of new threat vectors to systems that were not designed to securely connect to todays Internet.Because improving the cybersecurity of CI encompasses such a large body of work, widely distributed across government and private sector entities, unity of effort is difficult to achieve. President Obama admits that when it comes to cybersecurity, federal agencies have overlap missions and dont coordinate and communicate n primaeval as well as they should with each other or with the private sector (La Bash and Landis, 2013) The vulnerabilities that should concern IS professionals who protect the U.S.s critical infrastructure is not having a system that would advise them of current, present, and future vulnerabilities. A system of this would be able to advise you of early indicators of vulnerability In order to procure this task, a survey of all operations sho uld be undertaken.The survey should include General Administrative Information, Management awareness and Control Programs, Identification of Hazards/Potential rises and Business Characterization. The ultimate benefits to be gained from this type of survey are in terms of identifying areas in need of attention, establishing a diagnose of potential crisis situations, determining what commitments your organization is comfortable with and documenting current efforts. Once the survey program has been developed and implemented, it must be evaluated and kept up-to-date. This can be finish by reviewing actual responses and by conducting a detailed audit of each element of the business. The survey program is the initial step, toward reducing vulnerability. Next, you must organize the operation. The management chain is critical to this process. You must ensure that all levels of management become part of the program. (Sikich, 1998). Make a senior manager directly responsible to top manage ment and the board of directors. The formal assignment of a senior manager to the position of Crisis ManagementPrograms, Director, or some other appropriate title, can accomplish the initial portion of this item. Set aside specific time for reports on crisis management preparedness issues. This can be accomplished by preparing an agenda for senior staff and board of director meetings that includes a discussion of crisis management preparedness as a mandatory item. You have to give it more than lip run though. Also, you must make the discussion substantive. Provide more than the dull and tiring statistics on reportable accidents, etc. Communicate compliance through all levels of the organization through company policy and procedures. This can be accomplished through formal adoption of policy at the highest levels of the company.The Protecting Cyberspace as a National Asset Act, was introduced last June by Sen. Joseph Lieberman (I-Conn.) and revised in December by the Senate Committe e on Homeland Security and Governmental Affairs. It calls for the formation of a National Center for Cybersecurity and Communications (NCCC) within the U.S. Department of Homeland Security (DHS) that would be responsible for protecting both federal computing machine networks and critical infrastructure owned by the private sector against cyber attacks.Although the White House already has broad wartime powers, making aspects of the proposed act redundant, opposition to the bill has centered on its homework to give the federal government the authority to define what is meant by critical infrastructure. According to the bill the government can take measures to protect any computer system whose destruction or disruption of reliable operation would cause national or regional catastrophic effects. This could include cutting off the system from the Internet. Owners of facilities labeled as critical infrastructure would be notified as soon as this designation is made. An owner could appea l this designation but, as the bill is currently written, the government would make the final decision to disconnect, which is not subject to judicial review (Greenemeier, 2011).ReferencesGreenemeier, L. (2011). What is the Best Way to Protect U.S. Critical Infrastructure from a Cyber fall upon? Retrieved from http//www.scientificamerican.comLa Bash, M. and Landis, C. (2013, August). Legal, Policy, and Organizational Impedients to the Protection of Critical Infrastructure from Cyber Threats. Retrieved from http//www.cmu.edu/mits/files/mits2-paths.comRandol, M. (2010, March). The Department of Homeland Security Intelligence Enterprise Oper- Rational Overview and Oversight Challenges for Congress. Retrieved from http//fas.org/sgp/crs/homesec/R40602.pdfSikich, G. (1998). Critical InfrastructureVulnerability. Retrieved from http//www.disaster-resource.comThe Safety and Security of Critical Infrastructure. (2014, January). Retrieved from http//www.drtomoconnor.com/3430/3430lecto1a.htm