Assignment 2: Department Of Homeland Security
Running Head: SECURITY & INFRASTRUCTURE
Assignment 2: Critical Infrastructure Protection (CIP)
Clara Mae Jones
Strayer University
Instruction: Dr. Patricia White
CIS 502 – Theories Security Management
May 16, 2013
Abstract
When we ask what “Critical Infrastructure is?” Critical infrastructure is the backbone of our nation’s economy, security, and health. It is clear that we have the power in our homes, the water we drink, the transportation that moves us, and the communication systems we rely on to stay in touch with friends and family. The vitalization of critical infrastructure according to research and the” Department of Homeland Security, 2013” is the assets, systems, and networks, whether physical or virtual. It is so …show more content…
vital in the United States that their incapacitation or destruction would have a debilitating effect on security, national economy security, and national health, or any combination thereof.
Examine the Department of Homeland Security’s Mission, Operations, and Responsibilities The Department of Homeland Security are wide-ranging, and their goal is clear: “A safer, more secure America, which is resilient against terrorism and other potential threats.” The three key concepts form the foundation of our national homeland security strategy designed to achieve this vision: The three are as follows 1) Security 2), Resilience 3), Custom and Exchange. These concepts drive broad areas of activity that the Quadrennial Homeland Security Review (QHSR) process defines as homeland security missions. It prevent, to protect, to respond, and recover, as well as to build in security, to ensure resilience, and to facilitate customs and exchange. The responsibility falls on hundreds of thousands of people from across the federal government, state, local, tribal, and territorial …show more content…
governments, the private sector, and other nongovernmental organizations are responsible for executing these missions. To be more detailed about the mission, operations, and responsibilities of DHS as follows, prevent terrorism and enhance security (protect the American people from terrorist threats). Secure and manage our borders (using technology, manpower and physical infrastructure to improve operational control of our borders). Responsible for facilitating legal immigration and enforce laws (supports legal employment by offering information and expanding E-Verify program). Safeguard and secure cyberspace (analyzes and reduces threats and distributes warnings, and ensure disaster resilience The DHS provides the coordinated responses to terrorist attacks on air, land, sea; also, natural disasters or other large emergencies while working with the public sector partners (Homeland Security, 2013, 2011; Lopez, Roman, 2007; Wilshusen, 2011). Critical Infrastructure Protection (CIP) Initiatives are; what are Protected, and the Methods used to Protect Our Assets. Critical infrastructure protection (CIP) are essential for the survival of the nation.
It have many definitions and they all mean the same thing, just expressed in different ways. It is define. It is define by the USA Patriot Act as systems and assets, whether physical or virtual. It is so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national public safety national, national economic security, or any combination of those matters. FEMA defines critical infrastructure as personal, physical assets and communication (cyber) that must be intact and operational 24-7 (365 days a year). In order to ensure survivability, continuity of operations, and mission success. Essential people, equipment, and systems are or/and mission success the availability of 24-7 is a necessity. In other words essential people, equipment, and systems, pertinent data, technique acquired through knowledge and experience are needed and used by different people of different groups, organizations, and the private and public sector partnering with the DHS in order to deter and mitigate the catastrophic results of disaster. Keeping the people and America safe and our infrastructures safe s well; in doing so requires secrecy which is a very important to the mission of DHS and all of its partnerships, to include the private and public sector as well. This task essentiality involves getting businesses to start thinking about
terrorist mindsets. An example of one is the red-teaming analytic method. Red-teaming is a concept which involves designating folks within their own organizations to think like and behave in support of the way “bad guys” or terrorist, would attack and study their approach to the targets and their set priorities (National Infrastructure Protection Plan, 2009).
Describe the Vulnerabilities IS Professionals Need to be concerned with When Protecting the U. S. Critical Infrastructure. There are many things the IS Professionals are concern about in reference to vulnerabilities, such as through all the planning to protect CIKR, the interconnected assets, systems, and networks may also present and attractive array of targets to domestic and international terrorists and magnify greatly the potential for cascading failure in the wake of a catastrophic natural or manmade disasters. Key things looked at of our CIKR by terrorist are “Water and Government Facilities”, which are critical for national survival and they are major CIKR. Why there are constant improvements in the protection and the resilience that focus on elements of the CIKR that are deemed to be nationally critical and it can prove to be more difficult for terrorists to launch destructive attacks and lessen the impact of any attack. The fact that terrorist have proved to be relentless, patient, opportunistic, and flexible, learning from experience and modifying tactics and targets to explicit perceived vulnerabilities and avoid observed strengths. This is a must and if we take a close look at what is happening both here and abroad now, measures must be improved upon for all potential catastrophic disasters of all types (Wilshusen, 2011; Lopez, Alcazar Roman, 2007; Paganini, 2013; O’Neil, Dempsey, 1999; 2000).
Evaluate the Effectiveness of the IS professionals in Regard to Protecting the U. S. Critical Infrastructure.
The IS professional are and should be concern with the analysis of terrorist goals and motivations points to domestic and international CIKR as potentially prime targets for terrorist attacks and as security measures around more predictable targets increase, terrorists are likely to shift their focus to less protected targets. Enhancing countermeasures to address any one terrorist tactic or target may increase the likelihood that terrorists will shift to another, which underscores the necessity for a balanced, comparative approach that focuses on managing risk commensurately across all sectors and scenarios. DHS and its many partners of various entities and groups to include the private and public sector must continue to study the persona of terrorists to include both the private and public sectors, which are key entities involved in the various tactics, technology, and methods of security (Alcaraz, & Roman, 2007; Paganini, 2013; O’Neil, Dempsey, 1999; 2000).
Suggest Three (3) Methods to Improve the Protection of our Critical Infrastructure and Justify Each Suggestions.
1) The methods and steps taken to protect our critical infrastructure have been good. The Secretary in consistent with U. S. C. 143 and in collaboration with the Secretary of Defense shall within 120 days of the date of this order, establish procedures to expand the Enhanced Cyber Security Services Program to all Critical Infrastructure Sectors. Their goal (method) is to aid in the private and public sector becoming qualified (eligible) to aid in the protection of our infrastructures and more. This voluntary information sharing program will provide classified cyber threat technical information from government to eligible critical infrastructure companies or commercial services provide that offer security services to critical infrastructure. 2) DHS and partners must continue to take on the mind set and actions as terrorists within the planning, developing, coordinating, practicing, and implementation phase in the formulating of action plans and programs, to enhance risk analysis, preventive measures, resiliency, recovery, reduction in vulnerabilities, deter threats and to mitigate potential threats. 3) Section 1 Policy, The cyber threat to critical infrastructure continues to grow and represents one of the most serious on the national security challenges we must confront through a continuous process. The national and economic security of the United States depends on the reliable functioning of the nation’s critical infrastructure and to maintain a cyber-business of confidentiality, privacy, and civil liberties. These goals can be achieved through a partnership with the owners and operators of critical infrastructure to improve cyber security information sharing and collaboratively develop and implemented risk-based standards (Whitehouse, 2013, 2012; Department of Homeland Security, 2011).
Conclusion
Our government have made great strides with forming partnerships and there are more to come. The purpose of these partnerships is to help others establish their own security as well to as assist out government in the area of securing our infrastructure. We have come a long way; however, the continuous planning, developing, coordinating, implementation and simulations of the real various threats and attacks on our critical infrastructure, thinking with the mindset and actions or terrorist will helps us to form greater alliances and partnerships both international and domestic that will aid in our country and those of our allies to function free of threats, disasters other than natural, and more. In order for this to be successful we must continue to work together in the forming of more partnership, working together in all aspects of security and this must be done continuously at all levels of federal government, state, city, county, territorial, private and public sectors as well. The partnerships formed must be strong and able to withstand any thing of any one that is in opposition as to what our country and allies are trying to enhance to the part where it would became obtainable to completely wipe out terrorist threats and attacks. This is not something that is going to happen overnight or in a month and this is and should always be a work in progress to stay on top of everything and to keep up with the methods of those that want to cause havoc to our county and allies.
References
Homeland Security: The Department of Homeland Security, 2013. Retrieved from: http://www.dhs.gov/our-mission http://www.dhs.gov/prevent-terrorim-and-enhance-security http://www.dhs.gov/combat-cyber-crime
Lopez, J., Alcaraz, C., Roman, R. (2007). “On the Protection and Technologies of Critical Information Infrastructure.” In on Foundation of Security Analysis and Design IV, pp. 160-182. Computer Science Department, University of Malaga, Spann. Retrieved from: http://www.nic.uma.es/research/cip http://link.springer.com/Chapter/10.1007%2F978-3-540-74810-6_6#page-1
National Infrastructure Protection Plan-Homeland Security. Retrieved from: http://www.dsh.gov/xlibrary/assets/nipp_aconsolidated_snapshot.pdf http://www.dhs.gov/xlibrary/assets/nipp_overview.pdf
O’Neil, M., Dempsey, J. (2007). Critical infrastructure protection: Threats to privacy and other civil liberties and concerns with government and the private mandates on industry: Depaul Business Law Journal, Vol. 12, p. 97. Retrieved from: http://www.cdt.org/publication/lawreview/2000depaul.shtml
Paganini, P. (2013).INFOSEC Institute Resources: Scada and Security of critical infrastructures, February, 22. Retrieved from: http://resources.infosecinstitute.com/Scada-security-of-critical-Infrastructure.
White House Administration. Retrieved from: http://www.whitehouse.gov/the-press-office/2013-1012 http://www.executive-order-improving-critical-in-1 http://www.whitehouse.gov/issues
Wilshusen, C. (2011). GAO: Highlights of GAO 12-92: Critical infrastructure is available, but more can be done to promote its use. Cyber security guidance. Retrieved from: http://www.dhs.gov wishusen@gao.gov
Assignment 2: Critical Infrastructure Protection (CIP)
Clara Mae Jones
Strayer University
Instruction: Dr. Patricia White
CIS 502 – Theories Security Management
May 16, 2013
Abstract
When we ask what “Critical Infrastructure is?” Critical infrastructure is the backbone of our nation’s economy, security, and health. It is clear that we have the power in our homes, the water we drink, the transportation that moves us, and the communication systems we rely on to stay in touch with friends and family. The vitalization of critical infrastructure according to research and the” Department of Homeland Security, 2013” is the assets, systems, and networks, whether physical or virtual. It is so …show more content…
vital in the United States that their incapacitation or destruction would have a debilitating effect on security, national economy security, and national health, or any combination thereof.
Examine the Department of Homeland Security’s Mission, Operations, and Responsibilities The Department of Homeland Security are wide-ranging, and their goal is clear: “A safer, more secure America, which is resilient against terrorism and other potential threats.” The three key concepts form the foundation of our national homeland security strategy designed to achieve this vision: The three are as follows 1) Security 2), Resilience 3), Custom and Exchange. These concepts drive broad areas of activity that the Quadrennial Homeland Security Review (QHSR) process defines as homeland security missions. It prevent, to protect, to respond, and recover, as well as to build in security, to ensure resilience, and to facilitate customs and exchange. The responsibility falls on hundreds of thousands of people from across the federal government, state, local, tribal, and territorial …show more content…
governments, the private sector, and other nongovernmental organizations are responsible for executing these missions. To be more detailed about the mission, operations, and responsibilities of DHS as follows, prevent terrorism and enhance security (protect the American people from terrorist threats). Secure and manage our borders (using technology, manpower and physical infrastructure to improve operational control of our borders). Responsible for facilitating legal immigration and enforce laws (supports legal employment by offering information and expanding E-Verify program). Safeguard and secure cyberspace (analyzes and reduces threats and distributes warnings, and ensure disaster resilience The DHS provides the coordinated responses to terrorist attacks on air, land, sea; also, natural disasters or other large emergencies while working with the public sector partners (Homeland Security, 2013, 2011; Lopez, Roman, 2007; Wilshusen, 2011). Critical Infrastructure Protection (CIP) Initiatives are; what are Protected, and the Methods used to Protect Our Assets. Critical infrastructure protection (CIP) are essential for the survival of the nation.
It have many definitions and they all mean the same thing, just expressed in different ways. It is define. It is define by the USA Patriot Act as systems and assets, whether physical or virtual. It is so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national public safety national, national economic security, or any combination of those matters. FEMA defines critical infrastructure as personal, physical assets and communication (cyber) that must be intact and operational 24-7 (365 days a year). In order to ensure survivability, continuity of operations, and mission success. Essential people, equipment, and systems are or/and mission success the availability of 24-7 is a necessity. In other words essential people, equipment, and systems, pertinent data, technique acquired through knowledge and experience are needed and used by different people of different groups, organizations, and the private and public sector partnering with the DHS in order to deter and mitigate the catastrophic results of disaster. Keeping the people and America safe and our infrastructures safe s well; in doing so requires secrecy which is a very important to the mission of DHS and all of its partnerships, to include the private and public sector as well. This task essentiality involves getting businesses to start thinking about
terrorist mindsets. An example of one is the red-teaming analytic method. Red-teaming is a concept which involves designating folks within their own organizations to think like and behave in support of the way “bad guys” or terrorist, would attack and study their approach to the targets and their set priorities (National Infrastructure Protection Plan, 2009).
Describe the Vulnerabilities IS Professionals Need to be concerned with When Protecting the U. S. Critical Infrastructure. There are many things the IS Professionals are concern about in reference to vulnerabilities, such as through all the planning to protect CIKR, the interconnected assets, systems, and networks may also present and attractive array of targets to domestic and international terrorists and magnify greatly the potential for cascading failure in the wake of a catastrophic natural or manmade disasters. Key things looked at of our CIKR by terrorist are “Water and Government Facilities”, which are critical for national survival and they are major CIKR. Why there are constant improvements in the protection and the resilience that focus on elements of the CIKR that are deemed to be nationally critical and it can prove to be more difficult for terrorists to launch destructive attacks and lessen the impact of any attack. The fact that terrorist have proved to be relentless, patient, opportunistic, and flexible, learning from experience and modifying tactics and targets to explicit perceived vulnerabilities and avoid observed strengths. This is a must and if we take a close look at what is happening both here and abroad now, measures must be improved upon for all potential catastrophic disasters of all types (Wilshusen, 2011; Lopez, Alcazar Roman, 2007; Paganini, 2013; O’Neil, Dempsey, 1999; 2000).
Evaluate the Effectiveness of the IS professionals in Regard to Protecting the U. S. Critical Infrastructure.
The IS professional are and should be concern with the analysis of terrorist goals and motivations points to domestic and international CIKR as potentially prime targets for terrorist attacks and as security measures around more predictable targets increase, terrorists are likely to shift their focus to less protected targets. Enhancing countermeasures to address any one terrorist tactic or target may increase the likelihood that terrorists will shift to another, which underscores the necessity for a balanced, comparative approach that focuses on managing risk commensurately across all sectors and scenarios. DHS and its many partners of various entities and groups to include the private and public sector must continue to study the persona of terrorists to include both the private and public sectors, which are key entities involved in the various tactics, technology, and methods of security (Alcaraz, & Roman, 2007; Paganini, 2013; O’Neil, Dempsey, 1999; 2000).
Suggest Three (3) Methods to Improve the Protection of our Critical Infrastructure and Justify Each Suggestions.
1) The methods and steps taken to protect our critical infrastructure have been good. The Secretary in consistent with U. S. C. 143 and in collaboration with the Secretary of Defense shall within 120 days of the date of this order, establish procedures to expand the Enhanced Cyber Security Services Program to all Critical Infrastructure Sectors. Their goal (method) is to aid in the private and public sector becoming qualified (eligible) to aid in the protection of our infrastructures and more. This voluntary information sharing program will provide classified cyber threat technical information from government to eligible critical infrastructure companies or commercial services provide that offer security services to critical infrastructure. 2) DHS and partners must continue to take on the mind set and actions as terrorists within the planning, developing, coordinating, practicing, and implementation phase in the formulating of action plans and programs, to enhance risk analysis, preventive measures, resiliency, recovery, reduction in vulnerabilities, deter threats and to mitigate potential threats. 3) Section 1 Policy, The cyber threat to critical infrastructure continues to grow and represents one of the most serious on the national security challenges we must confront through a continuous process. The national and economic security of the United States depends on the reliable functioning of the nation’s critical infrastructure and to maintain a cyber-business of confidentiality, privacy, and civil liberties. These goals can be achieved through a partnership with the owners and operators of critical infrastructure to improve cyber security information sharing and collaboratively develop and implemented risk-based standards (Whitehouse, 2013, 2012; Department of Homeland Security, 2011).
Conclusion
Our government have made great strides with forming partnerships and there are more to come. The purpose of these partnerships is to help others establish their own security as well to as assist out government in the area of securing our infrastructure. We have come a long way; however, the continuous planning, developing, coordinating, implementation and simulations of the real various threats and attacks on our critical infrastructure, thinking with the mindset and actions or terrorist will helps us to form greater alliances and partnerships both international and domestic that will aid in our country and those of our allies to function free of threats, disasters other than natural, and more. In order for this to be successful we must continue to work together in the forming of more partnership, working together in all aspects of security and this must be done continuously at all levels of federal government, state, city, county, territorial, private and public sectors as well. The partnerships formed must be strong and able to withstand any thing of any one that is in opposition as to what our country and allies are trying to enhance to the part where it would became obtainable to completely wipe out terrorist threats and attacks. This is not something that is going to happen overnight or in a month and this is and should always be a work in progress to stay on top of everything and to keep up with the methods of those that want to cause havoc to our county and allies.
References
Homeland Security: The Department of Homeland Security, 2013. Retrieved from: http://www.dhs.gov/our-mission http://www.dhs.gov/prevent-terrorim-and-enhance-security http://www.dhs.gov/combat-cyber-crime
Lopez, J., Alcaraz, C., Roman, R. (2007). “On the Protection and Technologies of Critical Information Infrastructure.” In on Foundation of Security Analysis and Design IV, pp. 160-182. Computer Science Department, University of Malaga, Spann. Retrieved from: http://www.nic.uma.es/research/cip http://link.springer.com/Chapter/10.1007%2F978-3-540-74810-6_6#page-1
National Infrastructure Protection Plan-Homeland Security. Retrieved from: http://www.dsh.gov/xlibrary/assets/nipp_aconsolidated_snapshot.pdf http://www.dhs.gov/xlibrary/assets/nipp_overview.pdf
O’Neil, M., Dempsey, J. (2007). Critical infrastructure protection: Threats to privacy and other civil liberties and concerns with government and the private mandates on industry: Depaul Business Law Journal, Vol. 12, p. 97. Retrieved from: http://www.cdt.org/publication/lawreview/2000depaul.shtml
Paganini, P. (2013).INFOSEC Institute Resources: Scada and Security of critical infrastructures, February, 22. Retrieved from: http://resources.infosecinstitute.com/Scada-security-of-critical-Infrastructure.
White House Administration. Retrieved from: http://www.whitehouse.gov/the-press-office/2013-1012 http://www.executive-order-improving-critical-in-1 http://www.whitehouse.gov/issues
Wilshusen, C. (2011). GAO: Highlights of GAO 12-92: Critical infrastructure is available, but more can be done to promote its use. Cyber security guidance. Retrieved from: http://www.dhs.gov wishusen@gao.gov