HLS201: Introduction to Homeland Security

Overview (1 of 5)

Overview

Critical Infrastructure Protection is among the leading concerns in the country's quest for homeland security.

The Patriot Act of 2002 defines critical infrastructure as those "systems and assets...so vital to the United States that (their) incapacity or destruction...would have a debilitating impact on security, national economic security, national public health or safety, or any combination of these matters."

Colonel Bert Tussing, Professor, Center for Strategic Leadership, U.S. Army War College.

After the 9/11 attack, the Bush Administration made the decision that identifying, prioritizing, and providing for the protection of our CIKR assets as a national priority. As new threats have evolved over the past several years, the Obama Administration has provided additional mandates and resources to strengthened that priority.

Lesson Objectives

At the conclusion of this lesson, students will be able to do the following:

Understand and define the terms "critical infrastructure"
Understand the roles of the various levels of government in protecting critical infrastructure and understand the inter-dependencies and coordination of those efforts with the private sector.

Lesson Readings & Activities

By the end of this lesson, make sure you have completed the readings and activities found in the Course Schedule.

Reference

Tussing, B. & Wheatley, J. (Eds.). (2005). In support of the common defense: Examining critical infrastructure protection in the public and private sectors. Carlisle, PA: Center for Strategic Leadership, U.S. Army War College. Retrieved from http://www.csl.army.mil/AllPublications.aspx#155.

HSPD-7: Critical Infrastructure Identification, Prioritization, and Protection (2 of 5)

HSPD-7: Critical Infrastructure Identification, Prioritization, and Protection

The basis for the federal government’s role in critical infrastructure protection comes from HSPD-7 which established a national policy for federal departments and agencies to identify, prioritize, and protect the nation’s critical infrastructure which is defined as those assets, systems, and networks that are essential to preserving national security, public safety, economic health, and the social security of our citizens and our communities.

Examples of critical infrastructure and key resources (CIKR) include

primary roads, bridges, and highways;
key data storage and processing facilities, major banking centers;
public water systems;
major power generation facilities;
nuclear power plants; and
chemical facilities in close proximity to large population centers.

HSPD-7 designates lead federal agencies, known as sector-specific agencies, that must collaborate with the private sector. These agencies must work with industry to facilitate the sharing of information about physical and cyber threats, vulnerabilities, incidents, potential protective measures, and best practices.

Understanding Federal Homeland Security Documents (3 of 5)

Understanding Federal Homeland Security Documents

The federal government provides many reports, strategies, and plans to which states should refer when developing their own homeland security strategy. We have already discussed the 25 HSPDs that govern the federal government’s homeland security policy initiatives.

The National Incident Management System (NIMS) established in 2008 is a comprehensive, national approach to incident management that is applicable at all jurisdictional levels and across functional disciplines. It attempts to improve coordination and cooperation between public and private entities and provides a common standard for overall incident management.

Also in 2008, DHS released the National Infrastructure Protection Plan (NIPP), later revised in 2013, that provides a framework for identifying and protecting critical infrastructure and key resources (CIKR). The plan’s goal is to strengthen national preparedness, timely responses, and rapid recovery of critical infrastructure in the event of a terror attack, natural disaster, or other emergency.

Issued in 2008, the National Response Framework (NRF) establishes a comprehensive, all-hazards approach to domestic incident response. NRF describes how communities, tribes, states, the federal government, private sector, and nongovernmental partners work together to coordinate a national response. It also describes best practices for managing incidents and builds on the NIMS that provide a template for managing incidents.

Released in 2010 and developed by DHS, the Quadrennial Homeland Security Review (QHSR) specifies key homeland security mission priorities, outlines goals for each of those mission areas, and lays the groundwork for next steps. The QHSR was conducted by department officials with the input of numerous stakeholders located throughout the country.

We will discuss these documents in detail in upcoming lessons. Please reference this page for the many acronyms used by DHS.

National Infrastructure Protection Plan (NIPP) (4 of 5)

National Infrastructure Protection Plan (NIPP)

A key element of the national approach to infrastructure protection is the NIPP. The NIPP outlines a comprehensive risk management framework and establishes processes for combining consequence, vulnerability, and threat information to produce a comprehensive, systematic and rational assessment of national and sector risk. The NIPP defines a methodology to prioritize critical infrastructure resources (CIKR) protection activities based on risk.

The objective of the NIPP is to:

set security goals,
identify assets,
assess risk,
prioritize infrastructure,
implement protective programs,
measure effectiveness, and
establish a feedback mechanism for continuous improvement.

Source: (DHS, 2009)

References

Homeland Security Act of 2002: Critical Infrastructure Information Act, Pub. L. No. 107-296. (Nov. 25, 2002).

U.S. Department of Homeland Security. (2013). National Infrastructure Protection Plan. Retrieved January 8, 2014 from http://www.dhs.gov/national-infrastructure-protection-plan.

PPD-21: Critical Infrastructure Security and Resilience (5 of 5)

PPD-21: Critical Infrastructure Security and Resilience

PPD 21: Critical Infrastructure Security and Resilience

As part of his 2013 State of the Union address, President Obama released two important documents, One, was an Executive Order for Improving Critical Infrastructure Cybersecurity (that we will address and discuss in a future Lesson) and a Presidential Policy Directive (PPD) for Critical Infrastructure Security and Resilience.

By issuing the EO and PPD together, the Obama Administration is taking an integrated approach that strengthens the security and resilience of critical infrastructure against all hazards, through and updated framework that acknowledges the increased role of cybersecurity in security physical assets and calls for enhanced information sharing and public-private partnerships. According to the White House statement announcing the objective of the document "the update PPD updates the national approach from HSPD 7, issued in 2003, to adjust to the new risk environment, key lessons learned, and drive toward enhanced capabilities."