DHS Completes Plans For Critical Infrastructure Protection
The U.S. Department of Homeland Security has announced the completion of 17 Sector-Specific Plans (SSPs) in support of the National Infrastructure Protection Plan (NIPP). The plan outlines a comprehensive risk management framework that defines critical infrastructure protection roles and responsibilities for all levels of government and private industry. Each SSP is tailored to the risk characteristics of that sector to promote greater consistency of protective programs and resources within the sectors.
“The consequences of an assault against America’s vast network of critical infrastructure sites could be dire, both in loss of life and in economic impact,” says Homeland Security Secretary Michael Chertoff. “At the same time, we must avoid imposing onerous security measures that would damage or make economically impractical the very systems that we’re trying to protect. The security roadmap reflects unprecedented coordination among the public and private sectors. These plans are already significantly strengthening vital infrastructure and reducing vulnerability to all hazards — terrorist attack and natural disaster alike.”
Homeland Security Presidential Directive 7 identified 17 critical infrastructure and key resource sectors that require protective actions to prepare for, or mitigate against, a terrorist attack or other hazards. The sectors are: agriculture and food; banking and finance; chemical; commercial facilities; commercial nuclear reactors, including materials and waste; dams; defense industrial base; drinking water and water treatment systems; emergency services; energy; government facilities; information technology; national monuments and icons; postal and shipping; public health and healthcare; telecommunications; and transportation systems including mass transit, aviation, maritime, ground or surface, rail and pipeline systems.
The vast majority of the nation’s critical infrastructure is owned and operated by private industry. SSPs define roles and responsibilities, catalog existing security authorities, institutionalize already existing security partnerships and establish the strategic objectives required to achieve a level of risk reduction appropriate to each individual sector. Each SPP also establishes a sector-specific risk-reduction consultative network to exchange best practices and facilitate rapid threat-based information sharing among the federal, state, local, tribal and private sectors. Strategic objectives include:
* Protecting critical sector assets, systems, networks and functions prior to a terrorist attack or natural disaster;
* Rapidly reconstituting critical assets, systems and networks after an incident;
* Planning for emergencies and updating response plans;
* Ensuring timely, relevant and accurate threat information sharing between the law enforcement and intelligence communities and key decision makers in the sector; and
* Educating stakeholders on infrastructure resiliency and risk management practices.