Why is critical infrastructure important
to me?
Critical infrastructure
includes the electricity that runs our homes and businesses; the water that we
drink, use to fight fires, and to support industrial production; and our
telephones, televisions, and Internet communications. It includes our roads,
railroads and waterways, banks and financial systems, and all of the commerce
and other underpinnings that represent the American way of life.
Simply stated, critical
infrastructure comprises the goods and services that are necessary for business
continuity and are vital to daily life for each and every American. Our
infrastructure is grouped into broad sectors and includes a vast array of
multi-dimensional, physical and virtual assets, systems, networks, and
functions. Disrupting or destroying our Nation’s critical infrastructure would
have major impacts, because we are all connected to it—individual citizens, the
private sector, and all levels of government.
How do we know what infrastructure is
considered critical?
Critical infrastructure is
defined as systems and assets, whether physical or virtual, so vital that their
incapacitation or destruction may have a debilitating impact on the security,
economy, public health or safety, and/or the environment, across any Federal,
State, regional, territorial, or local jurisdiction. Infrastructure may be
critical to one particular jurisdiction, a State, a multi-state region, or the
Nation as a whole, depending on the scale of the consequences that would occur
if these assets were damaged or destroyed. Thus, we are all responsible for
helping keep our critical infrastructure safe and ensuring that it is resilient
to all hazards.
What
does it mean to protect critical infrastructure?
At its
core, protection is about trying to manage overall risk to our infrastructure
by warding off threats, reducing weaknesses or vulnerabilities, and minimizing
the impact or consequences of negative events that occur. Protection includes a
wide range of activities that are relevant to private-sector owners and
operators, such as:
·
Strengthening facilities to different kinds of hazards through
improved security measures or better design.
·
Building resiliency and redundancy into various systems used in
day-to-day operations.
·
Implementing cybersecurity measures.
·
Conducting business continuity planning, training, and
exercises.
How do
we know what infrastructure is considered critical?
Critical
infrastructure is defined as systems and assets, whether physical or virtual,
so vital that their incapacitation or destruction may have a debilitating
impact on the security, economy, public health or safety, and/or the
environment, across any Federal, State, regional, territorial, or local
jurisdiction. Infrastructure may be critical to one particular jurisdiction, a
State, a multi-state region, or the Nation as a whole, depending on the scale
of the consequences that would occur if these assets were damaged or destroyed.
Thus, we are all responsible for helping keep our critical infrastructure safe
and ensuring that it is resilient to all hazards.
What
does it mean to protect critical infrastructure?
At its
core, protection is about trying to manage overall risk to our infrastructure
by warding off threats, reducing weaknesses or vulnerabilities, and minimizing
the impact or consequences of negative events that occur. Protection includes a
wide range of activities that are relevant to private-sector owners and
operators, such as:
·
Strengthening facilities to different kinds of hazards through
improved security measures or better design.
·
Building resiliency and redundancy into various systems used in
day-to-day operations.
·
Implementing cybersecurity measures.
·
Conducting business continuity planning, training, and
exercises.
What is
my role in protecting critical infrastructure?
The
protection of our Nation’s infrastructure is a shared responsibility. Each of
us has a role in the effort, whether we work with Federal, State, or local
governments or in the private sector. We can do our part to be prepared, to
report suspicious activities, and to learn all we can about critical infrastructure
protection and resilience.
Why is
private-sector engagement so important?
The
vast majority of our Nation’s infrastructure is owned and operated by the
private sector—virtually all infrastructure assets and systems are physically
located within local jurisdictions. As such, national infrastructure protection
efforts start with the commitment, support, and engagement of local and
regional communities and the commercial enterprises located there.
What
does it mean for me to help implement the National Infrastructure Protection
Plan (NIPP)?
The
NIPP is a national plan that provides the roadmap for a safer, more secure, and
more resilient America. The plan defines overall roles and responsibilities for
public and private partners and outlines a comprehensive approach for managing
the risks facing our Nation’s infrastructure. There are many ways that you can
join the national partnership for implementing the NIPP. You can participate in
information-sharing mechanisms, join in community planning activities, and use
the NIPP Risk Management Framework as a model for evaluating the risks to your
operation. Understanding how you are connected to, and mutually dependent on,
other infrastructure sectors around you is one of the first steps you can take
to strengthen protection and resilience and implement the NIPP.
How
does the private sector collaborate with the government on infrastructure
protection and resilience at a national level?
A broad
public-private partnership known as the Sector Partnership Model provides a
basis for national-level coordination. This framework is comprehensive, because
it involves virtually every sector of our national economy and connects to all
levels of government. This partnership balances the needs and interests of an
incredibly diverse group of partners who share a common interest: to protect
our Nation’s infrastructure and make it more resilient to attacks, natural
hazards, or other kinds of emergencies. The partnership approach includes a
hotline that connects private-sector and government partners across all the
sectors.
How
does my sector connect to this overall collaboration effort?
Sixteen
of the critical infrastructure sectors have a coordinating body known as a
Sector Coordinating Council. The councils provide a venue for private-sector
owners and operators to share ideas and air concerns. These councils also offer
a mechanism to coordinate with the government on infrastructure protection
activities. The Sector Coordinating Councils are organized, run, and governed
by the private sector, not the government, so they speak for and represent the
interests of that particular sector. Their membership is diverse, including
owners and operators from large and small businesses, to ensure that a wide
range of views are included in the process.
How can
I learn more about what my sector is doing in the areas of protection and
resilience?
Each
infrastructure sector has published a plan that documents how it is evaluating
the risks it faces, what actions are being taken to manage those risks, and how
government and industry are collaborating in those efforts. Several of these
sector-specific plans are available on the U.S. Department
of Homeland Security Web site. You can email us at NIPP@hq.dhs.gov to learn more.
What do
we mean by risk in the context of critical infrastructure protection and
resilience?
Risk is
the potential for an unwanted outcome from an incident, event, or occurrence,
as determined by its likelihood and the associated consequences. To understand
risk, you have to understand the nature and magnitude of potential threats,
existing vulnerabilities to that threat, and the consequences that could
result. At the national level, the U.S. Department of Homeland Security
analyzes risk for each of the critical infrastructure sectors, working in close
collaboration with Federal, State, and local authorities, and private-sector
owners and operators. Each sector is also responsible for assessing the risk it
faces in terms of threats, vulnerabilities, and consequences and taking action
to manage that risk based on knowledge about sector operations and the overall
risk landscape. To learn more, you can contact NIPP@hq.dhs.gov.
What
are the benefits of assessing infrastructure risk to my business operations?
Understanding
the risk you face and identifying actions you can take to manage that risk are
responsibilities of every infrastructure owner and operator. By following the
simple steps in the NIPP Risk Management Framework you can be better prepared
to deter or mitigate a potential terrorist attack or natural hazard, and you
will position your business to return to full operations more quickly in the
event of a natural disaster or other type of incident.
What
are some of the key considerations in assessing risk to infrastructure?
You should
consider the following questions in this process:
·
What types of events could happen that would affect your
business? Natural hazards? Industrial accidents? Terrorism?
·
What are the essential elements of your business? Is it your
physical plant or facilities? What about your networks and systems? Your
workforce? What goods or services do you require to continue functioning? Do
you have specialized equipment?
·
How vulnerable are your essential business elements to the
different types of hazards that you may face?
·
What would the consequences be in terms of human lives and
economic impact if these essential elements were damaged, disrupted, or
destroyed by an event in your community?
You can
use this information to develop strategies to protect your business through
increased security and to build a business continuity plan to ensure you can
remain operational during almost any emergency.
How do
we get information about risks and threats to our sector?
Each
sector is responsible for assessing the risk it faces in terms of threats,
vulnerabilities, and consequences and taking action to manage that risk based
on knowledge about sector operations and the overall risk landscape. The
sectors publish a sector-specific plan approximately every three years that
documents how they are evaluating the risks they face, what actions are being
taken to manage those risks, and how government and industry are collaborating
in those efforts. To learn more, you can contact us with questions atNIPP@hq.dhs.gov.
http://emilms.fema.gov/
No comments:
Post a Comment