Explain interconnectivity of infrastructures (e.g., airlines and the power grid) with specific examples. Do interconnectivities increase the vulnerability of major infrastructures?
Order Instructions:
For this Case Assignment, you are to answer the following:
1.Explain interconnectivity of infrastructures (e.g., airlines and the power grid) with specific examples. Do interconnectivities increase the vulnerability of major infrastructures?
2.Should a CIP management model be centralized, decentralized, or a combination? Propose a relevant management practice model that supports your position.
3.Comment on critical infrastructures in your town, state, or area of deployment. Number, Type(s)? How protected?
Length: This Case Assignment should be at least 3 pages not counting the title page and references.
References: At least two references should be included from academic sources listed below. (e.g. peer-reviewed journal articles). Required readings are included. Quoted material should not exceed 10% of the total paper (since the focus of these assignments is critical thinking).
Use subheadings to help organize the overall paper.
References:
1) A generic national framework for critical information infrastructure protection (CIIP) (2007). Manual Suter Center for Security Studies, ETH, Zurich. Retrieved November 17, 2012 from: http://www.itu.int/ITU-D/cyb/cybersecurity/docs/generic-national-framework-for-ciip.pdf
2) O’Connor, T. (2010) The safety and security of critical infrastructure. Retrieved November 16, 2012 from: http://drtomoconnor.com/3430/3430lect01a.htm
3) Student manual (2013), The National Infrastructure Protection Plan: An Introduction. FEMA. Retrieved from: https://training.fema.gov/EMIWeb/IS/courseOverview.aspx?code=IS-860.b
4 )The National Cybersecurity and Communications Integration Center:
http://www.dhs.gov/about-national-cybersecurity-communications-integration-center
5) Digital Attack Map: Distributed Denial of Service (DDoS) Website: http://www.digitalattackmap.com/#anim=1&color=0&country=ALL&time=16066&view=map
6) The national strategy for homeland security (2007). U.S. Office of Homeland Security. Retrieved November 16, 2012 from: http://www.dhs.gov/national-strategy-homeland-security-october-2007
SAMPLE ANSWER
Interconnectivity of infrastructures
Explain interconnectivity of infrastructures (e.g., airlines and the power grid) with specific examples. Do interconnectivities increase the vulnerability of major infrastructures?
Infrastructure, when viewed as a facility, system, or function providing foundation for reputation, way of life and economic vitality, then its importance to a community cannot be over-emphasized. It enhances the quality of life to the community such that its incapacitation is felt by the majority, if not all. Given this importance, its security and protection becomes critical to the community who enjoy its benefits. Over time, development of a particular infrastructure becomes dependent on the development of another. Development of airline industry is dependent on the development of the airports and the inter-dependent service provision industries, who in turn rely on the power supply industry who rely on the power generation industry, who in turn rely on the parks and forestry services to protect the water catchment areas. The interdependence has led to interconnectedness as communities seek more efficient and reliable supply of the various benefits.
Water supply and power generation will be interconnected given they share the same asset (Dam). Thus when viewed from this perspective, the interconnectedness of the infrastructure will ultimately increase their vulnerability. Individually, this may not be as pronounced as when viewed as one (collectively). In the past few years instances of attempted attacks of critical infrastructure has increased significantly. This has resulted in the security community raising its consciousness of the risks associated with critical infrastructure (O’Connor, 2010). The spread of the cyber weapon “Stuxnet” exhibits this clearly. Stuxnet changed forever the way military battle are fought and won. It allowed an actor who deployed Stuxnet could easily cause serious damages to entire populations.
Q: Should a CIP management model be centralized, decentralized, or a combination? Propose a relevant management practice model that supports your position.
There are arguments for and against the centralized, decentralized, and a combination. However, the combination management model is especially ideal for CIP given the agencies that have overlapping responsibilities in the attainment of protection of critical infrastructure. As stated earlier, infrastructure especially the critical ones, pose a significant threat and thus expose protection agencies to unique challenges in safeguarding them. The Combination model appreciates that it remains the responsibility of the government to set goals on the protection of critical infrastructure. The implementation and attainment of these goals falls to the private-sector. Whereas the private sector could be knowledgeable and adequately equipped to deal with certain vulnerability, it may not take action as a result of the cost associated with the reduction of the vulnerability. The government thus comes in to offer incentives that will make the private sector take up vulnerability reduction measures (Suter, 2007).
When viewed in isolation, the cost of reducing vulnerabilities outweighs the benefit of reduced risk from terrorism attacks as well as from natural and other disasters for an individual infrastructure project. However, due to the interconnectedness, the risk of failure of one infrastructure becomes so enormous that it becomes critical. When it becomes critical, the management of its security becomes heightened. A combination CIP management model will consist of all proactive activities that seek to protect indispensable physical asset, systems (more so cyber and communication systems) and people, which relies on a decision making process that is both reliable and systematic to aid leaders determine exactly what needs protection, when, where and how. The pro-activity of the management model will be best exhibited in the pro-activity in management of emergencies, which will go beyond normal security and defensive postures. Thus with the combination management model, one will be able to identify the critical infrastructure, determine the threat against those infrastructures, analyze the vulnerabilities of threatened infrastructure, assess the risk of degrading or loss of a critical infrastructure and apply countermeasure where risk is identifies and determined to be unacceptable. The model realizing that CIP does not rely on unique intelligence collection but rather unique intelligence integration functions. The model thus guarantees ease of access to information but more importantly guarantees access to specific analytical methods, which can be used to assess vulnerabilities and conduct individual infrastructure risk analysis (The National Strategy for Homeland Security, 2007).
Q: Comment on critical infrastructures in your town, state, or area of deployment. Number, Type(s)? How protected?
My hometown has infrastructure that supports the quality of life of some 15,000 inhabitants. The water treatment works overlooks the town so that water is supplied to homes via gravitational pull. There is a power plant where the river that feeds the dam that supplies the town with water drains the dam. The power generated is enough to meet the entire local requirement. Both this critical facilities are not adequately protected. This could be because of the feeling of rural America that one gets in our town. Access to both facilities is unimpeded and anyone can go up to the dam that provides drinking water to the town. Should a terrorist want to harm my town, they could easily introduce a poisonous substance to the drinking water of the town or even blow up the dams barriers there by flooding my entire town.
References
O’Connor, T. (2010) The safety and security of critical infrastructure. Retrieved November 16, 2012 from: http://drtomoconnor.com/3430/3430lect01a.htm
Suter, M (2007) A Generic National Framework for Critical Information Infrastructure Protection (CIIP). Center for Security Studies, ETH, Zurich. Retrieved November 17, 2012 from: http://www.itu.int/ITU-D/cyb/cybersecurity/docs/generic-national-framework-for-ciip.pdf
The National Strategy for Homeland Security (2007). U.S. Office of Homeland Security. Retrieved November 16, 2012 from: http://www.dhs.gov/national-strategy-homeland-security-october-2007
We can write this or a similar paper for you! Simply fill the order form!
