Saturday, June 27, 2020
Understanding Critical Infrastructure (CIKR, NIPP) - 275 Words
Understanding Critical Infrastructure: Establishment of Infrastructural Goals as Well as Objectives (CIKR, NIPP) (Essay Sample) Content: Understanding Critical InfrastructuresNameInstitutionUnderstanding Critical InfrastructureCritical infrastructure partnership manages risks through creation of diverse commitment to society, focusing on consumer well-being as well as business management structures. Tolerances to elements of risks are diverse and varied within environment of different organizations and sectors dictated by resources, business operating structures together with regulatory measures (, 2016). Creation of priority with regards to risk mitigation approaches is a crucial part of decision support systems during selection of risk control activities needing implementation. There is flow of information during execution of risk management framework. RMF consists of a number of steps which enable efficient management of potential threats to national infrastructure (, 2016).Establishment of infrastructural goals as well as objectivesTo start with, RMF requires establishment of infrastructural goals as well as objectives. This step creates broad goals which guide establishment of critical infrastructural security as well as resilience (Macaulay, 2009). Established goals receive support from aims and main concerns identified at the lowest level articulated within sector specific plan that function as objectives during joint planning undertaken by SSAs together with partners in government and private sectors of economy (Macaulay, 2009). A number of multi-year concerns advanced with support from a wide range of sectors participating within partnership help compliment initiatives and set goals. Such concerns might be focused on specific goals as well as issues that are common to several sectors (Macaulay, 2009). These are sectors within which resources may be harnessed with substantial impact. Operators and Owners of critical infrastructure, SLTT as well as regional entities have capacity to pinpoint objectives and concerns in context of vulnerable infrastructure aligned to natio nal objectives, goals as well as sectorial objectives (Macaulay, 2009).Identification of infrastructureEffective management of vulnerable infrastructure requires partners to clearly identify assets, networks and systems essential in continued operation bearing in mind associative dependencies as well as interdependencies (Macaulay, 2009). This process also allows for identification of essential information communication needs together with relevant technology necessary to facilitate crucial service provision (Macaulay, 2009). CI partners have different views regarding criticality. This difference stems from uniqueness of each owner, difference in models of operation as well as inherent risks (Macaulay, 2009). For example, Federal authorities identify and prioritize critical infrastructure of national importance based on constitutional provisions as well as state considerations. SLTT authorities make infrastructural identification and prioritization based on business operating scena rios and inherent risks (Macaulay, 2009). Owners and operators of infrastructure make identification of infrastructure, network and related systems essential to sustained operation as well as product and service delivery to consumers (Lewis, 2006). At the lowest level, a number of SSAs work alongside operators, owners as well as SLTT bodies enabling identification of infrastructure significant at all levels of a country (Macaulay, 2009). Proper management of risks requires sound knowledge of criticality and related interdependencies between infrastructures (Lewis, 2006).Assessment and analysis of risksAssessment of CIRs may be undertaken through evaluation of threats which may be man-made or natural potent enough to inflict harm to information, life, operation, our environment and property. Risks are also evaluated in terms of ability to render entities easy targets of exploitation by a particular hazard (Lewis, 2006). As an example, critical infrastructure owners undertake risk ass essments with aid of a number of methodologies. Such assessments enable leaders within communities gain an understanding of severity and likelihood of hazard occurrence capable of crippling operations (Lewis, 2006). Such information is utilized in planning as well as allocation of resources. Effective assessment of risks requires partners to have timely, actionable and reliable information in regards to consequences, threats as well as vulnerabilities. Initiatives that support sharing of information exist at regional and national levels (Caldwell United States, 2011). For example, sharing of information and related activity have a potential to offer protection of privacy through application of FIPPs (Lewis, 2006). It is also able to protect civilian liberties once through adherence to applicable policies and laws. As an example, Federal authorities have established statutory responsibilities for public leaders that allow safeguarding of information relating to critical infrastructu re. Department of homeland security and equally relevant agencies employ PCII and related protocols for instance CNSI, LESI and FSCG. PCII protocols, which came into being through CII Act established in 2002, helps define necessities for submission of CII (Lewis, 2006).Implementation of risk managementDecision making bodies prioritize when it comes to activities relating to risk management in order to ensure proper management of vulnerable infrastructure uncertainty with regards to criticality in context of infrastructure affected, risk reduction potential and cost of running such activities (, 2016). Most risk management initiatives address several areas of uncertainty, while most others target particular threats, potential outcomes and vulnerabilities. Such risk management fall under three different categories. One approach is identification, deterrence, disruption and ensuring preparedness where threats are imminent (, 2016). Responsible agencies work together during evaluation o need for increase security as well as measures of resilience based upon available information. Security systems are employed to help in detection or delaying imminent attacks (, 2016). Risk management also involves reduction of vulnerabilities. This encompasses integration of security architecture within design of systems, assets as well as networks (Lewis, 2006). In addition, R D is undertaken to aid reduction of physical and cyber vulnerabilities that have been difficult to eradicate (, 2016). Lastly, risk management initiatives involve mitigation of consequences. Mitigation can be done through sharing of information as a means to support and encourage situational cognizance. It also encompasses initiative relating to restoration of essential infrastructure after an attack such as during 9/11 (, 2016). Support during or after an attack is provided for through a collaboration between NPF (national Prevention framework), NPF (National protection Framework), NMF (National mitiga tion framework) and NRF (National Response Framework) (Lewis, 2006). One such means through which listed bodies collaborate jointly is through NRF. This body coordinates efforts during a disaster warranting federal input.Measurement of EffectivenessCommunities associated with critical infrastructure assess effectiveness of RM activities within different levels through establishment of metrics applicable in both indirect and direct indicators. SCCs work jointly with SSAs under secto...
Subscribe to:
Posts (Atom)