Critical Infrastructure Protection (and Policy) H. Scott Matthews March 5, 2003

Recap of Last Lecture  Midterm Questions? Due today, 5pm!  Infrastructure interdependencies exist  4 types, 6 dimensions  Some caused by our influence,  Some by management (systems)  Some by necessity  The interdependencies compound risk  We do not yet understand them well  Have high-level, not detailed models  Infrastructure sectors ‘depend’ on each other more than average sectors depend on them

Threat  Any circumstance or event with the potential to cause harm to a system in the form of destruction, disclosure, adverse modification, and/or the denial of service.  Examples: Hackers, electrical storms  Need to know likelihood of threats  Sources: National Information Systems Security (INFOSEC) Glossary, NSTISSI No. 4009, Aug. 1997) - generalized form of it

Vulnerability  Weakness in a system, or its components (e.g., system security procedures, design, controls) that could be exploited by a threat  Examples: Software bugs, structural design

Risk  The likelihood that a particular threat using a specific attack, will exploit a particular vulnerability of a system that results in an undesirable consequence  Risk Assessment  Process of analyzing threats to and vulnerabilities of a system and the potential impact the loss of system would have.  Resulting analysis is used as a basis for identifying appropriate and cost-effective counter- measures.  Computing expected loss functions

Risk Management  The process concerned with identification, measurement, control and minimization of security risks in systems to a level commensurate with the value of the assets protected.

Leaders Organic Essentials Infrastructure Population Military Classic Warden Defense Model

Military Phys. Infrastructure Leaders Population Econo-Tech. Infrastructure New Defense Model

Strategic Objectives of Plan  Identify and protect infrastructures and assets most critical to society  Provide warnings for specific, imminent threats  Over time protect other assets through federal, state, local gov’t and private sector collaboration  Homeland Security a “Shared Responsibility”  Source: “The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets”, White House, Feb 2003.

To Achieve Strategic Vision  Understand motivation of enemies  Understand preferred tactics  Comprehensive assessment of:  Assets and vulnerabilities  Challenges of mitigating risk  Key assets may not be part of critical infrastructure but affect prestige, morale, confidence (e.g. WTC, Golden Gate Bridge)

Effects of Attacks  Direct - loss of service  Attack on a critical node, system, function  E.g. bridge  Indirect  Attack leads to behavioral/psychological  Exploitation  Using one to destroy another  May involve interdependencies

Guiding Principles  Assure safety, confidence, service  Responsibility, accountability  Collaborative partnerships govt/industry  Market Solutions where possible  Information sharing  International cooperation  Development of technology and expertise  Safeguard privacy and freedoms

Responsibility Chain  Federal Govt - oversee & coordinate, set policies, ensure 3 strategic obj’s  State and Local - identify and secure their assets, emergency response, act as central points for requesting help, coordinate information flows  Private Sector - owns most of CI  Continue to perform RA/RM, reassess  Help identify vulnerabilities of national concern

What’s Missing?  Anything non-terrorist  Natural disasters  Accidents  Focus on terrorist-based attacks, while timely, is short-sighted given the range of threats and vulnerabilities to CI