Presentation is loading. Please wait.

Presentation is loading. Please wait.

EMI Higher Education Symposium 5 June 2014

Published byDale Cannon Modified over 9 years ago

Similar presentations

Presentation on theme: "EMI Higher Education Symposium 5 June 2014"— Presentation transcript:

1 EMI Higher Education Symposium 5 June 2014
NIPP 2013: Partnering for Critical Infrastructure Security and Resilience EMI Higher Education Symposium 5 June 2014

2 Strategic Drivers

3 Critical Infrastructure Today
Critical Infrastructure defined: “Assets, systems, and networks, whether physical or virtual, so vital to the United States that their incapacitation or destruction would have a debilitating effect on national security, economic security, national public health or safety, or any combination thereof.” 16 Critical Infrastructure Sectors Government Facilities Healthcare and Public Health Information Technology Nuclear Reactors, Materials and Waste Transportation Systems Water & Wastewater Systems Chemical Commercial Facilities Communications Critical Manufacturing Dams Defense Industrial Base Emergency Services Energy Financial Services Food & Agriculture

4 Today’s Risk Landscape
America remains at risk from a variety of threats including: Acts of Terrorism Cyber Attacks Extreme Weather Pandemics Accidents or Technical Failures NIPP 2013 offers a distributed approach for addressing the diverse and evolving risk environment.

5 Executive Order 13636: Improving Critical Infrastructure Cybersecurity
National Policies President Obama announced two policies related to critical infrastructure security and resilience in February 2013: Presidential Policy Directive 21: Critical Infrastructure Security and Resilience “The Nation's critical infrastructure provides the essential services that underpin American society. Proactive and coordinated efforts are necessary to strengthen and maintain secure, functioning, and resilient critical infrastructure that are vital to public confidence and the Nation's safety, prosperity, and well-being.” – Presidential Policy Directive (PPD) 21 Executive Order 13636: Improving Critical Infrastructure Cybersecurity

6 Critical Infrastructure Preparedness
NIPP 2013 aligns critical infrastructure security and resilience with National preparedness policies. Presidential Policy Directive 8: National Preparedness National Preparedness Mission Areas Strengthens the security and resilience of the United States through systematic preparation for the threats that pose the greatest risk to the security of the Nation. Risk Elements

7 NIPP 2013 Vision A Nation in which physical and cyber critical infrastructure remain secure and resilient, with vulnerabilities reduced, consequences minimized, threats identified and disrupted, and response and recovery hastened Security: Reducing the risk to critical infrastructure by physical means or defensive cyber measures to intrusions, attacks, or the effects of natural or manmade disasters Resilience: The ability to prepare for and adapt to changing conditions, and withstand and recover rapidly from disruptions

8 NIPP 2013 Goals Assess and analyze critical infrastructure threats, vulnerabilities and consequences to inform risk management Address multiple threats through sustainable efforts to reduce risk; account for costs and benefits of security investments Enhance critical infrastructure resilience; minimize the adverse consequences of incidents…as well as conduct effective responses… Share actionable and relevant information across the critical infrastructure community to build awareness and enable risk- informed decision making Promote learning and adaptation during and after exercises and incidents

9 Core Tenets Coordinated and comprehensive risk identification and management Cross-sector dependencies and interdependencies Enhanced information sharing Comparative advantage in risk mitigation Regional and SLTT partnerships Cross-jurisdictional collaboration Security and resilience by design

10 Evolution from 2009 NIPP Security and Resilience
Elevates security and resilience as the primary aim of critical infrastructure homeland security planning efforts Cyber-Physical Integration Integrates cyber and physical security and resilience efforts into an enterprise approach to risk management Partnership Structure Focuses on establishing a process to set critical infrastructure national priorities determined jointly by the public and private sector International Affirms that critical infrastructure security and resilience efforts require international collaboration Risk Management Updates the critical infrastructure risk management framework and addresses alignment to the National Preparedness System, across the prevention, protection, mitigation, response, and recovery mission areas Regional and Local Partnerships Supports execution of the National Plan and achievement of the National Preparedness Goal at both the national and community levels, with focus on leveraging regional collaborative efforts Call to Action Presents a detailed Call to Action with steps that will be undertaken, shaped by each sector’s priorities and in collaboration with critical infrastructure partners, to make progress toward security and resilience

11 Risk Management Framework
Critical Infrastructure Risk Management Framework Information sharing enables partners to benefit from broader knowledge and capabilities to support risk decision-making Risk tolerance and priorities will vary Consider costs and benefits during decision making Integrates information sharing as a core component

12 Many Stakeholders, Many Strengths
Comparative Advantage Engaging in collaborative processes Applying individual expertise Bringing resources to bear Building the collective effort Enhancing overall effectiveness

13 Partnership Structures
National Level Councils Sector Coordinating Councils (SCCs) Government Coordinating Councils (GCCs) State, Local, Tribal, and Territorial Government Coordinating Council (SLTTGCC) Critical Infrastructure Cross Sector Council Federal Senior Leadership Council Regional Consortium Coordinating Council National, Regional, and Local Organizations Public Private Partnerships Regional Partnerships State and Local Councils Non-Governmental Organizations Information Sharing Mechanisms Information Sharing and Analysis Centers (ISACs) Fusion Centers

14 Call to Action A whole of community approach to advancing the national effort Build on Existing Partnerships Innovate in Managing Risk Focus on Outcomes

15 Call to Action Build upon Partnership Efforts
Set National Focus through Joint Priority Setting Determine Collective Actions through Joint Planning Efforts Empower Local and Regional Partnerships to Build Capacity Nationally Leverage incentives to Advance Security and Resilience Innovate in Managing Risk Enable Risk-Informed Decision-Making through Enhanced Situational Awareness Analyze Infrastructure Dependencies, Interdependencies, and Associated Cascading Effects Rapidly Identify, Assess, and Respond to… Cascading Effects During and Following Incidents Promote Infrastructure, Community, and Regional Recovery Strengthen Coordinated Technical Assistance, Training, and Education Improve Critical Infrastructure Security and Resilience by Advancing R&D Solutions Focus on Outcomes Evaluate Achievement of Goals Learn and Adapt During and After Exercises and Incidents

16 Call to Action Build upon Partnership Efforts
Set National Focus through Joint Priority Setting Determine Collective Actions through Joint Planning Efforts Empower Local and Regional Partnerships to Build Capacity Nationally Leverage incentives to Advance Security and Resilience Innovate in Managing Risk Enable Risk-Informed Decision-Making through Enhanced Situational Awareness Analyze Infrastructure Dependencies, Interdependencies, and Associated Cascading Effects Rapidly Identify, Assess, and Respond to… Cascading Effects During and Following Incidents Promote Infrastructure, Community, and Regional Recovery Strengthen Coordinated Technical Assistance, Training, and Education Improve Critical Infrastructure Security and Resilience by Advancing R&D Solutions Focus on Outcomes Evaluate Achievement of Goals Learn and Adapt During and After Exercises and Incidents

17 Call to Action Enable Risk Informed Decision Making Through Enhanced Situational Awareness Undertake a partnership-wide review of impediments to information sharing Build upon the functional relationship deliverable from Presidential Policy Directive 21 (PPD-21) Develop streamlined, standardized processes to promote integration and coordination of information sharing Develop interoperability standards to enable more efficient information exchange through defined data standards and requirements

18 Call to Action Identify, Assess, and Respond to Unanticipated Infrastructure Cascading Effects During and Following Incidents Enhance the capability to rapidly identify and assess cascading effects involving the lifeline functions and contribute to identifying infrastructure priorities—both known and emerging—during response and recovery efforts Enhance the capacity of critical infrastructure partners to work through incident management structures such as the ESFs to mitigate the consequences of disruptions to the lifeline functions

19 Call to Action Promote Infrastructure, Community, and Regional Recovery Following Incidents Encourage States and localities to consider critical infrastructure challenges in pre-incident recovery planning, post-incident damage assessments, and recovery strategy development Support examination of initiatives to enhance, repair, or replace infrastructure providing lifeline functions during recovery

20 Call to Action Strengthen Coordinated Development and Delivery of Technical Assistance, Training, and Education Capture, report, and prioritize the technical assistance, training, and education needs of critical infrastructure partners Examine current Federal technical assistance, training, and education programs to ensure that they support the national priorities and the risk management activities described in NIPP 2013 Leverage a wider network of partners to deliver training and education programs to better serve recipients and reach a wider audience while conserving resources Partner with academia to establish and update critical infrastructure curricula that help to train critical infrastructure professionals

21 Call to Action Improve Critical Infrastructure Security and Resilience by Advancing Research and Development Solutions Promote R&D to enable the secure and resilient design and construction of critical infrastructure and more secure accompanying cyber technology Enhance modeling capabilities to determine potential impacts on critical infrastructure of an incident or threat scenario, as well as cascading effects on other sectors Facilitate initiatives to incentivize cybersecurity investments and the adoption of critical infrastructure design features that strengthen all- hazards security and resilience Prioritize efforts to support the strategic guidance issued by DHS

22 Call to Action Learn and Adapt During and After Exercises and Incidents Develop and conduct exercises through participatory processes to suit diverse needs and purposes Design exercises to reflect lessons learned and test corrective actions from previous exercises and incidents, address both physical and cyber threats and vulnerabilities, and evaluate the transition from steady state to incident response and recovery efforts Share lessons learned and corrective actions from exercises and incidents and rapidly incorporate them into technical assistance, training, and education programs

23 Build Upon Partnership Efforts Innovate in Managing Risk
What You Can Do Build Upon Partnership Efforts Innovate in Managing Risk Focus on Outcomes Understand the critical infrastructure landscape and how to partner with owners and operators Provide support for assessing criticality and managing risk Rigorous study of exercises and incidents Bring private sector into linkages with Emergency Management and Law Enforcement communities Incorporate critical infrastructure perspectives into traditional emergency management curricula Establishment/awareness of regional consortia with diverse stakeholders Connect cyber/physical stakeholders Encourage systems approach to understanding dependencies and interdependencies Connect to the NICC/NCCIC Adopt the Cybersecurity Framework

24 Resources and Training
Visit for links to the full NIPP 2013 and the NIPP Supplements and critical infrastructure training: NIPP Supplements Connecting to the NICC and NCCIC Executing a Critical Infrastructure Risk Management Approach Incorporating Resilience into Critical Infrastructure Projects NPPD Resources to Support Vulnerability Assessments Critical Infrastructure Partnership Courses IS 913 Achieving Results through Critical Infrastructure Partnership and Collaboration IS 921 Implementing Critical Infrastructure Protection Programs and CI TOOLKIT Security Awareness Series Courses IS 906 Workplace Security IS 907 Active Shooter IS 912 Retail Security Awareness IS 914 Surveillance Awareness: What you can do IS 915 Protecting Critical Infrastructure Against Insider Threat IS 916 Critical Infrastructure Security: Theft and Diversion – What You Can Do

25

Download ppt "EMI Higher Education Symposium 5 June 2014"

Similar presentations

Protective Security Advisors Securing the Nations critical infrastructure one community at a time.

Protective Security Advisors Securing the Nations critical infrastructure one community at a time.
Critical Infrastructure Protection Policy Priorities Sara Pinheiro European Commission DG Home Affairs.

Critical Infrastructure Protection Policy Priorities Sara Pinheiro European Commission DG Home Affairs.
DEFENSE SUPPORT OF CIVIL AUTHORITIES (DSCA)

DEFENSE SUPPORT OF CIVIL AUTHORITIES (DSCA)
AGENDA ITEM 4: FOLLOW-UP ON THE DECISIONS OF THE WORLD METEOROLOGICAL CONGRESS ON THE INTERGOVERNMENTAL BOARD ON CLIMATE SERVICES AGENDA ITEM 4.1: IMPLEMENTATION.

AGENDA ITEM 4: FOLLOW-UP ON THE DECISIONS OF THE WORLD METEOROLOGICAL CONGRESS ON THE INTERGOVERNMENTAL BOARD ON CLIMATE SERVICES AGENDA ITEM 4.1: IMPLEMENTATION.
Idaho Critical Infrastructure and Key Resources Protection Program and Fusion Center Brief.

Idaho Critical Infrastructure and Key Resources Protection Program and Fusion Center Brief.
GEORGE MASON UNIVERSITY Center for Infrastructure Protection and Homeland Security Integrating Critical Infrastructure into Emergency Management Programs.

GEORGE MASON UNIVERSITY Center for Infrastructure Protection and Homeland Security Integrating Critical Infrastructure into Emergency Management Programs.
Wade E. Kline, AICP Community Development Planner.

Wade E. Kline, AICP Community Development Planner.
Building Disaster-Resilient Places STEP ONE – Forming a Collaborative Planning Team.

Building Disaster-Resilient Places STEP ONE – Forming a Collaborative Planning Team.
National Infrastructure Protection Plan

National Infrastructure Protection Plan
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
Partnership for Critical Infrastructure Security PCIS Mission: The mission of the Partnership for Critical Infrastructure Security (PCIS) is to coordinate.

Partnership for Critical Infrastructure Security PCIS Mission: The mission of the Partnership for Critical Infrastructure Security (PCIS) is to coordinate.
For Discussion Purposes Only

For Discussion Purposes Only
David Kaufman Associate Administrator for Policy, Program Analysis, and International Affairs Toward More Resilient Futures: Putting Strategic Foresight.

David Kaufman Associate Administrator for Policy, Program Analysis, and International Affairs Toward More Resilient Futures: Putting Strategic Foresight.
US Army Corps of Engineers BUILDING STRONG ® Ty Brumfield (LNO to FEMA –RSF-IS National Coordinator Office of Homeland Security Directorate of Contingency.

US Army Corps of Engineers BUILDING STRONG ® Ty Brumfield (LNO to FEMA –RSF-IS National Coordinator Office of Homeland Security Directorate of Contingency.
Mainstreaming Disaster Risk Management in Iraq

Mainstreaming Disaster Risk Management in Iraq
Business Crisis and Continuity Management (BCCM) Class Session 3 3 - 1.

Business Crisis and Continuity Management (BCCM) Class Session
PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.

PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.
Interim National Preparedness Goal

Interim National Preparedness Goal
Community Planning & Capacity Building Recovery Support Function Presented By: Michelle Diamond Community Planning & Capacity Building Coordinator FEMA.

Community Planning & Capacity Building Recovery Support Function Presented By: Michelle Diamond Community Planning & Capacity Building Coordinator FEMA.
Session 121 National Incident Management Systems Session 12 Slide Deck.

Session 121 National Incident Management Systems Session 12 Slide Deck.

Similar presentations

Ads by Google