Monday, March 10, 2014

Tweet

[IWS] CRS: CRITICAL INFRASTRUCTURES: BACKGROUND, POLICY, AND IMPLEMENTATION [21 February 2014]

IWS Documented News Service

_______________________________

Institute for Workplace Studies----------------- Professor Samuel B. Bacharach

School of Industrial & Labor Relations-------- Director, Institute for Workplace Studies

Cornell University

16 East 34th Street, 4th floor---------------------- Stuart Basefsky

New York, NY 10016 -------------------------------Director, IWS News Bureau

________________________________________________________________________

 

Congressional Research Service (CRS)

 

Critical Infrastructures: Background, Policy, and Implementation

John D. Moteff, Specialist in Science and Technology Policy

February 21, 2014

http://www.fas.org/sgp/crs/homesec/RL30153.pdf

[full-text, 39 pages]

 

Summary

The nation’s health, wealth, and security rely on the production and distribution of certain goods

and services. The array of physical assets, functions, and systems across which these goods and

services move are called critical infrastructures (e.g., electricity, the power plants that generate it,

and the electric grid upon which it is distributed).

 

The national security community has been concerned for some time about the vulnerability of

critical infrastructure to both physical and cyberattack. In May 1998, President Clinton released

Presidential Decision Directive No. 63. The Directive set up groups within the federal

government to develop and implement plans that would protect government-operated

infrastructures and called for a dialogue between government and the private sector to develop a

National Infrastructure Assurance Plan that would protect all of the nation’s critical

infrastructures by the year 2003. While the Directive called for both physical and cyber protection

from both man-made and natural events, implementation focused on cyber protection against

man-made cyber events (i.e., computer hackers). Following the destruction and disruptions

caused by the September 11 terrorist attacks in 2001, the nation directed increased attention

toward physical protection of critical infrastructures. Over the intervening years, policy,

programs, and legislation related to physical security of critical infrastructure have stabilized to a

large extent. However, current legislative activity has refocused on cybersecurity of critical

infrastructure.

 

This report discusses in more detail the evolution of a national critical infrastructure policy and

the institutional structures established to implement it. The report highlights two primary issues

confronting Congress going forward, both in the context of cybersecurity: information sharing

and regulation.

 

Contents

Introduction ...................................................................................................................................... 1

Federal Critical Infrastructure Protection Policy: In Brief............................................................... 2

The President’s Commission on Critical Infrastructure Protection ................................................. 3

Presidential Decision Directive No. 63 ............................................................................................ 4

Restructuring by the Bush Administration ....................................................................................... 7

Pre-September 11 ...................................................................................................................... 7

Post-September 11 ..................................................................................................................... 8

The Obama Administration ............................................................................................................ 12

Department of Homeland Security ................................................................................................ 14

Initial Establishment ................................................................................................................ 14

Second Stage Review Reorganization ..................................................................................... 16

Post-Katrina Emergency Management Reform Act of 2006 ................................................... 16

Policy Implementation ................................................................................................................... 17

Government-Sector Coordination............................................................................................ 17

Appointment of the National Infrastructure Advisory Council ............................................... 20

Internal Agency Plans .............................................................................................................. 20

National Critical Infrastructure Plan ........................................................................................ 22

Information Sharing and Analysis Center (ISAC) ................................................................... 24

Identifying Critical Assets, Assessing Vulnerability and Risk, and Prioritizing Protective Measures ......................... 26

Cybersecurity Framework ....................................................................................................... 28

Issues and Discussion .................................................................................................................... 28

Information Sharing ................................................................................................................. 28

Regulation................................................................................................................................ 30

 

Tables

Table 1. Lead Agencies per PDD-63................................................................................................ 4

Table 2. Current Lead Agency Assignments .................................................................................. 18

Table 3. NIPP 2013: Guiding Tenets and Call to Action ............................................................... 25

Table A-1. Funding for the Infrastructure Protection and Information Security Program ............. 34

 

Appendixes

Appendix. Funding for Critical Infrastructure ............................................................................... 32

 

Contacts

Author Contact Information........................................................................................................... 36

 

 

 

 

 

________________________________________________________________________

This information is provided to subscribers, friends, faculty, students and alumni of the School of Industrial & Labor Relations (ILR). It is a service of the Institute for Workplace Studies (IWS) in New York City. Stuart Basefsky is responsible for the selection of the contents which is intended to keep researchers, companies, workers, and governments aware of the latest information related to ILR disciplines as it becomes available for the purposes of research, understanding and debate. The content does not reflect the opinions or positions of Cornell University, the School of Industrial & Labor Relations, or that of Mr. Basefsky and should not be construed as such. The service is unique in that it provides the original source documentation, via links, behind the news and research of the day. Use of the information provided is unrestricted. However, it is requested that users acknowledge that the information was found via the IWS Documented News Service.

 

 




Links to this post:

Create a Link



<< Home

This page is powered by Blogger. Isn't yours?