Whether it’s a planned event like the Super Bowl, or a catastrophic event such as a hurricane, the Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency's Infrastructure Security Division is ready to work with businesses, communities, and local governments across the United States to enhance the security and resilience of the nation's critical infrastructure and to prepare for and recover from any hazard facing us.
Infrastructure Security Overview
The strategy and concepts in the National Infrastructure Protection Plan (NIPP) 2013 guide DHS in its execution of Presidential Policy Directive 21: Critical Infrastructure and Resilience, which calls on the federal government to advance a unified national effort to strengthen and maintain secure, functioning, and resilient critical infrastructure.
To this end, DHS conducts assessments on infrastructure and communities to help businesses and local government officials make decisions about where to put resources to enhance security before an event and improve recovery after an event.
When an event or attack occurs that affects our nation’s critical infrastructure, every second makes a difference. Thus, DHS plays a vital role in sharing information with both public and private sector partners that is essential to the nation’s security and resilience.
Because the majority of our national critical infrastructure is owned and operated by private companies, DHS also works with businesses, communities, and local governments to provide training and other tools and resources to educate the broader community on the need for critical infrastructure security and resilience and to enhance their current efforts. Public-private partnerships, in particular, are vital to this effort as DHS relies on support from partners and stakeholders to accomplish the mission of ensuring critical infrastructure security and resilience.
The nation's critical infrastructure provides the essential services that underpin American society and serve as the backbone of our nation's economy, security, and health. We know it as the power we use in our homes, the water we drink, the transportation that moves us, the stores we shop in, and the communication systems we rely on to stay in touch with friends and family.
Overall, there are 16 critical infrastructure sectors that compose the assets, systems, and networks, whether physical or virtual, so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof. The Cybersecurity and Infrastructure Security Agency's Infrastructure Security Division leads the coordinated national effort to manage risks to the nation's critical infrastructure and enhance the security and resilience of America's physical and cyber infrastructure. Read more about how Infrastructure Security division leads this national effort.
What Is Critical Infrastructure?
Just as we all rely on critical infrastructure, we all play a role in keeping it strong, secure, and resilient. Securing and making critical infrastructure resilient is a shared responsibility—shared by Federal, State, local, tribal, and territorial governments; private companies; and individual citizens.
Because the vast majority of our nation’s critical infrastructure is privately owned and operated, both the government and private sector have formed vital partnerships to fulfill our shared responsibility to prevent and reduce the risks of disruptions to critical infrastructure. Together, public-private efforts to strengthen critical infrastructure help the public sector to enhance security and rapidly respond to and recover from all-hazards events and assist the private sector to restore business operations and minimize losses in the face of such an event.
Critical Infrastructure Public-Private Partnerships
The protection of the nation's critical infrastructure requires effective partnerships that foster integrated, collaborative engagement and interaction among public and private sector partners across all 16 critical infrastructure sectors.
The Cybersecurity Ddivision, within the Cybersecurity and Infrastructure Security Agency, is responsible for enhancing the security, resilience, and reliability of the nation’s cyber and communications infrastructure.
Infrastructure Security Division
The Infrastructure Security Division, within the Cybersecurity and Infrastructure Security Agency, leads and coordinates national programs and policies on critical infrastructure security and resilience and has established strong partnerships between the government and the private sector.
Critical Infrastructure Security and Resilience Month
Observed in November, Critical Infrastructure Security and Resilience Month recognizes the vital role that critical infrastructure plays in our nation’s way of life and why it is important to expand and reinforce critical infrastructure security and resilience. By raising awareness of the importance of security the assets, systems, and networks we count on every day, we can build on the great work of this public-private partnership and further enhance security and resilience of our critical infrastructure.
What Is Security and Resilience?
It is the Department of Homeland Security’s responsibility to enhance the security and resilience of the nation’s critical infrastructure. But what is security and resilience?
Presidential Policy Directive 21 (PPD-21): Critical Infrastructure Security and Resilience defines security as reducing the risk to critical infrastructure by physical means or defense cyber measures to intrusions, attacks, or the effects of natural or manmade disasters.
Examples of security measures:
- Badge entry at doors
- Using antivirus software
- Fencing around buildings
- Locking computer screens
PPD-21 defines resilience as the ability to prepare for and adapt to changing conditions and withstand and recover rapidly from disruptions. Resilience includes the ability to withstand and recover from deliberate attacks, accidents, or naturally occurring threats or incidents.
Examples of resilience measures:
- Developing a business continuity plan
- Having a generator for back-up power
- Using building materials that are more durable