Professional Documents
Culture Documents
EDM 502 Case 3
EDM 502 Case 3
EDM 502 Case 3
Gary Lam
Module 3 Case
The critical infrastructures and assets of the country play important roles in the
responsibilities of the government to ensure the protection and efficiency of these critical
infrastructures since these assets are essential for the consistency of the operations and processes
functions necessary for the accomplishment of private, public and government’s activities and
endeavors. The protection and security of these critical infrastructures must be taken into
consideration in the implementation of homeland security measures so that threats and risks will
be prevented from compromising the vulnerabilities of these sectors. . Basically, it is the role of
the entities from the private and public sectors, from the local, state and federal government, to
Critical infrastructures are vulnerable to different natural and artificial risks and threats.
Artificial threats or those man-made perils can take advantage of the critical infrastructures’
vulnerable aspects. It must be neutralize since it can also affect the safety and security of the
nation and its people. According to Department of Homeland Security (2019), in order to raise
the awareness of the public regarding the importance of safeguarding and ensuring their
Infrastructure Protection is instrumental in threats and risks management and prevention. One of
the critical infrastructures in the country is the energy sector. Moreover, the energy sector is
1
As mentioned by NIPP (2009), the process of energy sector involves the production,
refining, storage and distribution of gas, oil and electric power. However, commercial nuclear
power refineries are not included in the energy sector. Basically, the energy sector, more
particularly the refinery and storage phases, are instrumental in the activities of the business
organizations in the United States. The security measures for homeland security must also take
into consideration the protection of the energy resources of the country since these are highly
important for the stability of the processes of businesses and industries in the country. Artificial
threats or those man-made perils can take advantage of the vulnerabilities of refinery and storage
stages. As to avoid any hindrances in the refinery and storage processes, the energy sector must
Majority of the energy sector is owned by private entities and companies. These
companies are the suppliers of energy such as fuel and petroleum products to the transportation
sector, electric power to households and establishments and other energy sources essential to
sustain different activities and operations in the country. The supply chain operations of
businesses can be disrupted and broken if the energy sector would be compromises by man-made
It is really necessary to strengthen the security given to the energy sector since any
damage to the latter could produce large-scale damages to other sectors. One of the threats
observed to be a challenge to the energy sector is the aging infrastructures. In order to meet the
increasing demand for energy sources, the refineries are being used at their maximum capacity
level. Furthermore, natural calamities and other fortuitous events such as earthquake and
hurricane which can cause disruption and damage are also some of the threats and risks
2
.Information Technology-Information Sharing and Analysis Center (IT-ISAC)
Center or IT-ISAC. The objective of this organization is to achieve collective initiatives and
contributions from IT companies to collaborate their expertise and capabilities for the
enhancement of the processes and approaches of gathering information, relaying and managing
it. Basically, IT-ISAC was established so that involved entities can collectively work for the
purpose of addressing, managing and preventing cyber-related threats and risks that could disrupt
IT-ISAC allows the members of the organization to access the information, approaches,
measures and standards of the other members. Because of the information sharing process of IT-
ISAC, it is easier for them to protect their IT infrastructures. Furthermore, IT-ISAC assists the
government in safeguarding other critical infrastructures. The government can utilize the
strategies employed by IT-ISAC, more particularly its information sharing approach and
The control and supervision of the processes of different industries, sectors and
establishments is through industrial control systems. One example of industrial control systems
is the Supervisory Control and Data Acquisition or SCADA. Using programmable logic
administration and management of industrial activities have been automated through the
integration of SCADA systems. Since technology has flourished, the usage of SCADA systems
became popular with business owners and industries. In addition, the government can also use
3
SCADA systems as part of its home land security and critical infrastructures protection
measures.
infrastructures protection will succeed. It was reported that several infrastructures in the United
States are controlled and monitored by SCADA systems. Through monitoring of critical
infrastructures, SCADA systems can easily detect changes in the state of an operation or
establishment. However, there are instances that SCADA may contradict the protection and
security measures of other systems. Since other security systems such as FEMA are sector-
One system that defines bringing together of systems for the unification of current and
future CIKR security measures and protection methods is National Infrastructure Protection Plan
or NIPP. Through gathering of information and dissemination of pertinent data about terrorism-
related threats and risks, NIPP can help the private and public entities such as the government
and its network to strengthen its security measures and address its vulnerabilities. Furthermore,
NIPP which aims to protect and safeguard critical infrastructures compliments the duty of the
DHS to ensure the safety and security of the nation and its people. One function delegated to
Department of Homeland Security is to safeguard the critical infrastructures in the United States.
In order to effectively fulfill such responsibility, DHS needs to devise strategic and efficient
security measures that will strengthen national security including critical infrastructures.
NIPP allows government agencies and private institutions to establish a system that will
help in the process of determining the important aspects of organization that must be given
4
detection of possible loopholes in their current system, NIPP allows public and private entities
address the vulnerabilities of their organization. Since the vulnerable aspects of the security of
the organizations will be identified, they can conduct analysis and devise the most feasible and
effective effort to strengthen their security and address various types of threats and risks that can
The index of specified approach among the industries mandated in monitoring the critical
Plans define the distinct environment, threats and susceptibilities existing among industries
involved, which are necessary in devising security, management and controlling measures for the
necessarily included in the process of devising security measures that will strengthen national
security and critical infrastructure protection against various types of risks and threats that can
hamper down the operations and processes of critical infrastructures and other industries and
Sector-Specific Plans for the Energy Sector, electricity, natural gas and oil are the three principal
fragments of the sector. Furthermore, electricity, natural gas and oil are considered to be
Plans of the sector is important to ensure that the energy sector is capable of fulfilling its
functions and duties. SSP helps in identifying the appropriate methodologies and technologies
5
and in the process of collecting, evaluating and disseminating of pertinent information across
6
References
AOC Petroleum Support Services LLC. (2014). U.S. Fuel Supply Infrastructure Vulnerability to
Natural and Physical Threats. United States Fuel Resiliency, Vol II. Retrieved from
https://www.energy.gov/sites/prod/files/2015/04/f22/QER%20Analysis%20-
%20United%20States%20Fuel%20Resiliency%20Volume%20II.pdf
Department of Homeland Security (DHS). (2015). Energy Sector-Specific Plan. Retrieved from
https://www.dhs.gov/sites/default/files/publications/nipp-ssp-energy-2015-508.pdf
https://www.dhs.gov/cisa/infrastructure-security
ICS/SCADA Systems. Cybersecurity for industrial control systems: SCADA, DCS, PLC,
http://common.books24x7.com.ezproxy.trident.edu:2048/toc.aspx?bookid=47183
Ralston, P., Graham, J. & Hieb, J. (2007). Cyber security risk assessment for SCADA and DCS
http://www.sciencedirect.com/science/article/pii/S0019057807000754
Rouse, M. (2016). IT-ISAC (Information Technology Information Sharing and Analysis Center).
Shahzad, A., Lee, M., Kim, H., Woo, S. & Xiong, N. (2015). New Security Development and
Trends to Secure the SCADA Sensors Automated Transmission during Critical Sessions.
7
The Information Technology - Information Sharing and Analysis Center. (2019). About Us.