DHS Outlines Critical Infrastructure Protection Plan

The Department of Homeland Security (DHS) plans to ride the momentum of critical infrastructure protection efforts it began last year into 2011. In a blog post, the agency touted some of its accomplishments of the past year and said that the federal government will continue to take steps to protect the electricity grid, power plants and other control systems in the United States as a new year begins. The post comes on the heels of Critical Infrastructure Protection Awareness month, which the agency sponsored in December to highlight its efforts in this area.

The DHS Office of Infrastructure Protection (OIP) is at the forefront of the agency's efforts to detect and prevent terrorist, cybersecurity and other threats to U.S. critical infrastructure. Last year, the office made inroads to raising awareness among those in control of critical infrastructure of threats, as well as assessing systems to gauge the threat level.

These efforts are particularly important given one of the top security stories of 2010--the Stuxnet malware, a complex worm that infiltrated computer systems in an attempt to take down a nuclear power plant in Iran. Security experts believe the attack won't be the only one of its kind, making protection of critical infrastructure crucial in the coming year.

Last year DHS collaborated with both public and private sector partners to review what protections are in place at the facility level and assess the most significant critical infrastructure in the United States to identify potential gaps in security. The agency also gave those in charge of facilities options for managing vulnerabilities that were identified.

Providing knowledge and training about bombs was another undertaking of the OIP last year, work it will continue in 2011. In 2010, the office conducted a Bomb-making Materials Awareness Program (BMAP) for 2,189 law enforcement and emergency services personnel. It also involved the private sector by distributing materials from the program to local law enforcement to share with 21,890 private sector companies that have a stake in control systems.In addition to continuing these and other efforts in 2011, the agency plans to turn its attention to ongoing programs in chemical security; infrastructure data collection and analysis; threat assessment and modeling; contingency planning and incident support; and risk analysis, among others, according to the post.

Other areas of focus in 2011 will be to enhance regional and local resilience, stressing recovery from catastrophic events; to improve support for critical infrastructure owners and operators, as well as homeland security officials in the field, through better information sharing and other means; and to provide continuous assessment and adjust facility operations based on what the agency and stakeholders learn from those assessments.

Find out how to create and implement a security program that will defend against malicious and inadvertent internal incidents and satisfy government and industry mandates in this Tech Center report. Download the report now (free registration required).