Critical infrastructure : homeland security and emergency preparedness

Robert Radvanovsky, Allan McDougall

Since the initial inception of this book, there have been significant strides to safeguard the operations of our world's infrastructures. In recent years, there has also been a shift to more fluid postures associated with resilience and the establishment of redundant infrastructure. In keeping with the fast-changing nature of this field, Critical Infrastructure: Homeland Security and Emergency Preparedness, Third Edition has been revised and updated to reflect this shift in focus and to incorporate the latest developments. The book begins with the historical background of critical infrastructure and why it is important to society. It then explores the current trend in understanding the infrastructure's sensitivity to impacts that flow through its networked environment. Embracing an "all-hazards approach" to homeland security, critical infrastructure protection and assurance, and emergency management, the authors examine: The National Response Framework (NRF) and how it can be applied globally The relationships between the public and private sectors, and the growing concept of public-private partnerships The shift from the need-to-know paradigm to one based on information sharing, and the nature of necessary controls as this shift continues The need for organizations to adopt resilient planning, implementation, and decision-making processes in order to respond to changes within the threat environment What, where, why, and how risk assessments are to be performed, and why they are needed The impact of new regulation, individually applied self-regulation, industry and government regulation, and law enforcement In the final chapters, the book discusses current information sharing and analysis centers (ISACs), distributed control systems, and supervisory control and data acquisition (SCADA) systems and their challenges. It concludes by exploring current challenges associated with establishing a trusted network across various sectors-demonstrating how models of information can be categorized and communicated within trusted communities to better assure the public-private relationship.

「Nielsen BookData」より


  • Introduction to Critical Infrastructure Assurance and Protection What Is Critical Infrastructure? What Is the Private Sector? What Is the Public Sector? What Is CIP? What Is CIA? What Are Public-Private Partnerships? Critical Infrastructure Functions Evolution of Critical Infrastructure Demand, Capacity, Fragility, and the Emergence of Networks What Are We Trying to Protect? The Concept of Capacity Demand: The Reason for Capacity At the Regional (Small System) Level Cyberterrorism Dissolution and Convergence: An Emerging Risk Marking the Journey Beyond National Frameworks Meeting the Dragons on the Map Who Owns the Treasure? What Value? Target Audiences Applying the NRF to National Response Efforts How Does the NRF Tie in with Local Activities? Areas of Potential Risk or Concern Public-Private Partnerships What Is a Public-Private Partnership (P)? The P Spectrum Establishment of New Capacity Maintenance of Existing Capacity Networked User Fees and the Need for Oversight Other Forms of Public-Private Cooperation and the Erosion of Governance Balancing Points The Reinvention of Information Sharing and Intelligence Data vs Information vs Intelligence The Importance of Background to Context Context Affecting Sensitivity Enter the Cloud The Cloud as an Amplifier Clouds and Concealed Conduits Linking the Trusted Computing Base and User Communities Barriers to Information Sharing The Rise of Open Sources Open-Source Information and Intelligence An Approach to Information Sharing-The Consequence-Benefit Ratio Emergency Preparedness and Readiness The Rise of Core Offices First Responder First Responder Classifications Guideline Classifications Example: North American Emergency Response Guidebook Awareness-Level Guidelines Performance-Level Guidelines Operational Levels Defined Level A: Operations Level Level B: Technician Level Know Protocols to Secure, Mitigate, and Remove HAZMAT Additional Protective Measures Understand the Development of the IAP Know and Follow Procedures for Protecting a Potential Crime Scene Know Department Protocols for Medical Response Personnel National Fire Prevention Association OSHA Hazardous Waste Operations and Emergency Response Skilled Support Personnel Specialist Employee DOT HAZMAT Classifications Importance of Implementing an Emergency Response Plan Security Vulnerability Assessment What Is a Risk Assessment? Methods of Assessing Risk Threat Risk Equations Comparison of Quantitative vs Qualitative Risk Assessments Challenges Associated with Assessing Risk Other Factors to Consider When Assessing Risk What Is an SVA? Reasons for Having an SVA What Is a Threat? What Is Vulnerability? Countermeasures Vulnerability Assessment Framework Reasons for Using the VAF Federal Information Systems Control Auditing Manual General Methodologies of FISCAM Auditing What Are General Controls? What Are Application Controls? Caveats with Using an SVA How the SVA Is Used Audience of an SVA Initial SVA Plan Necessary Steps of an SVA Critical Success Factors VAF Methodology Initial Steps of the VAF VAF Step 1: Establish the Organization MEI VAF Step 2: Gather Data to Identify MEI Vulnerabilities VAF Step 3: Analyze, Classify, and Prioritize Vulnerabilities Regulations The Role of Oversight The Effect of Globalization Conventions, Laws, and Regulations Guidance and Best Practices Prescriptive vs Performance Based Impact on Criminal, Administrative, and Civil Law Potential Abuses of Authority and Credibility Government vs Industry Self-Regulation Knowledge Gaps Arising from Performance-Based Regulation Predictability in Prescriptive Systems: A Systemic Vulnerability Information Sharing and Analysis Centers What Is a Critical Infrastructure Asset? What Is an ISAC? Advantages of Belonging to an ISAC Access to ISAC Information Expanded ISAC Services Surface Transportation ISAC Supply Chain ISAC Public Transit ISAC American Public Transportation Association Association of American Railroads Transportation Technology Center, Inc Railinc Water ISAC Association of State Drinking Water Administrators Water Environment Research Foundation Association of Metropolitan Water Agencies Association of Metropolitan Sewage Agencies National Association of Water Companies American Water Works Association AWWA Research Foundation Financial Services ISAC Science Applications International Corporation Electricity Sector ISAC Emergency Management and Response ISAC Information Technology ISAC National Coordinating Center for Telecommunications Communications Resource Information Sharing Government Emergency Telecommunications Service Telecommunications Service Priority Shared Resources High Frequency Radio Program Network Reliability and Interoperability Council National Security Telecommunications Advisory Committee Wireless Priority Services Alerting and Coordination Network Energy ISAC Energy Sector Security Consortium Chemical Sector ISAC Chemical Transportation Emergency Center (CHEMTREC(R)) Healthcare Services ISAC Highway ISAC Cargo Theft Information Processing System American Trucking Associations HighwayWatch(R) Food and Agriculture ISAC FoodSHIELD Food Marketing Institute Multistate ISAC ISAC Council Worldwide ISAC Real Estate ISAC The Real Estate Roundtable Research and Educational Networking ISAC Biotechnology and Pharmaceutical ISAC Maritime ISAC Maritime Security Council Marine Transportation System National Advisory Council Supervisory Control and Data Acquisition What Are Control Systems? Types of Control Systems Components of Control Systems Vulnerability Concerns about Control Systems Adoption of Standardized Technologies with Known Vulnerabilities Connectivity of Control Systems to Unsecured Networks Implementation Constraints of Existing Security Technologies Insecure Connectivity to Control Systems Publicly Available Information about Control Systems Control Systems May Be Vulnerable to Attack Consequences Resulting from Control System Compromises Wardialing Wardriving Warwalking Threats Resulting from Control System Attacks Issues in Securing Control Systems Methods of Securing Control Systems Technology Research Initiatives of Control Systems Security Awareness and Information Sharing Initiatives Process and Security Control Initiatives Securing Control Systems Implement Auditing Controls Develop Policy Management and Control Mechanisms Control Systems Architecture Development Segment Networks between Control Systems and Corporate Enterprise Develop Methodologies for Exception Tracking Define an Incident Response Plan Similarities between Sectors US Computer Emergency Readiness Team CSSP Control Systems Cyber Security Evaluation Tool (CSET) SCADA Community Challenges The Future of SCADA SCADA Resources Critical Infrastructure Information What Is Critical Infrastructure Information? How Does the Government Interpret CII? Exemption 3 of the FOIA Exemption 4 of the FOIA Section 214 of the Homeland Security Act Enforcement of Section 214 of the Homeland Security Act What Does "Sensitive but Unclassified" Mean? Information Handling Procedures Freedom of Information Act Need to Know "For Official Use Only" Enforcement of FOUO Information Reviewing Web Site Content Export-Controlled Information Enforcement of Export-Controlled Information Source Selection Data Enforcement of Source Selection Data Privacy Information Enforcement of Privacy Information Unclassified Controlled Nuclear Information Enforcement of UCNI Critical Energy Infrastructure Information Enforcement of CEII Controlled Unclassified Information Lessons Learned Programs InfraGard Sensitive Unclassified Nonsafeguards Information (SUNSI) Safeguards Information (SGI) Glossary Appendix Index

「Nielsen BookData」より


書名 Critical infrastructure : homeland security and emergency preparedness
著作者等 McDougall, Allan Kerr
McDougall Allan
Radvanovsky Robert S.
Radvanovsky Robert
出版元 CRC Press
刊行年月 c2013
版表示 3rd ed
ページ数 xxvi, 257 p.
大きさ 24 cm
ISBN 9781466503458
NCID BB20492623
※クリックでCiNii Booksを表示
言語 英語
出版国 アメリカ合衆国