Premium Essay

Infrastructure Protection Plan

Submitted By
Words 909
Pages 4
CASE STUDY 1
EYUP SULTAN KADAKAL
STRAYER UNIVERSITY SHARON ROSE

MEMORANDUM
TO: All Members
FROM: Information Systems Security Director
DATE: Monday, April 23, 2018. SUBJECT: NATIONAL INFRASTRUCTURE PROTECTION PLAN
It has come to the attention of the Chief Information Officer and other stakeholders of this company that there is a need to evaluate our Infrastructure Protection Plan. As such, in my capacity as the Information Systems Security director, I have reviewed the National Infrastructure Protection Plan as provided for by the Department of Homeland Security. Regarding this company, we need to focus more on ensuring that we develop and implement effective and efficient long-term …show more content…
These include natural disasters due to climate change, terrorism, and other emergencies. Due to this reason, our critical resources, as well as crucial infrastructure, have become increasingly vulnerable to these risks and hazards. It has, therefore, become a national priority to ensure the protection of life and prevention of disruptive impacts to infrastructure in such a case. This is especially critical since it will help in mitigating adverse effects to the economy of the country. These are the policies that we seek to adopt in this company to safeguard our resources and infrastructure, in line with the National Infrastructure Protection Plan. The implementation process demands efficient and practical strategies to guarantee a high success rate in the long term. In this case, our company will look to warrant that our Infrastructure Protection policies will entail resiliency, preparedness, risk-assessment, and focused …show more content…
We need experienced workers, professionals, and experts who we can trust with activities associated with infrastructure protection policies and responsibilities. This will help us reduce employee turnover in the long term as we will be in a position to hire from within and maintain infrastructure protection experts long into the future. Moreover, the company needs to conduct research and development by employing the latest technology in improving our protective capabilities. This research and development will also aid us in enhancing the capabilities of the strategies we develop in regard to resiliency. In the long run, the advantage that will accrue to the company will be lower implementation costs thus affording us the ability to engage in more protectionist activities with a limited budget. Another step we need to take is to develop and maintain a data system that is compatible with our Infrastructure Protection Policies, while also observing the provisions of the national policies on the same. This will involve simulations that will provide the framework for the sustained and refined assessment of risk across the different sectors and departments of the organization. Again, this will improve our preparedness in case of manmade

Similar Documents

Free Essay

Cis 502 Critical Infrastructure Protection

...CIS 502 Critical Infrastructure Protection Click Link Below To Buy: http://hwaid.com/shop/cis-502-critical-infrastructure-protection/ Due Week 6 and worth 50 points Critical Infrastructure Protection (CIP) is an important cybersecurity initiative that requires careful planning and coordination in protecting our infrastructure. The following documents titled, “National Infrastructure Protection Plan”, and “Critical Infrastructure Protection”, may be used to complete the assignment. Write a three to five (3-5) page paper in which you: 1. Examine the Department of Homeland Security’s : a. mission b. operations c. responsibilities 2. Explain what Critical Infrastructure Protection (CIP) initiatives are, what are protected, and the methods used to protect our assets. 3. Describe the vulnerabilities IS professionals need to be concerned with when protecting the U.S.’s critical infrastructure. 4. Evaluate the effectiveness of IS professionals in regard to protecting the U.S.’s critical infrastructure. 5. Suggest three (3) methods to improve the protection of our critical infrastructure and justify each suggestion. 6. Use at least three (3) quality resources outside of the suggested resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources. Your assignment must follow these formatting requirements: • Be typed, double spaced, using Times...

Words: 1288 - Pages: 6

Free Essay

Critical Infrastructure Protection

...Critical Infrastructure Protection Pamela S. York CIS502, Dr. Glenn Hines 2/14/15 Abstract The explosion of the accessibility of information and data via the today’s Web has brought along the concern and need for cyber security. With these issues of cyber security has also come the need to protect national informational assets from hackers and such who utilize the Web as a means to attack information that can aid in cyber terrorism. Information professionals are now looking to measures of protection that will ensure private citizens are not put into danger by the threat of cyber espionage. This also has extended to the protection of critical infrastructure within the United States and abroad. Critical Infrastructure Protection With the ever evolving presence of cyber-attacks that threaten to put citizens’ privacy and Internet security at risk, the government has had to intervene in order to take measures to protect its’ citizens due to the alarming fact that cyber-attacks are replacing other modes of attacks by terrorists. The Department of Homeland Security, created in 2002, was developed to carry out broad missions such as preventing terrorist attacks within the United States. This was mainly in response to the terrorist attacks that occurred on U.S. soil on September 11, 2001. Since then the DHS has taken on the mission of developing security that extends to information security and developing plans to implement critical infrastructure. The Homeland Security Act...

Words: 1329 - Pages: 6

Free Essay

Assignment 2: Critical Infrastructure Protection

...Assignment 2: Critical Infrastructure Protection Benard Braxton, Jr. Dr. Bouaffo Kouame CIS 502 – Theories of Security Management May 17, 2015 The Department of Homeland Security’s vison is to ensure a homeland that is safe, secure, and resilient against terrorism and other hazards (DHS, 2015). To achieve this vision there are three key concepts that creates the foundation of our national homeland security strategy. They are security, resilience, and customs and exchange (DHS, 2015). These key concepts drive wide-ranging areas of action that the Quadrennial Homeland Security Review process describes as homeland security missions. These missions are not restricted to the Department of Homeland Security. These objectives and goals says what it means to prevent, to protect, to respond, and to recover. They also shows how build in security, to ensure resilience, and to facilitate customs and exchange (DHS, 2015). There are thousands of people from across the all over the country who are responsible for executing these missions. These are the people who interact with the public, are responsible for security and public safety, operate our country’s critical services and infrastructures, develop technology, perform research, watch, prepare for, and respond to emerging disasters and threats (DHS, 2015). The five homeland security core missions are to prevent terrorism and enhancing security; secure and manage our borders; enforce and administer our immigration laws; safeguard...

Words: 1124 - Pages: 5

Premium Essay

Critical Infrastructure Protection

...The summary determines Critical Infrastructure Protection (CIP) is an important Cyber Security initiative that requires careful planning and coordination in protecting our infrastructure: 1. What is the Department of Homeland Security’s Mission, Operations, and Responsibilities? 2. What is the Critical Infrastructure Protection (CIP) initiatives are; what are protected, and the methods used to protect our assets? 3. What are the vulnerabilities IS professionals need to be concerned with when protecting the U.S.’s critical infrastructure? 4. Evaluate the effectiveness of IS professionals in regard to protecting the U.S.’s critical infrastructure. 5. Three methods to improve the protection of our critical infrastructure DHS’s Mission The Homeland Security Act of 2002 created the Department of Homeland Security (DHS) began operations in 2003 it assigned the department the following critical infrastructure protection responsibilities it’s goals and objectives are to prevent, to protect, to respond, and to recover, as well as to build in security, to ensure resilience, and to facilitate customs and exchange. DHS core mission consist of five homeland security missions “Prevent terrorism and enhancing security; Secure and manage our borders; Enforce and administer our immigration laws; Safeguard and secure cyberspace; Ensure resilience to disasters” (DHS.gov) Homeland security is a widely distributed and diverse refers to the collective efforts and shared responsibilities...

Words: 1936 - Pages: 8

Premium Essay

Compare and Contrast

...practices designed to protect networks, computers, programs and data from being attacked, damaged and or unauthorized access (target, n.d.). Now in the bigger end nations are now in the need for cyber security. National cyber security is to protect publicly held information that can be personal or private, national security and more. There has been several attacks on public services that have compromised personal or private information. As technology rapidly changes, new vulnerabilities are being created. National cyber security also outlines visions and articulates priorities, principles and approaches to understanding and managing risks at the national level. Some cyber security strategies by country may focus more on protecting critical infrastructure risks, while other countries may focus on protecting intellectual property while other countries may focus on improving cyber security awareness (Microsoft, 2013). If a cyber security strategy is developed correctly, they can meet the needs of government, the private sector, and the citizens...

Words: 2800 - Pages: 12

Premium Essay

Critical Infrastructure Protection

...Critical Infrastructure Protection (CIP) and the mythology behind this since the attacks of 9/11, as well as a brief history of Critical Infrastructure Protection pass to the present to include attacks from the cyber arena. These attacks are prone to come indirect or direct which will and could affect our need and use for resources for life as we know it based on living naturally on a daily bases, these threats maybe man made or by natural disaster. Problem statement Prior to the attacks of 9/11 there was no main concern with the protection of Critical Infrastructure within the United States from any avenue. As we moved on into the 21 century the threat has evolved from more than just protecting water source, and power plants. With the information age this issue has shown another form of crippling the United States economy with just the push of a button. How we to protect these infrastructures from threats that may not be seen or those from natural disasters is a question for now and the future. Purpose statement I have chosen this particular subject due to the nature of its importance to national security, economy, as well as the everyday needs of Americans to survive. The awareness for the protection of our critical infrastructure is a necessity for the present and future of America’s well fair. Research questions Q1. When did the United States began showing concern for critical infrastructure and why? Q2. Why is the protection of critical infrastructure so paramount...

Words: 786 - Pages: 4

Premium Essay

Urban Development

...that planning in Australian cities aims to achieve sustainable strategies and reflect on the relationship with ‘Strategic Environmental Assessment’. This paper has four goals. First, sustainable planning practices at the local and regional levels are analysed considering the legislative and organizational frameworks of each state. The goal is to identify, through an analysis of planning documents, how much discretion is given to local councils to address sustainable strategies. Second, we focus on two regions and four cities in Queensland, to outline strengths and weaknesses of current legislative and practical frameworks. We use analytical criteria from the SEA literature to investigate these plans in more detail. Third, we examine the relationship between strategic and statutory plans, to see how sustainability is actually implemented. Finally, we compare how the emerging issues are affecting sustainable planning in Australia and in countries with different planning and SEA tradition. Considering how SEA is globally evolving and...

Words: 5661 - Pages: 23

Free Essay

Week 3 Case Study 2 Submission

...Submission Asa J Opie Sec 310 Professor Nerove Strayer 7-20-2014 Week 3 Case Study 2 Submission A critical infrastructure is defined as any facility, system, or function which provides the foundation for national security, governance, economic vitality, reputation, and way of life. (http://www.dhs.gov/xlibrary/assets/NIPP_InfoSharing.pdf)In short, critical infrastructure is by definition essential for the survival of the nation. The USA PATRIOT Act specifically defines critical infrastructure as "systems and assets, whether physical or virtual, (Jena Baker McNeill and Richard Weitz, 2010) so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters." FEMA defines critical infrastructure as "personnel, physical assets, and communication (cyber) systems that must be intact and operational 24x7x365 in order to ensure survivability, continuity of operations, and mission success, or in other words, the essential people, equipment, and systems needed to deter or mitigate the catastrophic results of disasters." (http://www.dhs.gov/xlibrary/assets/NIPP_InfoSharing.pdf) The DHS Daily Open Source Infrastructure Reports specify the following sectors as part of critical infrastructure: Energy, Chemicals, Nuclear Reactors, Materials and Waste, Defense Industrial Base, Dams; Banking and Finance, Transportation...

Words: 1253 - Pages: 6

Free Essay

Security Functions

...the nation’s emergency management system. Such obstacles need to be overcome if emergency management activities are to be successful in the years ahead. It takes the help from government and private and sectors such as federal, local, state, Department of Homeland Security, National Infrastructure Protection Plan to share analysis, alerts and threats with security related infrastructure. Government and private sectors to share information and to develop and establish protective actions before a disaster and to prevent a disaster most importantly to have a plan after the disaster. Critical infrastructure is the physical and cyber systems and assets so vital to the United States that their incapacity or destruction would have a debilitating impact on our physical or economic security or public health or safety. Instituting effective cooperation with international security partners, as well as high-priority cross-border protective programs such as the North Atlantic Treaty Organization (NATO). The United States has developed a homeland Infrastructure threat risk analysis center to monitor everyday operations to make sure there is no threat. Federal agencies and our nation's critical infrastructures such as power distribution, water supply,...

Words: 412 - Pages: 2

Premium Essay

Cyber Security Act

...audience 1.4 Securing cyber space – Key policy considerations 2.0 Cyber space – Nature of threat 2.1 Threat landscape 2.2 International cooperation 2.3 Securing cyber space – Scope of action 2.3.1 Cyber security and cyber defense 2.3.2 Cyber intelligence and cyber defense 2.4 Priorities for action 2.5 Partnership and collaborative efforts 3.0 Enabling processes 3.1 Security threat and vulnerability management 3.2 Security threat early warning and response 3.3 Security best practices - compliance and assurance 3.4 Security crisis management plan for countering cyber attacks and cyber terrorism 3.5 Security legal framework and law enforcement 3.6 Security information sharing and cooperation 4.0 Enabling technologies – Deployment and R&D 4.1 Deployment of technical measures 4.2 Security research and development 5.0 Enabling people 5.1 Security education and awareness 5.2 Security skills training and certification 5.3 Security training infrastructure 6.0 Responsible actions by user...

Words: 7888 - Pages: 32

Premium Essay

Multi-Layered Security Outline Plan

...INVESTMENTAND CONSULTING FIRM Multi-Layered Security Outline Plan IT Infrastructure Security Daniel Satterfield 7/1/2014 Identification of Risks, Threats, and Vulnerabilities along with proposed Security measures and controls   MULTI-LAYER SECURITY PLAN (OUTLINE) FOR RICHMAN INVESTMEN The following Multi-Layered Security Plan outline I am submitting for approval and implementation for Richman Investments, will provide a sound security plan for the firms most important mission critical assets, identifying and reducing vulnerabilities, Risks and threats to the firms confidential proprietary intelligence, sensitive customer data and other important assets within each of the Seven Domains that make up the core for the IT infrastructure as a whole. An aggressive approach should be mapped out in a 3-5 year progressive implementation achievement plan starting with one or two security initiatives where success can be clearly demonstrated and evaluated. The FFIEC now has mandated financial institutions mitigate online threats by intergrading endpoint encryption pushing it out to all users in a non pre-boot fashion then using the console to migrate users to pre-boot encryption which would provide immediate protection and increased visibility and control of our overall risk posture. First, indentifying Risk, Threat and Vulnerabilities within each of the seven Domains that make-up the firms IT infrastructure. Secondly, proposed security measures and controls for...

Words: 751 - Pages: 4

Premium Essay

Philippine Development Process

...INTRODUCTION The Philippines is an archipelago consisting of more than 7000 islands. It is the 12th most populated country in the world which poses as a difficult challenge for good governance and development other than smaller countries. The Philippines is mostly mountainous. The citizens can speak several languages. Not to mention, the country is very close to the Pacific Ring of Fire which makes it more prone to frequent natural disasters. There is a 95.8 million in population. It also has a GDP of $424.4 billion with a 6.6% growth in 2012 and it has a five year annual growth of 4.7% with a $4,430 per capita. The Philippines also have a 7% unemployment rate and a 3.1% inflation rate. These are some of the quick facts of the Philippines as of September 2013. When President Benigno Aquino III took office back in 2010, he addressed the most important concern in the Philippine which is corruption. He instantaneously launched massive investigations from the administration he replaced and how they abused their power. The economy of the Philippines has been developing on the average of 5 percent annually over the past two decades. The most important increase in our Gross Domestic Product is the remittances which is more than 10% of the GDP. The distribution of the benefits to the less privileged has been an ongoing challenge in spite of the growth we had in the economy. Also, the Philippines is currently undergoing from extensive poverty and has a massive problem with underemployment...

Words: 8782 - Pages: 36

Premium Essay

Computer Network

...are a major concern to the protection of confidential information. Data so sensitive that in their majority is composing of identity, credit, and property information so well collected and compiler that is plenty for the creation of a clone of a company or a person. These identity theft atrocities are not limit to the software and information appropriation; also the attacks diminish computer performance, affecting their velocity and cause computers to crash. The CIO should possess a compendium of way’s to defend his network, and a rapid decision capability to take decisions in a short time period. Furthermore, in general terms security; as we can define “ the act of provide a sense or protection against lost, attack or harm”, can use or integrate a complete protection plan. Depending on the resources of the company the integration of a security plan that can integrate “the five pillars of security IT security operation: policy and audit management, access management, infrastructure and hardware security and incident response.” The real world presents to us a different situation, when in like this case a medium-sized company with not all the clear budget to establish these functions should operate in a more reduce platform of operations with reduce budget, equipment, and limited management personnel in charge or working in different tasks. In a more specific situation, about the defense of the windows and Unix/Linux servers the point of a protection...

Words: 591 - Pages: 3

Free Essay

Lan Consultation

...LAN Consulting Plan IT/240 February 26, 2012 James (Garrett) Miller LAN Consulting Plan Data Assurance: 1.      Backup system: a.     Type? Backup of data will be done with the Norton 360 version 6.0 antivirus protection suite provided backup utility, Symantec Backup Exec. There are two types of backup for this network. The first is a digital tape drive backup that is located on site for intermediate recovery based on the disaster conditions. The second backup is a mirror backup on a bank of servers at an external site to ensure the security of the data in the case of total disaster of the network site. b.     Backup Schedule? The backup schedule will be determined by the importance of the information. Business critical information will be backed up at the completion of the task. A scheduled mirror backup will be done daily during the off business hours. c.     Backup Data Storage plan? The first backed up data will be stored on an independent server drive using RAID at the main site location for ease of access in the case of an independent component failure. The second backup will be also use RAID and be stored at a different graphical location than the network. Data Integrity: 1.      Antivirus system: a.     Type? Norton 360 version 6.0 antivirus program is installed at each geographical location including the offsite backup of the network. This security protection will provide virus protection, spyware protection, and scan incoming and outgoing e-mail...

Words: 1841 - Pages: 8

Free Essay

Lan Consulting Plan

...LAN Consulting Plan IT/240 February 26, 2012 James (Garrett) Miller LAN Consulting Plan Data Assurance: 1.      Backup system: a.     Type? Backup of data will be done with the Norton 360 version 6.0 antivirus protection suite provided backup utility, Symantec Backup Exec. There are two types of backup for this network. The first is a digital tape drive backup that is located on site for intermediate recovery based on the disaster conditions. The second backup is a mirror backup on a bank of servers at an external site to ensure the security of the data in the case of total disaster of the network site. b.     Backup Schedule? The backup schedule will be determined by the importance of the information. Business critical information will be backed up at the completion of the task. A scheduled mirror backup will be done daily during the off business hours. c.     Backup Data Storage plan? The first backed up data will be stored on an independent server drive using RAID at the main site location for ease of access in the case of an independent component failure. The second backup will be also use RAID and be stored at a different graphical location than the network. Data Integrity: 1.      Antivirus system: a.     Type? Norton 360 version 6.0 antivirus program is installed at each geographical location including the offsite backup of the network. This security protection will provide virus protection, spyware protection, and scan incoming and outgoing e-mail...

Words: 1841 - Pages: 8