The issue of protecting essential infrastructure against the threat of terrorist attack is one which continues to concern governments worldwide. But terrorism is not the only threat this infrastructure may face: environmental hazards, industrial accidents and sabotage are also major concerns. Protecting critical infrastructure is expensive, but many of the solutions apply whatever the cause of the problem, and in these days of scarce resources, multi-sector or multi-threat solutions are preferred.
This book presents the proceedings of the NATO Centre of Excellence – Defence against Terrorism (COE-DAT) Advanced Research Workshop entitled Critical Infrastructure Protection, held in Ankara, Turkey, in May 2012. The workshop brought together 44 participants from 13 countries and consisted of five sessions: a general overview of policy, tools and techniques; the realities of implementation; protection of energy infrastructure; protection of communications and information infrastructure; and protection of transport infrastructure. The papers were presented by 16 expert speakers – military and civilian practitioners, business leaders, diplomats, and academics – from 6 countries, and each was followed by a detailed discussion and debate. The workshop concluded with a summary of all the topics reflected in the individual papers presented.
This book represents a significant contribution to furthering the science of counterterrorism, and will be of interest to all whose work involves all aspects of Critical Infrastructure Protection and the terrorist threat to infrastructure.
The issue of Critical Infrastructure Protection (CIP) against the current threat of terrorist attack continues to feature prominently. But it is not just about terrorism – environmental hazards, industrial accidents and sabotage (deliberate and consequential which includes terrorism) all play a role. Solutions to one are applicable to others. Protecting critical infrastructure (CI) is expensive so in these days of scarce resources multi-sector or multi-threat solutions are preferred. Dealing with this issue demands a balanced strategy and prioritisation. CIP is about measuring risk-informed outcomes. There must be a feedback loop and element of risk accepted and mitigated through consequence management. Two important questions that continue to arise are: firstly, what can we do to increase the resilience of CI? The common answer being that we must cooperate. The second question is whether CI protection is a national or international issue. The answer is of course both and must be deconflicted.
This book presents the proceedings of the NATO Centre of Excellence – Defence against Terrorism (COE-DAT) Advanced Research Workshop entitled “Critical Infrastructure Protection,” held in Ankara, Turkey, in May 2012. The workshop brought together 44 participants from 13 countries and consisted of five sessions: a General Overview of Policy, Tools and Techniques; the Realities of Implementation; Protection of Critical Energy Infrastructure; Protection of Critical Communications and Information Infrastructure; and Protection of Critical Transportation Infrastructure. During these sessions, presentations by 16 expert speakers – military and civilian practioners, business leaders, diplomats, and academics – from 6 countries were followed by a detailed discussion and debate. The workshop concluded with a summary of all the topics reflected in the individual papers presented.
Representing a significant contribution to furthering the science of counterterrorism, this book will be of interest to all whose work involves aspects of Critical Infrastructure Protection and the terrorist threat to infrastructure.
Critical infrastructure is vital for modern existence. It includes communications and the Internet, the logistics of food and water supplies, and transport on the roads, in the air, on water, and by rail. The supply and distribution of gasoline and electricity is perhaps the most important aspect, as it underpins our entire critical infrastructure and indeed our modern way of life. Without power nothing can operate. Our critical infrastructure is however subject to ever increasing asymmetric threats. Such threats can arise from industrial accidents, extreme weather, and deliberate sabotage caused by terrorists and extreme protest. Moreover, those that wish to do harm have an ever increasing ease of access to vital critical infrastructure systems by way of ‘cyber’ information technology. Since 9/11, NATO has adapted to face these new challenges. Continuing this adaptation is vital. The paper argues that information-sharing and emergency planning based on resilience and flexibility is the key way in which we can address these new challenges.
Although the issue of critical infrastructure protection would normally be a national concern, the cross-border aspects of the problem do cause concern for the European Union (EU). The EU has created a number of bodies to address this issue and they have begun to tackle this issue through a series of seminars. The EU is currently developing a road map for the protection of critical infrastructure.
The homeland security enterprise is entering a new stage in its evolution. Focus is shifting to considerations of all-hazards, while resources are becoming increasingly scarce due to the challenging budget environment. Therefore, partnerships of all types must be leveraged to ensure that resources are used in the most effective ways possible. As the National Coordinator for critical infrastructure protection and resilience activities, the U.S. Department of Homeland Security (DHS), National Protection and Programs Directorate, Office of Infrastructure Protection (NPPD/IP) has addressed this challenge by establishing a Critical Infrastructure Risk Management Enhancement Initiative (CIRMEI) and an associated Regional Initiative. These initiatives ensure that DHS and its partners are identifying risks to critical infrastructure, measuring program effectiveness in managing those risks, and aligning resources to develop and execute the tasks and activities that are most successful in addressing those risks. Through the establishment of a set of desired outcome statements and associated metrics, NPPD/IP is assessing critical infrastructure protection and resilience programs and activities; the results will inform programmatic investments. The Regional Initiative, a public and private sector outreach campaign that is part of CIRMEI, will leverage public-private partnerships to collect information from DHS partners that will be used to enhance delivery of regionally tailored capabilities in each geographic section of the United States. As DHS confronts the dynamic and ever-changing environment facing critical infrastructure, CIRMEI provides a defense for the expenditure of valuable monetary and human resources and strives to close identified gaps in risk management capabilities.
This paper focuses on CIP (Critical infrastructure Protection) and posits an approach to implementing it following the attacks of 11 September 2001 (hereafter referred to as 9/11). While the phrase ‘Critical infrastructure Protection’ is used frequently in government, academia, the private sector, and within the NATO alliance, there are many different approaches and constructs to the topic. What is clear is that the terrorist attacks of 9/11 changed how organizations defined Critical infrastructure and what strategies were used to protect it.
This article discusses the concept of critical infrastructure protection (CIP) from an international business standpoint. Governments and their agencies need to recognize that international businesses, by their very nature, have resilience embedded into their systems, processes, manning and skillsets. Therefore, businesses may not be as keen to protect a particular asset when an alternative is available, often in another country or on another continent. The decisions made by businesses to invest in protection is made based on risk assessment and may result in only a select number of points being protected in order to provide cost-effective protection of the whole system. CIP will also move as business models and processes change in relations to changing business conditions. Lastly, private-public partnerships can help national governments and agencies improve effectiveness and to align solutions with business financial tolerances and better understand the business models.
Energy security has emerged as an issue of great importance. As well as the traditional aspects of energy security, a myriad of new aspects has emerged and continues to emerge such as tight oil and gas markets, increasing prices, alternative energy sources and their role, the threat of terrorism, instability in some exporting and importing countries, geopolitical rivalries, and the increasing need for energy to fuel economic growth. The concept of energy security is vague. Energy security is an umbrella term that covers many concerns linking energy, economic growth and political power.
The world energy infrastructure is vulnerable to a variety of man-made and natural disasters. Cyberattacks are an emerging threat that grows daily in its ability to create energy shortages on a grand scale. War, both conventional and unconventional, has the possibility to cause huge energy disruptions in a region or even in the whole world. Crime, both economic and political, rages from the small, localized stealing to the piracy (and often ransom) or large tanker ships. The world needs to come together to be able to address these threats in a comprehensive manner.
Energy security does not depend upon just the supply but also the transportation infrastructure, much of which are pipelines. Pipelines can be vulnerable to attack, particularly in Turkey where 22,000 km of pipelines carry 4% of the world’s daily oil production. In addition to terrorism, there are other threats to pipelines. Unless it is willing to post guards at every ten meters, a company will have to take measures to allocate resources to meet the highest risk. This article discusses the BTC approach to pipeline security.
The STUXNET worm has come into daily lexicon by accident. A very powerful piece of malware, designed to target specifically Iranian nuclear facilities using certain Siemens software, has shown us the possible vulnerabilities to such measures.
Today, cyberthreats have the potential to harm critical infrastructure which may result in the interruption of life-sustaining services, catastrophic economic damages or severe degradation of national security. The diversity and complexity of cyberthreats that exploit the vulnerabilities of critical infrastructures increase every day. In order to lessen the potential harm of cyberthreats, countermeasures have to be applied and the effectiveness of these countermeasures has to be monitored continuously. In this study, a brief definition and history of critical infrastructure are introduced. Cyberthreats are examined in four fundamental categories with the vulnerabilities of critical infrastructure categorized and examined. Finally, countermeasures that may play a key role in critical infrastructure protection programs are discussed.
Terrorist threats to transportation systems, particularly the air transportation systems, are of great concern because of the magnitude of the possible effects, both direct and indirect. Although multiple layers of security are in place at airports using technological tools, they are still not enough to deal with emerging threats. Not only do we need to continue improving our security technology, we also need to address the terrorist attack systems as a whole. NATO has learned in recent operations that air hubs are the main entry and exits points from an area of operation and protecting these nodes is of significant importance.
For nations bordering on oceans, security of the sea borders is a must. The oceans are not the only place where illicit activity occurs, but they are uniquely vast, jurisdictionally challenging, and operationally complex. Merchant vessels do not strictly move in controlled channels or according to fixed time parameters like planes and can carry potentially legitimate cargo capable of causing great destruction. Not every threat manifests itself clearly: the scope of maritime security challenges is immense. Maritime infrastructure protection consists of risk management and maritime domain awareness (MDA). Protecting maritime infrastructure is particularly challenging because threats are not always clear and are often preceded by ambiguous signals, uncertain events and incomplete information.
The importance of critical infrastructure is seen through its potential to enable the functional continuity of vital societal functions from economic and social perspective. The present state of critical infrastructure protection is related to the creation of a robust security and protection management system, where the effectiveness of this system should be important also in relation to business continuity and disaster recovery. In planning the capabilities for protection of critical infrastructure protection, policymakers and planners need to define and find the balance between four key components: goals, strategy and respective distribution among variety of private and public organizations means or capabilities to implement the strategy and planning risks. The protection of critical infrastructure is just one of the 21st Century security challenges that require a comprehensive approach, plus sound coordination among and, in time, integration of governmental agencies. The planning methodology for critical infrastructures protection capabilities of the kind presented in this article may contribute to finding effective and efficient solutions in the best interest of society.
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
Tel.: +1 703 830 6300
Fax: +1 703 830 2300 firstname.lastname@example.org
(Corporate matters and books only) IOS Press c/o Accucoms US, Inc.
For North America Sales and Customer Service
West Point Commons
Lansdale PA 19446
Tel.: +1 866 855 8967
Fax: +1 215 660 5042 email@example.com