Sunday, 16 December 2007

Critical Information Infrastructure Protection (CIIP)

In The ISNR 2007 Conference from 3rd-5th December in London they took about CIP challenges.

Definition of Critical Infrastrucre:

Critical infrastructure is a term used by governments to describe material assets that are essential for the functioning of a society and economy. Most commonly associated with the term are facilities for:

  1. Emergency services
  2. Energy
  3. Finance
  4. Food
  5. Government & public services
  6. Health
  7. Public Safety
  8. Telecommunications
  9. Transportation systems
  10. Water

In other words, critical infrastructure refers to those assets, systems, and functions so vital to the nation that their disruption or destruction would have a debilitating effect on our national security, economy, governance, public health and safety, and morale.

Let’s try to figure out from the above definition what is our Critical Information Infrastructure. You will find it depends on your business, for example critical infrastructure for supply chains/logistics is different, but the common will be Network communication.

So,

What is Critical-infrastructure Protection (CIP)?

It is the study, design and implementation of precautionary measures aimed to reduce the risk that critical infrastructure fails as the result of war, disaster, civil unrest, vandalism, or sabotage.

Critical infrastructure and information security have similar requirements, particularly in the area of availability. Let’s take USA CIP model to learn how to build Critical Information Infrastructure Protection (CIIP) model similar to it. From Wikipedia let’s have a look on US CIP life cycle which consists of six phases as following:

  • Analysis and Assessment (occurs before an event) - The Analysis and Assessment phase is the foundation and most important phase of the CIP life cycle. This phase identifies the assets absolutely critical to mission success and determines the assets’ vulnerabilities, as well as their interdependencies, configurations, and characteristics. An assessment is then made of the operational impact of infrastructure loss or degradation.
  • Remediation (occurs before an event) - The Remediation phase involves precautionary measures and actions taken before an event occurs to fix the known cyber and physical vulnerabilities that could cause an outage or compromise a National Defence Infrastructure, or NDI, or critical asset. For example, remediation actions may include education and awareness, operational process or procedural changes or system configuration and component changes.
  • Indications and Warnings (occurs before and/or during an event) - The Indications and Warnings phase involves daily sector monitoring to assess the mission assurance capabilities of critical infrastructure assets and to determine if there are event indications to report. Indications are preparatory actions that indicate whether an infrastructure event is likely to occur or is planned. Indications are based on input at the tactical, operational, theater, and strategic level. At the tactical level, input comes from asset owners. At the operational level, input comes from the NDI sectors. At the theater level input comes from regional assets such as allied intelligence, NATO, command intelligence, allied governments, and coalition forces. At the strategic level, input comes from intelligence, law-enforcement, and the private sector. Warning is the process of notifying asset owners of a possible threat or hazard.
  • Mitigation (occurs both before and during an event) - The Mitigation phase comprises actions taken before or during an event in response to warnings or incidents. DoD Critical Asset owners, NDI sectors, DoD installations, and military operators take these actions to minimize the operational impact of a critical asset’s loss or debilitation.
  • Incident Response (occurs after an event) - Incident Response comprises the plans and activities taken to eliminate the cause or source of an infrastructure event.
  • Reconstitution (occurs after an event) - The last phase of the CIP life cycle, involves actions taken to rebuild or restore a critical asset capability after it has been damaged or destroyed. This phase is the most challenging and least developed process.

Effective management of the CIP life cycle ensures that protection activities can be coordinated and reconciled among all DoD sectors. In many ways, DoD CIP, is risk management at its most imperative. Achieving success means obtaining mission assurance. Missing the mark can mean mission failure as well as human and material losses. For critical infrastructure protection, risk management requires leveraging resources to address the most critical infrastructure assets that are also the most vulnerable and that have the greatest threat exposure.

Reference:

Wikipedia & ISNR 2007 Conference

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)