Embed Size (px)
Citation preview
National Infrastructure Protection Plan (NIPP)
2
The NIPP Provides aStrategic Context for Infrastructure
Protection/ResiliencyDynamic threat environment
Natural Disasters
Terrorists
Accidents
Cyber Attacks
A complex problem, requiring a national plan and organizing framework
18 Sectors, all different, ranging from asset-focused to systems and networks
Outside regulatory space (very few security-focused regimes)
85% privately owned
100% in State and local jurisdictions
3
18 Sectors & Sector-Specific Agencies DHS coordinates the
overall national effort to enhance CIKR protection and resiliency through the implementation of the NIPP
Sector-specific agencies lead the activities in each of 18 sectors and develop and implement Sector-Specific Plans
DHS leads 11 of the sectors
IP leads six of these sectors
4
Sector Partnership Model Critical infrastructure protection and resiliency are the shared responsibilities of Federal,
State, local, tribal, and territorial governments, regional coalitions, and the owners and operators of the Nation’s CIKR
NIPP outlines their roles & responsibilities Also describes the information-sharing environment & communications
Council functions include comprehensive planning, methodology development, risk assessment, protective programs & resiliency strategies, incident management, training, exercises, identification of R&D requirements
5
Partnership Structures
Regional Consortium Coordinating
Coalitions
Critical Infrastructure Partnership Advisory
Council
Sector Coordinating
Councils
Government Coordinating
Councils
CIKR Owners & Operators
Government Counterparts
CIKR Initiatives Integration Using Existing Regional Coalitions
Overarching Framework
6
NRF CIKR Support Annex
Provides the bridge between the NIPP “steady-state” approach for CIKR protection and the NRF incident management doctrine
Addresses recommendations of the Hurricane Katrina after-action review
CIKR Support Annex
7
NIPP – NRF : The Full Spectrum of Incident Management
Prevention
Preparedness
Response
Recovery
Mitigation
Post-IncidentPost-IncidentIncidentIncidentPre-IncidentPre-Incident
8
NRF Coordination Structure
Joint Field Office
Regional Response
Coordination Center
National Operations
Center(NOC)
Incident Advisory Council
(IAC)
State Emergency Operations
Center
Multiagency Coordination Entity Strategic coordination
Multiagency Coordination Centers/EOCs
Support and coordination
Incident Command Directing on-scene emergency management
NIMS RoleJFO
Coordination Group
AreaCommand
Incident Command
Post
Incident Command
Post
Incident Command
Post
Field Level
Regional Level
NationalLevel
Local Emergency Operations
Center
The NRF includes slight variations of the base structure for terrorism response and Federal-to-Federal support
An Area Command is established when needed due to the complexity or number of
incidents.
Role of regional components varies depending on scope and
magnitude of the incident.
Multiagency Coordination System
9
JFO Coordination Group
Office of Inspector General
Operations Section
Logistics Section
Planning Section
Finance and Admin
Senior Federal Law Enforcement
Official
State, Local and Tribal
Representative(s)
Other Senior Federal Officials
Federal Coordinating
Officer
JFO Coordination Staff
JFO Sections
External AffairsChief of Staff-----------------------Liaison Officer
Safety CoordinatorSecurity Officer
Infrastructure Liaison
Others as needed
Defense Coordinating Officer (DCO)
Principal Federal Official
Joint Field OfficeThe JFO is the focal point for coordination of Federal support to on-scene incident management efforts
10
National Infrastructure Protection Plan
11
HSPD-5
HSPD-7
HSPD-8
The Homeland Security Act of 2002 established an Assistant Secretary for Infrastructure Protection, responsible for assessing vulnerabilities of key resources and critical infrastructures and developing a comprehensive national plan. In 2006, P.L. 109-295, Section 550 directed the regulation of high risk chemical facilities.
HSPD-9
Strategic Drivers
National strategies for Homeland Security, Cyber Security, and Physical Protection of CIKR provided high level goals and priorities for the Office of Infrastructure Protection.
HSPDs provide inter-related and focused policy guidance in the areas of incident management, critical infrastructure protection, and national preparedness.
The 2005 / 08 hurricanes affirmed IP’s important mission and central role in preparedness.
HSPD-19
Department of Homeland Security Appropriations Act
of 2007
The DHS Appropriations Act of 2007 charged IP with creating a chemical security regulatory program. The Appropriations Act of 2008 also requires Ammonium Nitrate regulations.
STAKEHOLDER INTERACTIONSTAKEHOLDER INTERACTION
12
Critical Infrastructure & Key Resources(CIKR)
Critical Infrastructure: Systems and assets, whether physical or virtual, so vital to the United States that the incapacitation or destruction of such systems and assets would have a debilitating impact on national security, national economic security, public health or safety, or any combination of those matters
Key Resources: Publicly or privately controlled resources essential to the minimal operations of the economy or government
Why is CIKR Protection Important? Essential to the Nation’s security, public health and safety,
economic vitality, and way of life
13
National Infrastructure Protection Plan
Build a safer, more secure, and more resilient America by preventing, deterring, neutralizing, or mitigating the effects of deliberate efforts by terrorists to destroy, incapacitate, or exploit elements of our Nation’s CIKR and to strengthen national preparedness, timely response, and rapid recovery of CIKR in the event of an attack, natural disaster, or other emergency.
14
National Infrastructure Protection Plan
A comprehensive plan and unifying structure for the government and the private sector to improve protection and resiliency of critical infrastructure and key resources, including Partnership model & information sharing Roles & responsibilities Risk management framework Authorities Integration with other plans Building a long-term program Providing resources & prioritizing investments
Contributes to both steady-state (non-incident) risk management and incident management
Drives IP’s programs/activities, guides those of Other Federal agencies and departments State, local, tribal, and territorial governments CIKR owners and operators
15
Sector-Specific Plans (SSPs) Tailor application of the NIPP risk
management framework to each of the CIKR sectors
Address the unique characteristics and risk landscapes of each sector
Sector-Specific Agencies (SSAs) partnered with Sector Coordinating Councils (SCCs) and Government Coordinating Councils (GCCs) to develop the SSPs
SSPs were released in May 2007 and underwent annual review in 2008
SSPs will undergo a triennial review for reissue in 2010
16
Goal and ObjectivesBuild a safer, more secure, and more resilient America by enhancing protection of the Nation’s CIKRRoles & ResponsibilitiesFederalStateLocalPrivate SectorManaging Risk GoalsIdentify Assets, Systems, and NetworksAssess RiskPrioritizeImplement Protective Programs and Resiliency StrategiesMeasure EffectivenessOrganizing & PartneringSector Partnership Model
Government Coordinating Councils (GCCs) Sector Coordinating Councils Federal Senior Leadership Council State, Local, Tribal, and Territorial GCC Regional Consortium Coordinating Council
Relationship to Other Plans & NIPP OutreachNational Response FrameworkBuilding National AwarenessEducation and TrainingR&DResources for CIKR ProtectionNational CIKR Protection Annual ReportSector CIKR Protection Annual Reports
Sector Security Goals (example)Rapidly reconstitute critical sector assets, systems, networks, and functions after national and regional emergencies.Plan for emergencies and crises by participating in exercises and updating response and continuity of operations plans.Educate stakeholders on infrastructure resiliency and risk management practices in the sector. Ensure timely, relevant, and accurate threat information sharing between the law enforcement and intelligence communities and key decision makers in the sector.Establish effective, cross-sector coordination mechanisms to address critical interdependencies, including incident situational awareness, and cross-sector incident management.CIKR IdentificationAssetsSystemsNetworksFunctionsRisk AssessmentsIndustry Self Assessments – Corporate processNational Sector Risk Assessment – Government sponsoredCross Sector Dependency Analysis – Government sponsoredProtective ProgramsCultivate existing programsAddress high risk areas identified by risk assessmentsPriority based, linked to goals and related risksMeasuring EffectivenessCore NIPP MetricsSpecific sector goalsProtective programs
NIPP Base Plan (2009) 18 Sector-Specific Plans (2007)
National Infrastructure Protection Plan
17
NIPP Risk Management FrameworkThe NIPP describes processes to:
Set Goals and Objectives Identify Assets, Systems, and Networks Assess Risk (Consequences, Vulnerabilities, and Threats) Prioritize Implement Protective Programs & Resiliency Strategies Measure Effectiveness
18
Overview of Key ChangesNIPP - 2009
Improvements to 2006 NIPP do not change underlying policy
2009 NIPP integrates the concepts of resiliency and protection and broadens the focus of NIPP-related programs and activities to the all-hazards environment
Changes reflect suggestions and comments received from our partners as well as: Release of SSPs in 2007
New HSPDs, national strategies, and legislation
Establishment of Critical Manufacturing as the 18th CIKR sector
Designation of Education as a subsector of Government Facilities
Formation of the Regional Consortium Coordinating Council (RCCC)
Release of the Chemical Facility Anti-Terrorism Standards (CFATS)
19
Infrastructure Liaison Principal advisor to the JFO Coordination Group regarding all
national and regional CIKR incident-related issues
Maintains operational control over all IP staff assigned to support the JFO
Principal functions include: Act as the liaison between the national-and regional-level CIKR, the
private sector, and the JFO Coordinate CIKR and ESF issues between the JFO Coordination
Group and IP representatives located at the NOC, IAC, and NRCC Provide situational awareness on the affected CIKR and periodic
updates to the JFO Coordination Group Serve as the senior advocate within the JFO for CIKR issues within
the JFO and to support the prioritization of response and restoration efforts
Leverage private sector relationships to support response and recovery efforts
20
Stafford ActGeneral Framework for Assistance (Section 402/403)
Section 403(a): authorizes FEMA “to provide assistance essential to meeting
immediate threats to life and property resulting from a major disaster.”
direct Federal assistance – either by using, lending, or donating to State and local governments Federal equipment, supplies, facilities, personnel, and other resources; or by distributing through States/locals medicine, food, and other consumable supplies, and other services and assistance to disaster victims. Section 403(a)(1), (2)
Limiting Factors: 403(a)(1), (2) authorize assistance only to “State and local governments” or
certain “private non-profit” entities Aid not routinely available to for-profit entities; however, such entities may be
indirect or incidental beneficiaries of Federal assistance in appropriate circumstances
21
CIKR RFA DeterminationsIssues to be considered in supporting an RFA Contribution of the requested assistance to meeting public safety & health goals
Contribution of the requested assistance to meeting response/restoration priorities established by the SCO/FCO
Requestor’s capability to resource the requested assistance from their own capabilities
Alternative means and timing of providing the requested assistance Benefit of providing the requested assistance to the restoration of a
local community critical resources/capability Benefit of providing the requested assistance to meeting critical
regional/national CIKR needs Benefit/cost of redirecting the requested resource or capability from
other priority requirements Prioritization adjudication JFO(PFO/FCO/IL) NRCC (IL/IP
supported) IAC Potential for cost share by requestor
22
Major CIKR Concerns/IssuesAccess and Credentialing
Evacuation and re-entry plans and routes
Status of Electricity Water Telecommunications Roads
Resource and supply confiscation
23
Networked Information Sharing
24
Cross-Sector Coordination
Agriculture/Food
Banking & Finance
Chemical
Commercial Facilities
Communications
Critical Manufacturing
Dams
Defense Industrial Base
Emergency Services
Energy
Government Facilities
Information Technology
National Monuments & Icons
Nuclear
Postal & Shipping
Healthcare and Public Health
Transportation Systems
Water
Reg
ion
al Co
ns
ortiu
m C
oo
rdin
ating
Co
un
cil
Cro
ss-Secto
r Cyb
ersecu
rity Wo
rking
Gro
up
State, L
ocal, T
ribal, an
d T
erritorial G
overn
men
t Co
ord
inatin
g C
ou
ncil
CIK
R C
ross-S
ector C
ou
nc
il
Fed
eral Sen
ior L
eadersh
ip C
ou
ncil
