StudyDaddy Social Science M5D1: Identity Change Upon successful completion of this activity, students will be able to: 1. Explain the concept of social deviance and provide examples of deviant behavior in social context. 4. Ap

M5D1: Identity Change Upon successful completion of this activity, students will be able to: 1. Explain the concept of social deviance and provide examples of deviant behavior in social context. 4. Ap

Module 5: Module Notes: Critical Infrastructure and Cybersecurity

Critical infrastructure provides the underpinning for daily life in developed economies. Energy, water, transportation, and other sectors are ubiquitous and provide enticing targets for cyberattacks.  With much of this infrastructure owned and operated by the private sector, government has limited tools to ensure its protection. The United States and other nations have established programs and policies to protect the health and welfare of their populations.

The readings in this module trace the history of establishing protections for the systems that are essential to our health and welfare in an industrialized society.  The vulnerability of critical infrastructure to criminal or terrorist attack motivated the U.S. government to initiate steps to protect it.

The Department of Homeland Security (DHS) identified 16 distinct sectors of critical infrastructure. A common element in the majority of them is their dependence on cyber systems.  The technology revolution allowed infrastructure providers such as chemical plants, water distribution systems, and the electric grid to install automated control systems that improve efficiency and lower operating costs.  Unfortunately these systems can be hacked (Hebert, 2013). DHS (https://www.dhs.gov/) and its National Infrastructure Protection Plan (https://www.dhs.gov/cisa/national-infrastructure-protection-plan) are attempting to reduce the risk and increase the nation’s resilience.

As pointed out in the readings and videos, the majority of critical infrastructure is owned and operated by the private sector.  This structure limits the ability of the President (https://search-credoreference-com.vlib.excelsior.edu/content/entry/eupguspg/president/0) and the Executive Branch (https://search-credoreference-com.vlib.excelsior.edu/.) to force corrective measures without legislative action.  The slow progress of legislation (Kaplan, 2009) prompted President Obama to issue Executive Order 13636 in 2013.  The order tasked the Department of Commerce (https://search-credoreference-com.vlib.excelsior.edu/) and its National Institute of Standards and Technology (NIST) (https://search-credoreference-com.vlib.excelsior.edu/content/entry/columency/national_institute_of_standards_and_technology/0)

 to work with other government agencies to work with the private sector to develop a set of voluntary guidelines.  The NIST Framework is now emerging as a best practice and will improve national resilience (Scofield, 2016). Even with a framework gaining acceptance it still took Congress until late 2015 to actually pass some legislation on the subject (Earls, 2015; Gardner & Broder, 2016). As the NIST Framework is adopted more widely, it is likely to be adopted as a risk assessment factor for cyber insurance and a demonstration of due diligence.  Perhaps it is an example of the economic cybersecurity paradigm supporting a national security issue.

There are arguments that the electric grid is the most vital of critical infrastructures (Hebert, 2013). Taking down the grid renders other computer controlled systems ineffective at best and most likely useless.  Consider the last time you drove to an intersection where the light was out.  Did the other drivers all follow the rules of the road or were you taking your life in your hands as you ventured through the intersection? Zhang (2013) argued that protecting the electric grid is the first step to protecting critical infrastructure.  Imagine the angst of a teenager unable to charge a smartphone.

As you prepare for the discussion items, pay attention to the challenges of establishing public private partnerships.  The CISA legislation of 2015 (https://www.congress.gov/bill/114th-congress/senate-bill/754) attempted to address some of the challenges.  Information sharing is difficult. Legal barriers established to ensure competition restrict different entities in the same sector from sharing information. Other barriers exist that inhibit government sharing information with the private sector.  Are trade secrets exposed? How about classified information? Bear in mind that parts of our critical infrastructure are international.  Power and water resources are sometimes shared with our Canadian and Mexican neighbors (McDaniel, 2012). Similar conditions exist in Europe and elsewhere.  Consider pipelines, rivers with dams, and port facilities. How do you set standards across a border?

You will now have the chance to make comments and recommendations.

References:

  • Earls, A. (2015). Appetite for more. SC Magazine, 26(10), 32-34.

  • Hébert, J. C. (2013). The most critical of economic needs (risks): A quick look at cybersecurity and the electric grid (https://doi.org/10.1016/j.tej.2013.05.009)The Electricity Journal2615-19. doi:10.1016/j.tej.2013.05.009

  • Kaplan, D. (2009). 2 Minutes on... the Rockefeller-Snowe problem (https://search-proquest-com.vlib.excelsior.edu/docview/196346947?accountid=134966. SC Magazine, 20(10), 14

  • McDaniel, M. C. (2012). Trade and jobs: Beyond “Beyond the Border: A proposal for implementation of the action plan’s recommendations on cross-border critical infrastructure. Canada - United States Law Journal37433.

  • Scofield, M. (2016). Benefiting from the NIST Cybersecurity Framework. (Cover story) (http://search.ebscohost.com/login.aspx?direct=true&db=a9h&AN=113586332&site=eds-live&scope=site. Information Management Journal50(2), 25-28.

  • Zhang, Z. (2013). Cybersecurity policy for the electricity sector: The first step to protecting our critical infrastructure from cyber threats (http://search.ebscohost.com/login.aspx?direct=true&db=edslex&AN=edslex3A10E923&site=eds-live&scope=site).Boston University Journal of Science and Technology Law19, 319.

As you watch/listen to the videos and digest the readings, keep track of the multiple responsibilities given to the Department of Homeland Security in the realm of cybersecurity.  The DHS Secretary must be mindful of very diverse set of threats to security.  Does cybersecurity suffer in comparison to terrorism and other threats? The discussion questions will offer the opportunity to comment on the organization of DHS and the challenges the Department faces.

Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!