M5D2: Government and Private Sector Partnership in Critical Infrastructure Protection. Module 5 In most countries the majority of the critical infrastructure is owned and operated by the private secto

M5D2: Government and Private Sector Partnership in Critical Infrastructure Protection.

Module 5

In most countries the majority of the critical infrastructure is owned and operated by the private sector.  In the United States, the figure is approximately 85% according to the Information Sharing Environment Homeland Security Presidential Directive (HSPD) No.7(https://www.dni.gov/index.php/who-we-are/organizations/national-security-partnerships/ise/about-the-ise).(https://www.dhs.gov/homeland-security-presidential-directive-7.) requires the Department of Homeland Security and the Sector Specific Agencies to collaborate with private sector entities and to share information on cyber threats, vulnerabilities, and best practices.  The readings from Kaplan (2009) and Earls (2015) highlighted the difficulty in getting Congress to take the necessary legislative action to resolve some of the sticky legal issues in sharing information from government to the private sector and between private sector entities.  The CISA legislation of December 2015 (Gardner & Broder, 2016) addressed some of these issues. Has it gone far enough?

As always be mindful of plagiarism. 

The module learning outcomes addressed in this activity are:

·         Explain the roles and responsibilities of U.S. Department of Homeland Security and in developing and executing critical infrastructure protection policy (CO #1, #3)

·         Discuss the role of the National Institute of Standards (NIST) cybersecurity framework (CO #3)

·         Explain the role of the private sector in securing the nation’s critical infrastructure. (CO #1, #3)

Use the references from the module properly cited. Each discussion post must be at least 300 words.

Question

After completing the assigned readings for the module, please respond to the following question in your initial post:

·         Congress was slow to pass legislation on cybersecurity information sharing. The Cybersecurity Information Sharing Act (CISA) of 2015 followed at least ten years of discussion. Consider the electric power grid and the threats it faces, what are the limitations of the CISA and provide two changes/additions would you recommend?  Please cite course materials or outside research when discussing your conclusions.