Free Essay

Cis 502 Critical Infrastructure Protection

In: Business and Management

Submitted By arnitaetsitty
Words 1288
Pages 6
CIS 502 Critical Infrastructure Protection

Click Link Below To Buy:

Due Week 6 and worth 50 points

Critical Infrastructure Protection (CIP) is an important cybersecurity initiative that requires careful planning and coordination in protecting our infrastructure.

The following documents titled, “National Infrastructure Protection Plan”, and “Critical Infrastructure Protection”, may be used to complete the assignment.

Write a three to five (3-5) page paper in which you:

1. Examine the Department of Homeland Security’s :
a. mission

b. operations

c. responsibilities
2. Explain what Critical Infrastructure Protection (CIP) initiatives are, what are protected, and the methods used to protect our assets.

3. Describe the vulnerabilities IS professionals need to be concerned with when protecting the U.S.’s critical infrastructure.

4. Evaluate the effectiveness of IS professionals in regard to protecting the U.S.’s critical infrastructure.

5. Suggest three (3) methods to improve the protection of our critical infrastructure and justify each suggestion.

6. Use at least three (3) quality resources outside of the suggested resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:
• Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
• Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are: • Evaluate potential situations of business interruption and the planning necessary to mitigate the threats involved.
• Analyze the methods of managing, controlling, and mitigating security risks and vulnerabilities.
• Compare and contrast business continuity and disaster recovery planning.
• Use technology and information resources to research issues in security management.
• Write clearly and concisely about the theories of security management using proper writing mechanics and technical style conventions.

Critical Infrastructure Plan
Gretchen Greene
Dr. Syed Raza
February 15, 2016 Interpret the Department of Homeland Security’s mission, operations and responsibilities The Department of Homeland Security has five missions. First, they protect the American people from terrorist threats as their number one priority. Their counterterrorism goals are to prevent terrorist attacks, prevent the use of chemical, biological, radiological, and nuclear materials from within the US, and reduce the vulnerability of resources and major events to terrorist attacks. Second, they secure the nation’s borders to prevent illegal activity. Third, the Department of Homeland Security enforces our immigration laws. Fourth, they lead the government in securing cyberspace and reducing cyber threats. Fifth, Homeland Security responds with plans, grants, and training to new security and law enforcement officers. They also respond with information in the event of a terrorist attack or natural disaster.
Detail the Critical Infrastructure Protection (CIP) The Critical Infrastructure Protection (CIP) initiatives are to work to improve interoperability across communities in the event of human or natural disaster. The CIP is used to plan, detect, respond to, prevent, and recover from any natural and human disaster. CIP works with the federal government, state government, local government, commercial and private sectors to resolve the threat. Information regarding incidents can be shared in the CIKR system Automated Critical Asset Management System (ACAMS). This system creates an inventory of assets along with shares the information across state and local sectors.
NIPP VS NIST There are significant differences between the Critical Infrastructure Protection plans from NIST and NIPP. NIPP’s CIP is much more detailed regarding how threats are handled and how assets are protected. It defines how to assess risks and the consequences when risks occur. It also defines what agencies and sectors are involved. NIST’s CIP main concern was about addressing authentication and the framework. NIST was concerned with password requirements for individuals and the authentication of automated devices. It was more focused on the infrastructure training and management. It did not define a plan of action if a risk occurred or the agencies involved. It ensured the personnel for the cybersecurity workforce for data analysis and privacy standards.
Vulnerabilities IS professionals who protect the U.S.’s critical infrastructure The Department of Homeland Security has not consistently collected information on the vulnerabilities to have an accurate measure of where there are risks and hazards. The guidelines for tracking vulnerabilities are written in the NIPP CIP, but it has not been followed consistently. There is not a standard across the tools used for collecting data from all of the different agencies. IS professionals should be prepared for the need to organize the data that has been collected into some form that can be integrated together.
Suggest three (3) methods to improve the protection of the U.S.’s critical infrastructure The Department of Homeland Security needs to design one system for tracking vulnerabilities for all agencies to use in the public and private sector. It is extremely important to consistently collect data on vulnerabilities to know when an attack is happening. It also shares the information with all departments and agencies. This would integrate all the information into one location that can be used to track when an attack is happening. Homeland Security needs to create a department to handle the assessment information and sharing that information with other agencies. One does not exist right now and they rely on their field agents to get the information to the agencies. Many times Homeland Security is requested to be at meetings to share information from the assessments and because they have no way of sharing the information they are not there. The other participants then have no idea whether the information has been shared with Homeland Security or not.
The Department of Homeland Security needs to create a department to maintain the sixteen infrastructure sectors are following the NIPP CIP. Only three of the sixteen sectors have made any progress towards the goals set in the CIP. The other thirteen sectors have yet to begin to set metrics for the goals set in the CIP. Many have to rely on private sectors to provide the information to them regarding cyber risks and vulnerabilities. Having a specific department to only work on following up with these sectors will help motivate these sectors to work with the private sectors to obtain the needed information.
The Department of Homeland Security had a good plan in place that was also updated in 2013 after Hurricane Sandy showed many flaws in the original plan. With some new departments and some organization to data collected on a regular basis, vulnerabilities can be identified more quickly to stop attacks. Cyber risks and natural disasters are always going to be present but now is the time to get the plan in working order before it is needed in a disaster. References
Critical Infrastructure Protection: DHS Action Needed to Enhance Integration and Coordination of Vulnerability Assessment Efforts [Reissued on September 17, 2014]. (2014, September 17). Retrieved February 14, 2016, from

Homeland Security. (2015, July 16). Retrieved February 14, 2016, from

National Infrastruction Protection Plan. (2009). Retrieved February 14, 2016, from

NIST Roadmap for Improving Critical Infrastructure Cybersecurity. (2014, February 12). Retrieved February 14, 2016, from

Wilshusen, G. C. (2015, November 19). CRITICAL INFRASTRUCTURE PROTECTION Sector-Specific Agencies Need to Better Measure Cybersecurity Progress. Retrieved February 14, 2016, from…...

Similar Documents

Free Essay

It Infrastructure

...In an IT infrastructure, domains there can be many threats that can take down your system. There is a threat out there that can harm our system, which we need to address. I feel that our system can be improved for better security and be protective from outside threat. This report is to inform you of the domains that can be affected by outside threat. In addition, people should know when dealing which company property and data that there no room for error. Next to properly handle company data when dealing with customer information. I feel that educating our employee would cut back on human error and keep the data safe. User domain can be defined, as the access point was the person meets the computer. The person can access the system through this point depending on the level of access that have. We would need to put in an “Acceptable Use Policy” it would give the employee the information on how to handle company assets. Now there would be certain measure to where we give access to employee, but that would be handling in the hiring process. With this information, the employee would be responsible for his or her action when handling sensitive data. That would ensure that company data would be safe when an employee logged on to the system. The User Domain is the weakest access point and employee should understand that. Next is the “Workstation Domain” is the device to where a user can access the company system. Only employees with the right access should be using these......

Words: 429 - Pages: 2

Premium Essay

Understanding Critical Infrastructures

...•What have you learned from others' responses? Critical Infrastructure is the basic foundation of the National economy of United States of America along with its health and security. It is because the power that has been used peoples in their homes, water that has been drunk, transportation used for mobility and the system of communication which has been used for connectivity between different peoples all belongs to the existence of such critical infrastructures. As they are of very sensitive nature so their security and pre caution measures are also needed to be taken with great importance (Homeland Security, 2013). Critical infrastructure is defined as an asset, network or system, either real or virtual, which is of crucial importance to the United States of America and their destruction may cause a devastating effect on the national or economic security, public safety or health or combination of them. •What were the most compelling points from the interaction with your fellow students? The most compelling points that I though was how identical our process of thinking in the way we chose what sectors to write about and how valuable each one of those sectors contribute to our daily lives. I just can’t imagine how we couldn’t live without them and we as a nation have to what we can to protect all of our resources. •How did participating in this discussion help in your understanding of the Discussion Board task? By participating in the DB’s it give you an insight of what...

Words: 430 - Pages: 2

Premium Essay

Critical Infrastructure Protection

...The summary determines Critical Infrastructure Protection (CIP) is an important Cyber Security initiative that requires careful planning and coordination in protecting our infrastructure: 1. What is the Department of Homeland Security’s Mission, Operations, and Responsibilities? 2. What is the Critical Infrastructure Protection (CIP) initiatives are; what are protected, and the methods used to protect our assets? 3. What are the vulnerabilities IS professionals need to be concerned with when protecting the U.S.’s critical infrastructure? 4. Evaluate the effectiveness of IS professionals in regard to protecting the U.S.’s critical infrastructure. 5. Three methods to improve the protection of our critical infrastructure DHS’s Mission The Homeland Security Act of 2002 created the Department of Homeland Security (DHS) began operations in 2003 it assigned the department the following critical infrastructure protection responsibilities it’s goals and objectives are to prevent, to protect, to respond, and to recover, as well as to build in security, to ensure resilience, and to facilitate customs and exchange. DHS core mission consist of five homeland security missions “Prevent terrorism and enhancing security; Secure and manage our borders; Enforce and administer our immigration laws; Safeguard and secure cyberspace; Ensure resilience to disasters” ( Homeland security is a widely distributed and diverse refers to the collective efforts and shared......

Words: 1936 - Pages: 8

Premium Essay

Cis 502 Week 3 Case Study

...RUNNING HEAD: Advanced Persistent Threats Against RSA Tokens 1 Advanced Persistent Threats Against RSA Tokens McQuinda Johnson Dr. Al Oluyomi CIS 502 January 27, 2014 Advanced Persistent Threats Against RSA Tokens 2 An evolution in the goals and sophistication of computer network intrusions has rendered these approaches insufficient for the threats facing many modern networked organizations. A new class of adversaries, appropriately dubbed the “Advanced Persistent Threat” (APT), represents well-resourced and trained adversaries that conduct multi-year intrusion campaigns targeting highly sensitive and valuable data in an attempt to gain a competitive edge, particularly in international business and law, or nation-state political and military affairs. These adversaries accomplish their goals using advanced tools and techniques designed to circumvent most conventional computer network defense mechanisms and remain undetected in their intrusion efforts or presence on networks over long periods of time. Network defense techniques which leverage knowledge about these adversaries can enable defenders to establish a state of information superiority which decreases the adversary’s likelihood of success with each subsequent intrusion attempt. Threat intelligence can be a force multiplier as organizations look to update their security programs and defenses to deal with increasingly sophisticated advanced persistent threats. Security managers need accurate,......

Words: 1313 - Pages: 6

Premium Essay

Claim: Critical Analysis of Worker's Benefit of Protection by Milton Friedman's Free to Choose

...Book assignment: Paper # 2 10/29/10 Claim: Critical Analysis of Worker’s Benefits and Protection as Presented in Milton Friedman’s Free to Choose. In Chapter eight of his popular Free to Choose, Milton Friedman takes on labor unions and government intervention in labor markets. He disputes the commonly held notion that labor unions and government spending are the cause of improvements in the living standards and wages of workers over the 19th and 20th centuries. He argues that because only “3 percent of workers” were members of unions as late as 1900, and because government regulation of the labor market was minimal prior to the New Deal, these two factors clearly had a limited role in the improvements in workers’ standard of living (228). Instead he points to the idea that when “no one”—or the invisible hand of the market—is instead responsible for protecting workers and improving their lives, workers see the most benefit. Friedman’s conclusion is that workers lot will improve most if the influence of union and government is reduced (247). Since 1980, when the book was published, there has been a steady decline in the percentage of workers who are members of labor unions, while the minimum wage has fallen behind inflation, effectively decreasing. Given that situation, it is possible to evaluate Friedman’s main prediction, as well as his component arguments in light of the new evidence. Friedman argues that the......

Words: 855 - Pages: 4

Premium Essay


...through an unsecured site leading to the disclosure of business sensitive and companywide strategic information pertaining current contract negotiations and company mergers. IDI CIO has enlisted the help of an Information Systems Infrastructure Architect and An Information Systems Security Specialist to investigate and recommend improvements to IDI’s IT Infrastructure. To date, IDI’s network weaknesses out way the network strengths. The larger of the weaknesses is that IDI has no secondary locations in the event of a large scale disaster. Second to that is the lack of security implementations at some of the sites, i.e., Remote access to the Warsaw office runs through a completely unsecure channel and the blatant disregard for adherence to network security policies at the home office. Further evaluations of some of IDI sites have led us to come up with a fairly comprehensive plan to fix and mitigate and major issues that may arise in the future. Our greatest challenge will be to ensure that all sites are working towards the same goal using the same equipment. We are driven to set IT standards which will help us: * Avoiding technological dead ends * Reducing dependency on outside vendors * Promote universality San Paulo’s infrastructure is going to be the basis for the rest of the sites. We recommend that each site have the following hardware and software setups: * Microsoft Windows 2008 Server R2 * Microsoft Exchange 2010 * Microsoft......

Words: 3151 - Pages: 13

Premium Essay


...Infrastructure and Economic Development in Africa Infrastructure and Economic Development in Africa 2014 Mohamed Salah Abdel Rehim 10200210 12/21/2014 2014 Mohamed Salah Abdel Rehim 10200210 12/21/2014 Presented to: Dr. Azza El Sharabasy Course: Economic Development Presented to: Dr. Azza El Sharabasy Course: Economic Development Table of contents * Introduction * Literature review * Africa’s infrastructure endowment * Ways of financing infrastructure * Impact of Infrastructure on Economic Growth. * Conclusions and recommendations * References Introduction * Generally, a consensus has developed that, under the right circumstances, infrastructure evolution can play a major role in improving growth and equity-and, through those two channels, help to eradicate poverty. * However, in spite of this acknowledged aspects and their importance, sub Saharan Africa “SSA” falls behind other regions in infrastructure services and its quality, and this gap is increasing over time. * This is intensely showed in the energy sector, with around 800 million population, the 48 sub Saharan Africa countries produce all together about as much power as Spain, which has only 5.5% of the population of the SSA countries. * Investment in maintaining the current infrastructure is also lagging behind, leaving many African countries with deteriorated and inefficient infrastructure services;......

Words: 2755 - Pages: 12

Premium Essay

Critical Infrastructure Protection

...importance of Critical Infrastructure Protection (CIP) and the mythology behind this since the attacks of 9/11, as well as a brief history of Critical Infrastructure Protection pass to the present to include attacks from the cyber arena. These attacks are prone to come indirect or direct which will and could affect our need and use for resources for life as we know it based on living naturally on a daily bases, these threats maybe man made or by natural disaster. Problem statement Prior to the attacks of 9/11 there was no main concern with the protection of Critical Infrastructure within the United States from any avenue. As we moved on into the 21 century the threat has evolved from more than just protecting water source, and power plants. With the information age this issue has shown another form of crippling the United States economy with just the push of a button. How we to protect these infrastructures from threats that may not be seen or those from natural disasters is a question for now and the future. Purpose statement I have chosen this particular subject due to the nature of its importance to national security, economy, as well as the everyday needs of Americans to survive. The awareness for the protection of our critical infrastructure is a necessity for the present and future of America’s well fair. Research questions Q1. When did the United States began showing concern for critical infrastructure and why? Q2. Why is the protection of critical......

Words: 786 - Pages: 4

Free Essay

Critical Infrastructure Protection

...Critical Infrastructure Protection Pamela S. York CIS502, Dr. Glenn Hines 2/14/15 Abstract The explosion of the accessibility of information and data via the today’s Web has brought along the concern and need for cyber security. With these issues of cyber security has also come the need to protect national informational assets from hackers and such who utilize the Web as a means to attack information that can aid in cyber terrorism. Information professionals are now looking to measures of protection that will ensure private citizens are not put into danger by the threat of cyber espionage. This also has extended to the protection of critical infrastructure within the United States and abroad. Critical Infrastructure Protection With the ever evolving presence of cyber-attacks that threaten to put citizens’ privacy and Internet security at risk, the government has had to intervene in order to take measures to protect its’ citizens due to the alarming fact that cyber-attacks are replacing other modes of attacks by terrorists. The Department of Homeland Security, created in 2002, was developed to carry out broad missions such as preventing terrorist attacks within the United States. This was mainly in response to the terrorist attacks that occurred on U.S. soil on September 11, 2001. Since then the DHS has taken on the mission of developing security that extends to information security and developing plans to implement critical infrastructure. The Homeland Security......

Words: 1329 - Pages: 6

Free Essay

Critical Infrastructure Protection

...The U.S. CIP is a national program to ensure the security of vulnerable and interconnected infrastructures of the United States The United States possesses both the world's strongest military and its largest national economy. Those two aspects of our power are mutually reinforcing and dependent. They are also increasingly reliant upon certain critical infrastructures and upon cyber-based information systems. Critical infrastructures are those physical and cyber-based systems essential to the minimum operations of the economy and government. They include, but are not limited to, telecommunications, energy, banking and finance, transportation, water systems and emergency services, both governmental and private. Many of the nation's critical infrastructures have historically been physically and logically separate systems that had little interdependence. As a result of advances in information technology and the necessity of improved efficiency, however, these infrastructures have become increasingly automated and interlinked. These same advances have created new vulnerabilities to equipment failure, human error, weather and other natural causes, and physical and cyber attacks. Addressing these vulnerabilities will necessarily require flexible, evolutionary approaches that span both the public and private sectors, and protect both domestic and international security. Because of our military strength, future enemies, whether nations, groups or individuals, may seek to harm us in......

Words: 468 - Pages: 2

Free Essay

Assignment 2: Critical Infrastructure Protection

...Assignment 2: Critical Infrastructure Protection Benard Braxton, Jr. Dr. Bouaffo Kouame CIS 502 – Theories of Security Management May 17, 2015 The Department of Homeland Security’s vison is to ensure a homeland that is safe, secure, and resilient against terrorism and other hazards (DHS, 2015). To achieve this vision there are three key concepts that creates the foundation of our national homeland security strategy. They are security, resilience, and customs and exchange (DHS, 2015). These key concepts drive wide-ranging areas of action that the Quadrennial Homeland Security Review process describes as homeland security missions. These missions are not restricted to the Department of Homeland Security. These objectives and goals says what it means to prevent, to protect, to respond, and to recover. They also shows how build in security, to ensure resilience, and to facilitate customs and exchange (DHS, 2015). There are thousands of people from across the all over the country who are responsible for executing these missions. These are the people who interact with the public, are responsible for security and public safety, operate our country’s critical services and infrastructures, develop technology, perform research, watch, prepare for, and respond to emerging disasters and threats (DHS, 2015). The five homeland security core missions are to prevent terrorism and enhancing security; secure and manage our borders; enforce and administer our immigration laws;......

Words: 1124 - Pages: 5

Premium Essay

Cis 499 Week 8 Infrastructure Project Plan

...CIS 499 Week 8 Infrastructure Project Plan CIS 499 Week 8 Infrastructure Project Plan CIS 499 Week 8 Infrastructure Project Plan CIS 499 Week 8 Infrastructure Project Plan CIS 499 Week 8 Infrastructure Project Plan CIS 499 Week 8 Infrastructure Project Plan CIS 499 Week 8 Infrastructure Project Plan CIS 499 Week 8 Infrastructure Project Plan CIS 499 Week 8 Infrastructure Project Plan CIS 499 Week 8 Infrastructure Project Plan CIS 499 Week 8 Infrastructure Project Plan CIS 499 Week 8 Infrastructure Project Plan CIS 499 Week 8 Infrastructure Project Plan CIS 499 Week 8 Infrastructure Project Plan CIS 499 Week 8 Infrastructure Project Plan CIS 499 Week 8 Infrastructure Project Plan CIS 499 Week 8 Infrastructure Project Plan CIS 499 Week 8......

Words: 1275 - Pages: 6

Premium Essay

Assignment 2 Critical Infrastructure Protection

...        Assignment 2: Critical Infrastructure Protection Strayer University Introduction In the wake of a terrorist attack, natural disaster, or emergency, the Department of Homeland Security (DHS) is prepared to respond.   DHS primary responsibilities are combatting terrorism, securing boarders, enforcing immigration laws, safeguarding cyberspace, and responding to natural disasters. Coordination with the federal response teams and partnerships with local, state, and private sectors, enhance the DHS response tactics in a national emergency. Department of Homeland Security Mission, Operations, and Responsibilities The Department of Homeland Security’s mission is to keep America safe, protected, and resilient from various elements that threaten the country.  As identified by (, 2013) DHS has three key concepts that strategies are based upon security, resilience, and customs and exchange.  The process that defines homeland security missions and incorporates the key concepts is the Quadrennial Homeland Security Review (QHSR). DHS missions are spread across the enterprise and do not only cover DHS.  The delegated missions define in detail how to prevent, protect, respond, recover, secure, ensure resilience, and facilitate customs and exchange as noted by (, 2013).     Department of Homeland Security operations encompass five core objectives.  The objectives covered under DHS are prevention of terrorism and enhancing security; secure and manage our boarders;......

Words: 1685 - Pages: 7

Premium Essay

Cis 500 - Asgmt 2 - Harnessing Information Management, the Data, and Infrastructure

...Harnessing Information Management, the Data and Infrastructure CIS 500: Information Systems for Decision-Making Amazon’s success can be considered to be based on its’ ability of its’ Information Systems (IS) and Architecture to capture, analysis and manage information about its’ customers. Many organizations have the capability to do the same but without the same success, so why the difference? In a 2004 interview with Business Week’s, Robert D. Hof, Jeff Bezos stated, “We see our customers as invited guests to a party, and we are the hosts. It’s our job every day to make every important aspect of the customer experience a little bit better”. It appears the secret lies within the aforementioned quote, by the words “guests” and “hosts”. Jeff views the commerce interaction as a relationship. Being a good “host” and making the customer (guest) experience better requires understanding of what the customer wants to obtain from their experience (relationship) with Amazon. The relationship importance is prioritized in Amazon’s mission statement, “Earth's Most Customer-Centric Company". To build this relationship requires understanding the customer increasingly better, which in turn requires Amazon to make frequent attempts to engage the customer, through maintaining a high exposure on various “touch-points” across the Web, through search engines, vendor/partner websites, and social media all geared to steer new customers to Amazon’s primary website. For......

Words: 1921 - Pages: 8

Free Essay

It Infrastructure

...Tiffany’s Networking Request for Proposal for a Technology Network Infrastructure May 6, 2011 1 Purpose The purpose of this Request for Proposal (RFP) is to invite prospective vendors to submit a proposal to supply a Structured Cabling solution to Tiffany’s networking. The RFP provides vendors with the relevant operational, performance, and architectural requirements for the solution. 2 Coverage & Participation The intended coverage of this RFP, and any agreement resulting from this solicitation, shall be for the use of all departments at Tiffany’s networking along with any satellite offices. Tiffany’s networking reserves the right to add and/or delete elements, or to change any element of the coverage and participation at any time without prior notification and without any liability or obligation of any kind or amount. General Information The Enterprise Insert Enterprise Description Here Describe the enterprise in a few brief paragraphs. State the core business of the enterprise, the number of employees and the general size of the IT infrastructure: number of workstations, servers, etc. Include a description of the business and location including any satellite offices that will be involved in the project. Describe the overall objectives of the Structured Cabling solution purchase. Focus on larger business goals, not technical specifications. For example, most enterprises put the purchase of a Structured Cabling......

Words: 2282 - Pages: 10