cis 502 critical infrastructure protection
DESCRIPTION
CIS 502 Critical Infrastructure Protection Click Link Below To Buy:http://hwaid.com/shop/cis-502-critical-infrastructure-protection/ Due Week 6 and worth 50 pointsCritical Infrastructure Protection (CIP) is an important cybersecurity initiative that requires careful planning and coordination in protecting our infrastructure. The following documents titled, “National Infrastructure Protection Plan”, and “Critical Infrastructure Protection”, may be used to complete the assignment. Write a three to five (3-5) page paper in which you:1. Examine the Department of Homeland Security’s : a. missionb. operationsc. responsibilities2. Explain what Critical Infrastructure Protection (CIP) initiatives are, what are protected, and the methods used to protect our assets. 3. Describe the vulnerabilities IS professionals need to be concerned with when protecting the U.S.’s critical infrastructure.4. Evaluate the effectiveness of IS professionals in regard to protecting the U.S.’s critical infrastructure.5. Suggest three (3) methods to improve the protection of our critical infrastructure and justify each suggestion.6. Use at least three (3) quality resources outside of the suggested resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources. Your assignment must follow these formatting requirements:• Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.• Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.The specific course learning outcomes associated with this assignment are: • Evaluate potential situations of business interruption and the planning necessary to mitigate the threats involved.• Analyze the methods of managing, controlling, and mitigating security risks and vulnerabilities.• Compare and contrast business continuity and disaster recovery planning.• Use technology and information resources to research issues in security management.• Write clearly and concisely about the theories of security management using proper writing mechanics and technical style conventions.Critical Infrastructure PlanGretchen GreeneDr. Syed RazaFebruary 15, 2016 Interpret the Department of Homeland Security’s mission, operations and responsibilities The Department of Homeland Security has five missions. First, they protect the American people from terrorist threats as their number one priority. Their counterterrorism goals are to prevent terrorist attacks, prevent the use of chemical, biological, radiological, and nuclear materials from within the US, and reduce the vulnerability of resources and major events to terrorist attacks. Second, they secure the nation’s borders to prevent illegal activity. Third, the Department of Homeland Security enforces our immigration laws. Fourth, they lead the government in securing cyberspace and reducing cyber threats. Fifth, Homeland Security responds with plans, grants, and training to new security and law enforcement officers. They also respond with information in the event of a terrorist attack or natural disaster.Detail the Critical Infrastructure Protection (CIP) The Critical Infrastructure Protection (CIP) initiatives are to work to improve interoperability across communities in the event of human or natural disaster. The CIP is used to plan, detect, respond to, prevent, and recover from any natural and human disaster. CIP works with the federal government, state government, local government, commercial and private sectors to resolve the threat. InformaTRANSCRIPT
CIS 502 Critical Infrastructure Protection
Click Link Below To Buy:
http://hwaid.com/shop/cis-502-critical-infrastructure-protection/
Due Week 6 and worth 50 points
Critical Infrastructure Protection (CIP) is an important cybersecurity initiative that requires careful planning and coordination in protecting our infrastructure.
The following documents titled, “National Infrastructure Protection Plan”, and “Critical Infrastructure Protection”, may be used to complete the assignment.
Write a three to five (3-5) page paper in which you:
1. Examine the Department of Homeland Security’s : a. mission
b. operations
c. responsibilities
2. Explain what Critical Infrastructure Protection (CIP) initiatives are, what are protected, and the methods used to protect our assets.
3. Describe the vulnerabilities IS professionals need to be concerned with when protecting the U.S.’s critical infrastructure.
4. Evaluate the effectiveness of IS professionals in regard to protecting the U.S.’s critical infrastructure.
5. Suggest three (3) methods to improve the protection of our critical infrastructure and justify each suggestion.
6. Use at least three (3) quality resources outside of the suggested resources in this
assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements: Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on
all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.The specific course learning outcomes associated with this assignment are:
Evaluate potential situations of business interruption and the planning necessary to mitigate the threats involved.
Analyze the methods of managing, controlling, and mitigating security risks and vulnerabilities.
Compare and contrast business continuity and disaster recovery planning. Use technology and information resources to research issues in security management. Write clearly and concisely about the theories of security management using proper writing
mechanics and technical style conventions.
Critical Infrastructure Plan
Gretchen Greene
Dr. Syed Raza
February 15, 2016
Interpret the Department of Homeland Security’s mission, operations and responsibilities
The Department of Homeland Security has five missions. First, they protect the
American people from terrorist threats as their number one priority. Their counterterrorism goals
are to prevent terrorist attacks, prevent the use of chemical, biological, radiological, and nuclear
materials from within the US, and reduce the vulnerability of resources and major events to
terrorist attacks. Second, they secure the nation’s borders to prevent illegal activity. Third, the
Department of Homeland Security enforces our immigration laws. Fourth, they lead the
government in securing cyberspace and reducing cyber threats. Fifth, Homeland Security
responds with plans, grants, and training to new security and law enforcement officers. They
also respond with information in the event of a terrorist attack or natural disaster.
Detail the Critical Infrastructure Protection (CIP)
The Critical Infrastructure Protection (CIP) initiatives are to work to improve
interoperability across communities in the event of human or natural disaster. The CIP is used to
plan, detect, respond to, prevent, and recover from any natural and human disaster. CIP works
with the federal government, state government, local government, commercial and private
sectors to resolve the threat. Information regarding incidents can be shared in the CIKR system
Automated Critical Asset Management System (ACAMS). This system creates an inventory of
assets along with shares the information across state and local sectors.
NIPP VS NIST
There are significant differences between the Critical Infrastructure Protection plans from
NIST and NIPP. NIPP’s CIP is much more detailed regarding how threats are handled and how
assets are protected. It defines how to assess risks and the consequences when risks occur. It
also defines what agencies and sectors are involved. NIST’s CIP main concern was about
addressing authentication and the framework. NIST was concerned with password requirements
for individuals and the authentication of automated devices. It was more focused on the
infrastructure training and management. It did not define a plan of action if a risk occurred or the
agencies involved. It ensured the personnel for the cybersecurity workforce for data analysis and
privacy standards.
Vulnerabilities IS professionals who protect the U.S.’s critical infrastructure
The Department of Homeland Security has not consistently collected information on the
vulnerabilities to have an accurate measure of where there are risks and hazards. The guidelines
for tracking vulnerabilities are written in the NIPP CIP, but it has not been followed consistently.
There is not a standard across the tools used for collecting data from all of the different agencies.
IS professionals should be prepared for the need to organize the data that has been collected into
some form that can be integrated together.
Suggest three (3) methods to improve the protection of the U.S.’s critical infrastructure
The Department of Homeland Security needs to design one system for tracking
vulnerabilities for all agencies to use in the public and private sector. It is extremely important to
consistently collect data on vulnerabilities to know when an attack is happening. It also shares
the information with all departments and agencies. This would integrate all the information into
one location that can be used to track when an attack is happening.
Homeland Security needs to create a department to handle the assessment information
and sharing that information with other agencies. One does not exist right now and they rely on
their field agents to get the information to the agencies. Many times Homeland Security is
requested to be at meetings to share information from the assessments and because they have no
way of sharing the information they are not there. The other participants then have no idea
whether the information has been shared with Homeland Security or not.
The Department of Homeland Security needs to create a department to maintain the
sixteen infrastructure sectors are following the NIPP CIP. Only three of the sixteen sectors have
made any progress towards the goals set in the CIP. The other thirteen sectors have yet to begin
to set metrics for the goals set in the CIP. Many have to rely on private sectors to provide the
information to them regarding cyber risks and vulnerabilities. Having a specific department to
only work on following up with these sectors will help motivate these sectors to work with the
private sectors to obtain the needed information.
Conclusion
The Department of Homeland Security had a good plan in place that was also updated in
2013 after Hurricane Sandy showed many flaws in the original plan. With some new
departments and some organization to data collected on a regular basis, vulnerabilities can be
identified more quickly to stop attacks. Cyber risks and natural disasters are always going to be
present but now is the time to get the plan in working order before it is needed in a disaster.
References
Critical Infrastructure Protection: DHS Action Needed to Enhance Integration and Coordination of Vulnerability Assessment Efforts [Reissued on September 17, 2014]. (2014, September 17). Retrieved February 14, 2016, from http://www.gao.gov/products/GAO-14-507
Homeland Security. (2015, July 16). Retrieved February 14, 2016, from http://www.dhs.gov/our-mission
National Infrastruction Protection Plan. (2009). Retrieved February 14, 2016, from https://blackboard.strayer.edu/bbcswebdav/institution/CIS/502/1144/Week6/NIPP_Plan.pdf
NIST Roadmap for Improving Critical Infrastructure Cybersecurity. (2014, February 12). Retrieved February 14, 2016, from https://blackboard.strayer.edu/bbcswebdav/institution/CIS/502/1144/Week6/roadmap-021214.pdf
Wilshusen, G. C. (2015, November 19). CRITICAL INFRASTRUCTURE PROTECTION Sector-Specific Agencies Need to Better Measure Cybersecurity Progress. Retrieved February 14, 2016, from http://www.gao.gov/assets/680/673779.pdf