DHS seeks input on revised infrastructure protection plan
The Homeland Security Department is looking for public input as it prepares for next year's release of a revised version of the National Infrastructure Protection Plan (NIPP).
The NIPP is the national framework through which federal agencies, non-federal authorities and the private sector collaborate to protect the country's most critical infrastructure and key resources from terrorist attacks, natural disasters and other incidents. The different responsibilities laid out in the plan include protecting physical as well as cyber assets.
The framework, originally released in June 2006, required a review and re-issuance of the plan every three years. A presidential directive released in Dec. 2003 placed DHS in charge of leading the coordination on infrastructure protection between federal agencies, state and local authorities and the private sector.
In a notice published today in the Federal Register, DHS encouraged public review of a draft of the new document. The updated version takes into account changes that have occurred since the publication of the NIPP in 2006, such as the release of a new framework for emergency response, updates in information-sharing mechanisms, and public comments requested last year.
Today’s notice also says the new version broadens the focus of NIPP-related programs and activities to the all-hazards environment. The draft plan also includes details on a cybersecurity vulnerability assessment approach that helps entities analyze their cybersecurity posture and take the steps necessary to reduce overall cyber risks.
The government has engaged the private sector in a number of areas through the NIPP including cybersecurity, particularly as the government moves to implement the largely classified Comprehensive National Cybersecurity Initiative.
The government originally identified17 critical infrastructure and key resources sectors and designated federal agencies to be in charge of creating plans of overseeing collaborative efforts to protect those areas. Different agencies identified to lead efforts in the areas have published sector-specific plans for the 17 areas which include: information technology, government facilities, communications, chemical, the defense industrial base and banking and finance.
Earlier this year, DHS announced that it also had designated critical manufacturing as an additional sector.
Ben Bain is a reporter for Federal Computer Week.