Academic journal article Homeland Security Affairs

Potholes and Detours in the Road to Critical Infrastructure Protection Policy

Academic journal article Homeland Security Affairs

Potholes and Detours in the Road to Critical Infrastructure Protection Policy

Article excerpt


One can frame the policies of the current national strategy for critical infrastructure protection using a number of colorful analogs, but transportation seems the most fitting because transportation is one of the sectors identified by the National Strategy for the Physical Protection of Critical Infrastructures and Key Assets, published by the White House in 2003. 1 Beneath the title of this article is the reality that we have a long way to go to protect critical infrastructure assets ? across all sectors ? at even modest levels of security. Indeed, if a 1,000-mile journey begins with a single step along a well-defined road, then the national strategy road is badly in need of repairs.

This paper exposes only a handful of the many myths, fallacies, and roadblocks preventing the nation from protecting its second-most important assets: the water, power, energy, telecommunications, information, and transportation systems that make up critical infrastructure (CI). 2 We claim that the first step in this 1,000-mile journey is to fix the potholes and eliminate the detours promoted by the current strategy for protection of the country's CI. To do so, we must understand how the national strategy fails to address reality. We couch these realities in metaphorical terms ? as potholes and detours on the road to protecting the nation's critical infrastructures. The term 'pothole' is used to identify problems and barriers to making progress, and the term 'detour' is used to expose wrong-headed myths, distractions, and bumps in the road to better infrastructure security.

This paper argues against a purely federalist approach to critical infrastructure protection and instead advocates that the federal government take greater responsibility (and control) over state and local decisions; it argues that the first step in this transformation is to set standards, beginning with concise and clear definitions of vulnerability and risk. We then turn to the arguments preventing action ? specifically that government is helpless to correct security problems in critical infrastructure because most infrastructures are owned and operated by the private sector. Finally, we make four concrete recommendations on how to improve critical infrastructure protection through re-thinking and re-aligning current policies.

Think Globally, Act Locally

The national strategy is based on the idea that the federal government should set goals and policies, while the states should assume primary responsibility for homeland security, because incidents happen at the local level. Specifically, the National Strategy defines the relationship between federal and state/local governments as follows:

In addition to securing federally owned and operated infrastructures and assets, the role of the federal lead departments and agencies is to assist state and local governments and private-sector partners in their efforts to:

* Organize and conduct protection and continuity of government and operations planning, and elevate awareness and understanding of threats and vulnerabilities to their critical facilities, systems, and functions;

* Identify and promote effective sector-specific protection practices and methodologies; and

* Expand voluntary security-related information sharing among private entities within the sector, as well as between government and private entities. 3

Basically, the federal government is primed to assist state and local governments, but the state/local governments are responsible for implementation of 'protection practices, and methodologies.' This strategy has a number of deficiencies as pointed out by the first pothole.

Pothole 1: CIP (Critical Infrastructure Protection) is a local problem and therefore the federal government should provide guidance and funding, but state and local jurisdictions must become the first line of defense against attacks on critical infrastructure assets. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed


An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.