IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Great Conversation: Caitlin Durkovich on Critical Infrastructure Protection

The DHS, Assistant Secretary for Infrastructure Protection spoke at the Great Conversation in Seattle.

The Great Conversation which is a gathering of security professionals has been meeting in Seattle.  Today part of the event included remarks by Caitlin Durkovich, Assistant Secretary Infrastructure Protection, Department of Homeland Security.  [Note: These are my notes of what I could capture from her talk.]

 

Caitlin Durkovich


 

The Assistant Secretary started out her remarks by asking a few questions of the attendees:

 

Are you thinking about all-hazards as security professionals?

  • What keeps you up at night? 
  • What services are you dependent on?
  • Do you recognize that you are only as resilient as your weakest link?
  • Do your vendors have business continuity plans and cyber security measures in place?
 

She went on to say:

 

The critical dependencies and interdependencies are important to understand.

 

Super Storm Sandy points to our complex society.  The fuel supply is but one great example.  We had fuel, but the distribution of fuel was the issue.  There were cascading impacts to other critical infrastructures.  Hospital generators needed fuel among many others.   Gas stations need not only power, but communications to process credit card transactions.

  

At the Federal Level:

 

Last February, President issued two directives on critical infrastructure.  The Federal Government has a role in supporting you.

 

The National Infrastructure Protection Plan (NIPP) has been rewritten and just re-published in January 2014. 

 

There are major themes in the document that include the public-private partnership.  How can we work together to identify and then fill the gaps?  It is all based on relationships, trust and then communications [information sharing]. 

 

There is a call to action in the new NIPP.  Key tenant, a call for strong regional partnerships on the physical and cyber sides.  Look at things regionally across jurisdictions and disciplines.  We need to work together!

 

Cybersecurity Framework:  Collaborated with private sector and all levels of government.  Voluntary framework.  Understand and manage the risks.  It is framework for both the public and private sectors. 

 

C3  It is an innovative approach to cybersecurity and how to manage a very dynamic threat.  Encourage everyone to look at the voluntary program.  See http://www.dhs.gov/about-critical-infrastructure-cyber-community-c%C2%B3-voluntary-program 

 

We are here to be part of your team.  Information sharing of realtime information is our goal. 

 

Protective Security Advisors (PSA) are there in every state across the nation.  Looking at protective measures and reporting suspisous activities will help them do better threat assessments.

 

Near and dear to her heart.  Engagement at higher levels with the power companies in the private sector is key.  The electric industry was concerned after the Japan earthquake and tsunami.  It has been a two year partnership of electric, nuclear, and power companies. 

 

Goal not to rebuild and have repeat damages, but build for future risks that include climate change.  They are inserting security and resilience into the conversation.  This higher level engagement has motivated senior leaders to go back and ask questions of their staff about their internal preparedness. 

 

Her organization collects information about infrastructure across the nation.  They would like to have machine to machine type of communications if possible.  They want to share good information back with you. 

 

They are interested in combined public-private joint investments. 

  • Part of this is across jurisdictions and regions
  • Public and private joint funding.
 

Physical and cyber threats are both significant.  If you have one, it can impact both.  The cost of disasters keeps going up.  Seven years ago cyber and physical were separated.  Today they are being put back together organizationally.  These should not be addressed separately. 

 

The A. Secretary pointed out that 90% of what they do at DHS is totally voluntary.   This requires partnerships between government and the private sector.

 

She recognizes that there are conflicting policies between federal agencies that create issues for the private sector.  These need to be identified and called out.

 

###

 

I'm pleased to report that based on the above talk and other conversations, DHS has definitely turned the corner and is taking an all-hazards approach to looking at the future.  This is a huge step in the right direction.  One challenge is that not all Federal Legislators see all-hazards as being a DHS mission.  They are still stuck in the 2001 mantra of terrorism only.  

 

One of the things we can do as emergency management professionals is to talk to our own legislators, local, state and federal, and help them understand that DHS has "got it right" and needs to be supported in their work to get the most bang for the buck (literally!) by taking a holistic approach.

 

Lastly, as I've written about for years now--Climate Adaptation is also priority for the Feds.  Watch for much more emphasis on this topic in the future.  I still remain optimistic that future federal funding streams will eventually open up to states and locals promoting adaptation planning.  

 

Eric Holdeman is a contributing writer for Emergency Management magazine and is the former director of the King County, Wash., Office of Emergency Management.