Critical infrastructure protection

Critical infrastructure protection involves several vertical industries, as well as government and public policy. Knowledge management and IT security will be crucial for juggling CIP issues.

Protecting IT infrastructure from cybercrime, cyberterrorists, war, natural disasters, and other malicious threats and events requires a lot of coordination and collaboration. A knowledge management background is helpful for that. In the hands of IT security alone, CIP can quickly become a battle of firewalls, intrusion detection, authentication, identification, security patches and so on — all those things designed to “wall out” intruders. Unfortunately, they also make it hard for legitimate users to collaborate, access systems, and share information and data. As if it were not already hard for IT security professionals to wall out intruders, end users often look for ways around the walls, or coerce the IS department to open holes in the walls, so that they can get their jobs done.

If CIP were just about IT security, practicing good IT security would keep us safe and secure — almost. However, CIP is not just IT, or even mostly IT; rather, it consists mostly of the physical-world systems on which a complex modern society depends: gasoline and oil distribution, electrical power grids, telecommunications, transportation, and banking systems. All of these systems are heavily dependent on IT and, in a real-time economy, the physical and electronic systems are becoming more interdependent.

In that real-time world, the Internet is the most critical infrastructure of all — without information and data, the real-time world grinds to a halt. In the physical world, as Dr. Craig Koerner at the U.S. Naval War College says, “without electrical power, pretty much nothing works, except for gravity and photosynthesis.”

Three critical issues for critical infrastructure protection



Home	Profile	Security & privacy	Services	INFOSEC	Links	Contact	News