Text

Critical infrastructure: homeland security and emergency preparedness

---

Contents:
ch. 1 Introduction to Critical Infrastructure Assurance and Protection
1.1.Introduction
1.2.What Is Critical Infrastructure?
1.3.What Is the Private Sector?
1.4.What Is the Public Sector?
1.5.What Is CIP?
1.6.What Is CIA?
1.7.What Are Public-Private Partnerships?
1.8.Critical Infrastructure Functions
1.9.Evolution of Critical Infrastructure

ch. 2 Demand, Capacity, Fragility, and the Emergence of Networks
2.1.Introduction
2.2.What Are We Trying to Protect? The Concept of Capacity
2.3.Demand: The Reason for Capacity
2.4.At the Regional (Small System) Level
2.5.Cyberterrorism
2.6.Dissolution and Convergence: An Emerging Risk
2.7.Marking the Journey

ch. 3 Beyond National Frameworks
3.1.Introduction
3.2.Meeting the Dragons on the Map
3.3.Who Owns the Treasure?
3.4.What Value?
3.5.Target Audiences
3.6.Applying the NRF to National Response Efforts
3.7.How Does the NRF Tie in with Local Activities?
3.8.Areas of Potential Risk or Concern

ch. 4 Public-Private Partnerships
4.1.Introduction
4.2.What Is a Public-Private Partnership (P3)?
4.3.The P3 Spectrum
4.4.Establishment of New Capacity
4.5.Maintenance of Existing Capacity
4.6.Networked User Fees and the Need for Oversight
4.7.Other Forms of Public-Private Cooperation and the Erosion of Governance
4.8.Balancing Points
4.9.Authors' Notes

ch. 5 The Reinvention of Information Sharing and Intelligence
5.1.Introduction
5.2.Data vs. Information vs. Intelligence
5.3.The Importance of Background to Context
5.4.Context Affecting Sensitivity
5.5.Enter the Cloud
5.6.The Cloud as an Amplifier
5.7.Clouds and Concealed Conduits
5.8.Linking the Trusted Computing Base and User Communities
5.9.Barriers to Information Sharing
5.10.The Rise of Open Sources
5.11.Open-Source Information and Intelligence
5.12.An Approach to Information Sharing-The Consequence-Benefit Ratio

ch. 6 Emergency Preparedness and Readiness
6.1.Introduction
6.2.The Rise of Core Offices
6.3.First Responder
6.4.First Responder Classifications
6.5.Guideline Classifications
6.6.Example: North American Emergency Response Guidebook
6.7.Awareness-Level Guidelines
6.8.Performance-Level Guidelines
6.9.Operational Levels Defined
6.11.Level B: Technician Level
6.12.Know Protocols to Secure, Mitigate, and Remove HAZMAT
6.13.Additional Protective Measures
6.14.Understand the Development of the IAP
6.15.Know and Follow Procedures for Protecting a Potential Crime Scene
6.16.Know Department Protocols for Medical Response Personnel
6.17.National Fire Prevention Association 472
6.18.OSHA Hazardous Waste Operations and Emergency Response
6.19.Skilled Support Personnel
6.20.Specialist Employee
6.21.DOT HAZMAT Classifications
6.22.Importance of Implementing an Emergency Response Plan
6.23.Authors' Notes

ch. 7 Security Vulnerability Assessment
7.1.Introduction
7.2.What Is a Risk Assessment?
7.3.Methods of Assessing Risk
7.4.Threat Risk Equations
7.5.Comparison of Quantitative vs. Qualitative Risk Assessments
7.6.Challenges Associated with Assessing Risk
7.7.Other Factors to Consider When Assessing Risk
7.8.What Is an SVA?
7.9.Reasons for Having an SVA
7.10.What Is a Threat?
7.11.What Is Vulnerability?
7.12.Countermeasures
7.13.Vulnerability Assessment Framework
7.14.Reasons for Using the VAF
7.15.Federal Information Systems Control Auditing Manual
7.16.General Methodologies of FISCAM Auditing
7.17.What Are General Controls?
7.18.What Are Application Controls?
7.19.Caveats with Using an SVA
7.20.How the SVA Is Used
7.21.Audience of an SVA
7.22.Initial SVA Plan
7.23.Necessary Steps of an SVA
7.24.Critical Success Factors
7.25.VAF Methodology
7.26.Initial Steps of the VAF
7.27.VAF Step 1: Establish the Organization MEI
7.28.VAF Step 2: Gather Data to Identify MEI Vulnerabilities
7.29.VAF Step 3: Analyze, Classify, and Prioritize Vulnerabilities
7.30.Authors' Notes

ch. 8 Regulations
8.1.Introduction
8.2.The Role of Oversight
8.3.The Effect of Globalization
8.4.Conventions, Laws, and Regulations
8.5.Guidance and Best Practices
8.6.Prescriptive vs. Performance Based
8.7.Impact on Criminal, Administrative, and Civil Law
8.8.Potential Abuses of Authority and Credibility
8.9.Government vs. Industry Self-Regulation
8.10.Knowledge Gaps Arising from Performance-Based Regulation
8.11.Predictability in Prescriptive Systems: A Systemic Vulnerability
8.12.Authors' Notes

ch. 9 Information Sharing and Analysis Centers
9.1.Introduction
9.2.What Is a Critical Infrastructure Asset?
9.3.What Is an ISAC?
9.4.Advantages of Belonging to an ISAC
9.5.Access to ISAC Information
9.6.Expanded ISAC Services
9.7.Surface Transportation ISAC
9.8.Supply Chain ISAC
9.9.Public Transit ISAC
9.10.American Public Transportation Association
9.11.Association of American Railroads
9.12.Transportation Technology Center, Inc.
9.13.Railinc
9.14.Water ISAC
9.15.Association of State Drinking Water Administrators
9.16.Water Environment Research Foundation
9.17.Association of Metropolitan Water Agencies
9.18.Association of Metropolitan Sewage Agencies
9.19.National Association of Water Companies
9.20.American Water Works Association
9.21.AWWA Research Foundation
9.22.Financial Services ISAC
9.23.Science Applications International Corporation
9.24.Electricity Sector ISAC
9.25.Emergency Management and Response ISAC
9.26.Information Technology ISAC
9.27.National Coordinating Center for Telecommunications
9.28.Communications Resource Information Sharing
9.29.Government Emergency Telecommunications Service
9.30.Telecommunications Service Priority
9.31.Shared Resources High Frequency Radio Program
9.32.Network Reliability and Interoperability Council
9.33.National Security Telecommunications Advisory Committee
9.34.Wireless Priority Services
9.35.Alerting and Coordination Network
9.36.Energy ISAC
9.37.Energy Sector Security Consortium
9.38.Chemical Sector ISAC
9.39.Chemical Transportation Emergency Center (CHEMTREC®)
9.40.Healthcare Services ISAC
9.41.Highway ISAC
9.42.Cargo Theft Information Processing System
9.43.American Trucking Associations
9.44.Highway Watch®
9.45.Food and Agriculture ISAC
9.46.FoodShield
9.47.Food Marketing Institute
9.48.Multistate ISAC
9.49.ISAC Council
9.50.Worldwide ISAC
9.51.Real Estate ISAC
9.52.The Real Estate Roundtable
9.53.Research and Educational Networking ISAC
9.54.Biotechnology and Pharmaceutical ISAC
9.55.Maritime ISAC
9.56.Maritime Security Council
9.57.Marine Transportation System National Advisory Council
9.58.Authors' Notes

ch. 10 Supervisory Control and Data Acquisition
10.1.Introduction
10.2.What Are Control Systems?
10.3.Types of Control Systems
10.4.Components of Control Systems
10.5.Vulnerability Concerns about Control Systems
10.6.Adoption of Standardized Technologies with Known Vulnerabilities
10.7.Connectivity of Control Systems to Unsecured Networks
10.8.Implementation Constraints of Existing Security Technologies
10.9.Insecure Connectivity to Control Systems
10.10.Publicly Available Information about Control Systems
10.11.Control Systems May Be Vulnerable to Attack
10.12.Consequences Resulting from Control System Compromises
10.13.Wardialing
10.14.Wardriving
10.15.Warwalking
10.16.Threats Resulting from Control System Attacks
10.17.Issues in Securing Control Systems
10.18.Methods of Securing Control Systems
10.19.Technology Research Initiatives of Control Systems
10.20.Security Awareness and Information Sharing Initiatives
10.21.Process and Security Control Initiatives
10.22.Securing Control Systems
10.23.Implement Auditing Controls
10.24.Develop Policy Management and Control Mechanisms
10.25.Control Systems Architecture Development
10.26.Segment Networks between Control Systems and Corporate Enterprise
10.27.Develop Methodologies for Exception Tracking
10.28.Define an Incident Response Plan
10.29.Similarities between Sectors
10.30.U.S. Computer Emergency Readiness Team CSSP
10.31.Control Systems Cyber Security Evaluation Tool (CSET)
10.32.SCADA Community Challenges
10.33.The Future of SCADA
10.34.SCADA Resources
10.34.1.Blogs
10.34.2.SCADASEC Mailing List
10.34.3.Online SCADA and SCADA Security Resources

ch. 11 Critical Infrastructure Information
11.1.Introduction
11.2.What Is Critical Infrastructure Information?
11.3.How Does the Government Interpret CII?
11.4.Exemption 3 of the FOIA
11.5.Exemption 4 of the FOIA
11.6.Section 214 of the Homeland Security Act
11.7.Enforcement of Section 214 of the Homeland Security Act
11.8.What Does "Sensitive but Unclassified" Mean?
11.9.Information Handling Procedures
11.10.Freedom of Information Act
11.11.Need to Know
11.12."For Official Use Only"
11.13.Enforcement of FOUO Information
11.14.Reviewing Web Site Content
11.15.Export-Controlled Information
11.16.Enforcement of Export-Controlled Information
11.17.Source Selection Data
11.18.Enforcement of Source Selection Data
11.19.Privacy Information
11.20.Enforcement of Privacy Information
11.21.Unclassified Controlled Nuclear Information
11.22.Enforcement of UCNI
11.23.Critical Energy Infrastructure Information
11.24.Enforcement of CEII
11.25.Controlled Unclassified Information
11.26.Lessons Learned Programs
11.27.InfraGard
11.28.Sensitive Unclassified Nonsafeguards Information (SUNSI)
11.29.Safeguards Information (SGI)
11.30.Authors' Notes.

---

Availability

Detail Information

Series Title

--

Call Number

363.34 RAD c

Publisher

Florida : CRC Press., 2013

Collation

xv, 257 hal.; ilus.; 24 cm

Language

English

ISBN/ISSN

9781466503458

Classification

363.34

Content Type

-

Media Type

-

Carrier Type

-

Edition

Third Edition

Subject(s)

Civil defense -- United States
War damage, Industrial -- United States
Emergency management -- United States
Infrastructure (Economics) -- Security measures

Specific Detail Info

--

Statement of Responsibility

Robert Radvanovsky and Allan McDougall

Other version/related

File Attachment

Comments

---

You must be logged in to post a comment