Learning Goal: I’m working on a research & summaries discussion question and need a sample draft to help me learn.
I need a 200 word post and 2 150 word responses.
Post: Discussion Questions:
Part 1. Explain at least one key federal plan, strategy, or guidance released to date and how they have contributed to the current structure of critical infrastructure security and resilience.
Part 2. Define risk and explain the value of risk management to the homeland security enterprise.
Part 3. Summarize at least one natural hazard, technological/accidental hazard, or adversarial/human-caused threat, and provide a recent example.
Part 4. Discuss at least one of the twelve technological/accidental hazards and provide a recent example.
Part 5. Elaborate on at least one of the adversarial/human-caused threat examples and provide a recent example.
Response #1 (Loraina): Good evening, Dr. Blodgett, and classmates,
Part 1.
The National Cyber Incident Response Plan (NCIRP) was released in December 2016, and developed by the U.S. government, as a guide to responding to cyber incidents affecting critical infrastructure. However, there are current efforts to update the NCIRP by the end of 2024. The NCIRP was built upon existing cybersecurity strategies to provide a more structured approach to managing and responding to cyber incidents. Although the NCIRP was designed to address federal cybersecurity risks, it also identifies roles and responsibilities for state, local, tribal, and territorial agencies, and the private sector. The NCIRP aims to mitigate and properly recover from cyber incidents (Baggett, 2018, p.115). The plans include responses to cyber incidents that could harm national security interests, foreign relations, or the United States economy (Cybersecurity and Infrastructure Security Agency, 2023).
Part 2.
Risk can be viewed from different points of view, such as risk to and risk from. While defining the elements affecting, such as goals, objectives, and systems is to determine the risk to. Determining risk from focuses on potential hazards, resources, and institutional failures (U.S. Department of Homeland Security, 2011, p.18). An example of risk from is the threat posed by a foreign terrorist organization planning an attack on U.S. soil. An example of risk to could be a cyber-attack targeting critical infrastructure, this kind of incident could disrupt essential services. The Department of Homeland Security defines risk as there is potential for an unwanted outcome from an incident or event. The value of risk management to the homeland security enterprise is its ability to assist in preventing and mitigating threats. Risk management is a combination of connecting information of risks and using the capabilities to assess prevention, protection, response, and recovery efforts (U.S. Department of Homeland Security, 2011, p.8)
Part 3.
An example of a recent adversarial/human-caused threat was the cyberattack on the Colonial Pipeline in May 2021. A group known as DarkSide was responsible for targeting the Colonial Pipeline, which is one of the largest fuel pipeline operators in the United States. The primary motivation behind the attack from DarkSide was for financial gain. Ransomware was used to encrypt the computer systems used by the company which they then demanded payment in exchange. Since the attack, the Biden-Harris Administration has improved cyber defenses by developing stopransomware.gov as an opportunity for alerts and guidance to be centrally located and easily accessed (Cybersecurity and Infrastructure Security Agency, 2023)
Part 4.
One of the twelve technological/accidental hazards is chemical substance spills or releases, which have the potential to cause extensive damage and severe economic impacts (Baggett, 2018, p. 114). This type of accident has impacts such as hazardous chemicals released during a spill could pose an immediate risk to people exposed. Depending on the type of chemical and the quantity released could increase exposure. Health risks include neurological damage, respiratory problems, or even death. A recent example of an accidental hazard occurred on March 24, 2023, when there was a chemical spill in the Delaware River. Approximately 30,000 liters (which is nearly 8000 gallons) of acrylic latex polymer was accidentally spilled by the company Trinseo. The economic impact of a chemical spill affects communities, businesses, and governments. Utilizing resources for cleanup is expensive and time-consuming which also requires a lot of people, equipment, and materials (Ladson, 2023).
Part 5.
One of the adversarial/human-caused threats is domestic terrorism. Domestic terrorism involves acts of violence or intimidation carried out by an individual or group within the country, motivated by extremist ideologies, political beliefs, or other grievances. A recent example of domestic terrorism in the United States occurred on January 6, 2021, when a mob stormed into the U.S. Capitol in Washington, DC. Security barriers were breached, property was vandalized, and rebuttal against law enforcement. The attack within the U.S. Capitol highlighted the threat posed by domestic extremist groups and widespread condemnation from political leaders. Based on the elements that define domestic terrorism and what occurred at the Capitol, it indeed constitutes domestic terrorism.
-Loraina
Congressional Research Service. (2021). Domestic terrorism: An overview (Report No. IN11573).
Cybersecurity and Infrastructure Security Agency. (2023). National Cyber Incident Response Plan (NCIRP).
Cybersecurity and Infrastructure Security Agency. (2023). The attack on Colonial Pipeline: What we’ve learned and what we’ve done over the past two years. Cybersecurity and Infrastructure Security Agency.
Baggett, R. & Simpkins, B. (2018). Homeland security and critical infrastructure protection, 2nd Edition. Praeger Security International.
Ladson, B., Davis, L., & American College of Emergency Physicians. (2023, August). A sticky situation. ACEP.
U.S. Department of Homeland Security. (2011). Risk management fundamentals.
Response #2 (Garrett): Good Afternoon Class,
I hope everyone’s week is going well.
Part 1:
One key federal plan or strategy that has greatly increased the resiliency and security of US critical infrastructure is the Chemical Facility Anti-Terrorism Standards Program (2007). Defined under the Homeland Security Appropriations Act of 2007, the program delegates authority to the Department of Homeland Security (DHS) over security of “high-risk” chemical production facilities to include conducting security assessments, grading those assessments, and implementing new security controls based on the findings of the assessment (Baggett, Simpkins, 2018, p. 103). This program has contributed to the security and resiliency of critical infrastructure because it outlines a standard of performance that is to be expected of the security all DHS-mandated high-risk chemical facilities. The program is defined as being proactive in changing security procedures with ever-changing and evolving threats and even outlines a specific quantity of certain hazardous chemical material that factors into how chemical facilities become defined as high-risk.
Part 2:
Risk has been defined in a plethora of ways, however from a homeland security standpoint, risk is the potential for an unexpected or disagreeable result from an event, either natural or man-made. The US government has adapted many different methods of managing risk such as the Department of Homeland Security’s (DHS) Risk Management Approach. This risk management matrix consists of 7 steps to include: Define the Context, Identify Potential Risk, Assess and Analyze Risk, Develop Alternatives, Decide and Implement, Evaluate and Monitor, and Communication throughout all steps of the process (Baggett, Simpkins, 2018, p. 126). Risk management is perhaps one of the most necessary functions of the Homeland Security Enterprise because it is how the best response to current threats is determined and how future threats are mitigated in the most efficient way possible.
Part 3:
One technological/accidental hazard is a train derailment. The severity of these types of accidents can vary based on a number of factors from the rate of speed, the location of the derailment, number of trains involved, and the cargo being transported. An example of one of these accidents is the Amtrak train derailment of 2017. This train derailment caused 3 casualties and injured over 100 additional people. It was deemed that one of the factors involved in the accident was that the train was traveling at 50 mph over the speed limit at the time the train derailed (Baggett, Simpkins, 2018, p. 154).
Part 4:
One of the twelve technological/accidental hazards is hazardous materials release. This type of hazard is especially concerning given the potential that it could spread to a large area and potentially affect a large population located around the release as well as the costly cleanup and triage of the affected area and people. What is especially alarming is the frequency of these types of events that go unnoticed by the public. In 2017, the US Department of Transportation’s Office of Hazardous Material Safety reported over 15,000 hazmat incidents (Bagget, Simpkings, 2018, p. 154). A recent example of this is the train derailment in East Palestine, Ohio that caught fire and released a dangerous amount of vinyl chloride. This chemical is particularly harmful to humans, especially in a gaseous form, given its classification as a Class A Carcinogen by the EPA.
Part 5:
One adversarial/human-caused threat is an active shooter. Unfortunately, this threat seems to have become a very viable option for certain bad-actors, given how hard it is to prevent. Most people would not consider an active shooter a possibility in their town or neighborhood, but it is usually in places like this that active shooters are most effective in their efforts. A recent example of this hit my local community very hard. The Chesapeake, Virginia Walmart Mass Shooting of 2022 saw 6 people killed and another 4 injured. Active shooter incidents are a very difficult threat to mitigate because they happen mostly at random and are directed mostly at civilians who have little to no training to handle such a threat.
Have a great rest of the week everyone!
References:
Baggett, Ryan K., and Brian K. Simpkins. (2018). “Chapter 6: Critical Infrastructure Threats And Hazards.” In Homeland Security and Critical Infrastructure Protection, 2nd Edition. Praeger Security International. Retrieved February 15, 2024, from
