Incapacitation or destruction of critical infrastructure would affect national security, economic security, health, and safety. The main objective of critical infrastructure protection through perimeter security enhancements include:
- Detection
- Deterrence
- Delay
- Assessment
- Communication
- Response
Mitigation of risk for any critical infrastructure protection objective is based on prioritization and allocation of resources which are often limited. Risk assessments will serve to improve any of these objectives. Ultimately, risk reduction strategies and protective measures will be created from risk management actions from stakeholder agreements.
Risk Management Methodologies and Critical Infrastructure Protection
There are many models and methodologies used to make risk management decisions. These include:
- Identification of critical assets
- Threat assessments
- The vulnerability of critical assets
- Consequence of an attack
- Assessment and prioritization of risk reduction activities
Continuous risk assessments are required to improve risk management decisions as they provide necessary feedback and intelligence. As attackers and threats evolve, so must our risk management strategies to meet the objectives of critical infrastructure protection and infrastructure security.
