Critical infrastructure is comprised of interrelated systems that work together to support life, security and economic development in the world. The homeland security department of the United States spends billions of dollars in the management of critical infrastructure as a way of keeping the nation safe. The management of critical infrastructure is a job viewed by many governments as critical and in need of more support. Critical infrastructure ranges from the physical assets such as roads to the newest forms of technology such as telephones and the internet. Infrastructure in general continues to grow as the world adopts new mechanisms. The new developments in critical infrastructure have made it easy for the government to manage and maintain the interconnectivity among these systems. For instance, the homeland security department can manage the various systems from a single point, which helps in the reduction of costs and resources used to run the department. However, the interconnectivity of critical infrastructure has also led to a new problem in the management of the systems (Miller, 2008).
Critical infrastructure is made of various systems, which are connected to one another. In addition, every system within the critical infrastructure also depends on various aspects, which further complicates the interconnectivity of the critical infrastructure system. The interdependency of the systems amplifies the possibility of planned attacks. For instance, failure in one system can lead to complications in other systems that are linked. Assessing the problem and finding out an effective solution to the problem, therefore, becomes hard since the effect is likely to transmit to other systems (Miller, 2008).
An electrical problem can create damaging effect on the communication systems, the healthcare facilities, the banking systems, as well as the transportation network. Assessing the damages caused by the system failure becomes quite hard because one has to account for all the damages resulting from that single failure. Getting all the factors correct is difficult because some of these systems or the nodes connecting the systems are privately owned and cannot easily be accounted for in times of disruptions. Risk assessment focuses on the vulnerability, the probability, and the consequences of a system failure (Department of Homeland Security, 2011). Higher levels of interdependency within the critical infrastructure systems make it hard for one to determine accurately the vulnerability of a system since the functionality of one system depends on the effectiveness of another.
Measuring of the dependency factors depends on the nature of interdependency that exists between and among systems. Systems in the critical infrastructure are interlinked in any of the four ways, including physical, cyber, geographic and logical. To measure the dependency factors, one must consider the number of systems that ensure effective functioning of that particular system. Further, one must also factor in the impacts of the results of a system to other systems. Understanding the nature of dependency that exists within a system or between systems can help in the planning process. The impact that a system has on the operation of other systems within the critical infrastructure determines the level of management and priority given to that system (Department of Homeland Security, 2011). Therefore, the dependency factors can be factored into the planning process by establishing the priority levels in the management of the critical infrastructure system.
Risk assessment process of the critical infrastructure is necessary, especially in determining the amount of resources to allocate to the development of a system. One of the key issues to consider in making a resource allocation decision is the vulnerability of the system to either attacks or natural calamities. The government should invest in systems that are strong enough to withstand most of the predictable hazards such as cyber related problems. The vulnerability of the system can also rise to the level of interdependencies that exists within and without the system. For instance, a system that highly depends on the effective functioning of other systems within the critical infrastructure can be highly vulnerable to events arising from different systems. In such a situation, one must account for the cost of repairs and often replacements to keep the system strong enough. In determining the vulnerability level, one must consider both the likely but less severe events as well as major catastrophes. Naturally, an ideal system for counterterrorism should be able to withstand the likely but less severe events (Miller, 2008). Less vulnerable systems do not require many resources to maintain hence the need to determine the vulnerability levels of the system.
The probabilities of the system failure as well as the consequences of the failure are also key factors in resource allocation decisions. For instance, is the failure of the system would paralyze the economy, the security, and the health status of the nation, more resources would be required to improve the resistance levels of the system. The frequency and the probability of events also determine how much resources the government should have in store to rectify problems arising within the system (Lewis, 2014). The amount of money used to rectify a system failure depends on the level of problems as well as the time taken to repair the system. Therefore, one should factor in the number of days required to rectify a problem within a system during the allocation of the resources. Understanding the time taken to repair a failure in the system and the amount of resources required helps in determining the systems life span, which is a necessary consideration in resource allocation.
Disaster recovery after a critical infrastructure failure is a complicated process mainly because not all systems are publicly owned. The era of technology has diversified the infrastructure and the private sector is highly depended on most of these critical infrastructure systems. For instance, a security firm uses databases and systems that are similar to those employed by the homeland security departments. In case of a system failure, the recovery process becomes a challenge because the private sector is highly motivated by profits than it is motivated by the public interest (Lewis, 2014). The recovery process of system is costly and most private organization would not contribute towards that course without a public incentive.
The interdependency of the critical infrastructure systems requires the cooperation of both the public and the private sector in the recovery process. The lack of willingness to participate in the recovery process or the lack of funds to repair the systems at the private level prolongs the recovery process. As mentioned earlier, a prolonged recovery process results in more costs and further complications of the infrastructure. Therefore, the government should come up with ways to motivate the private sector to engage in the recovery process within the expected period. One of the ways that the government can motivate organization with a stake in the critical infrastructure is through subsidizing of taxes.
Department of Homeland Security. (2011). “Risk management fundamentals.”Retrieved from http://www.dhs.gov/xlibrary/assets/rma-risk-management-fundamentals.pdf.
Lewis, T. (2014). Critical infrastructure protection in homeland security : defending a networked nation. Hoboken, NJ: John Wiley & Sons.
Miller, R. (2008). :Hurricane Katrina: Communications and Infrastructure Impacts.”In Taussig, B.,ed., Threats at Our Threshold, U.S. Strategic Studies Institute, 191-203. Retrieved from https://blackboard.angelo.edu/bbcswebdav/institution/LFA/CSS/Course%20Material/BOR4301/Readings/Hurricane%20Katrina%20Communications%20%26%20Infrastructure%20Impacts.pdf