National Infrastructure Protection Plan NIPP

NIPP (National Infrastructure Protection Plan)
The NIPP was drafted in the year 2006 by the DHS (Department of Homeland Security). The Plan was part of Presidential Directive 7 for Homeland Security and it was developed to boost security, and resilience and to help secure critical infrastructures from security threats. The plan included a thorough risk management guideline and defined the roles and responsibilities of the DHS with regards to CIP (Critical Infrastructure Protection). Included in the guideline were also the roles and responsibilities of the federal government, state governments, local governments, tribal governments, federal agencies, and private actors towards CIP in their jurisdictions. CIP is important for overall security and efficient functioning of the nation. Critical infrastructure includes financial systems, transportation systems, power grids, drinking water systems, and so on. They are important for day-to-day life as we know it and they ought to be fully protected from all sorts of threats (Department of Homeland Security, 2009).
The National Infrastructure Protection Plan provides a singular platform that integrates all CIP efforts and strategies to ensure the safety of critical infrastructure. The plan prioritizes all public and private critical infrastructure protection efforts, strategies, and resources towards reducing risk by minimizing vulnerabilities, preventing threats, and lessening the damages caused by terrorist attacks plus natural disasters.
The National Infrastructure Protection Plan comes with a risk management framework which identified and built on both private and public sector programs and strategies for CIP in order to ensure the efficient deployment of important resources to protect infrastructure. According to the Department of Homeland Security (2009), protection entails all measures meant to minimize the threats or risks to critical infrastructure systems, assets, resources, functions, networks, and the links in between. Specifically, the protection may include measures taken to prevent threats, measure meant to remove vulnerabilities, and all the actions taken to lessen the effects of terror incidents and attacks. The Department of Homeland Security (2009) also adds that protection may also include: actions taken to ensure the continuity of normal operations; actions to recover and/ or restore normal operations; actions taken to train or prepare individuals for cybersecurity incidents; the installation of cyber security systems; the establishment of countermeasures; the hardening of buildings and other infrastructure against threats; and the enhancement of security protocols to ensure safety of facilities.
Private actors and entities that own critical infrastructure also are empowered by the NIPP to get fully involved in the protection of critical infrastructure. They are also encouraged to provide recommendations and expert advice to concerned agencies and governments to ensure CIP. According to the NIPP, the full cooperation between the public and the private sectors will play an important role in guaranteeing the successful protection of critical infrastructure. To date, the cooperation has helped to enhance the protection of the nation’s public and privately-owned critical infrastructure. It is thought that further integration between organizations, governments, and agencies across multiple sectors will help to present a coordinated approach to fighting threats and improve the country’s overall critical infrastructure protection (Department of Homeland Security, 2009).
Several strategies have been put in place by the DHS to protect important systems and other infrastructure. Multiple advanced technologies have also been developed or are in the process of being developed through public-private partnership to build the resilience of infrastructure and to thwart the ever-evolving terror threats (Lewis, 2014). Raising awareness among stakeholders about critical infrastructure and existing threats can also improve the ability of parties to protect their infrastructure more effectively. Training is also important as is the formulation of good organizational policies for each infrastructure sector as each sector is highly specific in terms of its physical, regulatory, and technical aspects. Thus, there is a great need for good policymakers who have good knowledge of the various sectors ranging from engineering to politics (Lewis, 2014).
One of the challenges currently facing local and state jurisdictions in their efforts to minimize threats is the lack of information sharing. Lack of information sharing has resulted in a situation where agencies do not effectively share critical information resulting in vulnerabilities and inefficiencies in the national CIP plan. The fact that quite a number of critical infrastructures are owned by private entities also makes it a challenge to protect them (Lewis, 2014). Critical infrastructures are also very complex and sometimes interrelated making it important to also focus on protecting the in-between links, which is definitely a challenge for the federal government and for the Department of Homeland Security (National Research Council, 2003). 
However, things were improved by the establishment of the National Infrastructure Coordinating Centre. The center detects and transmits suspicious activity and threat information to all stakeholders as appropriate. The center also asks for information and/ or for assistance when there is a need (National Research Council, 2003). 
Since lack of information sharing is a major challenge in the government’s efforts for national CIP, it only follows that improving information sharing can help to enhance the efforts protect important infrastructure. Nevertheless, sharing critical infrastructure information is not easy or straightforward. There is a need to balance interests because the information being shared may be crucial and confidential and therefore potentially risky if handled carelessly. For instance, sharing of information could raise privacy concerns, reveal corporate weaknesses or trade secrets, or erode public confidence in a company or agency. There is therefore the need to fully address the concerns that are preventing the sharing of information (National Research Council, 2003). 


References
Department of Homeland Security. (2009). Partnering to enhance protection and resiliency. National Infrastructure Protection Plan. Retrieved September 25, 2018.
Lewis, T. G. (2014). Critical infrastructure protection in homeland security: defending a networked nation. John Wiley & Sons.
National Research Council. (2003). Critical information infrastructure protection and the law: an overview of key issues. National Academies Press.