HLSS603Wk8
CYBERSECURITY EMERGENCY PREPAREDNESS INFORMATION SHARING
America’s Critical Infrastructure: Keeping the Lights on Amid Threats
By Homeland Security Today November 1, 2019
CISA Assistant Director for Infrastructure Security Brian Harrell (Kate Ledesma/CISA)
Just a little over a year ago, a series of natural gas �res and explosions shook the neighborhoods of Merrimack Valley in
Massachusetts. Dozens lost their homes, and thousands more had to �nd temporary shelter or go without gas and heating
for months. The supplier reported the incident was caused by human error. The impact of incidents that interrupt our
critical infrastructure is not often at the forefront of our minds, although it is precisely these systems that enable our daily
life – from heating and cooling to food refrigeration, transportation, electricity, water, �nance or healthcare.
But there are people, who – day in and day out – work relentlessly to keep our
lights on. The Department of Homeland Security’s Cybersecurity and
Infrastructure Security Agency (CISA) leads the nation’s e�orts to protect critical
infrastructure in the United States.
“Our way of life relies on a complex network of physical and cyber systems, all
working together in harmony, to defend against critical infrastructure threats,
both natural and man-made. Our job is to make sure we stay ahead of the threat
curve and provide solutions,” said CISA Assistant Director for Infrastructure
Security Brian Harrell.
There are 16 critical infrastructure sectors whose assets, systems, and networks, whether physical or virtual, are
considered so vital to the United States that their incapacitation or destruction would have a debilitating e�ect on
security, national economic security, national public health or safety, or any combination thereof. “As our world grows more
interconnected, and our infrastructure grows more interdependent with other systems and functions, we must look at our
risks from both a cyber and a physical perspective,” Harrell said. “We must always ask the question: Are we prepared to be
overwhelmed?”
Recognizing that 85 percent of critical infrastructure assets are estimated to be owned and operated by the private
sector, CISA works with businesses, communities, and government partners at all levels to provide training and other tools
and resources related to critical infrastructure security. E�orts focus around raising awareness among the broader
community on the need for critical infrastructure security and resilience and enhancing their current e�orts. Public-
private partnerships are key to this e�ort as everyone has a role in securing the nation’s critical infrastructure. “We, at
CISA, consider ourselves the nation’s risk advisors. The private-sector stakeholders are the risk managers. We are here to
support the e�orts of the private sector with all the resources the federal government can provide, and this is a priority,”
Harrell said.
Both the government and private sectors have formed partnerships under a sector coordinating council structure to work
on preventing and reducing the risks of disruptions to critical infrastructure. Additionally, as part of the National
Infrastructure Protection Plan, the public- and private-sector partners in each of the 16 critical infrastructure sectors and
the state, local, tribal, and territorial government community have developed a Sector-Speci�c Plan that focuses on the
unique operating conditions and risk landscape within that sector. Developed in close collaboration with federal agencies
and private-sector partners, the Sector-Speci�c Plans are updated every four years to ensure that each sector is adjusting
to the ever-evolving risk landscape. “Managing risks to critical infrastructure involves preparing for all hazards, reinforcing
the resilience of our assets and networks, and remaining vigilant and informed. It really takes a whole community to keep
the lights on,” said Harrell.
CISA delivers its infrastructure security services and capabilities to public- and private-sector stakeholders at both the
national level through its headquarters and nationwide through its 10 regional o�ces. From providing risk and vulnerability
assessments to training and exercises on a range of topics, CISA’s �eld sta� works with partners across the country to
ensure everyone gets involved.
November is Critical Infrastructure Security and Resilience (CISR) Month, a time to raise awareness on the vital role that
critical infrastructure – cyber and physical – plays in keeping the nation and our communities safe, secure, and
prosperous. “Everyone plays a role in the nation’s security and resilience,” Harrell said. “This is why we ask every
organization to enhance resilience through preparedness and exercises and promote smart, secure investment in resilient
national infrastructure.”
To learn more about critical infrastructure and available resources, training and tips start by visiting www.CISA.gov. You
can also download the Infrastructure Security Month toolkit, or follow CISA on Twitter @CISAgov and @CISA Harrell and join
the conversation at #infrastructuresecurity.