Presidential Decision Directive-63 (PDD-63) recognized the growing potential vulnerability of physical and cyber-based systems essential to the economy and government. As a result, the Department of the Navy (DON) Critical Infrastructure Protection (CIP) program was designed to develop, administer, and coordinate an enterprise-wide effort to:
• Identify mission essential infrastructures
• Assess their vulnerability
• Develop a coordinated physical and cyber indications and warning capability
• Take the necessary actions to ensure achievement of DON objectives during critical infrastructure loss
This DON CIP program, began in 1999, is actively pursuing outreach to regional and local commanders for education on the CIP construct, shown in Figure 1, to coordinate Naval Integrated Vulnerability Assessments (NIVA).
The CIP construct, which covers six phases of the self-renewing event cycle, includes infrastructure analysis and assessment, remediation, indications and warning, mitigation, response, and reconstitution. Each phase of this event cycle is crucial to the protection of DON critical infrastructures that support the warfighting mission. DON CIP is committed to supporting regional and local installation commanders in assessing their physical and cyber-based mission critical assets, as well as those commercially owned supporting infrastructures upon which their warfighting mission depends. The assessment process takes place in the form of a NIVA, which looks at various existing elements and incorporates them into one comprehensive package. These elements include: Computer Network Defense, Physical Security and Force Protection, Continuity of Operations, and Commercial Dependencies.
Regional and local commanders should not only be concerned with protecting internal physical and cyber-based infrastructures, but should also be concerned about regional infrastructures owned and operated by private industry and state and local governments. This includes assets such as telecommunications; natural gas and petroleum suppliers; electricity; water; transportation; public works; emergency services; and others. Identifying single points of failure outside the fence and taking remediation actions with the asset owners are critical to our mission accomplishment. The Joint Program Office for Special Technology Countermeasures is an integral part of the NIVA, identifying single points of service that could be vulnerable to loss through acts of terrorism and natural or man-made disasters. Regional and local commanders are encouraged to actively participate in regional infrastructure interdependency analyses and take corrective actions.
The DON CIP concept includes providing the Department's counterterrorism experts at the Naval Criminal Investigative Service (NCIS) with additional tools and outreach services sufficient to establish a model Indications and Warning (I&W) capability. A major contributor to this vision will be the DON CIP Data Management System (DMS), which is being developed as a central repository for all information about the Department's mission critical infrastructure. The DON CIP DMS will reside in NCIS Headquarters at the Washington Navy Yard, and is intended to complement and enhance the existing counterterrorism capabilities of the NCIS. When this capability is operational, in the late summer of 2002, the NCIS will utilize it for analyzing intelligence information relating to the DON's mission critical assets. NCIS will use established notification capabilities to alert local commanders of impending threats.
The final key component to CIP, Consequence Management, involves dealing with the worst case scenario — mitigating the effects of a terrorist attack. The DON CIP Team is developing best of breed guidance for developing Continuity of Operations, Disaster Recovery, and Reconstitution Plans for use by local commanders in