Call Us : (908) 233-7503 (US) Email : [email protected]
NATIONAL INFRASTRUCTURE ADVISORY COUNCIL - CRITICAL INFRASTRUCTURE RESILIENCE
Business and society operate in an increasingly complex world marked by interconnection and interdependence across global networks. This complexity requires that owners and operators of critical infrastructures manage their operational risks in an all-hazards environment across the full spectrum of prevention, protection, response, recovery, and reconstitution activities. Most leaders have come to understand that protection of critical infrastructures is an important component of managing infrastructure risk, but other elements must also be considered, including resiliency. The expanding risk landscape demands a continual reevaluation of the roles of governments and businesses in ensuring the delivery of basic infrastructure services. These factors have increased the focus on resilience as an important strategy to help mitigate the multitude of risks facing owners and operators of critical infrastructures in the United States.
Last year, the Council examined the role of the public-private partnership in achieving critical infrastructure protection. That study noted that resilience has become an important dimension of the critical infrastructure protection mission and a key element of the value proposition for partnership with the government because it recognizes both the need for security and the reality of business operations. Because of the importance of resilience in infrastructure security, the Council launched this study to better define resilience in the context of critical infrastructures, clarify appropriate public- and private- sector roles, and examine what steps government and industry should take to best integrate resilience and protection into a comprehensive risk-management strategy.
Infrastructure resilience is about “delivering the goods” regardless of disruptive events that may occur. Although each critical infrastructure sector operates differently, a common definition of infrastructure resilience is needed for public policies and governance to be effective. Toward this end, the Council has developed the following definition based on discussions with executives and security experts across many sectors.
Infrastructure resilience is the ability to reduce the magnitude and/or duration of disruptive events. The effectiveness of a resilient infrastructure or enterprise depends upon its ability to anticipate, absorb, adapt to, and/or rapidly recover from a potentially disruptive event.
The NIAC recognizes that protection and resilience are not opposing concepts; they represent complementary and necessary elements of a comprehensive risk management strategy. The strong foundation developed for infrastructure protection continues to be an essential and vital part of risk management in all critical infrastructure sectors. What is needed now is a strengthening of resilience policies and strategies to build on the successes of the infrastructure protection efforts.
Infrastructure resilience is closely aligned with the way modern businesses manage strategic, operational, and financial risks and the way governments absorb societal shocks from disasters. For companies, the need to be resilient is driven by competitive market forces because customers and shareholders expect products and services to be delivered despite disruptive events. In certain sectors, especially those that operate in highly dynamic threat environments and manage extensive global value chains, leading companies have incorporated risk management into their corporate culture and many consider it a competitive differentiator. This sophisticated risk management includes protection, which is a critical component of risk management in asset-based sectors.
Yet market forces alone are insufficient to ensure that sectors are resilient. Not all enterprises are driven to focus on managing operational and strategic risks and the resilience of individual companies does not guarantee the resilience of the entire sector. Small- and medium-size companies, for example, may lack sophisticated continuity of operations plans and may not have the resources to continually monitor the risk landscape. In addition, the resilience of publicly-owned infrastructures, such as many roads and dams, is not governed by market forces. At the federal level, the government is responsible for providing for public security, health, and safety. Maintaining delivery of critical infrastructure services is a significant component of that mission and ensuring the resilience of critical infrastructures in the face of all types of hazards should be evaluated, even when there is no business case for CIKR owner and operator investment and action.
Warning: Missing argument 1 for _e(), called in /home/ww/public_html/wp-content/themes/wpremix3/comments.php on line 48 and defined in /home/ww/public_html/wp-includes/l10n.php on line 141