Linton Wells II, Executive Advisory, Center for Resilient and Sustainable Communities (C-RASC), George Mason University
Kathryn Blackmond Laskey, Director Emerita, Center for Resilient and Sustainable Communities, George Mason University
Abstract
As climate change accelerates the frequency of disruptive events, and critical infrastructures become increasingly interdependent, there is a growing need to ensure the policies and standards for the nation’s critical infrastructure, including cyber-physical systems, are sufficiently robust and adaptable. This document focuses on elements of five infrastructure sectors that are closely related to DoD planning and operations: energy, communications, transportation, information technology, and emergency services. These have significant interdependencies and crosscutting cybersecurity vulnerabilities, which also are addressed in some detail. It reviews existing policy and regulatory standards for disaster response and resilience and then briefly describes the nature and importance of the cross-sector interactions in these areas and the components of resilience. It also examines capabilities that are available, and their limitations, for enabling coordinated, cross-sectoral planning and operation of critical cyber and physical infrastructures. A large amount of very good high-level guidance is available which emphasizes the need for cross-sector collaboration and the incorporation of cybersecurity. But turning these into effective plans and operations is hard. A regional area is used as a case study to illustrate the complex interactions that are needed to align public-private elements at the Federal, state, and local levels. The history and context of how existing policies were conceptualized, as well as their limitations are considered, along with emerging threats, including compound ones (cyberattacks in conjunction with man-made or natural disasters). Holes in capabilities and research topics are identified. A follow-on paper will provide recommendations with corresponding justifications to policy and regulatory decision-makers/institutions for cross-sectoral regulatory standards.