MANAGEMENT 405

Critical Infrastructure Protection

The critical infrastructure of a nation is the system of highly complex and interdependent physical and cyber-based assets essential to the minimum operations of a nation's economy and government. It includes, but is not limited to, communications, energy, banking and finance, transportation, water supply, and emergency services. It could be owned and operated by the government or the private sector, or both. Much of our nation's critical infrastructure has historically been physically and logically separated; they were systems that had little interdependence. But as a result of advances in information technology over the past several decades and the necessity of improved efficiency, these systems and assets have become increasingly automated and interlinked. Unfortunately these same advances have created new vulnerabilities to equipment failure, human error, weather and other natural causes, and physical and cyber attacks. Addressing these vulnerabilities requires flexible and evolutionary approaches that span both the public and private sectors and protect both domestic and international security.

Because of imbalances in military strengths, our future enemies - including nations, groups, or individuals - may seek to harm us in non-traditional ways, including attacks within our country against our critical infrastructure. Because our economy is increasingly reliant upon interdependent and cyber-supported infrastructures, non-traditional attacks on our infrastructure and information systems may be capable of significantly harming both our military power and our economy. This new threat is visible in the terrorist attacks on the World Trade Center in 1993 and 2001, Timothy McVeigh's truck bomb attack on the Alfred P. Murrah Federal Building in Oklahoma City in 1995, natural events (such as category 5 hurricanes), and growing numbers of cyber espionage attacks against the military, civil government, and the private sector.

This course begins by examining in depth the events of the past 20 years, including the lessons learned about the interdependencies of the critical infrastructures following the Oklahoma City bombing and the terrorist attacks against the World Trade Center and what we learned in the aftermath of hurricanes Katrina and Rita in the summer of 2005. While there are many cross-sector interdependencies to consider, we will focus on the dependence of the various infrastructure sectors on the Internet and the impact of highly complex computer controlled systems. We will also discuss the creation of the Department of Homeland Security and its role in protecting the nation's critical infrastructures from cyber intrusions.

Authored and presented by one of the nation's leading experts on critical infrastructure protection and cyber warfare, you will receive detailed explanations of specific pervasive Internet technical problems and conduct in-depth examinations of the types of attacks that might do the most harm to your organization and your infrastructure sector. We will take a comprehensive look at the current Internet governance model, and you will learn how to develop business continuity and disaster recovery plans to counter current cyber threats and threat actors that take advantage of this model. You will also gain knowledge about the new directions being taken by criminals, terrorists, spies, and nation states and what our nation is planning to do for the defense of our critical infrastructure against these new threats. Finally, you will learn how to protect your networks from the dangers lurking in cyberspace while developing a full understanding of emerging techniques used to detect and contain outbreaks of malicious activity on the Internet.

This class is designed to give the student a full examination of the scope of critical infrastructure vulnerabilities, the dependence of critical infrastructures on the Internet, and Internet security problems. No laptop is required, but the subject material requires at least a working knowledge of computer networks and business decision making. The ideal student is a manager, supervisor, senior engineer, or other professional with a strong working knowledge of plant operations or a government official with responsibilities for CIP policy development wanting to learn more about the interdependence of critical infrastructures and the dangers posed by the global Internet.

Note: Due to the sensitivity of the course subject and the focus on the North American critical infrastructure, this course is only available to citizens of the United States or Canada currently living and working in those countries and government employees of Australia, New Zealand, and the United Kingdom. Proof of eligibility will be required when checking in at the training event as well as when entering the classroom. Documents that can be used to prove citizenship or government employment include:

Australia, New Zealand, and United Kingdom participants:

• Current Military or Civilian Government Employee ID Card AND a Passport issued by Australia, New Zealand, or the United Kingdom

US and Canadian participants:

• Current US or Canadian Military, Federal, State, or Province Government Employee ID Card
• US or Canadian Passport
• Birth Certificate
• Voter Registration Card
• Certificate of Naturalization
• Other document that can prove US or Canadian citizenship (driver's licenses DO NOT apply)

Excellent, relevant, immediately useful information. I can't wait to get back to the office to try it out.
-Steve Zehl, USGS