US Policy Response to Cyber Attack on SCADA Systems Supporting Critical National Infrastructure
Research Report
US Policy Response to Cyber Attack on SCADA Systems Supporting Critical National Infrastructure
Scott A. Weed
Copyright Date: May. 1, 2017
Published by: Air University Press
Pages: 67
OPEN ACCESS
https://www.jstor.org/stable/resrep13985
Table of Contents
Export Selected Citations Export to NoodleTools Export to RefWorks Export to EasyBib Export a RIS file (For EndNote, ProCite, Reference Manager, Zotero, Mendeley...) Export a Text file (For BibTex)
Select / Unselect all
  1. Front Matter
    Front Matter (pp. i-ii)
  2. Disclaimer
    Disclaimer (pp. ii-ii)
  3. Table of Contents
    Table of Contents (pp. iii-iv)
  4. List of Illustrations
    List of Illustrations (pp. v-vi)
  5. Preface
    Preface (pp. vii-viii)
  6. About the Author
    About the Author (pp. ix-x)
  7. Abstract
    Abstract (pp. xi-xii)
  8. Chapter 1 The Problem
    Chapter 1 The Problem (pp. 1-2)

    The new manmade environment of cyberspace is a contested domain, which our critical national infrastructure depends on, which in turn requires greater cooperation for security. As former secretary of defense Chuck Hagel remarked in a September 2014 keynote address, we “are entering an era where American dominance [in] cyberspace—can no longer be taken for granted.”¹ Public and private evidence indicate remarkable upward trends in the cyber threat landscape, especially with observed adversarial and criminal activity throughout our domestic national infrastructure. Actors, motivations, and techniques range widely, yet the potential for significant consequences is undeniable. The president and the interagency...

  9. Chapter 2 Context of National Infrastructure Vulnerability
    Chapter 2 Context of National Infrastructure Vulnerability (pp. 3-14)

    The discussion of how the US government might respond to cyber attack on critical infrastructure ultimately rests upon the nation’s ability to adapt to complexity and uncertainty. However, we need to understand the technology, risk, and actors at play. The first point of necessary clarification is to understand critical infrastructure as a complex system-of-systems for which policy has only recently formed to articulate its complexity and growing need for cybersecurity. In addition to weaknesses inherent in critical infrastructure due to design, legacy considerations, and environmental dependencies, the realization of burgeoning groups of diverse actors, and worsening threat trends in this...

  10. Chapter 3 Political Realities
    Chapter 3 Political Realities (pp. 15-18)

    The US government must first appreciate social realities, corporate motivations, and political precedents before fully developing policy responses to cyber attack on critical infrastructure. The president outlined the national approach to this problem in PPD-21, which asserts that the United States will strengthen critical systems against emerging threats by working across public and private sectors while emphasizing the role of private owners and operators in securing their systems.¹ General Davis reinforced the criticality of this partnership with the private sector when he highlighted that “over 99 percent of the electricity and 90 percent of the voice and communications services that...

  11. Chapter 4 National Response Constructs
    Chapter 4 National Response Constructs (pp. 19-30)

    The US government has made significant efforts to unify a historically piecemeal federal approach to cybersecurity, especially in response to the threats to our critical national infrastructure—an essential and vulnerable center of gravity of our American way of life. Fortunately, and unlike the after-the fact reforms of the Goldwater-Nichols Act, the federal government is moving proactively to bring about procedural and cultural changes before there is a major loss. This whole-of-government approach provides unprecedented clarity and unity of effort through concise policy, interagency deconfliction, and standing ROEs. All these measures are to be continually refined through exercises and further...

  12. Chapter 5 Recommendations
    Chapter 5 Recommendations (pp. 31-40)

    The ability of our nation to withstand a cyber attack on its critical national infrastructure, especially under a mounting threat, depends on the development of the abilities to prevent, detect, investigate, and respond to threats. The simultaneous development of private-sector integration and international consensus is also necessary. While the government has developed clear cyber policy, it must now focus its resources on two of those primary lines of cybersecurity effort for the protection of its critical national infrastructure: prevention through strong stakeholder relationships, and detection and response through public, private, and international unity of effort. It is undeniable that the...

  13. Chapter 6 Conclusion
    Chapter 6 Conclusion (pp. 41-42)

    Realizing modern cybersecurity across US critical national infrastructure is a shared responsibility between public and private sectors. Much of the remaining work is in shaping international consensus on norms of state cyber behavior, enforcing private-sector responsibilities that affect US national interests, and continual investment and effort in refining the interagency leadership in this rapidly changing space. The rise in sophistication and frequency of cyber attacks, especially against critical sectors, coupled with antiquated and inadequate security practices and the risks from increasing global interconnectivity all demand national unity of effort and international cooperation and consensus to overcome. Government and corporate leaderships...

  14. Abbreviations
    Abbreviations (pp. 43-44)
  15. Bibliography
    Bibliography (pp. 45-52)
  16. Back Matter
    Back Matter (pp. 53-53)