Critical infrastructure protection : how to assess and provide remedy to vulnerabilities in telecom hotels

Abstract

America's open society includes a vast array of critical infrastructure and key resources that are vulnerable to terrorist attacks. While it is not possible to protect or eliminate vulnerabilities of all critical infrastructures in the United States, strategic improvements can be made to harden these assets and mitigate any damaging effects if an attack were to occur. Current network assessment methods and protective measures are inadequate. As a consequence, the need for a scientific methodology for implementation of critical infrastructure protection is required. A standardized vulnerability assessment/risk analysis tool needs to be developed and implemented for the Critical Infrastructure Protection Programs to analyze complex networks and examine critical nodes. This will help to prevent, deter, and mitigate the effects against terrorist attack in accordance with HSPD-7. This thesis examines ways that vulnerability analysis is currently conducted and it could be improved to establish an all-encompassing methodology to identify, prioritize, and protect critical infrastructure. By analyzing and research, this thesis recommends that the National Communications System under the DHS establish the required policy initiatives to mandate the National Reliability and Interoperability Council's current and future "best practices," and set a vulnerability assessment/analysis standard based on MBVA and JSIVA methodologies.