Issue #45

Last Update October 2, 2006

National Critical Infrastructure by David Katz  March 2, 2006  At the Critical Infrastructure Resilience/ISBE 2006 conference and expo held in mid-February in Washington DC,  engineers, business continuity planners, disaster preparedness and recovery experts, government officials and academics met to discuss the protection of our nation's critical infrastructure and means of increasing its survivability and recoverability. Critical infrastructure includes those structures and functions necessary to the safety of our citizens and the operation if our economy. This includes such diverse items as our water supply, communications networks, transportation, hospitals and health care providers, the banking system, dams and levees, power generation and transmission, and key governmental functions. 

Several themes predominated at this conference. One was the shift in thinking and planning from prevention to resiliency. It was acknowledged by all speakers that disastrous events, both natural and manmade, will occur. While not denying the need to attempt to prevent such happenings as far as is possible, the planning emphasis seems to be shifting to minimizing the impact of such events and speeding recovery. As Dr. Ruth David, chair of the Homeland Security Critical Infrastructure Task Force Advisory Committee said, protection will inevitably fail; protection can't be measured, resiliency can. In the aftermath of Hurricane Katrina, focus was also moving from dealing with terrorism to dealing with natural calamities, which are harder to prevent, more likely to occur, and more likely to affect substantial portions of the country. 

A keynote speaker, Dr. Gerald Galloway, Professor of Civil and Environmental Engineering at the University of Maryland and a retired Brigadier General, painted a gloomy picture of our national flood preparedness. In his view, hurricanes are stronger and have a greater probability that they will occur, but we have no national water policy and no national flood policy. There are platitudes and ideas, but not much actual direction in coping with these threats. The national flood insurance program is going broke and is facing a 21-23 billion dollar deficit. 

Infrastructure failure leaves a major challenge, but planning, and especially funding, does not consider costs in relationship to residual risk. Part of the problem, according to Dr. Galloway, is that our design for flood protection is out of step with our needs, and with the efforts of other countries. We used to plan for 500 year events; that is, flood protection was designed to handle conditions that could occur perhaps once in 500 years. Cost concerns, and the devolution of some of these costs from the Federal Government to the states, has led to planning at the 100 year level instead. In contrast, Japanese and Dutch flood planning aims at 200-1,250 year events for rivers, and 5,000 events for coasts.  

We don't even have a national inventory of levees and dams to guide our planning, according to Dr. Galloway, although there is a bill working its way through Congress to survey the location of state and federal levees and assess their quality. Previous good policies have been undone, such as an order by President Carter forbidding the location of critical infrastructure on flood plains, which has been bypassed. 

At the session dealing with resiliency planning, Dr. James Carifano of the Heritage Foundation discussed problems with resiliency planning, defined the locus of responsibilities for three major types of resiliency effort, and recommended that the Federal Government invest heavily in the science of critical infrastructure. 

Dr. Carifano finds problems with three aspects of critical infrastructure protection: the concept of "layered defense" is flawed because we never defined the layer hierarchy, never prioritized - financing goes to the strongest advocates; the concept of "risk management" is flawed because we never look at risk holistically, we only look at risks in isolation; the concept of "critical infrastructure" is flawed because everything is defined as critical. 

He recommends a distribution of responsibilities that would make criticality assessment (what is the impact of disruption) a joint responsibility of government and the private sector, threat assessment principally the responsibility of the Federal Government, and dealing with vulnerability principally a private sector responsibility, since most of the vulnerable infrastructure actually belongs to the private sector. 

Finally, Dr. Carifano would promote government spending on issues such as how does this country run, how do we make decisions, how do networks work (how to manage complex systems), what is the relationship between structure and operation, and generation of early warning tools, decision making tools and models. 

Hurricane Katrina revealed some interesting communications problems that no one had considered, according to Tom Berry, Director of Media Relations, South Carolina Department of Health and Environmental Control. The fact that shelters don't accept animals became a major issue; people wanted to check on their pets. Hospitals have a special emergency number they can call to find out what the situation is, but if this fails, they turn on the TV. The primary means of communication between emergency responders was cell phones, since there were interoperability problems between the communications systems of responder departments. 

The Infrastructure Security Partnershp (TISP), a national public-private partnership to promote collaboration in the improvement of resiliency of critical infrastructure distributed a guide for an action plan to develop regional disaster resilience. The TISP website can be found at http://www.tisp.org

New York Stringer is published by NYStringer.com. For all communications, contact David Katz, Editor and Publisher, at david@nystringer.com

All content copyright 2006 by nystringer.com

Click on underlined bylines for the author’s home page.

Click here to send Events Listings

Click here to send us email.