The recently-revised National Infrastructure Protection Plan blends cybersecurity and physical security in an enterprise approach, according to Bob Kolasky, director of strategy and policy for the Department of Homeland Security’s Office of Infrastructure Protection, quoted in an interview at EmergencyMgmt.com.
NIPP 2013 “emphasizes the role of information sharing while still leaving voluntary public-private partnerships as the principle mechanism for managing critical infrastructure risk,” he said. The plan calls for risk management approaches to strengthen security and resilience in infrastructure protection.
According to DHS’s fact sheet for the plan, it was developed in response to Presidential Policy Directive 21, signed in February 2013.
“NIPP 2013 represents an evolution from concepts introduced in the initial version of the NIPP released in 2006,” reads the fact sheet. “The updated National Plan is streamlined and adaptable to the current risk, policy, and strategic environments. It provides the foundation for an integrated and collaborative approach to achieve a vision of: A Nation in which physical and cyber critical infrastructure remain secure and resilient, with vulnerabilities reduced, consequences minimized, threats identified and disrupted, and response and recovery hastened.”