Critical Infrastructure Protection: How to Assess and Provide Remedy to Vulnerabilities in Telecom Hotels

摘要

America's open society includes a vast array of critical infrastructure and key resources that are vulnerable to terrorist attacks. While it is not possible to protect or eliminate vulnerabilities of all critical infrastructures in the United States, strategic improvements can be made to harden these assets and mitigate any damaging effects if an attack were to occur. Current network assessment methods and protective measures are inadequate. As a consequence, the need for a scientific methodology for implementation of critical infrastructure protection is required. A standardized vulnerability assessment/risk analysis tool needs to be developed and implemented for the Critical Infrastructure Protection Programs to analyze complex networks and examine critical nodes. This will help to prevent, deter, and mitigate the effects against terrorist attack in accordance with HSPD-7. This thesis examines ways in which vulnerability analysis is currently conducted and ways in which it could be improved to establish an all- encompassing methodology to identify, prioritize, and protect critical infrastructure. Based on analysis and research, the thesis recommends that the National Communications System under the Department of Homeland Security (DHS) establish the required policy initiatives to mandate the National Reliability and Interoperability Council's current and future best practices, and set a vulnerability assessment/analysis standard based on Model-Based Vulnerability Analysis (MBVA) and Joint Staff Integrated Vulnerability Assessment (JSIVA) methodologies.