CIPMA CRITICAL INFRASTRUCTURE PROTECTION MODELLING & ANALYSIS. Overview of CIP in Australia

Similar documents
The Australian Government s Approach to Critical Infrastructure Resilience

Outreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness

Telecommunications: Preventing Service Disruption

Modelling & Simulation for National Security

how to manage risks in those rare cases where existing mitigation mechanisms are insufficient or impractical.

Energy Assurance Energy Assurance and Interdependency Workshop Fairmont Hotel, Washington D.C. December 2 3, 2013

Critical Infrastructure

STRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government

THE LINK BETWEEN ENTERPRISE RISK MANAGEMENT AND DISASTER MANAGEMENT

HOTEL RESILIENT Plan ahead stay ahead. With support from the German Government through

South East Region THIRA

Member of the County or municipal emergency management organization

Alternative Fuel Vehicles in State Energy Assurance Planning

RESILIENT AMERICA ROUNDTABLE: PARTNERING WITH COMMUNITIES TO BUILD RESILIENCE

DISASTER RISK MANAGEMENT (DRM/DRR) TEAM

The Federal Council s Basic Strategy. for Critical Infrastructure Protection

The NIS Directive and Cybersecurity in

BCP At Bangkok Bank, Thailand

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

National Policy and Guiding Principles

NATIONAL CAPITAL REGION HOMELAND SECURITY STRATEGIC PLAN SEPTEMBER 2010 WASHINGTON, DC

Energy Assurance Plans

Principles for a National Space Industry Policy

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

Mississippi Emergency Management Agency. Shawn Wise. Office Of Preparedness

Resilient Energy Solutions for Community Needs

Shared Responsibility: Roles and Responsibilities in Emergency Management Geoff Hay

The J100 RAMCAP Method

Resilience in London

Business Continuity Planning

Legislative Framework

FINNISH APPROACH TO CRITICAL INFRASTRUCTURE PROTECTION

EPRO. Electric Infrastructure Protection Initiative EPRO BLACK SKY SYSTEMS ENGINEERING PROCESS

Business Continuity: How to Keep City Departments in Business after a Disaster

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

Building resilience. Delivering assurance.

NHS Gloucestershire Clinical Commissioning Group. Business Continuity Strategy

The APEC Model. Global Partnership through Regional Initiatives

Resolution adopted by the General Assembly. [without reference to a Main Committee (A/62/L.30 and Add.1)]

Critical Information Infrastructure Protection Law

The Office of Infrastructure Protection

Her Majesty the Queen in Right of Canada, Cat. No.: PS4-66/2014E-PDF ISBN:

Emergency Management & Disaster Planning

Energy Assurance State Examples and Regional Markets Jeffrey R. Pillon, Director of Energy Assurance National Association of State Energy Officials

Business Continuity Management

Critical Infrastructure Assurance BC s s Lower Mainland

Community-Based Water Resiliency

How to be cyber secure A practical guide for Australia s mid-size business

Building the Disaster Resilience of the NSW Community. Disaster Ready Councils Regional Forum October-November 2017

National Preparedness System (NPS) Kathleen Fox, Acting Assistant Administrator National Preparedness Directorate, FEMA April 27, 2015

The Office of Infrastructure Protection

STRATEGIC PLAN. USF Emergency Management

Bradford J. Willke. 19 September 2007

The Science and Technology Roadmap to Support the Implementation of the Sendai Framework for Disaster Risk Reduction

Emergency Support Function #12 Energy Annex. ESF Coordinator: Support Agencies:

NFPA 3000 (PS) Standard for an Active Shooter / Hostile Event Response (ASHER) Program IT S A BIG WORLD. LET S PROTECT IT TOGETHER.

The Age of Heightened Security

Resolution adopted by the General Assembly on 14 December [without reference to a Main Committee (A/61/L.44 and Add.1)]

A Perspective on Public Safety and Critical Infrastructure Protection

21ST OSCE ECONOMIC AND ENVIRONMENTAL FORUM

Mississippi Emergency Management Agency. Brittany Hilderbrand & Kamika Durr. Office Of Preparedness

ACTIVE SHOOTER RESPONSE CAPABILITY STATEMENT. Dynamiq - Active Shooter Response

All-Hazards Approach to Water Sector Security & Preparedness ANSI-HSSP Arlington, VA November 9, 2011

Mississippi Emergency Support Function #12 Energy Annex

Homeland Security and Geographic Information Systems

Australia s national positioning program. Dr John Dawson, Section Leader Positioning

PD 7: Homeland Security Presidential Directive 7: Critical Infrastructure Identification, Prioritization, and Protection

Security and resilience in Information Society: the European approach

Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.

MASAS. Overview & Backgrounder Document. Consultation Package. CanOps

Government-Industry Collaboration: 7 Steps for Resiliency in Critical Infrastructure Protection

DEVELOPMENT OF A DISASTER RISK MANAGEMENT NATIONAL ACTION PLAN

Building A Disaster Resilient Quebec

National Cross Sector Forum Action Plan for Critical Infrastructure BUILDING A SAFE AND RESILIENT CANADA

GENERIC CONTROL SYSTEM ARCHITECTURE FOR CRITICAL INFRASTRUCTURE PROTECTION

Security Guideline for the Electricity Sector: Business Processes and Operations Continuity

Executive summary. Natural disasters including bushfires, floods, storms and cyclones have destructive and devastating consequences for Australia

The Role of ENISA in the Implementation of the NIS Directive Anna Sarri Officer in NIS CIP Workshop Vienna 19 th September 2017

FEMA Update. Tim Greten Technological Hazards Division Deputy Director. NREP April 2017

Final Draft/Pre-Decisional/Do Not Cite. Forging a Common Understanding for Critical Infrastructure. Shared Narrative

IDD HP Resilience Program

Critical Infrastructure Protection in the European Union

Emergency Management BCERMS Orientation

CYBER RESILIENCE & INCIDENT RESPONSE

EU policy on Network and Information Security & Critical Information Infrastructures Protection

Best Practices for Campus Security. January 26, 2017

The UNISDR Private Sector Alliance for Disaster Resilient Societies

Philomathia Forum Startups Transform Sustainability

Overview of the Federal Interagency Operational Plans

Security Director - VisionFund International

Director, Major Projects and Resilience. To: Planning and Performance Committee 6 November 2014

Meeting the Challenges of Enhancing Power Sector Resilience

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

Professional in Critical Infrastructure Protection

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

SEAWALL EARTHQUAKE SAFETY & DISASTER PREVENTION PROGRAM

Promoting Global Cybersecurity

Decision Support for Extreme Weather Impacts on Critical Infrastructure

National Earthquake Risk Reduction Program in Haiti

Transcription:

CIPMA CRITICAL INFRASTRUCTURE PROTECTION MODELLING & ANALYSIS Overview of CIP in Australia Greg Scott Leader, Critical Infrastructure Project Risk & Impact Analysis Group Geoscience Australia Greg.Scott@ga.gov.au November 2007

CIP in Australia Definition Critical Infrastructure is defined as those physical facilities, supply chains, information technologies and communication networks which if destroyed, degraded or rendered unavailable for an extended period would significantly impact on the social or economic wellbeing of the nation or affect Australia s ability to conduct national defence and ensure national security

CIP in Australia The Drivers The need to minimise risks to public health, safety and confidence Ensure our economic security Maintain Australia s international competitiveness Ensure the continuity of government and its services

CIP in Australia - The Aim To ensure there are adequate levels of protective security on critical infrastructure, minimal single points of failure, and rapid, tested recovery arrangements

CIP in Australia The Process Identify critical infrastructure on a sectoral basis Analyse vulnerabilities, dependencies and interdependencies Protect from and prepare for all hazards AGD lead Australian Government agency for CIP

CIP in Australia A Risk Driven Approach Sector groups ID their critical infrastructure using agreed risk methodology Developed by ASIO Endorsed by CIAC Based on AS/NZS 4360 of 1999 Combining three variables: Threat, Vulnerability, Consequence

CIP in Australia Business Partnership Up to 90% of critical infrastructure is privately owned or operated on a commercial basis, as a consequence: CIP cannot be carried out solely by government a business-government partnership is required the active participation of owners and operators is needed, and also professional bodies, industry associations, all levels of government, and the public

CIP in Australia - TISN The Trusted Information Sharing Network for Critical Infrastructure Protection (TISN) owners and operators of CI and governments work together to share information includes a number of Infrastructure Assurance Advisory Groups (IAAGs) for different business sectors and expert advisory groups overseen by the Critical Infrastructure Advisory Council (CIAC)

Australia s Critical Infrastructure Protection Arrangements

CIP in Australia - CIAC Chaired by AGD Oversees IAAGs Provides advice to Attorney-General on national approach to critical infrastructure protection Comprises representatives from each of the IAAGs & EAGs States & Territories Relevant Australian Government agencies National Counter-Terrorism Committee

CIP in Australia - CIAC Concerned with medium-to-long-term issues of preventative aspects of CIP especially those issues that have cross sector implications NOT involved in response arrangements for security incidents Conduit to identify requirements for CI research

CIP in Australia - IAAGs Create an atmosphere of trust based around shared threats and vulnerabilities Nine IAAGs now established Currently working on a range of initiatives Identification of critical infrastructure (incl supply chains) for sector based on Risk Methodology Mitigation strategies Dependencies and interdependencies with other sectors

CIP in Australia The Process Identify critical infrastructure on a sectoral basis Analyse vulnerabilities, dependencies and interdependencies Protect from and prepare for all hazards How do we achieve this??

CIPMA CRITICAL INFRASTRUCTURE PROTECTION MODELLING & ANALYSIS Enhancing the Protection of Australia s National Critical Infrastructure

CIPMA CRITICAL INFRASTRUCTURE PROTECTION MODELLING & ANALYSIS Overview of CIPMA Greg Scott Leader, Critical Infrastructure Project Risk & Impact Analysis Group Geoscience Australia Greg.Scott@ga.gov.au November 2007

CIPMA Overview A national capability to assist business and government decision makers involved in critical infrastructure protection, counter-terrorism and emergency management A business-government partnership

CIPMA Overview A computer based tool in a secure facility that can be utilised by Australian businesses and governments to help answer important strategic and operational questions on an all hazards basis

CIPMA Overview A complex and robust capability Sector and systems behaviour, dependencies and relationships Identify vulnerabilities and resilience An all hazards approach Assurance of confidentiality and security

CIPMA Overview It includes: sector data and knowledge that builds a detailed picture network behaviour that shows relationships and dependencies complex models to assess the impacts and consequences of a disruption

CIPMA Overview SYSTEM MODELLING DECISION SUPPORT INFORMATION & DATA ELECTRICITY GAS ECONOMIC SOCIAL INVESTMENT BUSINESS CONTINUITY SECURITY RESILIENCE LIQUID FUELS COMMUNICATIONS BROADCASTING BANKING & FINANCE WATER

CIPMA Overview FUNDAMENTAL Imagery Topography Transport Cadastre Addresses Census Demography Buildings Admin. Bdys. LOCATIONAL Police Fire Ambulance SES Schools Hospitals Aged care Community facilities Icons Business Insurance INFRASTRUCTURE Electricity Gas Liquid fuels Telecoms Submarine cables Broadcasting Banking Water Assets Networks Behaviour Dependencies SCENARIOS Event models Exposure Vulnerability Impact analysis Social profiles Economic loss Casualties Fatalities

CIPMA Overview SYSTEM MODELLING DECISION SUPPORT INFORMATION & DATA ELECTRICITY GAS ECONOMIC SOCIAL INVESTMENT BUSINESS CONTINUITY SECURITY RESILIENCE LIQUID FUELS COMMUNICATIONS BROADCASTING BANKING & FINANCE WATER

CIPMA Overview

CIPMA Overview It is an all hazards approach Incorporates natural and human hazards Covers critical infrastructure networks and high priority precincts (eg Sydney and Melbourne CBDs) To help decision makers answer important operational and strategic questions relating to CIP, CT and EM

CIPMA Overview Operational and strategic questions - identify vulnerability and assess resilience Provide insights into the behaviour of complex networks Analyse relationships and dependencies Examine the flow-on consequences of infrastructure failure Identify choke points, single points of failure, and other vulnerabilities Assess mitigation strategies, business continuity plans and options for investment

CIPMA Overview The capability will be primarily used for prevention preparedness and planning recovery CIPMA will also address a range of incident response needs

CIPMA Overview Sector coverage of the capability Currently, three priority sectors energy communications banking and finance Water as the 4 th sector was announced on 12 Sept 2006 Transport the 5 th sector?

CIPMA CRITICAL INFRASTRUCTURE PROTECTION MODELLING & ANALYSIS CIPMA Architecture & Analysis Workflow Greg Scott Leader, Critical Infrastructure Project Risk & Impact Analysis Group Geoscience Australia Greg.Scott@ga.gov.au November 2007

CIPMA Architecture and Workflow SCENARIOS DATA & MODELS IMPACT & RECOVERY DECISION SUPPORT EVENT PROPAGATION Hazard Models Natural Environment Seasonal Factors Man Made Time of Year Population Activity Weather Mass Gathering People DATA Buildings Infrastructure System Connectivity Data Relationships MODELS Supply/Demand Behaviour Business Rules Interdependence Exposure Time IMPACT Vulnerability Damage States Systems Disruption Area RECOVERY System Asset Business Continuity COST Duration Event Impact Recovery Social Economic RISK MANAGEMENT Increased Resilience VISUALISATION

Earthquake, Wind, Tsunami, Flood, Blast, Plume, etc Event 7.0 ML x Hazard Models Physical Environment affected Risk - Annual Damage Percentage 0.0035 0.003 0.0025 0.002 0.0015 0.001 0.0005 System Models 0 Vulnerability Mean+1SD cummulative risk Mean cummulative risk Mean-1SD cummulative risk 10 100 1000 10000 100000 Return Period considered (years) CI damage state estimates Cost / Recovery Geospatial Database Recovery of disrupted CI Built Environment asset function (% over time) Estimated capital stock losses People Direct Loss Macro-Economic Buildings Infrastructure Business Residential Estimated losses Real GRP, Consumption, Employment, Investment Impact footprint over time Age, Income, Employment, Activity, etc Population affected Community Profiles Casualties Business resilience Injuries, Fatalities, Medical costs Disruption induced financial costs & revenue losses Indirect Loss Estimated productivity losses

CIPMA CRITICAL INFRASTRUCTURE PROTECTION MODELLING & ANALYSIS CIPMA Sectors, Data & Models will also be presented but are not for distribution

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback