Critical Infrastructure: Homeland Security and Emergency Preparedness (e-Book) book cover

Critical Infrastructure

Homeland Security and Emergency Preparedness

By Robert Radvanovsky

© 2006 – CRC Press

336 pages

This product is not available in your shipping region
FREE Standard Shipping!


Reporting on the significant strides made in securing and  protecting our nation’s infrastructures, this timely and accessible resource examines emergency responsiveness and other issues vital to national homeland security. Critical Infrastructure: Homeland Security and Emergency Preparedness details the important measures that have been taken over the past few years to safeguard the industries, national landmarks, and national assets considered vital to the continued economic operation and success of any country and its people.

After introducing the topic, this comprehensive book covers concerns such as data classification and categorization, border security and immigration, cyberterrorism, hazardous materials, national response plans, national incident management systems, and incident command systems. It presents newly developed department and agency level protocols, as well as newly formulated procedures and guidelines. It also explains security vulnerability assessments, information sharing and analysis centers, control systems, and supervisory control and data acquisition.

Comprehensive and authoritative, Critical Infrastructure: Homeland Security and Emergency Preparedness isa must-have resource for professionals within both the private and public sectors and for students studying topics relating to critical infrastructure, emergency management, crisis response, and disaster recovery.


”… a truly encyclopedic work on a critical and timely topic. … one stop shopping for summary data on virtually everything connected with the author's topic. The author's clear expository prose and concise organization make for a tight manuscript. No energy is wasted. This is a really efficient reference, and quite useful to the manager or techie needing to figure out the labyrinth of standards, laws, policies, organizations and whatever in the area if critical infrastructure preparedness. I want a copy on my desk…I suspect many others will also…”

— Dr. Carl Clavadetscher, National Defense University, Ft. McNair, Washington D.C., USA 

The opinions, conclusions, and recommendations expressed or implied are those of the reviewer and do not necessarily reflect the views of the Department of Defense or any other agency of the Federal Government.

“… a good source of information for anyone working with our nation’s critical infrastructure.

— Karim H. Vellani, certified Security Consultant, writing in Security Management, December 2007

Table of Contents

Introduction to Critical Infrastructure Preparedness

Homeland Security Presidential Directives (HSPD)

What Is Critical Infrastructure?

What Is the Private Sector?

What Is the Public Sector?

What Is Critical Infrastructure Protection?

What Is Critical Infrastructure Preparedness?

Critical Infrastructure Functions

Origins of Critical Infrastructure

Regulations and Legislation

What Are the Categories of the Laws Listed?

Border Security and Immigration

Communications and Network Security



Domestic Safety and Security

Economic and Financial Security

Emergency Preparedness and Readiness

Medical and Health Care Security

Transportation Security (Includes Maritime Security)

Hazardous Materials

National Response Plan (NRP)

What Is the National Response Plan (NRP)?

NRP Training

How Does the NRP Tie in with Emergency Management?

NRP Subcategories

Emphasis on Local Response

What Is the Purpose of the NRP?

Tie between NRP and NIMS

Multiagency Command Structure Coordination

Coordination Responsibilities

Updates to the NRP

Incident Command Structure of the NRP

Levels of Authority

Key Concepts in the Implementation of the NRP

Roles and Responsibilities

Roles of the Federal Government

NRP Emergency Support Functions (ESFs)

Scope of ESFs

National Incident Management Systems (NIMS)

What Is NIMS?




NIMS Represents Best Practices

Components of NIMS

Command and Management


Benefits from Using NIMS

Resource Recovery

Communications and Information Management

Supporting Technologies

Ongoing Management and Maintenance

Command Structuring under NIMS

Incident Command System (ICS)

ICS Features

Common Terminology

Organizational Resources

Manageable Span of Control


Integrate Communications Capabilities

Incident Action Plan

Management Command, Coordination, and Control Structures

Unified Command

Area Command

Multiagency Coordination Systems

Emergency Operations Centers

Incident Responsibilities

Postincident Responsibilities

Public Information Systems

Joint Information Systems (JIS)

Joint Information Centers (JIC)

JIC Levels

JIC Organizational Structure

Preparedness and Readiness

Preparedness Organizations

Preparedness Planning and Coordination

Types of Preparedness Plans

Emergency Operations Plan

Training and Exercise Drills

Personnel Qualification and Certification

Equipment and Hardware Certification

Mutual-Aid Agreements

Standby Contracts

Publication Management

Resource Management

Effectively Managing Resources

Communications and Information Management Principles

Incident Command Systems (ICS)

What Is NIMS and ICS?

What Is an Incident?

What Is an Incident Command System (ICS)?


History of ICS


National Interagency Incident Management System (NIIMS)

Weaknesses Addressed by Using an ICS

Benefits of Using an ICS

ICS Framework

Applications for the Use of ICS

ICS Management Characteristics

Understanding the ICS Organization

ICS Management Functions

ICS Sections

What Is Span of Control?

ICS Position Titles

ICS Organizational Components

Unified Command

The Incident Commander

Command Staff

General Staff

Operations Section

Planning Section

Incident Action Plan

Logistics Section

Finance/Administration Section

ICS Area Command

Communications within the ICS

Incident Facilities

Differences between NIMS ICS and FIRESCOPE/NIIMS ICS

NIMS ICS Training

How ICS Integrates with Critical Infrastructure

Emergency Preparedness and Readiness (EMR)

Office for Domestic Preparedness

First Responder

First Responder Classifications

Guideline Classifications

North American Emergency Response Guidebook (NAERG)

Awareness Level Guidelines

Performance Level Guidelines

Operational Levels Defined

Level A: Operations Level

Level B: Technician Level

Know Protocols to Secure, Mitigate, and Remove Hazardous Materials

Additional Protective Measures

Understand Development of the Incident Action Plan

Know and Follow Procedures for Protecting a Potential Crime Scene

Know Department Protocols for Medical Response Personnel

National Fire Prevention Association 472

Occupational Safety and Health Administration Hazardous Waste Operations and Emergency Response

Skilled Support Personnel

Specialist Employee

Department of Transportation (DOT) Hazardous Materials (HAZMAT) Classifications

Importance of Implementing an Emergency Response Plan

Security Vulnerability Assessment (SVA)

What Is a Risk Assessment?

Methods of Assessing Risk

Threat Risk Equations

Comparison of Quantitative vs. Qualitative Risk Assessments

Challenges Associated with Assessing Risk

Other Factors to Consider When Assessing Risk

What Is an SVA?

Reasons for Having an SVA

What Is a Threat?

What Is Vulnerability?


Vulnerability Assessment Framework (VAF)

Reasons for Using the VAF

Federal Information Systems Control Auditing Manual (FISCAM)

General Methodologies of FISCAM Auditing

What Are General Controls?

What Are Application Controls?

Caveats with Using an SVA

How the SVA Is Used

Audience of an SVA

Initial SVA Plan

Necessary Steps of an SVA

Critical Success Factors

VAF Methodology

Initial Steps of the VAF

VAF Step 1: Establish the Organization Minimum Essential Infrastructure (MEI)

VAF Step 2: Gather Data to Identify MEI Vulnerabilities

VAF Step 3: Analyze, Classify, and Prioritize Vulnerabilities

Standards and Guidelines

About the National Fire Prevention Association (NFPA)

North American Electric Reliability Council (NERC)

American Gas Association (AGA)

Instrumentation, Systems, and Automation Society (ISA)

American Petroleum Institute (API)

Chemical Industry Data Exchange

ISO 15408


Health Insurance Portability and Accountability Act (HIPAA)

Patient Safety and Quality Improvement Act (PSQIA)

Gramm-Leach-Bliley Act (GLBA)

Sarbanes-Oxley Act

The American National Standards Institute (ANSI)

Federal Information Processing Standards (FIPS)

National Standards Systems Network


BSR T1M1-27-200X

BSR X9.49-200X

ASTM F1756-97A (2002)

Information Sharing and Analysis Centers (ISAC)

What Is a Critical Infrastructure Asset?

What Is an ISAC?

Advantages of Belonging to an ISAC

Access to ISAC Information

Expanded ISAC Services

Surface Transportation ISAC (ST-ISAC)

Public Transportation ISAC (PT-ISAC)

American Public Transportation Association (APTA)

Association of American Railroads (AAR)

Transportation Technology Center, Inc. (TTCI)


Water ISAC

Association of State Drinking Water Administrators (ASDWA)

Water Environment Research Foundation (WERF)

Association of Metropolitan Water Agencies (AMWA)

Association of Metropolitan Sewage Agencies (AMSA)

National Association of Water Companies (NAWC)

American Water Works Association (AWWA)

AWWA Research Foundation (AWWARF)

Financial Services ISAC (FS-ISAC)

Science Applications International Corporation (SAIC)

Electricity Sector ISAC (ES-ISAC)

Emergency Management and Response ISAC (EMR-ISAC)

Information Technology ISAC (IT-ISAC)

National Coordinating Center for Telecommunications (NCC-ISAC)

Communications Resource Information Sharing (CRIS)

Government Emergency Telecommunications Service (GETS)

Telecommunications Service Priority (TSP)

Shared Resources High Frequency Radio Program (SHARES)

Network Reliability and Interoperability Council (NRIC)

National Security Telecommunications Advisory Committee (NSTAC)

Wireless Priority Services (WPS)

Alerting and Coordination Network (CAN)

Energy ISAC

Chemical Sector ISAC (CHEM-ISAC)

Chemical Transportation Emergency Center (CHEMTREC)

Healthcare Services ISAC (HCISAC)

Highway ISAC

Cargo Theft Information Processing Systems (CargoTIPS)

American Trucking Associations (ATA)


Food and Agriculture ISAC

Food Marketing Institute (FMI)

Multi-State ISAC (MS-ISAC)


World Wide ISAC (WW-ISAC)

Real Estate ISAC (RE-ISAC)

The Real Estate Roundtable

Research and Educational Networking ISAC (REN-ISAC)

Biotechnology and Pharmaceutical ISAC (BioPharma ISAC)

Maritime ISAC (M-ISAC)

Maritime Security Council (MSC)

Marine Transportation System National Advisory Council

Supervisory Control and Data Acquisition (SCADA)

What Are Control Systems?

Types of Control Systems

Components of Control Systems

Vulnerability Concerns about Control Systems

Adoption of Standardized Technologies with Known Vulnerabilities

Connectivity of Control Systems to Unsecured Networks

Implementation Constraints of Existing Security Technologies

Insecure Connectivity to Control Systems

Publicly Available Information about Control Systems

Control Systems May Be Vulnerable to Attack

Consequences Resulting from Control System Compromises




Threats Resulting from Control System Attacks

Issues in Securing Control Systems

Methods of Securing Control Systems

Technology Research Initiatives of Control Systems

Security Awareness and Information Sharing Initiatives

Process and Security Control Initiatives

Securing Control Systems

Implement Auditing Controls

Develop Policy Management and Control Mechanisms

Control Systems Architecture Development

Segment Networks between Control Systems and Corporate Enterprise

Develop Methodologies for Exception Tracking

Define an Incident Response Plan

Similarities between Sectors

Critical Infrastructure Information (CII)

What Is Critical Infrastructure Information?

How Does the Government Interpret CII?

Exemption 3 of the Freedom of Information Act

Exemption 4 of the Freedom of Information Act

Section 214 of the Homeland Security Act

Enforcement of Section 214 of the Homeland Security Act

What Does Sensitive, But Unclassified Mean?

Information Handling Procedures

Freedom of Information Act


 “For Official Use Only” (FOUO)

Enforcement of FOUO Information

Reviewing Web Site Content

Export-Controlled Information

Enforcement of Export-Controlled Information

Source Selection Data

Enforcement of Source Selection Data

Privacy Information

Enforcement of Privacy Information

Unclassified Controlled Nuclear Information (UCNI)

Enforcement of UCNI

Critical Energy Infrastructure Information (CEII)

Enforcement of CEII

Lessons Learned Program



Subject Categories

BISAC Subject Codes/Headings:
COMPUTERS / Security / General
HOUSE & HOME / Security
SOCIAL SCIENCE / Disasters & Disaster Relief