- Focus Areas
- Cyber Summit
|South Carolina Infrastructure Protection Center|
INFRASTRUCTURE PROTECTION CENTER (SCIPC)
Forty percent of all businesses experiencing a disaster will go out of business within five years. Businesses that survive suffer a severe loss of revenue and reputation.
Our economy continues to be increasingly reliant on electronic information systems – systems that are both interdependent and vulnerable to attack. Disasters to our infrastructure and information systems threaten our safety and our economy, and our ability to react to emergencies.
With the tragic events of 9-11, Americans must be acutely aware of the dangers from terrorist attacks. Also present are attacks from criminals, both the cyber masterminds and the kids with too much time on their hands. As South Carolinians, we also have to be ever mindful of hurricane disasters. Nobody who lived in South Carolina during Hurricane Hugo can argue the potential devastation of a hurricane and its side effects. Cyber resources are vulnerable to all these threats.
We cannot prevent a hurricane, and we may not be able to prevent a cyber attack, but we can take steps to protect our systems and our information, and ultimately ourselves.
In May of 1998, President Clinton issued Presidential Decision Directive (PDD) 63, Policy on Critical Infrastructure Protection, which defined the original seven critical infrastructures:
· Electric power
· Emergency Services
· Banking and Finance
· Gas and oil
· Government services
Note: This list has grown to include 16 sectors.
HSPD-7, issued in December 2003, established a national policy for Federal departments and agencies to identify and prioritize United States critical infrastructure and key resources and to protect them from terrorist attacks.
PDD-41, issued in July 2016 continues the defining of the problem and the US government’s response to a cyber incident
While each of these critical infrastructure components has unique features and unique vulnerabilities, they all share one thing: a dependence on electronic information and computers. Computers have become such an essential and reliable tool for business and communication that we sometimes forget their fallibility.
SOUTH CAROLINA INFRASTRUCTURE PROTECTION CENTER (SCIPC)
PDD 63 initiated the creation of the National Infrastructure Protection Center (NIPC). Located in the FBI building in Washington, D.C., the NIPC brings together representatives from U.S. government agencies, state and local governments, and the private sector in a partnership to protect our nation's critical infrastructures. Responding to a need identified through the SLED Office of Homeland Security, SC Cyber has created the South Carolina Infrastructure Protection Center (SCIPC). Charged with anticipating, preventing, reacting to, and recovering from acts of terrorism, sabotage, and cyber crime, as well as natural disasters, SCIPC has three primary components:
Ø CITIZEN AND INDUSTRY CYBER AWARENESS CAMPAIGN
Significant benefits can be reaped by educating the local governments, the business community, and private citizens on the critical need to secure their cyber infrastructure, information, and computer systems. The heightened awareness leads to a higher level of security for all systems within the Palmetto state, resulting in a healthier and more stable economy.
The first step in this component is the unique partnership between government and the private sector known as SC Cyber. It is the mission of SC Cyber to protect the citizens and economy of South Carolina, by safeguarding information systems, reducing the vulnerability to cyber attacks, and increasing responsiveness to any threat.
Using the resources of SC Cyber, the SCIPC coordinates a multi-media education and awareness campaign that includes public service announcements, a public website on cyber security issues, training classes, and technical assistance.
Ø WORKFORCE DEVELOPMENT: EDUCATION AND TRAINING
One of the most significant, immediate needs is workforce development including training new cybersecurity professionals, enhancing the credentialing of existing professionals, or retraining existing it professionals so as to quickly add value in new, in-demand cybersecurity positions. Continued education and professionally targeted training courses are being developed and taught among South Carolina’s critical infrastructure and law enforcement partners. Through development of multiple cyber-based curriculums, SC Cyber will not only ensure that cyber content is taught, but work to implement appropriate exercises (table top) and learning activities to demonstrate the value of the educational offerings.
Ø CRITICAL INFRASTRUCTURE RESEARCH AND KNOWLEDGE MANAGEMENT
Drawing on a recurring theme in threat analysis is the need for information sharing; this critically important need has been echoed throughout the organizing meetings of SC Cyber. Through targeted real-time communication channels, in-person meetings, and an annual Cyber Summit, SC Cyber will provide mechanisms for partners to collaborate on timely, critical issues.
In addition to traditional information sharing, SC Cyber and its partners are working to offer unique software and technology solutions for the benefit of the group. For example, through partnerships with the Johns Hopkins University Applied Physics Laboratory and the SC National Guard, SC Cyber will offer advanced threat detection services to industry and government entities statewide and build a technology platform and process that is exportable as a model to the rest of the country.