Critical Infrastructure Security Information Technology Essay

Total Length: 1351 words ( 5 double-spaced pages)

Total Sources: 5

Page 1 of 5


Because the majority of critical infrastructure components in the United States are privately owned, compliance with Department of Homeland Security risk assessment methods remains voluntary. Risk assessments of critical infrastructure focus on threat, vulnerability, and consequences, with all types of assessments integral to helping improve resilience and mitigate problems (GAO, 2017). A vulnerability analysis of the nation’s information technology critical infrastructure reveals several points of weakness and security gaps. The Department of Homeland Security (2018) infrastructure survey tool can be used alongside the systems dynamics approach to vulnerability assessment. These tools reveal the inherent strengths of complex, interdependent information technology systems, while also revealing the potential weaknesses in a decentralized approach.

Executive Summary

Two of the most salient methods of conducting vulnerability assessments on critical infrastructure include the opt-in survey offered by the Department of Homeland Security, which targets the physical facilities, and the systems dynamics approach. Information technology is a unique critical infrastructure in that it includes both a physical, concrete component (such as hardware) and an abstract, information-based core content. Therefore, combining a systems dynamics approach with the DHS survey tool reveals the particular vulnerabilities evident in the information technology critical infrastructure. Strengths include the prevalence of some open systems and dynamic communications methodologies, plus advanced physical security defense mechanisms. Identifiable weaknesses include inconsistent risk assessment and mitigation methods, and the risks with private sector knowledge leakage. Cyber threats remain a major vulnerability. More information would be needed before a more thorough risk assessment could be conducted.


Information technology is one of the nearly twenty critical infrastructure component the Department of Homeland Security recognizes. The DHS offers specific strategic planning interventions for these sectors, with voluntary compliance expected and counted upon to preserve national security interests. Hardware manufacturers and the members of their supply chains, software developers, and service providers all fall under the general rubric of information technology critical infrastructure (GAO, 2017).

Stuck Writing Your "Critical Infrastructure Security Information Technology" Essay?

Various vulnerability assessment methods can be used to evaluate the nation’s information technology critical infrastructure. One assessment tool is the Infrastructure Survey Tool offered by the Department of Homeland Security. This tool is a web-based security survey that focuses mainly on physical facilities and is therefore limited in scope. A systems dynamics approach uses “stocks, flows, and feedback loops” to account for the complexities of information architecture (Deng, Song, Zhou, et al., 2017, p. 1). Rather than viewing systems dynamics and the Infrastructure Survey Tool as being discreet, mutually exclusive entities, combined they offer the opportunity to identify security threats before they morph into crises, and the chance to make necessary changes to institutional structure, policy, leadership, and practice.


Infrastructure Survey Tool

The Department of Homeland Security offers the Infrastructure Survey Tool for chief security officers, facility managers and operators. As a web-based survey, the tool is accessible and cost-effective. The Department of Homeland Security (2018) recommends that the Infrastructure Survey tool be used regularly and in conjunction with Assist Visits to identify vulnerabilities and address them accordingly. Focusing on physical vulnerabilities in a facility, the survey addresses issues like perimeter and property security but also channels of information sharing and communication, threat response protocols, and recovery plans (Department of Homeland Security, 2018). Because of the fragmented nature of the nation’s information technology infrastructure, each individual enterprise needs to voluntarily conduct the Infrastructure Survey Tool. Applying the tool broadly across all components of the critical infrastructure reveals several vulnerabilities, particularly with regards to inconsistent communication plans and protocols.

Hardware manufacturers present some of the clearest security vulnerabilities, when viewed through the lens of the DHS survey. One of the reasons for the vulnerability is the lack of vertical integration of many companies, and the heavy reliance on foreign manufacturing for various parts and components. Unless manufacturing processes are….....

Show More ⇣

     Open the full completed essay and source list


     Order a one-of-a-kind custom essay on this topic


De Bruijne, M. & Van Eeten, M. (2007). Systems that should have failed. Journal of Contingencies and Crisis Management 15(1): 18-29.

Deng, Y., Song, L., Zhou, Z., et al. (2017). Complexity and vulnerability analysis of critical infrastructures. Mathematical Problems in Engineering 2017(Article ID 8673143),

Department of Homeland Security (2018). Infrastructure Survey Tool.

Stamp, J., Dillinger, J. & Young, W. (2003). Common vulnerabilities in critical infrastructure control systems. NISA/Sandia.

United States Government Accountability Office (GAO, 2017). Critical infrastructure protection.

sample essay writing service

Cite This Resource:

Latest APA Format (6th edition)

Copy Reference
"Critical Infrastructure Security Information Technology" (2018, October 21) Retrieved July 9, 2020, from

Latest MLA Format (8th edition)

Copy Reference
"Critical Infrastructure Security Information Technology" 21 October 2018. Web.9 July. 2020. <>

Latest Chicago Format (16th edition)

Copy Reference
"Critical Infrastructure Security Information Technology", 21 October 2018, Accessed.9 July. 2020,