Finance, health care, agriculture play key roles in critical infrastructure protection.

• Author: Wiedemann, Chris
• Position: HOMELAND SECURITY

* Of the major agencies of the federal government involved in critical infrastructure protection, the Department of Homeland Security and the Department of Defense receive the most attention.

But there are three less discussed, but equally important, elements of the nation's critical infrastructure: the financial sector--banks and the technology they rely on--health care and public health, where critical infrastructure constitutes hospitals, medical transport and drug supplies; and food and agriculture--farms, supporting infrastructure, and financial systems.

When Presidential Policy Directive 21 (PPD-21) broadened the critical infrastructure segments and definitions originally outlined in Homeland Security Policy Directive 7 (HSPD-7), it created new responsibilities for a number of federal departments, termed sector-specific agencies.

They are responsible for developing and disseminating infrastructure protection requirements to states, local authorities and industry.

While there is little opportunity to sell explicitly security-related technologies to the government--the market for those rests with the infrastructure owners themselves--sector-specific agencies have requirements around information sharing and dissemination that industry can help meet. And anyone looking to support the mission of critical infrastructure protection outside of DHS should be reaching out to the Departments of Treasury, Health and Human Services, and Agriculture.

The responsibilities of the sector-specific agencies entrusted with infrastructure issues are diverse.

The agency for financial services is the Treasury Department, and those looking to assist their critical infrastructure mission should look to the office of critical infrastructure protection and compliance policy, under the direction of the assistant secretary for financial institutions. The office coordinates the development and implementation of financial infrastructure protection requirements, which revolve primarily around data privacy and redundancy. These requirements are intended to ensure that a successful attack against a major system does not shut down the nation's financial infrastructure.

The office also facilitates information sharing between the federal government, state and local regulators and the financial sector.

In this capacity, it will have industry requirements for tools and services enabling information exchange and coordinating activities between geographically disparate...