Our Nation's well-being relies upon secure and resilient critical infrastructure—the assets, systems, and networks that underpin American society. The National Infrastructure Protection Plan (NIPP)—NIPP 2013: Partnering for Critical Infrastructure Security and Resilience—outlines how government and private sector participants in the critical infrastructure community work together to manage risks and achieve security and resilience outcomes.
NIPP 2013 Partnering for Critical Infrastructure Security and Resilience
NIPP 2013 represents an evolution from concepts introduced in the initial version of the NIPP released in 2006 and revised in 2009. The National Plan is streamlined and adaptable to the current risk, policy, and strategic environments. It provides the foundation for an integrated and collaborative approach to achieve the vision of: "[a] Nation in which physical and cyber critical infrastructure remain secure and resilient, with vulnerabilities reduced, consequences minimized, threats identified and disrupted, and response and recovery hastened."
NIPP 2013 meets the requirements of Presidential Policy Directive (PPD) 21: Critical Infrastructure Security and Resilience, signed in February 2013. The Plan was developed through a collaborative process involving stakeholders from all 16 critical infrastructure sectors, all 50 states, and from all levels of government and industry. It provides a clear call to action to leverage partnerships, innovate for risk management, and focus on outcomes.
NIPP 2013 Supplements
NIPP following supplements serve as tools and resources that can be used for members of the critical infrastructure community as they implement specific aspects of the Plan.
- Connecting to the National Infrastructure Coordinating Center (NICC) and the National Cybersecurity and Communications Integration Center (NCCIC)
- Executing a Critical Infrastructure Risk Management Approach
- Incorporating Resilience into Critical Infrastructure Projects
- National Protection and Programs Directorate Resources to Support Vulnerability Assessments
- Critical Infrastructure Threat Information Sharing Framework: A Reference Guide for the Critical Infrastructure Community
2017 NIPP Security and Resilience Challenge
The Cybersecurity and Infrastructure Security Agency's Infrastructure Security division and the National Institute for Hometown Security are pleased to announce the 2017 NIPP Security and Resilience Challenge.
PPD-21 assigns a federal agency, known as a Sector Risk Management Agency (SRMA), to lead a collaborative process for critical infrastructure security within each of the 16 critical infrastructure sectors. Each Sector Risk Management Agency is responsible for developing and implementing a sector-specific plan (SSP), which details the application of the NIPP concepts to the unique characteristics and conditions of their sector. Sector-Specific Plans have been updated to align with the NIPP 2013.
More on the National Infrastructure Protection Plan
Joint National Priorities - DHS first published the Joint National Priorities (Priorities) in 2014 to help guide the critical infrastructure community's efforts to improve security and resilience. The Joint National Priorities were updated and reissued in September 2018. The new Priorities have incorporated inputs to reflect critical changes in the evolving risk environment and to align to the priorities and key issues that have been set forth.
An array of independent study courses is available to the critical infrastructure community. These courses were developed by the Cybersecurity and Infrastructure Security Agency's Infrastructure Security Division and are available through the Federal Emergency Management Agency (FEMA) Emergency Management Institute.
Critical Infrastructure Partnership Courses
- IS 913.a Achieving Results through Critical Infrastructure Partnership and Collaboration
- IS 921.a Implementing Critical Infrastructure Security and Resilience
Security Awareness Series Courses
- IS 906 Workplace Security Awareness
- IS 907 Active Shooter: What You Can Do
- IS 912 Retail Security Awareness: Understanding the Hidden Hazards
- IS 914 Surveillance Awareness: What You Can Do
- IS 915 Protecting Critical Infrastructure Against Insider Threat
- IS 916 Critical Infrastructure Security: Theft and Diversion - What You Can Do
- Homeland Security Act of 2002
- Executive Order (EO) 13636
- Presidential Policy Directive (PPD) 21
- National Institute of Standards and Technology Cybersecurity Framework
- Homeland Security Presidential Directive 7: Critical Infrastructure Identification, Prioritization, and Protection
- PPD-8: National Preparedness