Site Resources

CISA is the Nation's risk advisor, working with partners to defend against today's threats and collaborating to build more secure and resilient infrastructure for the future.

CISA's Infrastructure Security Division coordinates and collaborates across CISA regions (CISA Regions | CISA), government, and the private sector. The Division conducts and facilitates vulnerability and consequence assessments to help critical infrastructure owners and operators and state, local, tribal, and territorial government (SLTTG) partners understand and address risks to critical infrastructure. It also provides information on emerging threats and hazards so that appropriate actions can be taken, as well as tools and training to help partners in government and industry manage the risks to their assets, systems, and networks.

This Infrastructure Dependency Primer is intended to support regional planners and critical infrastructure stakeholders in their efforts to better understand infrastructure dependencies and use that knowledge to increase resilience. CISA offers several products and services that may be valuable to these stakeholders:

  • Protective Security Advisors (PSA) (Protective Security Advisors | CISA): PSAs are trained critical infrastructure protection and vulnerability mitigation subject matter experts who facilitate local field activities in coordination with other Department of Homeland Security offices. They also advise and assist state, local, and private sector officials and critical infrastructure facility owners and operators.
  • Critical Infrastructure Vulnerability Assessments (Critical Infrastructure Vulnerability Assessments | CISA): CISA supports a number of assessment activities for state, local, and private sector partners, Including assist visits, the Infrastructure Survey Tool, the Infrastructure Visualization Platform, and the Regional Resiliency Assessment Program.
  • Protected Critical Infrastructure Information (PCII Program | CISA): The PCII program can be used to protect sensitive information about infrastructure assets and systems and enhance data sharing between public and private sector partners.
  • Stakeholder Engagement Division (Stakeholder Engagement Division | CISA): To help further support dependencies studies, CISA's Stakeholder Engagement Division (SED) can help SLTTGs develops partnerships, facilitates dialogue, convenes stakeholders, and promotes awareness to help achieve a secure and resilient infrastructure. SED coordinates stakeholder engagements and partnerships to support the CISA's efforts to reduce national risk.
  • SLTT Toolkit (SLTT Toolkit | CISA): CISA has developed a set of resources to help recognize and address cybersecurity risks including discussion points for government leaders, steps to start evaluating a cybersecurity program, and a list of hands-on resources available to SLTT governments.
  • SLTT Cybersecurity Engagement Program (SLTT Cybersecurity Engagement Program | CISA): CISA provides cybersecurity risk briefings and information on available resources to governors and other appointed and elected SLTT government officials.


  • Asset:
    • A person, structure, facility, material, or information.
  • Critical Infrastructure:
    • Infrastructure systems and assets that are so vital that their incapacitation or destruction would have a debilitating effect on security, the economy, public health, public safety, or any combination thereof
  • Community:
    • One or more local jurisdictions or special districts, including a region or shared infrastructure corridor.
  • Dependencies:
    • Relationships of reliance within and among infrastructure assets and systems that must be maintained for those systems to operate properly or provide services.
  • Hazard:
    • Natural, deliberate, or accidental threats or incidents that have the potential to disrupt or incapacitate a community's infrastructure.
  • Infrastructure:
    • The collection of interrelated physical, cyber, and organizational assets and systems that provide a flow of products and services essential for the operation of society.
  • Network:
    • A combination or group of components that interact with each other to perform a function. Also known as a System.
  • Resilience:
    • The ability to prepare for and adapt to changing conditions and withstand and recover rapidly from disruptions; includes the ability to withstand and recover from deliberate attacks, accidents, or naturally occurring threats or incidents.
  • Risk:
    • The potential for an adverse outcome assessed as a function of threats, vulnerabilities, and consequences associated with an incident, event, or occurrence, often measured, and used to compare different future situations.
  • System:
    • A combination or group of components that interact with each other to perform a function. Also known as a Network.
  • Threat:
    • Any entity, action, or occurrence, whether natural or man-made, that has or indicates the potential to pose danger to life, information, operations, and/or property.

IDP Links


Communities as Systems


Resilience Solutions
  • Benefit Cost Analysis is a method that determines the future risk reduction benefits of a hazard mitigation project and compares those benefits to its costs.
Best Practices

The following links are various hazard mitigation best practices. These best practice compendiums can provide ideas for mitigation projects as communities seek to enhance the resilience of their infrastructure systems.


The following resources provide further information on how to include infrastructure, dependencies, and resilience into your planning efforts. They provide additional guidance for identifying and analyzing dependencies as well as information regarding hazards and mitigation measures.

Was this webpage helpful?  Yes  |  Somewhat  |  No