Before 9/11 who at your organization was responsible for the continuous “Continuity of Operations“ for the business?
Last time your Board of Directors had their quarterly or annual meeting, was your compliance with the U.S. CII Act of 2002 on the agenda?
You know, the Critical Infrastructure Act of 2002 (CII Act):
“Under provisions of the Critical Infrastructure Information Act of 2002 (CII Act), information that is voluntarily submitted per those provisions will be protected from public disclosure until and unless a determination is made by the PCII Program Office that the information does not meet the requirements for PCII. If validated as PCII, the information will remain exempt from public disclosure.”
Critical Infrastructure Information (CII) is information not in the public domain and related to the security of CI or protected systems by either physical or computer based attack that harms commerce in the United States or threatens public health or safety.
Today, who in your particular organization is responsible for the PCII Program and are the entities that submit information:
- Private Sector companies
- State, local, and territorial government entities
- Working groups comprised of government and private sector representatives
"It is well known that over 85% of Critical Infrastructure is owned and operated by these organizations in the United States."
Consider this thought.
AI is increasingly being powered now by the Private Sector. Crypto mining is powered by the Private Sector. There are 16 more key CI Sectors.
The companies that are in your city, county or state that are directly tied to your Critical Infrastructure to provide Water, Electricity and Natural Gas, Emergency Services, Healthcare, Information Technology and Transportation are all components of the on-going safety and security of your community.
Who in your organization is responsible for the key relationships of all of the CI entities that you rely on to operate and serve your community each day?
Is it your CISO? Is it your CSO? Is it your CFO? Is it your CIO? Is it your COO?
If you don’t know that answer in your Board of Directors Meeting then add this to your To-Do list with your CEO.
Here are four key areas of focused leadership in your role to build resilience of Critical Infrastructure Protection in your organization:
> R_ecruiting
> E_ducation
> N_etworking
> S_haring Information
After you and your RENS team have prioritized "Critical Infrastructure Protection" and the safety of the American people at your organization, how will your own leadership be visible and proactive?
Never forget!
No comments:
Post a Comment