Critical Infrastructure and Key Resources

Critical Infrastructure includes assets, systems and networks that provide functions necessary for our way of life. Key Resources are publicly or privately controlled reserves essential to the minimal operations of the economy and government.

Identifying and protecting Pennsylvania’s assets

The Office of Homeland Security (OHS) works with various state departments and agencies to define current critical infrastructure. OHS works with PA industry stakeholders and owners to identify our critical infrastructure and key resources.

Critical Infrastructure can be power stations, highway systems, or a government building.

A reservoir that holds drinking water for a community is a key resource.

The disruption or destruction of critical infrastructure or key resources may weaken or degrade:

  • State and National security
  • The economy
  • Public health
  • Public safety

National Infrastructure Protection Plan (NIPP)

The Department of Homeland Security has developed the NIPP to protect critical national assets. The NIPP requires each state to develop and install a critical infrastructure protection plan or program. Pennsylvania’s program, the Critical Infrastructure Protection Program (CIPP), addresses responsibilities at the state, county, and municipal levels. Various federal and state laws set the roles and responsibilities of the agencies involved in Homeland Security and protection planning.

Cybersecurity and Infrastructure Security Agency (CISA) Gateway

OHS uses a tool called CISA Gateway, a secure, web-based U.S. Department of Homeland Security (DHS) tool. In the event of an emergency at a critical site, CISA Gateway helps:

  • Law enforcement
  • Public safety
  • Emergency response

Protected Critical Infrastructure Information (PCII)

The PCII program, managed by the DHS National Protection and Programs Directorate, is designed to encourage owners and operators of private sector critical infrastructure, key resources, and significant special events to share sensitive, security-related business information with the federal government.

The PCII program offers software for information sharing between the government and the private sector. Federal, state, and local analysts use PCII to:

  • Analyze and secure critical infrastructure and protected systems
  • Identify vulnerabilities and develop risk assessments
  • Enhance recovery preparedness measures

Information submitted, if found to satisfy the requirements in the Critical Infrastructure Information Act of 2002, is protected from public disclosure under the following:

  • The Freedom of Information Act
  • State and local disclosure laws
  • Civil litigation