Enhancing Critical Infrastructure (CI) Resiliency
Enhancing the resiliency of critical infrastructure can be achieved through the appropriate combination of security measures to address intentional and accidental incidents; business continuity practices to deal with disruptions and ensure the continuation of essential services; and emergency management planning to ensure adequate response procedures are in place to deal with unforeseen disruptions and natural disasters.
Enhancing the resiliency of critical infrastructure can be described as actions and programs that:
- identify risks to critical infrastructure and interdependencies
- assess and prioritize risks
- take mitigative or protective measures to reduce risks and the potential for disruptions
- conduct exercises to assess measures and identify strengths and areas of improvement
- refine and upgrade critical infrastructure plans in all sectors
- result in swift and more effective response and recovery efforts when disruptions occur.
In Canada, responsibility for strengthening the resiliency of critical infrastructure is shared among federal, provincial and territorial governments, local authorities and critical infrastructure owners and operators. Given that disasters most often occur locally, the first response to a disruption is almost always by the owners and operators, the municipality, or the province or territory.
The federal government fulfils national leadership responsibilities relating to emergency management, including critical infrastructure, under the Emergency Management Act (EMA). In keeping with the EMA, Public Safety Canada works to help safeguard our critical infrastructure based on three key objectives:
- build trusted and sustainable partnerships in CI;
- implement an all-hazards risk management approach; and
- advance the timely sharing and protection of information among partners.
Public Safety Canada Regional Offices help support partnerships with critical infrastructure stakeholders through their work at the local level. Regional Offices build and support relationships with critical infrastructure partners at the local level as well as with regional and cross-border stakeholders.
The risks to Canada's critical infrastructure are increasingly complex and becoming more frequent. They include natural, intentional and accidental hazards. Recent events illustrate the importance of protecting critical infrastructure from all types of hazards: the 1996 Saguenay Flood, the 1997 Red River Flood, the 1998 Ice Storm, the terrorist attacks of September 11, the 2003 Power Blackout, the 2003 Severe Acute Respiratory Syndrome (SARS) outbreak, the 2005 London bombings and Hurricane Katrina.
An all-hazards risk management approach to critical infrastructure allows for comprehensive planning, preparations and response and recovery strategies to cover the full range of potential risks. This means more detailed situational awareness and more swift and efficient response efforts when disruptions occur.
Better risk management
Given the interdependencies and connectedness among critical infrastructures, a disruption of any one service could have a cascading effect across essential services or systems. A "risk management" approach to critical infrastructure refers to the continuous, proactive and systematic process to understand, manage and communicate risks, threats, vulnerabilities and interdependencies across the critical infrastructure community, including the owners and operators of critical infrastructure. Having a strong situational awareness of the risks and interdependencies that confront critical infrastructure is the first step towards a comprehensive risk management process. For example, during the 1998 Ice Storm, large segments of rural and urban communities were in the dark and without heat. Traffic and street lights were out. Banking and government services were interrupted. The disruption in one sector - electricity - affected a score of others, interrupting the delivery of important services upon which Canadians depend.