Input: National Infrastructure Protection Plan falls short

The federal government's final National Infrastructure Protection Plan fails to address matters of funding and concerns over protecting sensitive information, according to a new report today from Input Inc., a market research firm based in Reston, Va.

The final plan, released June 30, falls short because it does not clearly define a source of new funding for protecting the nation's critical infrastructure. The national plan does not designate funding, but rather envisions that existing federal agency funding would be used to carry out protective activities, according to Input.

Nor does the national plan offer adequate protections for sensitive information that businesses would be required to provide to the government under the plan, the report said. With recent data loss incidents at Veterans Affairs and other federal agencies, this will be a difficult request to fulfill, Input added.

"NIPP is a good first step toward the vitally important objective of protecting our nation's critical infrastructures," Bruce Brody, vice president, information security at Input, said in a news release. "Unfortunately, in its present form, NIPP does not go far enough."

The protection plan offers a framework for 17 economic sectors, including food, energy, water, banking and IT, to work with the federal government to strengthen protections against terrorism and develop resiliency to cope with disasters and attacks. Most of the sector assets are privately owned. Protection plans for each of the 17 sectors are being developed this summer by sector committees, and are due this fall.

Vendors that can offer technologies and services to provide infrastructure protection will experience opportunities related to the national infrastructure protection efforts, Input said.