DHS approves IT sector protection plan

The IT sector plan provides an overview of existing risk management approaches and suggests a framework for threat and vulnerability analysis as well as consequence evaluation and mitigation to ensure that such functions can continue to be provided. It proposes to establish a Protective Program Working Group to determine needs and capabilities, identify protective actions and develop an implementation plan.Members of the IT industry community are being actively recruited to carry out initiatives in the plan, including situational awareness, incident response and information sharing. The industry representatives will continue to work with government representatives."Now that the government is officially releasing all the critical sectors' Sector Specific Plans, we look forward to extending this successful partnership approach to implementation of the Sector Specific Plan, exercise planning and conduct, and other important areas of planning and operational collaboration," said Guy Copeland, chair of the IT Sector Coordinating Council and vice president, Computer Sciences Corp.DHS officials said they would release the sector plans on a need-to-know basis to members of each sector. However, Tiffany Jones, a spokeswoman for the IT Sector Coordinating Council and the IT Information Sharing and Analysis Center, said the sector plan will be made available to the public online.The work on infrastructure protection is ongoing. "The formalization of the SSPs represents a significant milestone in implementation of effective risk reduction strategies," said a DHS news release. "As we continue down that path, DHS and its partners will use the systematic Sector Protection Plans framework as the basis for ongoing efforts. Sector-Specific Agencies will continue to engage with their Government Coordinating Councils and Sector Coordinating Councils to implement the Sector Specific Plans."