Agreement on a Commission proposal for a Directive on the identification and designation of European Critical Infrastructure (ECI)

Rapid - Press Releases - EUROPA

Critical Infrastructure Protection

The Justice and Home Affairs Council 5-6 June has reached political agreement on a Commission proposal for a Directive on the identification and designation of European Critical Infrastructure (ECI) and the assessment of the need to improve their protection. The entry into force of the Directive is envisaged before the end of 2008.

"Critical infrastructure industries are becoming more and more interdependent as the economic, technological, and social processes of globalization intensify. Therefore, the damage or loss of a piece of infrastructure in one Member State may have negative effects on several others and on the European economy as a whole. Because of this trans-boundary dimension, an integrated EU-wide approach complements and provides added value to existing national programmes for critical infrastructure protection in place in the Member States." declared Vice-President Barrot, who added: "The Directive raises the level of security for all EU citizens, provides legal clarity to operators and increases competitiveness"

The Directive establishes the procedure for the identification and designation of European Critical Infrastructure (ECI) and a common approach to assessment of the need to improve the protection of such infrastructure in order to contribute to the protection of people.

ECI means critical infrastructure located in the EU Member States the disruption or destruction of which would have a significant impact on at least two Member States of the EU. The Directive concentrates on the energy and transport sector and will be reviewed after three years, to assess its impact and the need to include other sectors within its scope - inter alia the Information and Communication Technology (ICT) sector.

Each designated European Critical Infrastructure is to have an Operator Security Plan (OSP) covering inter alia identification of important assets, a risk analysis based on major threat scenarios and the vulnerability of each asset, and the identification, selection and prioritisation of counter-measures and procedures.

A Security Liaison officer will function as the point of contact for security issues between the European Critical Infrastructure owner/operator and the relevant Member State authority.

Every two years, each Member State will forward to the Commission information on threats and risks encountered in each European Critical Infrastructure sector. On the basis of those reports, the Commission and the Member States will examine whether further protection measures at the EU level should be considered.

Technorati Tags: epcip, eu, cip

Read more!

VirtualAgility OPS Center Contributes to IBM's Web Portal Success

Report: IBM Worldwide Market Share Leader in Web Portal Software

6,000 Organizations From Public, Private Sectors Rely on IBM Portal Software for Everything From Employee Communications to Web 2.0 Mashups to Saving Lives

Gartner, Inc. has ranked IBM as the worldwide market share leader in the enterprise portal software market based on total software revenue for 2007. The IBM press release describe how the portal software is used for everything from communications, education, health, emergency and municipal services,increasingly with Web 2.0 technologies such as mashups, composite applications and text tagging. The VirtualAgility installation in the Gauteng Provincial Disaster Management Center is one of the examples described in the report:

Additionally, organizations worldwide, like the Gauteng Disaster Management Center in South Africa, are using IBM portal technology behind the scenes to help them manage emergency services. A team in the Gauteng Province, which is made up of Johannesburg and several other cities and municipalities, uses IBM's portal-based disaster and emergency management solution known as Virtual Operation Center, to support its 10 million residents around the clock. "This IBM portal software is absolutely critical because our on-line center is used to protect and save lives," said Colin Deiner of the Gauteng Disaster Management Center.

Read more!

General Dennis Reimer joins VirtualAgility

General Dennis Reimer, Former Army Chief of Staff, Joins VirtualAgility as Advisor

Read more!

Process FMEA

Uncover gaps in your emergency planning before they become expensive. Testing your emergency management, business continuity and disaster recovery plans is mandatory to assure their success when activated. However, prior to investing in any exercise involving staff, resources and third parties, it is prudent to evaluate if all your procedures will work. Plansafe utilises the Failure Mode Effect Analysis (FMEA) method to reveals any flaws in your plans and assumptions while you still have time and resources.

FMEA is a risk assessment technique for systematically identifying potential failures in a system or a process. It saves time and money by uncovering gaps before you invest in a simulation.

Read more!

Commercial Training Programs for Emergency Management

Businesses who considering offering a commercially viable educational service or product must investigate if there is a business case. The first questions to be asked are; is there a need ? how can this need be addressed ?

Generally, in the commercial training sector there are 3 areas:
1. Standard courses for individual participants
2. Tailored solutions for organisations
3. Tools to deliver content or “off the shelf” products

The standard course is offered directly to individuals. The aim of a standard course is to regularly offer a specific training program that will be well visited. It is marked by two factors; demand and competitive advantage. The demand is most often determined by the value the participant will receive by completing the course. This is either a professional qualification that will enhance the chance of employment, or, continuing education that is necessary to uphold a vocational qualification. The competitive advantage is based on price, quality, length and recognised qualification.

The tailored solution evolves from a contract between two parties. This is often a one time contract to facilitate a specific training course for a participant group. There is one customer and contact is not between the provider and the individual participants but the provider and an organisation. Tailored solutions are therefore not targeted at participants and the provider will be judged not just on the ability to deliver quality of content, reputation and price, but also the ability to deliver the service, the method of delivery and reliability.

Education solutions or “tools” can range from printed material through multi-media to special equipment for hands on experience. The initial boom of Multi Media or “e-lerning” and its subsequent failure has shown that the market cannot be blended by technology and what is possible. Good content and sound methodical didactic is paramount.

In the field of disaster medicine the need for trained staff in a disaster is indisputable. The basic need is also adequately addressed through the NGO’s and public safety agencies. The requirement to provide basic disaster medicine training is an intimate part of many of these organisations mission and public commitment. Hence, for training courses such as “First Aid”, and “ERV” etc a business case does not exist. In fact there is no business case for any standard disaster medical course. Apart from individual subject interest there are no vocational positions in disaster medicine. The nearest area to disaster medicine where a sustainable market exists is emergency medicine. The courses being offered are based on “standards” i.e. Ambulance Techncian and Paramedic. These can be connected with employment opportunity as the “participance value”.

Within the NGO and public safety agency sector there is a need for tailored services and content delivery solutions within these. The challenges of today’s “threat landscape” are diverse and overwhelming. The expectations of the population are often unfair given the resources and financing available. Organisations and institutions involved in the protection of the population, and more specifically the management of mass casualties, have to assure that staff and volunteers learn and retain information and skills that are not in anyway “normal practice”. These skills are however absolutely critical in the unfortunate situation of for example, a transit bombing, biological or chemical attack, pandemic flu etc. A daunting task !

The market need in this sector is crystallising as the ability to deliver specialised and targeted content to facilitate educating large numbers of participants. This content should be codeveloped by experts and the contracting body to assure synchronization with organisational procedures and policies. The method of delivery must taking into account scarce physical resources and budget constraints yet providing accountability and high didactical value.

This means reviewing where is capital and time better spent. Does a participant have to be present in a classroom for 100% of the course? or is it economically and didactically better to break down content into that which can be the participants can learn individually at their own pace and that which must be demonstrated, instructed or simulated. Examples of such methods are mixtures between tailored solutions and the use of tools such as blended e Learning (MYFISTO) and table top exercises (Emergo Train) and high quality simulations (Steel Henge).

Read more!

The Emergency Management Architecture

Your emergency management profile at a glance. There are many factors that affect your organisation’s ability to react adequately to an emergency. These include:
• risk profiles
• external laws & regulations
• internal policies & procedures
• stake-holder & response agency interactions

Plansafe’s Emergency Management Architecture consolidates and orders this information into a logical visual planning and reporting tool. The architecture has three tiers which consecutively address the design and life cycle of an emergency management program.

The foundation tier encompasses a set of core principles and key issues that are relevant to managing any emergency situation (Generic Emergency Management)

The second tier, is an emergency management framework that interlocks specific organisational requirements and parameters with those of the surrounding environment in order to represent a model of what should happen in an emergency and why this should happen. (Localisation)

The third tier comprises scenario specific modules that address known and recognised threat scenarios (avian influenza, earthquakes, explosions, critical infrastructure failures etc.) and how they should be managed (Foreseeable Emergencies)

The reasoning behind the development of this architecture, has been drawn from the results of empirical sociological research, good management practice and efficiency. More often than desired there is an element of repetitive spending when planning for emergencies. There are many components of emergency management that are generic, i.e. independent of the threat that is being planned for. The EMA counteracts this repetitive spending.

Read more!

A Global Challenge

Today's society is faced with increasingly diverse and costly natural and human-triggered threats. Many trends and dependencies are exacerbating the hazards and amplifying their impact and consequences.

The permanent concentration of populations into vulnerable regions such as flood catchment and coastal areas, temporary concentration in transit systems and at mass gatherings, combined with the general dependency on critical infrastructure to uphold socio-economic status, provide a new challenge to legislators, executives and the insurance industry.
In a world where a single plane can transport over 500 people, logistical services will deliver the next day and the disagreement of foreign policies will be indicated asymmetrically at a domestic level. International trade, transport and communication reduce our ability to contain disease and to remain unaffected by disasters or incidents occurring both at home and abroad.

Resilience refers to a series of adaptive strategies employed by public and private entities to enable them to face and survive disruptive challenges at every level, through anticipation, preparation, prevention and resolution. Resilience is a proactive endurance strategy.

The return on investment in resilience is not directly measurable and it therefore does not often merit enough attention or consideration. The expenditure and effort involved in addressing the perceived Y2K problem was viewed as a waste by many in the pre and especially post period. As a result investment in counteracting specific hazards had been regarded as futile in the face of a multitude of diverse and unpredictable situations. However, the continuity demonstrated after events subsequent to Y2K such as 9/11, the NY power cut, the Madrid and London bombings, and Indian ocean tsunami showed that this was not the case. A heightened awareness of vulnerability has been inadvertently achieved, a whole new industry created and most importantly, there has been investment in the protection of a critical infrastructure pertinent to a multitude of possible hazards.

Preparing for the Y2K problem has paid off. The realisation that diverse and, in many cases, unpredictable threats can affect us has led to renewed efforts to improve the resilience of cities and societies overall. It has become clear that it is not a specific threat per se that should become the focus of attention but the generic consequences to the infrastructures critical to the function of society and industry.

The insurance industry is being called on to help in disaster recovery and to guide preparedness in developed and developing nations alike. Both public and private sectors are addressing the topic in partnership. The Plansafe GmbH acts as a resilience facilitator assisting in the development and implementation of strategies for mitigating and preparing for diverse disasters before they happen and dealing with them when they occur.

Read more!