Download Locations:
Summary:
The nation's health, wealth, and security rely on the production and distribution of certain goods and services. The array of physical assets, functions, and systems across which these goods and services move are called critical infrastructures (e.g., electricity, the power plants that generate it, and the electric grid upon which it is distributed). The national security community has been concerned for sometime about the vulnerability of critical infrastructure to both physical and cyber attack. In May 1998, President Clinton released Presidential Decision Directive No. 63. The Directive set up groups within the federal government to develop and implement plans that would protect government-operated infrastructures and called for a dialogue between government and the private sector to develop a National Infrastructure Assurance Plan that would protect all of the nation's critical infrastructures by the year 2003. While the Directive called for both physical and cyber protection from both manmade and natural events, implementation focused on cyber protection against manmade cyber events (i.e., computer hackers). However, given the physical damage caused by the September 11 attacks, physical protections of critical infrastructures has received increased attention. Following the events of September 11, the Bush Administration released Executive Order 13228, signed October 8, 2001, establishing the Office of Homeland Security. Among its duties, the Office shall "coordinate efforts to protect the United States and its critical infrastructure from the consequences of terrorist attacks." In November 2002, Congress passed legislation creating a Department of Homeland Security. Among its responsibilities is overall coordination of critical infrastructure protection activities. In December 2003, the Bush Administration released Homeland Security Presidential Directive 7, reiterating and expanding upon infrastructure protection policy and responsibilities. In June 2006, the Bush Administration released a National Infrastructure Protection Plan. This Plan presents the process by which the Department of Homeland Security intends to identify those specific assets most critical to the United States, across all sectors, based on the risk associated with their loss to attack or natural disaster, and then to prioritize activities aimed at maximizing the reduction of those risks for a given investment. This report discusses in more detail the evolution of a national critical infrastructure policy and the institutional structures established to implement it. The report highlights five issues of Congressional concern: identifying critical assets; assessing vulnerabilities and risks; allocating resources; information sharing; and, regulation. This report will be updated.
XML
