[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYU] U.S.: National Plan for Information Systems Protection


-------------------------------- CUT ------------------------------

8 January 2000. Thanks to Will Rodger.
Source: Digital file in .DOC format released by The White House, 
January 7, 2000, 33 pages hardcopy. 

This file is available Zipped: http://cryptome.org/cybersec-plan.zip 

See related White House press briefing: http://cryptome.org/cybersec-
wh.htm (38K) 

                          NATIONAL PLAN FOR 

                         EXECUTIVE SUMMARY

                                    TABLE OF CONTENTS 

Message from the President  

Message from the National Coordinator  


Program 1: Identify Critical Infrastructure Assets and Shared 
Interdependencies and Address Vulnerabilities 7 Program 2: Detect 
Attacks and Unauthorized Intrusions 14 Program 3: Develop Robust 
Intelligence and Law Enforcement Capabilities to Protect Critical 
Information Systems, Consistent with Law 17 Program 4: Share Attack 
Warnings and Information in a Timely Manner 18 Program 5: Create 
Capabilities for Response, Reconstitution, and Recovery 23 Program 6: 
Enhance Research and Development in Support of Programs 1-5 25 
Program 7: Train and Employ Adequate Numbers of Information Security 
Specialists 28 Program 8: Conduct Outreach to Make Americans Aware of 
the Need for Improved Cyber-Security 30 Program 9: Adopt Legislation 
and Appropriations in Support of Programs 1-8 31 Program 10: In Every 
Step and Component of the Plan, Ensure the Full Protection of 
American Citizens' Civil Liberties, Their Rights to Privacy, and 
Their Rights to the Protection of Proprietary Data 32  

                                       President's Message

                                       THE WHITE HOUSE 


     In less than one generation, the information revolution and the 
     introduction of the computer into virtually every dimension of 
     our society has changed how our economy works, how we provide 
     for our national security, and how we structure our everyday 
     lives. Whether we are simply turning on the lights in our 
     homes, boarding a plane, or summoning help when a loved one 
     falls ill, we are relying on one or more elaborate computer-
     driven systems. Similarly, many of our most sophisticated 
     defense systems rely on commercial power, communications, and 
     transportation, which are also computer-controlled. In the 
     future, computer-related technologies will continue to open new 
     vistas of opportunity for the American people.

     Yet this new age of promise carries within it peril. All 
     computer-driven systems are vulnerable to intrusion and 
     destruction. A concerted attack on the computers of any one of 
     our key economic sectors or governmental agencies could have 
     catastrophic affects.

     We know that the threat is real. Where once our opponents 
     relied exclusively on bombs and bullets, hostile powers and 
     terrorists can now turn a laptop computer into a potent weapon 
     capable of doing enormous damage. If we are to continue to 
     enjoy the benefits of the Information Age, preserve our 
     security, and safeguard our economic well-being, we must protect 
     our critical computer-controlled systems from attack.

     That is a major reason why, after reviewing the report of the 
     President's Commission on Critical Infrastructure Protection, I 
     issued Presidential Decision Directive 63 in May 1998. This 
     directive requires that the Executive Branch assess the cyber 
     vulnerabilities of the Nation's critical infrastructures --
     information and communications, energy, banking and finance, 
     transportation, water supply, emergency services, and public 
     health, as well as those authorities responsible for the 
     continuity of federal, state, and local governments. The 
     directive places special emphasis on protection of the 
     government's own critical assets from cyber attack and the need 
     to remedy deficiencies in order to become a model of information 
     security. The directive also calls for the Federal Government 
     to produce a detailed Plan to protect and defend America against 
     cyber disruptions.

     The National Plan for Information Systems Protection is the
     first major element of a more comprehensive effort. The Plan
     for cyber defense will evolve and be updated as we deepen our
     knowledge of our vulnerabilities and the emerging threats. It
     presents a comprehensive vision creating the necessary
     safeguards to protect the critical sectors of our economy,
     national security, public health, and safety.

     For this Plan to succeed, government and the private sector must
     work together in a partnership unlike any we have seen before.
     This effort will only succeed if our Nation as a whole rises to
     this challenge. Therefore, I have asked the members of my
     Cabinet to work closely with representatives of the private
     sector industries and public services that operate our critical
     infrastructures. We cannot mandate our goals through Government
     regulation. Each sector must decide for itself what practices,
     procedures, and standards are necessary for it to protect its
     key systems. As part of this partnership, the Federal
     Government stands ready to help.

     The Federal Government does, however, have an important role to
     play itself. This includes research and development efforts in
     the field of computer security, educating a corps of young
     computer scientists to help defend our federal cyber systems,
     and assisting the private sector as it creates defensive
     measures for its information technoloqies.

     As we move forward in this effort, all Americans should know
     that increasing our computer defenses cannot and will not come
     at the expense of our civil liberties. We must never undermine
     the very freedoms we are seeking to protect.

     The milestones I have established in the Plan are ambitious.
     Achieving them will require the continuing commitment of our
     national leadership, intense public-private cooperation, and the
     legislation and appropriations necessary to bring them to
     realization. However, it is an essential undertaking that we
     must begin now, so that we can continue to enjoy the
     extraordinary opportunities of the Information Age and create
     the security we require for our prosperity and growth in the
     next century.

                           [Signature Bill Clinton]


-------------------------------- CUT ------------------------------