[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FYU] U.S.: National Plan for Information Systems Protection
- To: debate@fitug.de
- Subject: [FYU] U.S.: National Plan for Information Systems Protection
- From: "Axel H Horns" <horns@t-online.de>
- Date: Sat, 8 Jan 2000 18:27:06 +0200
- Comment: This message comes from the debate mailing list.
- Organization: PA Axel H Horns
- Reply-to: horns@t-online.de
- Sender: owner-debate@fitug.de
http://cryptome.org/cybersec-plan.htm
-------------------------------- CUT ------------------------------
8 January 2000. Thanks to Will Rodger.
Source: Digital file in .DOC format released by The White House,
January 7, 2000, 33 pages hardcopy.
This file is available Zipped: http://cryptome.org/cybersec-plan.zip
(32K)
See related White House press briefing: http://cryptome.org/cybersec-
wh.htm (38K)
NATIONAL PLAN FOR
INFORMATION SYSTEMS PROTECTION
EXECUTIVE SUMMARY
TABLE OF CONTENTS
Message from the President
Message from the National Coordinator
Introduction
Program 1: Identify Critical Infrastructure Assets and Shared
Interdependencies and Address Vulnerabilities 7 Program 2: Detect
Attacks and Unauthorized Intrusions 14 Program 3: Develop Robust
Intelligence and Law Enforcement Capabilities to Protect Critical
Information Systems, Consistent with Law 17 Program 4: Share Attack
Warnings and Information in a Timely Manner 18 Program 5: Create
Capabilities for Response, Reconstitution, and Recovery 23 Program 6:
Enhance Research and Development in Support of Programs 1-5 25
Program 7: Train and Employ Adequate Numbers of Information Security
Specialists 28 Program 8: Conduct Outreach to Make Americans Aware of
the Need for Improved Cyber-Security 30 Program 9: Adopt Legislation
and Appropriations in Support of Programs 1-8 31 Program 10: In Every
Step and Component of the Plan, Ensure the Full Protection of
American Citizens' Civil Liberties, Their Rights to Privacy, and
Their Rights to the Protection of Proprietary Data 32
President's Message
THE WHITE HOUSE
WASHINGTON
In less than one generation, the information revolution and the
introduction of the computer into virtually every dimension of
our society has changed how our economy works, how we provide
for our national security, and how we structure our everyday
lives. Whether we are simply turning on the lights in our
homes, boarding a plane, or summoning help when a loved one
falls ill, we are relying on one or more elaborate computer-
driven systems. Similarly, many of our most sophisticated
defense systems rely on commercial power, communications, and
transportation, which are also computer-controlled. In the
future, computer-related technologies will continue to open new
vistas of opportunity for the American people.
Yet this new age of promise carries within it peril. All
computer-driven systems are vulnerable to intrusion and
destruction. A concerted attack on the computers of any one of
our key economic sectors or governmental agencies could have
catastrophic affects.
We know that the threat is real. Where once our opponents
relied exclusively on bombs and bullets, hostile powers and
terrorists can now turn a laptop computer into a potent weapon
capable of doing enormous damage. If we are to continue to
enjoy the benefits of the Information Age, preserve our
security, and safeguard our economic well-being, we must protect
our critical computer-controlled systems from attack.
That is a major reason why, after reviewing the report of the
President's Commission on Critical Infrastructure Protection, I
issued Presidential Decision Directive 63 in May 1998. This
directive requires that the Executive Branch assess the cyber
vulnerabilities of the Nation's critical infrastructures --
information and communications, energy, banking and finance,
transportation, water supply, emergency services, and public
health, as well as those authorities responsible for the
continuity of federal, state, and local governments. The
directive places special emphasis on protection of the
government's own critical assets from cyber attack and the need
to remedy deficiencies in order to become a model of information
security. The directive also calls for the Federal Government
to produce a detailed Plan to protect and defend America against
cyber disruptions.
The National Plan for Information Systems Protection is the
first major element of a more comprehensive effort. The Plan
for cyber defense will evolve and be updated as we deepen our
knowledge of our vulnerabilities and the emerging threats. It
presents a comprehensive vision creating the necessary
safeguards to protect the critical sectors of our economy,
national security, public health, and safety.
For this Plan to succeed, government and the private sector must
work together in a partnership unlike any we have seen before.
This effort will only succeed if our Nation as a whole rises to
this challenge. Therefore, I have asked the members of my
Cabinet to work closely with representatives of the private
sector industries and public services that operate our critical
infrastructures. We cannot mandate our goals through Government
regulation. Each sector must decide for itself what practices,
procedures, and standards are necessary for it to protect its
key systems. As part of this partnership, the Federal
Government stands ready to help.
The Federal Government does, however, have an important role to
play itself. This includes research and development efforts in
the field of computer security, educating a corps of young
computer scientists to help defend our federal cyber systems,
and assisting the private sector as it creates defensive
measures for its information technoloqies.
As we move forward in this effort, all Americans should know
that increasing our computer defenses cannot and will not come
at the expense of our civil liberties. We must never undermine
the very freedoms we are seeking to protect.
The milestones I have established in the Plan are ambitious.
Achieving them will require the continuing commitment of our
national leadership, intense public-private cooperation, and the
legislation and appropriations necessary to bring them to
realization. However, it is an essential undertaking that we
must begin now, so that we can continue to enjoy the
extraordinary opportunities of the Information Age and create
the security we require for our prosperity and growth in the
next century.
[Signature Bill Clinton]
[...]
-------------------------------- CUT ------------------------------