"The nation's health, wealth, and security rely on the production and distribution of certain goods and services. The array of physical assets, functions, and systems across which these goods and services move are called critical infrastructures (e.g., electricity, the power plants that generate it, and the electric grid upon which it is distributed). The national security community has been concerned for some time about the vulnerability of critical infrastructure to both physical and cyber attack. In May 1998, President Clinton released Presidential Decision Directive No. 63. The Directive set up groups within the federal government to develop and implement plans that would protect government-operated infrastructures and called for a dialogue between government and the private sector to develop a National Infrastructure Assurance Plan that would protect all of the nation's critical infrastructures by the year 2003. While the Directive called for both physical and cyber protection from both man-made and natural events, implementation focused on cyber protection against man-made cyber events (i.e., computer hackers). However, given the physical damage caused by the September 11 attacks, physical protection of critical infrastructures has received increased attention. […] In June 2006, the Bush Administration released a National Infrastructure Protection Plan. This Plan presents the process by which the Department of Homeland Security intends to identify those specific assets most critical to the United States, across all sectors, based on the risk associated with their loss to attack or natural disaster, and then to prioritize activities aimed at maximizing the reduction of those risks for a given investment. This report discusses in more detail the evolution of a national critical infrastructure policy and the institutional structures established to implement it. The report highlights five issues of Congressional concern: identifying critical assets; assessing vulnerabilities and risks; allocating resources; information sharing; and regulation."
CRS Report for Congress, RL30153