Critical Infrastructures: Background, Policy, and Implementation [Updated July 18, 2002] [open pdf - 142KB]
"The nations health, wealth, and security rely on the production and distribution of certain goods and services. The array of physical assets, processes and organizations across which these goods and services move are called critical infrastructures (e.g. electricity, the power plants that generate it, and the electric grid upon which it is distributed). Computers and communications, themselves critical infrastructures, are increasingly tying these infrastructures together. There has been growing concern that this reliance on computers and computer networks raises the vulnerability of the nations critical infrastructures to 'cyber' attacks. In May 1998, President Clinton released Presidential Decision Directive No. 63. The Directive set up groups within the federal government to develop and implement plans that would protect government-operated infrastructures and called for a dialogue between government and the private sector to develop a National Infrastructure Assurance Plan that would protect all of the nations critical infrastructures by the year 2003. While the Directive called for both physical and cyber protection from both man-made and natural events, implementation focused on cyber protection against man-made cyber events (i.e. computer hackers). Those advocating the need for greater cyber security felt that this was a new vulnerability not fully appreciated by system owners and operators in either the private or public sectors. However, given the impact of the September 11 attacks on the communications, finance, and transportation infrastructures, physical protections of critical infrastructures is receiving greater attention."
CRS Report for Congress, RL30153
Open CRS: http://www.opencrs.com/