President's Commission on
Critical Infrastructure Protection
Electronic E-mail Bombs... Computer Hijacking... Logic Bombs... Data Service Attacks...
An unidentified person sending millions of e-mail messages causes unexplained outages in phone services and a shut-down in the 911 service of a major metropolitan city.... A computer hacker "hijacks" a password in the air traffic control system by waiting for someone manning a computer station to take a coffee break without exiting the program.... A program hidden within a computer and set to activate at some point in the future cleans out millions of bank accounts.... Could these possibilities and other forms of digitized assaults halt the operations of electric power grids, natural gas pipelines, air traffic control systems, railroad switching facilities or the stock exchange?
- The President's Commission on Critical Infrastructure Protection was the first national effort to address the vulnerabilities created in the new information age. The Commission, established in July, 1996, by Presidential Executive Order 13010, was tasked to formulate a comprehensive national strategy for protecting the infrastructures we all depend on from physical and "cyber" threats.
- Critical Infrastructures are systems whose incapacity or destruction would have a debilitating impact on the defense or economic security of the nation. They include telecommunications, electrical power systems, gas and oil, banking and finance, transportation, water supply systems, government services and emergency services.
- The Commission, chaired by aerospace industry leader
Robert "Tom" Marsh, included senior representatives from private industry, government and academia. An
Advisory Committee consisting of industry leaders provided counsel to the Commission and a
Steering Committee, made up of cabinet-level officials, reviewed the Commission's report before forwarding it to the President.
- What is the Threat? Anyone with the capability, technology, opportunity, and intent to do harm. Potential threats can be foreign or domestic, internal or external, state-sponsored or a single rogue element. Terrorists, insiders, disgruntled employees, and hackers are included in this profile.
- National Security is a Shared Responsibility. The fact that most of the nation's vital services are delivered by private companies creates a significant challenge in determining where the responsibility of protecting our critical infrastructures falls. This Commission addressed this challenge by bringing the private and public sectors together to assess infrastructure vulnerabilities and develop assurance strategies for the future. The Commission consulted with over 6,000 representatives from the private and public sectors including industry executives, security experts, government agencies and private citizens.
- PCCIP Sector Teams. The Commission was divided into five teams, representing the eight critical infrastructures. Each team evaluated the growing risk, threats, and vulnerabilities within its sector. The sector teams and their industries include:
- Information & Communications -
telecommunications, computers & software, Internet, satellites, fiber optics
- Physical Distribution -
railroads, air traffic, maritime, intermodal, pipelines
- Energy -
electrical power, natural gas, petroleum, production, distribution & storage
- Banking & Finance -
financial transactions, stock & bond markets, federal reserve
- Vital Human Services -
water, emergency services, government services
- The Commission submitted its report, Critical Foundations, to the White House in October, 1997.
For More Information...
For a more detailed description of the President's Commission on Critical Infrastructure Protection and its work, you may want to refer to the following documents:
Our short tour of the PCCIP Web site will give you a quick overview of what material we have available online. Alternately, you may want to go to our Main Menu and browse our online documents.