National Critical Infrastructure Policy: Background & Select Cybersecurity Issues

The nation’s health, wealth, and security rely on the production and distribution of certain goods and services. The array of physical assets, functions, and systems across which these goods and services move are called critical infrastructures. The national security community has been concerned for some time about the vulnerability of critical infrastructure to both physical and cyberattack. Following the destruction and disruptions caused by the September 11 terrorist attacks in 2001, the nation directed increased attention toward physical protection of critical infrastructures. Over the intervening years, policy, programs, and legislation related to physical security of critical infrastructure have stabilized to a large extent. However, current legislative activity has refocused on cybersecurity of critical infrastructure. This book discusses in more detail the evolution of a national critical infrastructure policy and the institutional structures established to implement it; highlights two primary issues confronting Congress going forward, both in the context of cybersecurity: information sharing and regulation; provides an overview of the 2013 cybersecurity executive order; and examines the extent to which the Department of Homeland Security (DHS) and other stakeholders are prepared to address cyber risk to building and access control systems in federal facilities.