Critical Infrastructure

Protecting America’s Critical Cyber Infrastructure

At a Glance:

  • Industry owns and operates most of the critical cyber infrastructure, and therefore has a central role to play in securing it.
  • That is why its partnership with government is essential to the protection of the critical cyber infrastructure.
  • The partnership needs to be strengthened, by: bringing greater accountability through clearer definitions of roles and responsibilities; involving industry earlier in the development of critical cyber infrastructure protection policy; increasing the sharing of information by government with industry.


Issue

President Obama has declared that our cyber infrastructure — the hardware, software, and services that underpin the Internet, telecom networks and computer systems — are a “strategic national asset.
Remarks by the President on Securing Our Nation's Cyber Infrastructure

Most of this infrastructure is owned and operated by the information technology (IT) industry, which also provides or services most of the government’s IT resources. Recognizing this situation, industry has devoted important resources to partnering with the government to develop and implement cyber infrastructure protection policy.

BSA Position

Protecting America’s critical cyber infrastructure is a shared responsibility of government and industry. Rather than reinventing the structures of the partnership, BSA believes that this partnership needs to be strengthened on the basis of the existing structures:

  • First, by clearly defining the nature of the partnership, its objectives and the roles and responsibilities of each partner. This will ensure that both partners are accountable. BSA was pleased that the final White House report referenced BSA’s recommendation on this point (see pp. iv and 18 of the White House Review.)
  • Second, because most of the cyber infrastructure is owned and operated by industry, setting infrastructure protection policy needs to be done more transparently, through dialogue between the partners. It has been our experience that involving industry in the decision-making process leads to stronger and more effective policies.
  • Third, the partnership needs improved, trusted relationships at the operational level, both in the sharing of threat information between the government and industry, as well as in the preparation for and response tocyber incidents. Again, this was one of BSA’s recommendations to the White House Cyberspace Policy Review.

Action needed

The IT industry is committed to working with the U.S. government to strengthen the partnership on the basis of clear roles and objectives for each partner and on greater transparency and trust.

For More Information