Clinton crafts new line of defense against cyberattacks

President Clinton today unveiled a new national security program that would require federal agencies to inventory key information systems and work closely with the private sector to craft a plan for protecting against cyber- and physical threats to the nation's critical infrastructures.

Speaking today at the Naval Academy's commencement in Annapolis, Md., Clinton called on federal agencies and private companies that own and operate the nation's financial services, energy utilities, transportation concerns and other critical infrastructures to collaborate on their defenses against cyberattacks.

In a directive signed today, Clinton called for the creation by 2000 of an operational capability to protect the nation's critical infrastructures, especially the computer systems that support the infrastructures. The core of the program, according to a white paper that outlines the policy, is a public/private partnership to develop a National Infrastructure Assurance Plan.

"We will launch a comprehensive plan to detect, deter and defend against attacks on our critical infrastructures," Clinton told the graduating midshipmen. "Just 15 years ago, these infrastructures—- some within government, some in the private sector—- were separate and distinct. Now they are linked together over vast computer electronic networks, greatly increasing our productivity but also making us much more vulnerable to disruption."

Clinton said he plans to appoint a National Coordinator for Security, Infrastructure Protection and Counterterrorism to lead the government's efforts. Eight agencies have been assigned lead roles in working with the various private-sector owners and operators of the nation's critical infrastructures.

However, all federal agencies will be affected by the initiative. Every agency will be required to develop a plan within the next six months to protect its own critical infrastructure assets. While each agency's chief information officer will be responsible for information assurance, all agencies will be required to appoint a critical infrastructure assurance officer who will be responsible for all other aspects of that department's critical infrastructure.