C y be R s pAC e
p o l I C y R e v I e w
Assuring a Trusted and Resilient Information
and Communications Infrastructure
Cyberspace touches practically everything and everyone. It provides a platform for innovation and
prosperity and the means to improve general welfare around the globe. But with the broad reach of
a loose and lightly regulated digital infrastructure, great risks threaten nations, private enterprises,
and individual rights. The government has a responsibility to address these strategic vulnerabilities
to ensure that the United States and its citizens, together with the larger community of nations, can
realize the full potential of the information technology revolution.
The architecture of the Nation’s digital infrastructure, based largely upon the Internet, is not secure or
resilient. Without major advances in the security of these systems or significant change in how they
are constructed or operated, it is doubtful that the United States can protect itself from the growing
threat of cybercrime and state-sponsored intrusions and operations. Our digital infrastructure has
already suffered intrusions that have allowed criminals to steal hundreds of millions of dollars and
nation-states and other entities to steal intellectual property and sensitive military information.
Other intrusions threaten to damage portions of our critical infrastructure. These and other risks
have the potential to undermine the Nation’s confidence in the information systems that underlie
our economic and national security interests.
The Federal government is not organized to address this growing problem effectively now or in the
future. Responsibilities for cybersecurity are distributed across a wide array of federal departments
and agencies, many with ov