[15 July 1996]
Executive Order 13010 of July 15, 1996
Critical Infrastructure Protection

"Certain national infrastructures are so vital that their incapacity or destruction would have a debilitating impact on the defense or economic security of the United States. These critical infrastructures include telecommunications, electrical power systems, gas and oil storage and transportation, banking and finance, transportation, water supply systems, emergency services (including medical, police, fire, and rescue), and continuity of government. Threats to these critical infrastructures fall into two categories: physical threats to tangible property (``physical threats''), and threats of electronic, radio-frequency, or computer-based attacks on the information or communications components that control critical infrastructures (``cyber threats''). Because many of these critical infrastructures are owned and operated by the private sector, it is essential that the government and private sector work together to develop a strategy for protecting them and assuring their continued operation." -- from the Order.

E.O. 13010 goes on to establish a Commission on Critical Infrastructure Protection, including both government and private sector representatives, that will establish its objectives within 30 days, will identify and consult with relevant parties concerned with "critical infrastructure assurance issues", and will:

The Commission is to be assisted by an Advisory Committee and will report to the President through a Principals Committee. A Steering Committee will approve the Commission's objectives and approve its reports. The Order charters the Commission for twelve months.

The Order also establishes an Infrastructure Protection Task Force (IPTF) within the Department of Justice, chaired by the FBI, to "increase coordination of existing infrastructure protection efforts in order to better address, and prevent, crises that would have a debilitating regional or national impact" while the commission conducts its analysis and before the administration can act on its recommendations. The IPTF is to include at least one full-time member each from the FBI, the Department of Defense, and the National Security Agency, and its function is to identify and coordinate existing expertise, inside and outside of the Federal Government to:

Cipher readers may recall a report in EI#14 that suggested that the Justice Department was pressing for a "Cyberspace Defense policy task force" that would recommend policy within 12 months and a cyberspace defense "entity". E.O. 13010 appears to cast its net wider, in that it addresses water and energy supply and distribution systems, transportation, emergency services, and continuity of government as well as telecommunications, banking, and finance. The IPTF established by the order could, perhaps, fill the role suggested in the earlier report.

The full text of E.O. 13010 is available from the U.S. Government Printing Office at http://www.gpo.gov/su_docs/aces/aces140.html; search for the string "Executive Order 13010".