The National Academies Press

Currently Skimming:

Executive Summary
Pages 1-7

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 1... ... September 11 significantly increased the nation's awareness of the interdependencies of critical infrastructures, and it heightened the government's sense of urgency regarding the need for increased private sector and public sector information sharing with respect to cyber and physical threats. The Committee on Critical Information Infrastructure Protection and the Law held a symposium October 22-23, 2001, to outline issues related to the protection of the critical information infrastructure. Read the entire page →
From page 2... ... Freedom of Information Act Many private sector companies believe that proprietary CIIP-related information shared with federal government entities may be disclosed to third parties under the Freedom of Information Act (FOIA) Read the entire page →
From page 3... ... Like FOIA, the existing antitrust law does not prevent the private sector from sharing critical infrastructure information. However, because official reviews of proposed information sharing activities require time and money to obtain, the use of such reviews may be a barrier to the types of ad hoc information sharing that are most likely to uncover well-planned attacks on the infrastructure. Read the entire page →
From page 4... ... If tort liability were more directly applicable in computer security cases, implementing security standards would be a way for a company to minimize its liability. Adopting a nationally recognized computer security standard of care is not, however, a simple process, owing to the evolving nature of security vulnerabilities and the diverse players that have an Internet presence. Read the entire page →
From page 5... ... The heightened interest in private sector Information Sharing and Analysis Centers (ISACs) in the last few years is a sign of movement toward self-regulation. Read the entire page →
From page 6... ... Externalities are common in computer network security; the incentive that one network owner has to invest in security measures is reduced if the owner believes that other connected networks are insecure. Insurance can play a role in motivating the private sector by transferring the risk of computer security losses from a company to the insurance carrier. Read the entire page →
From page 7... ... to encourage information sharing in light of FOIA and antitrust concerns in the private sector. Consolidation of critical infrastructure protection functions in the new Department of Homeland Security will create a focal point; the tasks of clarifying the policies and communicating with the public remain. Read the entire page →

From page 1...

... September 11 significantly increased the nation's awareness of the interdependencies of critical infrastructures, and it heightened the government's sense of urgency regarding the need for increased private sector and public sector information sharing with respect to cyber and physical threats. The Committee on Critical Information Infrastructure Protection and the Law held a symposium October 22-23, 2001, to outline issues related to the protection of the critical information infrastructure.

Read the entire page →

From page 2...

... Freedom of Information Act Many private sector companies believe that proprietary CIIP-related information shared with federal government entities may be disclosed to third parties under the Freedom of Information Act (FOIA)

Read the entire page →

From page 3...

... Like FOIA, the existing antitrust law does not prevent the private sector from sharing critical infrastructure information. However, because official reviews of proposed information sharing activities require time and money to obtain, the use of such reviews may be a barrier to the types of ad hoc information sharing that are most likely to uncover well-planned attacks on the infrastructure.

Read the entire page →

From page 4...

... If tort liability were more directly applicable in computer security cases, implementing security standards would be a way for a company to minimize its liability. Adopting a nationally recognized computer security standard of care is not, however, a simple process, owing to the evolving nature of security vulnerabilities and the diverse players that have an Internet presence.

Read the entire page →

From page 5...

... The heightened interest in private sector Information Sharing and Analysis Centers (ISACs) in the last few years is a sign of movement toward self-regulation.

Read the entire page →

From page 6...

... Externalities are common in computer network security; the incentive that one network owner has to invest in security measures is reduced if the owner believes that other connected networks are insecure. Insurance can play a role in motivating the private sector by transferring the risk of computer security losses from a company to the insurance carrier.

Read the entire page →

From page 7...

... to encourage information sharing in light of FOIA and antitrust concerns in the private sector. Consolidation of critical infrastructure protection functions in the new Department of Homeland Security will create a focal point; the tasks of clarifying the policies and communicating with the public remain.

Read the entire page →

Next Chapter Skim →

This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More information on Chapter Skim is available.

Executive Summary Pages 1-7

Executive Summary
Pages 1-7