RealNews

U.S. Information Security Law, Part Four

Information Security and the Public Sector-An Introduction to the National Security Law of Information Security. This is the last article in a four-part series looking at U.S. information security laws and the way those laws affect the work of security professionals. This installment continues the discussion of information security in the public sector and provides an overview of national security law in the United States as it pertains to information security. It is easy to think of “national security” as meaning the security provided by military and intelligence gathering capabilities, and in certain specific legal contexts, that specific definition is both accurate and complete [1]. But as the threat of terrorism became clear, even before the attacks of September 11, 2001 national security came to mean, in additional to national defense, the protection of the public and private sector facilities essential to delivering the goods and services that maintain the quality of life in the United States, or as officially defined, the nation’s “critical infrastructure.” [2] Executive Order No. 13231 [3] , entitled, Critical Infrastructure Protection in the Information Age, issued by the President five weeks after the September 11, 2001 attacks, addressed itself to the information technology systems that form part of the nations’ critical infrastructure. The Executive Order noted that information technology had “changed the way business is transacted, government operates, and national defense is conducted. Those three functions now depend on an interdependent network of critical information infrastructures.” The order went on to authorize “continuous efforts to secure information systems for critical infrastructure.” As we begin the discussion of the law in this area, it is useful to understand that the information technology we are talking about operates in three general arenas: (1) the business environment, (2) the environment for the delivery of government services, and (3) national defense. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.