In this session-long project, the topic of interest is the critical infrastructure protection (CIP) of information and communication in the United States. Specifically, the report will assess and analyze the overall development of the US’s critical information infrastructure protection (CIIP). Internet technologies during its existence have created both a host of new opportunities for economic development and many dangers for the world community. Challenges and threats emanating from the information space were included in the priority areas of work of the leading states of the world in the early 2000s. The United States was one of the first to work out the legislative framework for cyber policy, which was aimed primarily at ensuring the country’s security after the terrorist attacks of 2001. Over time, more than a dozen legislative acts were adopted, many committees and agencies responsible for ensuring the country’s information security were created.
The report will examine the evolution of US doctrinal approaches to ensuring information security during the ten years of the presidency of three presidents: George W. Bush, B. Obama, and D. Trump. It will be traced how the priorities of American politics in this area have changed over time, as well as the development of US relations with other leading players in the cybersphere. Particular attention should be paid to Washington’s policy aimed at ensuring the security of critical information infrastructure (CII) (Viira, 2018). Despite the adoption of several regulatory acts, the level of safety of CII facilities remains quite low. In general, an analysis of doctrinal documents will highlight several key features that characterize the development of US cyber security policy in recent years. In particular, the tendency toward unilateral actions related to exerting sanction pressure on certain countries and their companies is growing. At the same time, the issue of cybersecurity is often considered not as an independent area, but only as a tool to achieve other, broader foreign, and domestic political goals. In general, the US policy in the field of information security is more reactive in nature, which cannot but affect its effectiveness.
It is important to analyze the approaches stated in key American doctrinal documents to the issues of ensuring cybersecurity and the protection of CII objects. The implication is that it will find out whether it is possible to discuss the existence of a coherent line in US policy regarding the information space, as well as whether this policy is proactive or reactive. At this stage, the American establishment has a clear desire to pursue a strict policy regarding the information space, attempts not only to protect the state from any kind of interference using the CIP but also to explain its potential steps in advance.
In conclusion, the actions of the US leadership in practice are reduced to the development of new policy documents and the creation of specialized authorities. At the same time, despite the stated ambitious goals, it is difficult to talk about the effectiveness of the measures taken since the threats emanating from the information space are growing every year, and the level of security of CII objects remains low. Therefore, it is important to understand the course of action of the US in this regard and the nation’s approach to protect critical information infrastructure elements.
Reference
Viira, T. (2018). Lessons learned: Critical information infrastructure protection: How to protect critical information infrastructure. IT Governance Publishing.