Today is the 25th anniversary of the modern era of cybersecurity policy as we know it. On May 22, 1998, President Clinton released Presidential Decision Directive 63, which set in place some important priorities we’re still chasing today.
In my opinion, it is the foundation of critical infrastructure protection, a government commitment to reduce vulnerabilities, and the beginning of “information sharing” as a national policy. It also features the beginnings of the “public-private partnership” and ISACs.
With the passage of time, those priorities seem both prescient and present.
Of course, we now have 16 critical infrastructures rather than the initial 6, and we have technologies that seemed impossible when many of us were still using dial-up and hoping for broadband. But it’s good to go back and read PDD 63 again and think about (1) how much has been accomplished so far – there’s a lot; (2) how difficult these challenges are, as they are so familiar 25 years later; and (3) how we need to continue to look back at “recent” history to remind ourselves how to create the future of cybersecurity that we want.
So Happy Birthday, PDD 63 and cyber policy. That document helped launch a global wave of cyber policy that we’re still living in today, and that’s quite a milestone.
#cybersecurity #informationsharing #criticalinfrastructure #publicprivatepartnership
