Accession Number:



Homeland Security -- Reducing the Vulnerability of Public and Private Information Infrastructures to Terrorism: An Overview

Descriptive Note:

Congressional rept.

Corporate Author:


Personal Author(s):

Report Date:


Pagination or Media Count:



This report assesses the impact of the September 11, 2001 attacks on public and private information infrastructures in the context of critical infrastructure protection, continuity of operations COOP planning, and homeland security. Analysis of the effects of the terrorist attacks suggests various lessons learned. These lessons support three general principles. The first principle emphasizes the establishment and practice of comprehensive continuity and recovery plans. One lesson learned in this area is to augment disaster recovery plans. Businesses and agencies, who now must consider the possibility of complete destruction and loss of a building, may need to augment their disaster recovery plans to include the movement of people, the rapid acquisition of equipment and furniture, network connectivity, adequate workspace, and more. A corollary to this lesson learned is the need to assure that recovery procedures are well-documented and safeguarded so that they can be fully utilized when necessary. A second lesson is the need to back up data and applications. Without a comprehensive backup system that captures more than just an organizations data files, a significant amount of time can be lost trying to recreate applications, organize data, and reestablish user access. A corollary to this lesson learned is the need to fully and regularly test backup sites and media to ensure their reliability and functionality. The second principle focuses on the decentralization of operations and the effectiveness of distributed communications. Industry experts suggest recovery sites be located at least 20-50 miles away from the primary work site. Another lesson in this area is to ensure the ability to communicate with internal and external constituencies. The third principle involves the institutionalization of system redundancies to eliminate single points of weakness. The lesson of employing redundant service providers is applied primarily to telecommunications services.

Subject Categories:

  • Computer Systems
  • Civil Defense
  • Unconventional Warfare
  • Radio Communications
  • Non-Radio Communications

Distribution Statement: