|“||The newest innovations, which we label information technologies, have begun to alter the manner in which we do business and create value, often in ways not readily foreseeable even five years ago.||”|
- -- Alan Greenspan Chairman, Federal Reserve Board May 6, 1999, quoted in
- The Emerging Digital Economy II, at 1.
Information technology is:
|“||any system or subsystem of hardware and/or software whose purpose is acquiring, processing, storing or communicating information or data.||”|
|“||[t]he art and applied sciences that deal with data and information. Examples are capture, representation, processing, security, transfer, interchange, presentation, management, organization, storage, and retrieval of data and information.||”|
|“||[a]ny equipment, or interconnected system(s) or subsystem(s) of equipment that is used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information by the agency. For purposes of the preceding sentence, equipment is used by an executive agency if the equipment is used by the executive agency directly or is used by a contractor under a contract with the executive agency which: (i) requires the use of such equipment; or (ii) requires the use, to a significant extent, of such equipment in the performance of a service or the furnishing of a product. The term information technology includes computers, ancillary equipment, software, firmware, and similar procedures, services (including support services), and related resources.||”|
|“||[a]ny equipment or interconnected system or subsystem of equipment, that is used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information. The term information technology includes computers, ancillary equipment, software, firmware and similar procedures, services (including support services), and related resources.||”|
|“|| (A) with respect to an executive agency means any equipment or interconnected system or subsystem of equipment, used in the automatic acquisition, storage, analysis, evaluation, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information by the executive agency, if the equipment is used by the executive agency directly or is used by a contractor under a contract with the executive agency that requires the use — (i) of that equipment; or (ii) of that equipment to a significant extent in the performance of a service or the furnishing of a product;
(B) includes computers, ancillary equipment (including imaging peripherals, input, output, and storage devices necessary for security and surveillance), peripheral equipment designed to be controlled by the central processing unit of a computer, software, firmware and similar procedures, services (including support services), and related resources; but
(C) does not include any equipment acquired by a federal contractor incidental to a federal contract.
Information technology (IT) is widely recognized as the engine that drives the U.S. economy, giving industry a competitive advantage in global markets, enabling the federal government to provide better services to its citizens, and facilitating greater productivity as a nation. IT is revolutionizing society as profoundly as mechanical technology did in creating the industrial revolution. As a result, we are increasingly dependent for society’s everyday functioning on electronic ways to gather, store, manipulate, retrieve, transmit, and use information.
Security issues Edit
This increasing dependence on information technology is creating a need to improve the confidentiality and integrity of electronic information, i.e., its security, so that computer and communications systems are less vulnerable to intentional and accidental error or misuse. As the critical infrastructures of the United States have become more and more dependent on public and private networks, the potential for widespread national impact resulting from the disruption or failure of these networks has also increased.
|“||An attack involving IT can take different forms. The IT itself can be the target. Or, a terrorist can either launch or exacerbate an attack by exploiting the IT infrastructure, or use IT to interfere with attempts to achieve a timely response. Thus, IT is both a target and a weapon. Likewise, IT also has a major role in counterterrorism — it can prevent, detect, and mitigate terrorist attacks.||”|
"When an element of the IT infrastructure is directly targeted, the goal is to destroy a sufficient amount of IT-based capability to have a significant impact, and the longer that impact persists, the more successful it is from the terrorist's point of view. . . . Irrecoverable loss of critical operating data and essential records on a large scale would likely result in catastrophic and irreversible damage to the U.S. economy. However, most major businesses already have disaster-recovery plans in place that include the backup of their data in a variety of distributed and well-protected locations (and in many cases, they augment backups of data with backup computing and communications facilities)."
Securing the national critical infrastructures requires protecting not only their physical systems but, just as important, the cyber portions of the systems on which they rely. The most significant cyberthreats to the nation are fundamentally different from those posed by the “script kiddies” or virus writers who traditionally have plagued Internet users.
Today, the Internet has a significant role in enabling the communications, monitoring, operations, and business systems underlying many of the nation's critical infrastructures. Cyberattacks are increasing in frequency and impact. Adversaries seeking to disrupt the nation's critical infrastructures are driven by different motives and view cyberspace as a possible means to have much greater impact, such as causing harm to people or widespread economic damage.
|“||Information technology is the sine qua non of both globalization and power — the locomotive on each track. It is integrating the world economy and spreading freedom, while at the same time becoming increasingly crucial to military and other forms of national power. Information technology thus accounts both for power and the process that softens and smooths power.||”|
Although to date no cyberattack has had a significant impact on our nation's critical infrastructures, previous attacks have demonstrated that extensive vulnerabilities exist in information systems and networks, with the potential for serious damage. The effects of a successful attack might include serious economic consequences through impacts on major economic and industrial sectors, threats to infrastructure elements such as electric power, and disruptions that impede the response and communication capabilities of first responders in crisis situations.
|“|| [T]he ways in which IT can be damaged fall into three categories. A system or network can become:
- ↑ Final Report of the Defense Science Board Task Force on Department of Defense Policies and Procedures for the Acquisition of Information Technology, at 25.
- ↑ American National Standard Dictionary of Information Technology (ANSDIT).
- ↑ Executive Office of the President, Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance, at 173 (Ver. 1.0) (Nov. 10, 2009) (full-text).
- ↑ 36 C.F.R. §1194.4.
- ↑ 40 U.S.C. §1401(3); id. §11101(6).
- ↑ Information Technology for Counterterrorism: Immediate Actions and Future Possibilities, at 2.
- ↑ Id. at 16.
- ↑ David C. Gompert, "Right Makes Might: Freedom and Power in the Information Age" 5 (National Defense Univ. 1998).
- ↑ Information Technology for Counterterrorism: Immediate Actions and Future Possibilities, at 13.
See also Edit
- Electronic and information technology
- Geospatial information technology
- Health information technology
- Information and communication technologies
- Information Technologies for the Control of Money Laundering
- Information Technology Agreement
- Information Technology and Administrative Section
- Information Technology and Innovation Foundation
- Information technology architecture
- Information Technology Association of America
- Information Technology Crime Investigation Manual
- Information Technology for the 21st Century
- Information Technology Industry Council
- Information technology infrastructure
- Information Technology Information Sharing and Analysis Center
- Information Technology Investment Management
- Information Technology Laboratory
- Information technology law
- Information Technology Management Reform Act of 1996
- Information Technology Resources Board
- Information technology sector
- Information Technology Sector Baseline Risk Assessment
- Information Technology Sector Coordinating Council
- Information technology security
- Information technology system
- Information Technology: Critical Factors Underlying Successful Major Acquisitions
- Information Technology: Investment Oversight and Management Have Improved but Continued Attention Is Needed
- Information Technology: Leading Commercial Practices for Outsourcing of Services
- Information Technology: OMB Needs to Improve Its Guidance on IT Investments
- IT-enabled services
- IT-related risk