• developing watch and warning capabilities for threats to the nation's critical infrastructures, with real-time alert capabilities for both the public and the private sectors;

• coordinating and developing a trusted communications network for the exchange of threat and warning data with government and the private sector; and

• operating the NIPC program at full speed by October 1998 (Michael Vattis will be the director).

Mr. Minehart' s presentation focused on the issue of infrastructure protection in the future. He began by crediting the PCCIP with defining the issue of infrastructure protection and information warfare, which would have been very difficult to do just three years ago. Mr. Minehart said that he would present some findings to support an argument for using underground facilities (UGFs) for the protection of critical infrastructures.

Mr. Minehart has helped the Army War College develop advanced courses on information warfare. In February 1998 infrastructure owners participated in a war gaming exercise that showed that the infrastructures the government must protect are owned primarily by commercial entities (63 percent of the participants were infrastructure owners). Owners and operators at this exercise were adamant that the responsibility to protect the infrastructures was theirs. Except for government regulations that are already in place and that must be enforced in the areas of detection and the disclosure of attacks, private owners had a knee-jerk response against the imposition of more regulations or being told how to conduct their business. They stressed that industry is completely focused on meeting customers' needs and that government regulations would inhibit their ability to be responsive to their customers.

Mr. Minehart cited an example of the variety of threats facing infrastructure owners. In March 1998 two teenagers in California broke into government and DoD databases. About two weeks later, it was learned that they had received help from a mentor in Israel known as ''The Analyzer,'' whom they had met via the Internet. Many computer hackers have outsiders helping them and the identities and affiliations of these mentors cannot always be determined. The threat posed by mentoring networks and their supporters is an issue that requires evaluation.

As systems become more secure against outside threats, adversaries will look for other ways to break in. If a network is difficult to hack into from the outside, whether because of a fire wall or isolation, an easy way to gain access to the system is to recruit someone on the inside. Training workers to be aware of this possibility can be difficult. Individual infrastructure owners do not have the money, time, or resources to monitor such threats, from a foreign

Front Matter (R1-R6)

Introduction (1-4)

Welcoming Address (5-6)

Findings of the President (7-11)

Key Issues in Going Underground (12-12)

Infrastructure Protection in the United States: A Norwegian Perspective (13-14)

Panel Discussions, Panel 1: Infrastructure Protection Issues (15-23)

Panel 2: Needs and Requirements of the Infrastructure Community (24-29)

Panel 3: Experience with Underground Facilities: Capabilities, Limitations, and Applications (30-37)

Panel 4: Factors Influencing the Decision-Making Process (38-44)

Breakout Sessions (45-47)

Closing Remarks (48-49)

Appendix A: Speaker Biographies (50-58)

Appendix B: Workshop Agenda (59-61)

Appendix C: Workshop Participants (62-63)