Cyberspace is the nervous system or the control system of the United States’ critical infrastructure composed of public and private institutions in the sectors of agriculture, food, water, public health, emergency services, government, defense industrial base, information and telecommunications, energy, transportation, banking and finance, chemicals and hazardous materials, and postal and shipping. It is composed of hundreds of thousands of interconnected computers, servers, routers, switches, and fiber optic cables which allow the infrastructures to work. It is essential to the United States economy and national security that there is a healthy functioning cyberspace. This report is part of an overall effort to protect the United States with the purpose of engaging and empowering Americans to secure the portions of cyberspace that they own, operate, control, or with which they interact. The report outlines an initial framework for both organizing and prioritizing efforts, provides direction to the Federal Government departments and agencies, identifies steps that State and local governments, private companies and organizations, and individual citizens can take to improve cybersecurity, and it highlights the role of public-private engagement. It has three strategic objectives: (1) prevent cyber attacks against America’s critical infrastructure; (2) reduce national vulnerability to cyber attacks; and (3) minimize damage and recovery time from cyber attacks that do occur. Lastly, the report articulates five national priorities: (1) a national cyberspace security response system; (2) a national cyberspace security threat and vulnerability reduction program; (3) a national cyberspace security awareness and training program; (4) securing governments’ cyberspace; and (5) national security and international cyberspace security cooperation. This report is only a first step in a long-term effort to secure the Nation’s information infrastructures. Appendix