This paper is a survey of recent activities of the legislative and executive branches of the U.S. Government (and of some joint activities of government and industry) that involve the security of the evolving information infrastructure. Over the past few years, U.S. Government organizations have expanded their use of computer networks to conduct business, deliver services, and share information with industry, other government organizations, and the public. Both government policymakers and program administrators have shown increasing concern about the need for safeguarding the security and privacy of information and about the obstacles that stand in the way of achieving the needed protection. The U.S. Congress has discussed many legislative proposals, including expanded definitions of computer crime, security on the Internet, and export controls on cryptography. The Clinton Administration came into office in 1993 with information technology as one of its principal areas of focus. The Administration also stepped up its information security activities, particularly in support of interagency cooperative efforts for electronic commerce, electronic mail, incident response and information recovery. New avenues for government and industry cooperation were created to solicit industry views and to foster the development of common, interoperable security solutions can be used by both government and industry.. However, the Internet, which has become the de facto global infrastructure for information exchange, still lacks strong security-enabling mechanisms. While unique, application-oriented, and non-interoperable solutions are being developed for the Internet, the goal of universal security and interoperability has yet to be achieved.