Risk analysis for critical infrastructure protection

Abstract

Until recently, infrastructure owners and operators only had to worry about local acts of nature and the occasional vandal to maintain their services to a prescribed standard. All that changed with the 1995 Tokyo Subway Attacks and 9/11 which ushered in the unprecedented threat of domestic catastrophic destruction by non-state actors. Now infrastructure owners and operators find themselves under almost constant global cyber attack, the consequences of which could be catastrophic. Critical infrastructure protection has been a core mission of the Department of Homeland Security since its foundation in 2002. This chapter examines the work of the Department to protect the nation’s critical infrastructure, and efforts to develop a uniform risk analysis to guide its strategic planning and facilitate cost-benefit-analysis of mitigation measures on the part of infrastructure owners and operators.