Accession Number : ADA505059


Title :   Information Technology Sector Baseline Risk Assessment


Corporate Author : DEPARTMENT OF HOMELAND SECURITY WASHINGTON DC


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/a505059.pdf


Report Date : Aug 2009


Pagination or Media Count : 115


Abstract : The Information Technology (IT) Sector provides both products and services that support the efficient operation of today's global information-based society. These products and services are integral to the operations and services provided by other critical infrastructure and key resource (CIKR) sectors. Threats to the IT Sector are complex and varied. In addition to the risks presented by natural hazards? such as catastrophic weather or seismic events?the IT Sector also faces threats from criminals, hackers, terrorists, and nation-states, all of whom have demonstrated a varying degree of capabilities and intentions to attack critical IT Sector functions. Additionally, manmade threats to the IT Sector are also rapidly evolving from simple automated worms and viruses to complex social engineering attacks that exploit known and unknown vulnerabilities in products and services developed by the IT Sector. While existing security and response capabilities mitigate many of these threats, the IT Sector still faces Sector-wide risks to its ability to provide hardware, software, and services to other CIKR sectors. Due to the IT Sector's high degree of interdependency with other CIKR sectors and the continuously evolving threat landscape, assessing vulnerabilities and estimating consequence is difficult. Therefore, these issues must be dealt in a collaborative and flexible framework that enables the public and private sectors to enhance the resiliency and security of the critical IT Sector functions.


Descriptors :   *INFRASTRUCTURE , *SECURITY , *THREATS , *RISK MANAGEMENT , HAZARDS , EFFICIENCY , TERRAIN , RESPONSE , OPERATION , SEISMIC WAVES , RESOURCES , CATASTROPHIC CONDITIONS , VIRUSES , RESILIENCE , WEATHER , AUTOMATION , FUNCTIONS , COMPUTER PROGRAMS , TERRORISTS


Subject Categories : Information Science
      Military Intelligence


Distribution Statement : APPROVED FOR PUBLIC RELEASE