Accession Number:

ADA505059

Title:

Information Technology Sector Baseline Risk Assessment

Descriptive Note:

Corporate Author:

DEPARTMENT OF HOMELAND SECURITY WASHINGTON DC

Personal Author(s):

Report Date:

2009-08-01

Pagination or Media Count:

115.0

Abstract:

The Information Technology IT Sector provides both products and services that support the efficient operation of todays global information-based society. These products and services are integral to the operations and services provided by other critical infrastructure and key resource CIKR sectors. Threats to the IT Sector are complex and varied. In addition to the risks presented by natural hazards such as catastrophic weather or seismic eventsthe IT Sector also faces threats from criminals, hackers, terrorists, and nation-states, all of whom have demonstrated a varying degree of capabilities and intentions to attack critical IT Sector functions. Additionally, manmade threats to the IT Sector are also rapidly evolving from simple automated worms and viruses to complex social engineering attacks that exploit known and unknown vulnerabilities in products and services developed by the IT Sector. While existing security and response capabilities mitigate many of these threats, the IT Sector still faces Sector-wide risks to its ability to provide hardware, software, and services to other CIKR sectors. Due to the IT Sectors high degree of interdependency with other CIKR sectors and the continuously evolving threat landscape, assessing vulnerabilities and estimating consequence is difficult. Therefore, these issues must be dealt in a collaborative and flexible framework that enables the public and private sectors to enhance the resiliency and security of the critical IT Sector functions.

Subject Categories:

  • Information Science
  • Military Intelligence

Distribution Statement:

APPROVED FOR PUBLIC RELEASE