Critical Infrastructure Vulnerabilities: Embracing a Network Mindset

Abstract

Critical Infrastructure has become fundamental to the functioning of our society. With the increasing interdependencies within critical infrastructure, the failure or damage of electric power grid, transportation networks, telecommunications, healthcare and water-supply systems would not only cause huge social disruption but also have significant national security implications that can cascade across borders. Developing effective protection, mitigation and recovery measures for critical infrastructures is paramount in the wake of increasing natural and human-initiated hazards, risks and threats. In the past decade, unprecedented technological advancements, rapid institutional changes and trans-boundary dependencies have changed the landscape of infrastructure systems. Critical infrastructure has now evolved into highly interconnected and interdependent networks of socio-technical systems in which different technological layers are interoperating crossing borders within the environmental, social and organizational context that drive their design, operations and development (Masys in Networks and network analysis for defence and security. Springer Publishing, 2014a, b). Understanding the nature of system interdependencies and emerging vulnerabilities can play an essential role in managing and/or reducing the probabilities and consequences of cascading failures in interdependent systems. In this light, the overall objective of this chapter is to address the knowledge gap existing in the dominant risk and disaster management theories by challenging and improving our networked mental model in order to better understand the interdependency-induced vulnerability pertaining to critical infrastructures thereby developing effective protection measures and enabling organizational resilience (Masys in Innovative thinking in risk, crisis and disaster management. Gower Publishing, UK, 2012a, Int J Disaster Prev Manage 21(3):320–335, 2012b). For policy makers, infrastructure owners/operators and researchers as target audience, this chapter will identify emerging challenges to the traditional security thinking in this field and suggest alternative approaches to risk assessment, vulnerability analysis.