Framework for evaluating economic impact of IT based disasters on the interdependent sectors of the US economy

Abstract

The US economic system has become highly dependent on the Information Technology (IT) sector in the past several years and classified it as one of the critical infrastructures. The IT sector is a conglomerate of Internet services, Software industry, Computer design based infrastructures, and Information and data processing systems. Like every economic sector it is susceptible to natural and man-made disasters that cause disruptions to the production and delivery of services essential to other economic sectors, which are interdependent on each other within this economic system. This paper focuses on such perturbations caused by Denial-of-Service (DoS) attacks on Information Technology infrastructure, and their consequences propagated in the form of inoperability and amplified losses as a result of these economic sector interdependencies. It analyzes the effects of such a scenario on the recovery behavior and indirect economic losses to other sectors of the economy. The Dynamic Inoperability Input Output model (DIIM) is utilized to identify the highly affected economic sectors based on two parameters: 1) the overall daily average economic loss, and 2) the average inoperability within the sectors. A modification to the model is proposed to accommodate variable inoperability over multiple periods. The paper utilizes Bureau of Economic Analysis (BEA) statistics to simulate the effects of an IT disaster scenario using a DoS attack example. This research provides policymakers a framework for estimating the consequences to the US economy of disruptions to the IT sector through a decision tool they can use for strategic planning, resilience management, and risk mitigation strategies across the economic sectors dependent on Information technology.