Abstract
Assessing risk in information and communication infrastructures is a challenging topic due to the complexity of critical infrastructures (CIs) and of the various dependencies between such infrastructures. This chapter discusses the basic concepts of risk assessment for CIs. Moreover, it describes a recently proposed methodology for criticality assessment. The main goal of this methodology is to assess the risk of an infrastructure (or a sector of critical infrastructures), taking into account the dependencies between CIs and/or sectors. The methodology is compatible with current information systems practices. The basic characteristic of the presented methodology is that it attempts to capture both organization-oriented and society-oriented consequences of possible security events, a feature which is not always embedded in mainstream information security risk assessment methodologies.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
