Emergent Risks In Critical Infrastructures

  • Scott Dynes
Conference paper
Part of the The International Federation for Information Processing book series (IFIPAICT, volume 290)

Firms cannot function successfully without managing a host of internal and external organizational and process interdependencies. Part of this involves business continuity planning, which directly aects how resilient arm and its business sector are in the face of disruptions. This paper presents the results of eld studies related to information risk management practices in the health care and retail sectors. The studies explore information risk management coordinating signals within and across rms in these sectors as well as the potential eects of cyber disruptions on the rms as stand-alone entities and as part of a critical infrastructure. The health care case study investigates the impact of the Zotob worm on the ability to deliver medical care and treatment. The retail study examines the resilience of certain elements of the food supply chain to cyber disruptions.


Information security emergent risk health care grocery retail 


  1. 1.
    Center for Digital Strategies, Security through Information Risk Management: A Workshop for Information Security Executives, Tuck School of Business, Dartmouth College, Hanover, New Hampshire (mba.tuck.dart 2007.Google Scholar
  2. 2.
    M. Christopher and H. Peck, Building the resilient supply chain, International Journal of Logistics Management, vol. 15(2), pp. 1–14, 2004.CrossRefGoogle Scholar
  3. 3.
    S. Dynes, Information Security Investment Case Study: The Manufacturing Sector, Technical Report, Center for Digital Strategies, Tuck School of Business, Dartmouth College, Hanover, New Hampshire (mba.tuck.dartm, 2006.Google Scholar
  4. 4.
    S. Dynes, E. Andrijcic and M. Johnson, Costs to the U.S. economy of information infrastructure failures: Estimates from field studies and economic data, presented at the Workshop on the Economics of Information Security, 2006.Google Scholar
  5. 5.
    S. Dynes, E. Goetz and M. Freeman, Cyber security: Are economic incentives adequate? in Critical Infrastructure Protection., E. Goetz and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 15–27, 2007.CrossRefGoogle Scholar
  6. 6.
    J. Gubrium and J. Holstein, Handbook of Interview Research: Context and Method, Sage Publications, Thousand Oaks, California, 2001.CrossRefGoogle Scholar
  7. 7.
    A. Norrman and R. Lindroth, Categorization of supply chain risk management, in Supply Chain Risk, C. Brindley (Ed.), Ashgate, Aldershot, United Kingdom, pp. 14–27, 2004.Google Scholar
  8. 8.
    C. Watters, Analyzing corporate risks with RiskMAP, presented at the Second Annual I3P Process Control Systems Security Workshop, 2006.Google Scholar
  9. 9.
    Wikipedia, Zotob (computer worm) (, 2005.Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2008

Authors and Affiliations

  • Scott Dynes
    • 1
  1. 1.Tuck School of Business, Dartmouth CollegeHanoverUSA

Personalised recommendations