THE STATE AND THE THREAT OF CASCADING FAILURE ACROSS CRITICAL INFRASTRUCTURES: THE IMPLICATIONS OF EMPIRICAL EVIDENCE FROM MEDIA INCIDENT REPORTS

The threat of cascading failures across critical infrastructures has been identified as a key challenge for governments. Cascading failure is seen as potentially catastrophic, extremely difficult to predict and increasingly likely to happen. Infrastructures are largely privately operated and private actors are thought to under-invest in mitigating this threat. Consequently, experts have demanded a more dominant role for government, including the use of regulation. Empirical evidence on cascading failure is, however, extremely scarce. This paper analyses new data drawn from news reports on incidents. We find that, contrary to current thinking, cascades are not rare. Neither do they indicate a wide array of unknown dependencies across infrastructures. Rather, we find a small number of focused, unidirectional pathways around two infrastructures: energy and telecommunications. We also found that most cascades were stopped quickly, in contrast to the oft-cited ‘domino effect’. These findings undermine the case for more intrusive public oversight of critical infrastructures

[1]  J. P. Nordvik,et al.  A structured approach to identifying European critical infrastructures , 2010, Int. J. Crit. Infrastructures.

[2]  Yoshio Kajitani,et al.  Modelling the interdependencies of critical infrastructures during natural disasters: a case of supply, communication and transportation infrastructures , 2009, Int. J. Crit. Infrastructures.

[3]  Joost R. Santos,et al.  A Framework for Linking Cybersecurity Metrics to the Modeling of Macroeconomic Interdependencies , 2007, Risk analysis : an official publication of the Society for Risk Analysis.

[4]  Nils Kalstad Svendsen,et al.  Connectivity models of interdependency in mixed-type critical infrastructure networks , 2007, Inf. Secur. Tech. Rep..

[5]  M. V. Eeten,et al.  Systems that Should Have Failed: Critical Infrastructure Protection in an Institutionally Fragmented Environment , 2007 .

[6]  P. Lagadec,et al.  Disaster via Airmail: The Launching of a Global Reaction Capacity After the 2001 Anthrax Attacks , 2006, Innovations: Technology, Governance, Globalization.

[7]  Carlos E. Restrepo,et al.  The next step: quantifying infrastructure interdependencies to improve security , 2006, Int. J. Crit. Infrastructures.

[8]  S. Flynn Seeds of Disaster, Roots of Response: The Brittle Superpower , 2006 .

[9]  Philip E. Auerswald Seeds of Disaster, Roots of Response: Complexity and Interdependence: The Unmanaged Challenge , 2006 .

[10]  Brian Lopez Seeds of Disaster, Roots of Response: Critical Infrastructure Protection in the United States Since 1993 , 2006 .

[11]  Richard J. Zeckhauser,et al.  Seeds of Disaster, Roots of Response: Sharing the Watch: Public–Private Collaboration for Infrastructure Security , 2006 .

[12]  Howard Kunreuther,et al.  Seeds of Disaster, Roots of Response: Interdependent Security in Interconnected Networks , 2006 .

[13]  James Andrew Lewis Aux armes, citoyens: Cyber security and regulation in the United States , 2005 .

[14]  James H. Lambert,et al.  Inoperability Input-Output Model for Interdependent Infrastructure Sectors. I: Theory and Methodology , 2005 .

[15]  Y. Haimes,et al.  The Role of Risk Analysis in the Protection of Critical Infrastructures Against Terrorism , 2002, Risk analysis : an official publication of the Society for Risk Analysis.

[16]  James P. Peerenboom,et al.  Identifying, understanding, and analyzing critical infrastructure interdependencies , 2001 .

[17]  René Amalberti,et al.  The paradoxes of almost totally safe transportation systems , 2001 .

[18]  Charles Perrow,et al.  Organizing to Reduce the Vulnerabilities of Complexity , 1999 .

[19]  K. Roberts,et al.  Risk Mitigation in Large-Scale Systems: Lessons from High Reliability Organizations , 1997 .