Posted by antonaylward
Here http://thecipblog.com/?author=3 I found this quote:
“In order to be designated ‘critical information infrastructure’, how many deaths would the failure of a network have to cause?" asks Matthew Holt, the author of this blog article.
He raises a good point. He asks if “death of people” would be a legitimate category of criteria to use when determining the level of criticality of an ICT system". His answer is "yes", and the number is
"one". Well OK, death is death and irreversible, but there are many other failure modes that are not death and may be too much trouble to reverse. I suppose one example of a "worse case scenario" would be a take-over of your nation by a foreign totalitarian oppressive regime. Or an attempt that leaves you in war-zone or one of the refugee camps that litter the Third World.
Posted by Anton Aylward
I am currently available to offer InfoSec & GRC audit and consulting services through my company - System Integrity
Calendar of Posts