CHAPTER 22

PHYSICAL THREATS TO THE INFORMATION INFRASTRUCTURE

Franklin Platt

22.1 INTRODUCTION

22.2 BACKGROUND AND PERSPECTIVE

22.2.1 Today's Risks Are Greater

22.2.2 Likely Targets

22.2.3 Productivity Issues

22.2.4 Terrorism and Violence Are Now Serious Threats

22.2.5 Costs of a Threat Happening

22.2.6 Who Must Be Involved

22.2.7 Liability Issues

22.2.8 Definitions and Terms

22.2.9 Uniform, Comprehensive Planning Process

22.3 THREAT ASSESSMENT PROCESS

22.3.1 Set Up a Steering Committee

22.3.2 Identify All Possible Threats

22.3.3 Sources of Information and Assistance

22.3.4 Determine the Likelihood of Each Threat

22.3.5 Approximate the Impact Costs

22.3.6 Costs of Cascading Events

22.3.7 Determine the Vulnerability to Each Threat

22.3.8 Completing the Threat Assessment Report

22.4 GENERAL THREATS

22.4.1 Natural Hazards

22.4.2 Other Natural Hazards

22.4.3 Health Threats

22.4.4 Man-Made Threats

22.4.5 Wiretaps

22.4.6 High-Energy Radio-Frequency Threats

22.5 WORKPLACE VIOLENCE AND TERRORISM

22.6 OTHER THREAT SITUATIONS

22.6.1 Leaks, Temperature, and Humidity

22.6.2 Off-Hour Visitors

22.6.3 Cleaning and Maintenance Threats

22.6.4 Storage-Room Threats

22.6.5 Medical Emergencies

22.6.6 Illicit Workstation

22.6.7 Other Local Threats

22.7 CONFIDENTIAL THREAT INFORMATION

22.8 SUMMARY

22.9 FURTHER READING

22.10 NOTES

22.1 INTRODUCTION.

This chapter describes the wide array of possible physical threats that can impact information systems (IS) infrastructure. The infrastructure affected can ...