Information Sharing for Infrastructure Risk Management

Barriers and Solutions

Published In: Intelligence and National Security, v. 24, no. 3, June 2009, p. 339-365

Posted on RAND.org on December 31, 2008

by Henry H. Willis, Genevieve Lester, Gregory F. Treverton

Read More

Access further information on this document at www.tandf.co.uk

This article was published outside of RAND. The full text of the article can be found at the link above.

There is a public interest in ensuring that infrastructure systems are appropriately protected and prepared for disruptions. While infrastructure protection is usually viewed as a public responsibility, infrastructure risk management actually requires a high degree of cooperation between the public and private sectors, particularly in the sharing of information about risks to infrastructure. Discussions with Chief Security Officers across sectors of the US economy reveal the complexity of the task, as they describe at length the private sector's requirements of multiples types of information about a range of potential threats. While the US government has established many mechanisms for sharing information, barriers remain that inhibit both the private and public partners from obtaining the information needed to protect infrastructure. Overcoming these barriers requires new thinking about the intelligence generation process, the mechanisms and practices upon which the process relies, and the responsibilities of those in the private sector who participate in it.

This report is part of the RAND Corporation external publication series. Many RAND studies are published in peer-reviewed scholarly journals, as chapters in commercial books, or as documents published by other organizations.

The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.