Interdependence Across the National Critical Functions
Abstract
In 2019, the Cybersecurity and Infrastructure Security Agency (CISA) introduced a set of 55 National Critical Functions (NCFs) to guide national risk management efforts. The NCFs were a fundamental shift aimed at enabling the identification and prioritization of systemic risks to critical infrastructure. Additionally, they highlight the importance of interdependence. The interdependence of NCFs, driven by a variety of processes including the output linkages of one to another, can result in the creation of systemic risk out of seemingly isolated risks. The fundamental drivers are familiar to the risk analysis community. Cascading risk can drive the potential propagation of failures across NCFs while common cause failures can result in simultaneous failure of multiple NCFs due the same underlying driver. These systemic risks can traverse network dependencies ranging from economic to software topolicy. Additionally, NCF interdependencies can also have positive consequences through enhanced resilience;following a disruption to a pipeline, for example, alternative transportation modes, such as rail, might be used to overcome the consequences of the disruptions. In this paper, we provide a novel interpretation of NCFs to enhance their use for research by the risk analysis community. We provide a conceptual framework of NCF interdependence leveraging a review of relevant literatures. We then provide a path to mapping of many (though not all) NCFs to economic sectors enabling their study using accepted methods like input-output analysis. We use this mapping to provide value-added multipliers for each NCF and a ranking to indicate their relative interdependence within economic networks.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jan 01, 2023
- Accession Number
- AD1192726
Entities
People
- Aaron M. Strong
- Jonathan W. Welburn
- Shannon Prier
Organizations
- RAND Corporation