Many organizations are struggling with how to assess the broad set of risks stemming from cyber-attacks against the nation's critical infrastructure. Roughly 85% of the critical infrastructure in the US is managed and operated by private organizations, and if ours is one of these firms you have the primary responsibility for assessing specific vulnerabilities and managing cybersecurity risk to your own networks.
However, public officials have a deep interest not only in the specific vulnerabilities and risk of particular entities, but also in how specific attacks on those organizations affect the movement of containers moving from railyards to ports, the movement of crude oil from field to refinery, or even how caustic chemicals are transported to manufacturers.