DHS Critical Infrastructure 2025 Strategic Risk Assessment

This strategic risk assessment provides an overview of six distinguishable trends emerging in U.S. critical infrastructure. These trends, when combined or examined singularly, are likely to significantly influence critical infrastructure and its resiliency during the next 10 years. The U.S. Department of Homeland Security/Office of Cyber and Infrastructure Analysis identified the following trends likely to have a profound effect on critical infrastructure:

  • Convergence of the Cyber and Physical Domains
  • Aerial Threats: NTAT (Non-Traditional Aviation Technology)
  • Evolving Terrorist Threat
  • Facing the Inevitable: The State of U.S. Infrastructure
  • Extreme Weather: A Gloomy Forecast
  • Next Pandemic: Emergence and Outbreak

U.S. critical infrastructure is the foundation on which the Nation’s economy, security, and health rely. Critical infrastructure sustains the American way of life and bolsters national competitiveness. It supplies industry and business with the means to sustain operational success, and it enables the United States to maintain influence in the global community. Infrastructure preserves a sound economy by keeping millions employed and inspires innovative technology to improve the welfare of Americans.

The Nation’s infrastructure comprises 16 sectors. Most notable are the physical facilities that supply communities with goods and services like water, energy, transportation, and fuel. The Nation’s infrastructure also includes cyber technology that connects businesses; allows utilities to efficiently monitor energy supply and demand; and supports the critical infrastructure systems that ensure convenient access to funds in bank accounts, map the best route to a destination, and ensure an uninterrupted power supply. Ensuring the security and resilience of critical infrastructure is a national priority that requires planning and coordination across all levels of government and the private sector. Improving roads, bridges, water systems, electrical grids, and other vital infrastructure systems requires innovation, investment, and shared commitment.

Some of the emerging trends influencing critical infrastructure in the United States are known and well understood; yet, their consequences are uncertain. Understanding the cascading impacts of these trends is challenging because of the interconnectedness of infrastructure and its environment. The failure of stakeholders and senior policy makers to anticipate and mitigate the consequences of these trends is likely to result in disruption of U.S. critical infrastructure. OCIA assesses that these trends, if left ignored, will weaken and degrade U.S. critical infrastructure during the next decade and likely lead to national security consequences.


The U.S. Department of Homeland Security/Office of Cyber and Infrastructure Analysis (DHS/OCIA) assesses that information and communication technology (ICT) is highly likely to continue being extensively incorporated into critical infrastructure during the next decade. As a result, the variety of cyber-physical system components (operating systems, computational hardware, and firmware) in ICT is likely to make universal security across critical infrastructure sectors problematic creating immeasurable vulnerabilities and attack vectors. Critical infrastructure is likely to see an increase in cyber-related incidents during the next decade.

DHS/OCIA assesses that nefarious use of Non-Traditional Aviation Technology (NTAT) will increase during the next decade because of commercial availability, low cost, and easy operation. NTAT increases the capabilities of a malicious actor to exploit previously mitigated terrestrial attack vectors (e.g., walls, barriers, and checkpoints).

DHS/OCIA assesses that terrorist organizations will continue to use the internal and social media platforms in evolving and dangerous ways. The recruitment and radicalization of individuals here in the United States will remain a priority for terrorist organizations, as will their targeting of critical infrastructure. Further, cyberterrorist capabilities are almost certain to become more sophisticated in the next 10 years; consequently, incidents of cyberterrorism are likely to increase during the next decade.

DHS/OCIA assesses that a significant number of U.S. infrastructure assets are approaching the end of their designed life spans. Budget cuts across federal, state, and local governments limit the funding available for infrastructure inspections, maintenance, upgrades, and repairs. In some critical infrastructure sectors, a labor force shortage in the coming decades is likely to hamper efforts aimed at implementing and maintaining critical infrastructure upgrades. The risk of failure in the Transportation Systems, Energy, Water and Wastewater Systems, and Dams Sectors is highly likely to increase during the next 10 years.

DHS/OCIA assesses that a possible increase in the frequency and severity of extreme weather events is likely to result in damage to critical infrastructure and could result in population shifts. Regions unaccustomed to extreme weather will become more susceptible and vulnerable to storm surges in the coming decades.

DHS/OCIA assesses that the Healthcare and Public Health, Emergency Services, Transportation Systems, Water and Wastewater Systems, and Energy (Electrical Power) Sectors are most likely to be affected by a pandemic. All other critical infrastructure sectors are likely to be affected to some degree by the unavailability of personnel needed to maintain operations. The economic impact of a pandemic will depend on its severity and duration and mitigation efforts by federal, state, and local governments and the public. Estimates of loss in gross domestic product during the first year of a pandemic range from less than 1 percent in a mild pandemic up to 4.25 percent during a severe pandemic.

DHS Critical Infrastructure 2025 Strategic Risk Assessment PDF Report

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.