It's likely that the Internet will soon experience a catastrophic failure, a multi­day outage that will cost the U.S. economy billions of dollars."

Or maybe it isn't likely.

In any case, companies are not prepared for such a possibility.

But then again, some are.

These mixed messages come from credible sources. The confusion stems in part from the fact that the Internet has never seen anything much worse than local outages and brief slowdowns. But could it? And if it did, how ready would your company be?

Indeed, the threat is "urgent and real," says The Business Roundtable, an association of CEOs of large U.S. companies. The Washington-based public policy advocacy group says there is a 10% to 20% chance of a "breakdown of the critical information infrastructure" in the next 10 years, brought on by "malicious code, coding error, natural disasters, [or] attacks by terrorists and other adversaries."

An Internet meltdown would result in reduced productivity and profits, falling stock prices, erosion of consumer spending and potentially a liquidity crisis, according to a recent Business Roundtable report, "Growing Business Dependence on the Internet -- New Risks Require CEO Action." The organization based its conclusions on earlier risk analyses done by the World Economic Forum in Geneva.

Tom Lehner, director of public policy at The Business Roundtable, says business executives often fail to realize how dependent they have become on the public network -- for e-mail, collaboration, e-commerce, public- facing and internal Web sites, and information retrieval by employees. He also notes that disaster recovery and business-continuity plans often fail to take into account the threat an Internet disruption poses to a company and its suppliers. Moreover, business executives often mistakenly believe that government will take the lead in restoring network services in the face of an Internet failure, according to Lehner.

"What we wanted to do in this report is say to CEOs, 'You may not realize that whole segments of your business are almost completely dependent on the Internet, and it's not enough to have a few IT specialists to help you respond to problems as they come up,'" Lehner says.

Judging the risk

Stephen Crocker, an Internet pioneer and chairman of the Security and Stability Advisory Council of the Internet Corporation for Assigned Names and Numbers (ICANN), says he tries to walk a line between "Chicken Little, things-are-terrible" scenarios and "Pollyanna, the-world-is-wonderful" views of the Internet. He says, for example, that he worries little about a physical attack on the Internet -- against major hubs, lines and so on. "I don't know of any physical attack that would have any widespread or long-lasting effect," he says. "The Internet is pretty robust at the physical layer. There are just too many alternate paths available."

But the Internet is not so robust at other layers, admits Crocker, the CEO of Shinkuro, a Bethesda, Md.-based developer of information-sharing technology. He points to the possibility of "systematic failure of operating systems like Windows, or penetration by worms that run rampant and cause massive amounts of chaos," or floodlike denial-of-service attacks. Still, he says, these kinds of disruptions, although annoying and potentially quite costly, are typically resolved in a matter of hours and thus stop short of being the kind of catastrophe that the Business Roundtable report contemplates.

Others agree that the risk of catastrophe is minimal. Asked if he worries about an Internet meltdown, Michael Long, senior vice president of global services at Siemens Medical Solutions, says, "Anything is possible, certainly, with things today like the terrorism situation. But we are pretty confident that if we did have an Internet hiccup, we'd go with alternate communication paths."

In fact, he says, he views the Internet as something of a backup for his dedicated lines from AT&T and Verizon Communications.

Siemens Medical Solutions provides application hosting for more than 1,000 health care customers at 600 sites, mostly through private, dedicated lines.