Critical infrastructure

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Critical infrastructure (or critical national infrastructure (CNI) in the UK) is a term used by governments to describe assets that are essential for the functioning of a society and economy – the infrastructure. Most commonly associated with the term are facilities for:

Regional critical infrastructure protection programmes[edit]


The Canadian Federal Government identifies the following 10 Critical Infrastructure Sectors as a way to classify essential assets.[1] [2]

  1. Energy & Utilities: Electricity providers; off-shore/on-shore oil & gas; coal supplies, natural gas providers; home fuel oil; gas station supplies; alternative energy suppliers (wind, solar, other)
  2. Information and Communication Technology: Broadcast Media; telecommunication providers (landlines, cell phones, internet, wifi); Postal services;
  3. Finance: Banking services, government finance/aid departments; taxation
  4. Health: Public health & wellness programs, hospital/clinic facilities; blood & blood products
  5. Food: Food supply chains; food inspectors; import/export programs; grocery stores; Agri & Acqua culture; farmers markets
  6. Water: Water supply & protection; wastewater management; fisheries & ocean protection programs
  7. Transportation: Roads, bridges, railways, aviation/airports; shipping & ports; transit
  8. Safety: Emergency responders; public safety programs
  9. Government: Military; Continuity of governance
  10. Manufacturing: Industry, economic development

European Union[edit]

The European Programme for Critical Infrastructure Protection (EPCIP) has been laid out in EU Directives by the Commission (EU COM(2006) 786 final).

It has proposed a list of European critical infrastructures based upon inputs by its member states.

Each designated European Critical Infrastructures (ECI) will have to have an Operator Security Plan (OSP) covering the identification of important assets, a risk analysis based on major threat scenarios and the vulnerability of each asset, and the identification, selection and prioritisation of counter-measures and procedures.


The German critical-infrastructure protection programme KRITIS is coordinated by the Federal Ministry of the Interior. Some of its special agencies like the German Federal Office for Information Security or the Federal Office of Civil Protection and Disaster Assistance BBK deliver the respective content, e.g., about IT systems.[3]

United Kingdom[edit]

In the UK, the Centre for the Protection of National Infrastructure (CPNI) provides information, personnel and physical security advice to the businesses and organizations which make up the UK's national infrastructure, helping to reduce its vulnerability to terrorism and other threats.

It can call on resources from other government departments and agencies, including MI5, the Communications-Electronics Security Group and other government departments responsible for national infrastructure sectors.

United States[edit]

The USA has had a wide-reaching critical infrastructure protection program in place since 1996. Its Patriot Act of 2001 defined critical infrastructure as those "systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters."

In 2014 the NIST Cybersecurity Framework was published, and quickly became a popular set of guidelines, despite the significant costs of full compliance.[4]

These have identified a number of critical infrastructures and responsible agencies:

  1. Agriculture and food – Departments of Agriculture and Health and Human Services
  2. WaterEnvironmental Protection Agency
  3. Public Health – Department of Health and Human Services
  4. Emergency Services – Department of Homeland Security
  5. Government – Department of Homeland Security
  6. Defense Industrial BaseDepartment of Defense
  7. Information and TelecommunicationsDepartment of Commerce
  8. EnergyDepartment of Energy
  9. Transportation and ShippingDepartment of Transportation
  10. Banking and FinanceDepartment of the Treasury
  11. Chemical Industry and Hazardous Materials – Department of Homeland Security
  12. Post – Department of Homeland Security
  13. National monuments and icons - Department of the Interior
  14. Critical manufacturing - Department of Homeland Security (14th sector announced March 3, 2008; recorded April 30, 2008)

National Infrastructure Protection Plan[edit]

The National Infrastructure Protection Plan (NIPP) defines critical infrastructure sector in the US. Presidential Policy Directive 21 (PPD-21),[5] issued in February 2013 entitled Critical Infrastructure Security and Resilience mandated an update to the NIPP. This revision of the plan established the following 16 critical infrastructure sectors:

  1. Chemical
  2. Commercial facilities
  3. Communications
  4. Critical manufacturing
  5. Dams
  6. Defense industrial base
  7. Emergency services
  8. Energy
  9. Financial services
  10. Food and agriculture
  11. Government facilities
  12. Healthcare and public health
  13. Information technology
  14. Nuclear reactors, materials, and waste
  15. Transportation systems
  16. Water and wastewater systems

National Monuments and Icons along with the postal and shipping sector were removed in 2013 update to the NIPP. The 2013 version of the NIPP has faced criticism for lacking viable risk measures.[6][7] The plan assigns the following agencies sector-specific coordination responsibilities:

Department of Homeland Security
  • Chemical
  • Commercial facilities
  • Communications
  • Critical manufacturing
  • Dams
  • Emergency services
  • Government facilities (jointly with General Services Administration)
  • Information technology
  • Nuclear reactors, materials, and waste
  • Transportation systems (jointly with Department of Transportation)
Department of Defense
  • Defense industrial base
Department of Energy
  • Energy
Department of the Treasury
  • Financial services
Department of Agriculture
  • Food and agriculture
General Services Administration
  • Government facilities (jointly with Department of Homeland Security)
Department of Health and Human Services
  • Healthcare and Public Health
Department of Transportation
  • Transportation systems (jointly with Department of Homeland Security)
Environmental Protection Agency
  • Water and wastewater systems

State-level legislation[edit]

Several U.S. states have passed "critical infrastructure" bills, promoted by the American Legislative Exchange Council (ALEC), to criminalize protests against the fossil fuel industry.[8] In May 2017, Oklahoma passed legislation which created felony penalties for trespassing on land considered critical infrastructure, including oil and gas pipelines, or conspiring to do so; ALEC introduced a version of the bill as a model act and encouraged other states to adopt it.[9] In June 2020, West Virginia passed the Critical Infrastructure Protection Act, which created felony penalties for protests against oil and gas facilities.[10]

See also[edit]


  1. ^ "National Cross Sector Forum 2021-2023 Action Plan for Critical Infrastructure". May 26, 2021.
  2. ^ "National Strategy for Critical Infrastructure". December 21, 2018.
  3. ^ "Nationale Strategie zum Schutz Kritischer Infrastrukturen (KRITIS-Strategie)" (PDF). Archived from the original (PDF) on September 15, 2017. Retrieved September 17, 2010.
  4. ^ "NIST Cybersecurity Framework Adoption Hampered By Costs, Survey Finds". Dark Reading. March 30, 2016. Retrieved August 2, 2016.
  5. ^ "Presidential Policy Directive -- Critical Infrastructure Security and Resilience". February 12, 2013. Retrieved March 12, 2019.
  6. ^ White, R. (February 13, 2014). "Towards a Unified Homeland Security Strategy: An Asset Vulnerability Model". Homeland Security Affairs. Retrieved February 26, 2015.
  7. ^ Kahan, J (February 4, 2015). "Resilience Redux: Buzzword or Basis for Homeland Security". Homeland Security Affairs. Retrieved February 28, 2015.
  8. ^ Brown, Alleen; Lacy, Akela (January 12, 2021). "In Wake of Capitol Riot, GOP Legislatures 'Rebrand' Old Anti-BLM Protest Laws". The Intercept. Retrieved February 10, 2021.
  9. ^ Brown, Alleen (May 23, 2019). "Pipeline Opponents Strike Back Against Anti-Protest Laws". The Intercept. Retrieved February 13, 2021.
  10. ^ Brown, Alleen (June 7, 2020). "A Powerful Petrochemical Lobbying Group Advanced Anti-Protest Legislation in the Midst of the Pandemic". The Intercept. Retrieved February 13, 2021.

External links[edit]