Critical Information Infrastructure Protection

Good Practices

Define and protect national critical information infrastructure.

Raising awareness on the importance of critical information infrastructure protection for governmental and non-governmental stakeholders is important. A NCSS may include a strategy for critical information infrastructure protection (CIIP). Key elements of such strategy may include the identification of critical information infrastructure (CII) and the organizational structure and processes related to CIIP. Identification and protection of national CII raises the level of resilience of cyber security-related risks.

CIIP is a joint responsibility between public and private stakeholders, as normally much of the CII is owned by private companies. Stakeholders with CIIP experience may bring good practices forward to other nations starting with CIIP. Nations with cross-border CII should approach CIIP collaboratively.