Critical Infrastructure Protection and Resilience
Attacks on critical infrastructure sites are now a fact of life not simply a potential threat. Power stations, chemical plants, nuclear facilities are routinely targeted by cyber-attacks, the most successful so far being the Ukraine power outage that caused 225,000 customers to lose electricity. Last year an activist landed a UAV carrying small traces of radiation on the roof of the Japanese Premier’s office and this year a UAV collided with a aircraft at London’s Heathrow airport. And of course the terrible attacks on the metro and airport in Brussels. This is just the start of what we can expect to be the repeated targeting of our critical infrastructure. The potential effects not only in terms of loss of life but also in terms of damage to infrastructure, economic disruption and costs, can be enormous.
Once again widespread flooding across Europe in 2015 caused even bigger outages of power and for longer periods than cyber-attacks and the damage to lives, property and businesses was larger still, emphasising the need for planning and preparation on European scale.
We must be prepared!
The European Commission has adopted a communication on Critical Infrastructure Protection in the fight against terrorism, enhancing European prevention, preparedness and response in the event of terrorist attacks involving critical infrastructures.
The European Programme for Critical Infrastructure Protection (EPCIP) considers measures that will enhance the level of protection of infrastructure against external threats, with the Operator Security Plan for all infrastructures designated as European critical.
The European Union is also developing its policy on critical energy infrastructures in relation to the European Programme for Critical Infrastructure Protection (“EPCIP”) which considers measures that will enhance, where necessary, the level of protection of certain infrastructures against external threats.
Critical Infrastructure Protection and Resilience Europe will once again bring together leading stakeholders from industry, operators, agencies and governments to collaborate on securing Europe. The conference will look at developing on the theme of previous events in helping to create better understanding of the issues and the threats, to help facilitate the work to develop frameworks, good risk management, strategic planning and implementation.
The integrity of critical infrastructures and their reliable operation are vital for the well-being of the citizens and the functioning of the economy. The implementation of the EPCIP, under Council Directive 2008/114/EC on the identification and designation of European critical infrastructures and the need to improve their protection, has not been completely successful.
Why the Need for Such a Discussion?
Article 196 of the Lisbon Treaty enshrines in law that the Union shall encourage cooperation between Member States in order to improve the effectiveness of systems for preventing and protecting against natural or man-made disasters.
The Union’s action shall aim to:
(a) support and complement Member States’ action at national, regional and local level in risk prevention, in preparing their civil-protection personnel and in responding to natural or man-made disasters within the Union;
(b) promote swift, effective operational cooperation within the Union between national civil-protection services;
(c) promote consistency in international civil-protection work.
The ever changing nature of threats, whether natural through climate change, or man-made through terrorism activities, either physical or cyber-attacks, means the need to continually review and update policies, practices and technologies to meet these demands.