Protecting Critical Infrastructure
In modern economies around the world, the risks to the foundations of civilisation have become obvious through attacks both real and hypothesized, cyber and kinetic. After several high-profile cyber incidents like the colonial pipeline attack, it has become clear that major infrastructure providers of power, water, energy, and more can no longer simply be classified as private companies or government agencies – they are the foundations of the modern world, and they are critical for keeping cities, economies, and societies running.
In countries like the USA, Australia, and the United Kingdom, these services have been defined by governments as critical infrastructure and to protect them, new regulations have been imposed to mitigate the risk of cyber attack and to minimise the impact of a cyber incident. There are a handful of countries that have put risk mitigation strategies and regulations in place, and those regulations will most certainly expand to other geographies and regions across the world as state-sponsored cyber-attacks and sophisticated hacking organisations continue to target these services.
The United States
In the USA, the Cybersecurity & Infrastructure Security Agency (CISA) defines critical infrastructure as whole sectors that are important to the safety and security of the nation.