The cyber landscape has changed significantly since the pandemic and the digital transformation movement by organizations.

This has made it easier for cyber criminals to steal all kinds of information, confidential data, usernames, passwords, banking information, just name it they can get it. No industry is immune to cyber-attacks and is a question of when rather than if. Ramifications of a successful cyber-attack across critical infrastructure can affect our society on an individual and global scale.

Critical infrastructure refers to sectors such as telecommunications, internet service providers, emergency services, healthcare, financial services, agriculture, power, etc. These industries form the backbone of a nation’s economy and security – in other words, they are very important. Some of these critical infrastructures also happen to be built on legacy or insecure-by-design Industrial Control System (ICS), Operational Technology (OT) or Industrial Internet of Things (IoT) components.

What is defined as Critical Infrastructure?

Critical infrastructure describes the physical and cyber systems and assets that are so vital to any nation that their incapacity or destruction would have a debilitating impact on our physical or economic security or public health or safety. Critical infrastructure provides the essential services that underpin our society.

Nations that have developed cyber security strategy have clearly identified the importance of protecting critical infrastructure protection (CIP) that serves the nation.

At a high-level, the sectors that are inclusive within CIP vary from country to country and their overall operational landscape, but majority of these sectors remain the same.

• Electricity and Water
• Chemicals
• Emergency Services
• Financial Services
• Healthcare
• Nuclear Power Plants
• Oil and Gas
• Transport
• ICT