Why do we demand critical infrastructure security?

We demand the security of critical infrastructure because “disrupting its function would lead to a significant socio-economic crisis with the potential to undermine the stability of a society and thereby cause political, strategic, and security consequences.” More specifically, critical infrastructure is protected because (1) it may carry a symbolic importance; (2) there is an immediate dependence on it; and (3) it is subject to complex dependencies (Tabansky, 2011).

When it comes to the symbolic importance of the critical infrastructure, “several democratic countries include heritage sites, museums, archives, and monuments among critical infrastructures that should be protected” (Tabansky, 2011). The symbolic importance of the infrastructure may also come from the real or perceived power it provides to the government. “For example, a hostile disruption of traditional media used by the state for communicating with its citizens will immediately harm the government’s ability to function. Moreover, in the longer term, such disruption may diminish the citizens’ confidence in the existing government, or even the general form of government or regime” (Tabansky, 2011).

A good example of a critical infrastructure on which there is an immediate dependence is “the electricity grid or telecommunications network, which is … [essential] for most processes in society.” More narrowly, “Cyberspace is a representative example of an infrastructure that has become critical because of the interface of most of society’s activity with computerized communications networks” (Tabansky, 2011).

Critical infrastructure is also subject to complex dependencies, because “The relationships among various infrastructures are presumably not fully known, and the failure of one component is liable to cause a wide range of results and damage.” There are three types of failure stemming from complex dependencies of infrastructures: common cause failure, cascading failure, and escalating failure (Tabansky, 2011). Common cause failure could include “various facilities (fuel storage, airports, and power stations) that are located in geographic proximity are likely to be harmed from a single incident of flooding.” In the case of cascading failure “Disruption of a control system in one infrastructure (for example, water) leads to disruption of a second infrastructure (for example, in transportation, the flooding of a railway line), and then a third (for example, food supply chain) and so on.” While under escalating failure “Disruption of one infrastructure (for example, a communications network) harms the effort to fix other infrastructures that have been damaged by another entity (emergency services, commerce)” (Tabansky, 2011).

References

Tabansky, I. [2011], “Critical Infrastructure Protection against Cyber Threats”, Military and Strategic Affairs 3(2), 61-78, http://www.inss.org.il/uploadimages/Import/(FILE)1326273687.pdf