Critical infrastructure (CI) refers to the systems, networks, and assets that are vital to the functioning of a society and economy. These are the elements that, if disrupted or destroyed, would have a significant impact on public health and safety, economic stability, and national security. They are essential to the functioning of a community and the delivery of essential services.
There are various characteristics that define something as CI but the central concept, its “critical” nature, requires that the sector be essential for the functioning of society. Without it, basic needs such as food, water, and shelter would not be met.
All in all, CI is a broad term that can encompass a variety of different systems and assets, but what makes something CI is its importance to the functioning of society, its interdependencies with other systems, its vulnerability to disruption, and the difficulty of replacing or repairing it quickly.
It is also important to note that there are many different entities who have their own unique definitions for CI. The European Union’s agency for cybersecurity, ENISA, defines 6 CI sectors, while the United Kingdom’s CPNI defines 13 sectors of Critical National Infrastructure (CNI). While this paper will orient around the 16 sectors of CI defined by the U.S. government, the underlying principles, technologies, and concerns are largely the same, even when sector definitions are not identical.
