Physical and cyber security measures must be taken to protect critical infrastructure from sabotage, terrorism, and contamination. Critical infrastructures include:
- Chemical Sector
- Commercial Facilities Sector
- Communications Sector
- Critical Manufacturing Sector
- Dams Sector
- Defense Industrial Base Sector
- Emergency Services Sector
- Energy Sector
- Financial Services Sector
- Food and Agriculture Sector
- Government Facilities Sector
- Healthcare and Public Health Sector
- Information Technology Sector
- Nuclear Reactors, Materials and Waste Sector
- Transportation Systems Sector
- Water and Wastewater Systems Sector
Infrastructure security (physical and cyber) is the protection of structures and systems designed to protect infrastructure, especially critical infrastructure. Critical infrastructures are interconnected with information technology, where they become highly vulnerable to sabotage, terrorism, even contamination if not adequately protected. Any intrusion or disruption can affect how another network will operate, which creates significant concerns about interdependency management regarding these important technological resources.
Physical infrastructure security is a broad term that refers to protecting persons and property from harm. Physical security involves using multiple layers of systems such as CCTV surveillance, locks, access control, fire protection etc., to keep unauthorized persons away while protecting people’s safety and well-being.
The three main components of physical security are access control, surveillance, and testing. Implementation, improvement, and maintenance are required to ensure the continued success of a physical infrastructure security program.
Cyber or cybersecurity threats are malicious acts that aim to damage data, steal it, and disrupt digital life. These malicious events negatively affect an organization’s operations (including mission, functions, image, or reputation), assets of an organization(s), and/or nations through unauthorized access to information systems.
Nations rely on the continued and essential function of our critical infrastructure. Incidental or deliberate damage can:
- Threaten national security
- Cause mass casualties
- Weaken the economy
- Damage public morale and confidence
There are several reasons why infrastructure needs to be heavily secured and protected, including:
- Climate threats
- Geological threats
- Biological threats
- Technological threats
- Criminal threats
- Cyber threats
Legacy systems are the most significant vulnerability that cyber terrorists can bank on. They still exist in most sectors, despite the increasing digitization of these same industries. Decades-old infrastructure components increase security risks exponentially by providing access to countless well-known vulnerabilities across a broad spectrum of applications used within today’s organizations.
Critical infrastructure protection and security are part-owned and operated by the private sector. It is essential to ensure that physical and cyber security priorities are not lost in profit maximization. Many security vendors also outsource functions outside their core competencies which results in additional vulnerabilities. These could include loss of control and visibility.