01685nas a2200229 4500000000100000000000100001008004100002260000900043653000900052653001300061653001800074653004900092653003300141653001300174653002000187653005100207100001800258245005800276300001000334490000600344520110500350 2001 d c200110aCIIP10asecurity10acyber threats10aconventional vs. IT-related security threats10ainfrastructure vulnerability10aCIIP R&D10anetwork society10aCritical Information Infrastructure Protection1 aPeter Westrin00aCritical Information Infrastructure Protection (CIIP) a67-790 v73 a
This article treats a number of fundamental issues concerning Critical Information Infrastructure Protection, including the basic concept of CIIP as such. What are we actually referring to when we talk about a society’s critical information infrastructure and against whom or what must we be prepared to protect this infrastructure? The notion of “network society” is central here, and certain aspects of societal development within the framework of CIIP are discussed. These include the issues of responsibility and trust, and whether or not CIIP is primarily a technological problem. Some basic differences between conventional threats and IT-related threats are discussed, as well as important issues concerning system complexity, error propagation and mutual dependence. Also discussed is the question of whether it is, in fact, possible to establish a solid and durable framework for research into a problem context such as CIIP, a context which is both fragmented and continually developing at a rapid pace. The article concludes with a short description of on-going CIIP-research.