Konferenzband 
International Conference Current Security Challenges for the Western Balkan Region - Addressed by Means of Joint Responsibility and Cooperation
Entstehung
Einzelbild herunterladen
 

International Conference: Current Security Challenges for the Western Balkan Region Addressed by Means of Joint Responsibility and Cooperation CRITICAL INFRASTRUCTURES Critical Infrastructures are those infrastructures, of criteria for rating critical infrastructures; or parts thereof, which are of substantial identifying risk factors and relevant actors; relevance in maintaining important societal listing measures for the protection of critical functions. Their disruption or destruction has infrastructures; and developing an action plan serious effects on the health, security or the with detailed sub-goals. economic and social wellbeing of the population or on the effective functioning of government. The Europe-wide program lists 11 sectors of Plans for protecting such infrastructures should critical infrastructures: energy, nuclear industry, be cognizant of their importance and ICT, water, victuals, health, nances, transport, comprehensive in their approach. chemical industry, and space travel and research institutions. The centres, For example, on the basis of the European communication nodes and steering systems of Program for Critical Infrastructure Protection, a these critical infrastructures at the disposal of a national master plan was elaborated for Austria, modern society are based on information and called- the Austrian Program for Critical communication technology or are of Infrastructure Protection(APCIP). APCIP considerable importance for the ICT and can 57 describes the principles of the program, including listings of priority sectors; denitions only be operated in certain locations. CONSEQUENCES AND NECESSARY MEASURES The state should maintain national capabilities for protecting strategic ICT infrastructure against cyber attacks. It can do so mainly by engaging in permanently available and up-to­date estimates of the security environment on the basis of regular analyses and assessments of the security risks, an early warning system complemented by emergency/incident functionalities and by developing the ability to react appropriately when warranted. Moreover, intensive cooperation between industry, science, government, and citizens is indispensable and must be initiated and promoted by the state. On the international level, states would have to cooperate effectively among themselves as well, particularly regarding prevention, threat identication and defense. The private owners and operators of critical infrastructures, in turn, have to create the necessary preconditions for secure operation via comprehensive protection measures against cyber attacks, exchanging information and cooperation with one another, maintaining high security standards, and providing certied training for their personnel. Some approaches that promise success are developing and using intrusion-tolerant systems, redundant design, and automated critical processes with super­imposed manual steering. For security-critical areas one should exclusively use accredited or certied hardware and software, organizations, procedures, and personnel. Protection-worthy data and locations need to be protected in conformity with the law according to the criticality of the ICT and the extent of the threat.