2.6. Strengthening the resilience of critical information infrastructure

European Union / Cyber Security Agency of Singapore

Strengthening the cyber resilience of critical information infrastructure is essential to enabling social and economic development and to meeting the Sustainable Development Goals (SDGs). It is also essential to maintaining international security and stability.  The combination of increased digitalization and interdependence of critical infrastructure and services requires a holistic approach that takes into consideration an ever-growing number of risk factors. To ensure resilient critical information infrastructure, public and private actors need to be able to identify, anticipate, prepare for, respond to, and recover from cyber incidents. Governments and the private sector need to work together within and across borders to strengthen the resilience of critical information infrastructure. Exchanges of information on existing approaches, and on lessons and good practices in cooperation at national and international levels can serve that purpose, as can tangible, tailored and sustainable capacity building and confidence building efforts.

• What policies, tools and mechanisms need to be put in place at national level to strengthen the cyber resilience of critical information infrastructure? What good practices and lessons can be leveraged to build confidence and inform relevant capacity building efforts?
• How are cybersecurity risk management models evolving in the critical information infrastructure sector? What lessons can be drawn from these efforts to strengthen the resilience of critical information infrastructure across public and private sectors?