Critical Infrastrcuture Protection & Resilience

27/10/2025

Evidence from around the world indicates that threats to Mobile Network Operators (MNOs) are increasing, including to their physical infrastructure. On the other hand, critical communications are transitioning from legacy networks, primarily operated by governments, to broadband networks, in which key components such as Radio Access Networks are procured from MNOs or dedicated infrastructure providers. The combined effect of these two trends requires critical communications operators to pay special attention to the security of the physical infrastructure that is used for critical communications.

Given the importance of the topic, TCCA’s Legal & Regulatory Working Group (LRWG) developed this white paper, starting with a survey of the legal and operational frameworks in the member countries of the LRWG. As the laws and regulations amend and update dynamically, the survey outcomes that formed the basis of this paper were the position as of 31 January 2025.

Evidence from around the world indicates that threats to Mobile Network Operators (MNOs) are increasing, including to their physical infrastructure. On the othe

20/10/2025

The 2nd Critical Infrastructure Protection (CIP) Week in Europe and the 10th Critical Infrastructure Protection & Resilience Europe (CIPRE) conference concluded successfully in Brindisi, Italy, after three days of high-level discussions, collaboration, and innovation in securing Europe’s critical infrastructure.
Held from 12–14 October 2025, the joint event brought together senior policymakers, industry leaders, security professionals, and researchers from across Europe and beyond to accelerate collective resilience efforts and share strategies to address emerging threats to vital systems and services.

The 2nd Critical Infrastructure Protection (CIP) Week in Europe and the 10th Critical Infrastructure Protection & Resilience Europe (CIPRE) conference concl

03/10/2025

Drones have emerged as the tool of choice for bad actors at critical infrastructure sites. The confusion and damage caused by drone activity is very real, and awareness is growing, thanks to a spate of serious recent incidents that have drawn attention to the threat. Reports in December of unknown drone activity in New Jersey sparked headlines around the world, and drone incidents also paused air traffic in two states, at an Air Force base in Ohio and an airport in New York . These, unfortunately, are not isolated incidents.

At Sweden’s Stockholm Arlanda Airport , UAS sightings forced the suspension of air traffic, disrupting operations and endangering travelers. In Nashville, a man reportedly attempted to weaponize a drone with explosives to collapse the U.S. power grid. It’s clear that drones are no longer a toy and are not restricted to causing annoyances such as disrupting air travel.

Drones have emerged as the tool of choice for bad actors at critical infrastructure sites. The confusion and damage caused by drone activity is very real, and a

28/09/2025

A man has been arrested in the UK by the National Crime Agency as part of an investigation into a cyber incident impacting Collins Aerospace.

The incident, which was reported on 19 September, affected flights at Heathrow and other European airports over the weekend.

NCA officers, supported by the South East ROCU, arrested a man in his forties in West Sussex yesterday evening on suspicion of Computer Misuse Act offences. He has been released on conditional bail.

Deputy Director Paul Foster, head of the NCA’s National Cyber Crime Unit, said:

“Although this arrest is a positive step, the investigation into this incident is in its early stages and remains ongoing.”

“Cybercrime is a persistent global threat that continues to cause significant disruption to the UK. Alongside our partners here and overseas, the NCA is committed to reducing that threat in order to protect the British public.”

A man has been arrested in the UK by the National Crime Agency as part of an investigation into a cyber incident impacting Collins Aerospace. The incident, w

26/09/2025

Authorities in Denmark and Norway are investigating a series of unauthorized drone sightings that forced the temporary closure of airspace over two major international airports—Copenhagen's Kastrup Airport and Oslo's Gardermoen Airport, and are being treated as serious threats to national and regional security.

In Copenhagen, multiple drones were detected near the airport perimeter, leading to a near four-hour shutdown that disrupted over 50 flights and affected approximately 20,000 passengers. Danish police say the drones demonstrated flight behavior consistent with advanced operation, and officials have described the incursion as one of the most significant threats to Denmark’s critical infrastructure in recent memory.

Shortly after the Copenhagen incident, Oslo’s main airport reported similar drone activity, prompting Norwegian authorities to temporarily close airspace.

Authorities in Denmark and Norway are investigating a series of unauthorized drone sightings that forced the temporary closure of airspace over two major intern

23/09/2025

CISA released a cybersecurity advisory detailing lessons learned from an incident response engagement following the detection of potential malicious activity identified through security alerts generated by the agency’s endpoint detection and response tool.

This advisory, CISA Shares Lessons Learned from an Incident Response Engagement, highlights takeaways that illuminate the urgent need for timely patching, comprehensive incident response planning, and proactive threat monitoring to mitigate risks from similar vulnerabilities.

The advisory also outlines the tactics, techniques, and procedures (TTPs) employed by cyber threat actors, including exploitation of GeoServer Vulnerability CVE-2024-36401 for initial access. By understanding these TTPs, organizations can enhance their defenses against similar threats.

CISA released a cybersecurity advisory detailing lessons learned from an incident response engagement following the detection of potential malicious activity id

19/09/2025

In November 2021, a landmark law on Critical Infrastructure Protection (CIP) was signed by the President of Ukraine—setting in motion a national effort to secure the lifelines of the country’s economy, defense, and daily life. Two years later, in September 2023, the Cabinet of Ministers approved Ukraine’s National Plan for the Protection, Security, and Resilience of Critical Infrastructure, a document that not only laid out an ambitious strategy but also revealed a major vulnerability: a critical shortage of qualified professionals.

The question soon became unavoidable—how and where can Ukraine train the specialists essential to protecting its most vital systems? The National Plan mandated a full feasibility study to explore this issue and develop recommendations for building a sustainable educational and training ecosystem for CIP professionals.

This comprehensive study was the first of its kind in Ukraine and worldwide and took a global approach.

In November 2021, a landmark law on Critical Infrastructure Protection (CIP) was signed by the President of Ukraine—setting in motion a national effort to sec

17/09/2025

On 11 September 2025, a Commission Communication to strengthen the resilience of critical entities across the EU was adopted. It provides non-binding guidance to EU countries to identify their critical entities and a risk assessment reporting template.

Directive (EU) 2022/2557 on the resilience of critical entities1 (‘the Directive’) aims to ensure that services essential for the maintenance of vital societal functions or economic activities are provided in an unobstructed manner in the internal market. The Directive enhances the resilience of the critical entities providing such services and creates an overarching framework of resilience of critical entities in respect of all hazards (natural and man-made, accidental or intentional).

To achieve a high level of resilience, Member States have obligations under the Directive.

08/09/2025

Download your copy now at www.cip-association.org/CIPRNews

Please find here your downloadable copy of the Summer 2025 issue of Critical Infrastructure Protection & Resilience News, the official magazine of the International Association of CIP Professionals (IACIPP), for the latest views, features and news, including a Preview of the forthcoming Critical Infrastructure Protection & Resilience Europe conference, taking place in Brindisi, Italy next month as part of CIP Week in Europe, and co-hosted with The International Emergency Management Society (TIEMS) conference.

Download your copy now at www.cip-association.org/CIPRNews Please find here your downloadable copy of the Summer 2025 issue of Critical Infrastructure Protec

12/08/2025

The International Association of CIP Professionals (IACIPP) is committed to the training and further education of industry professionals to enhance knowledge, expertise and ultimately improve industry standards. See our recommended useful training courses: https://www.cip-association.org/training-and-education/

Countering Insider Threats
Help2Protect is an eLearning Platform dedicated to Security and the Insider Threat courses help you put in place a detection and prevention program against this widespread and yet largely underestimated issue.
Further details: https://www.cip-association.org/help2protect-an-elearning-program-to-counter-insider-threats/

NIST Risk Management Framework
The purpose of these courses is to provide those new to risk management with an introduction to key publications associated with the NIST Risk Management Framework (RMF) methodology for managing cybersecurity and privacy risk.

The International Association of CIP Professionals (IACIPP) is committed to the training and further education of industry professionals to enhance knowledge, e

06/08/2025

The International Association of Critical Infrastructure Protection Professionals (IACIPP) will be co-hosting the 2025 ‘Critical Infrastructure Protection Week in Europe' in Brindisi, Italy, under the Patronage of the City of Brindisi, part of an initiative focused towards enhancing collaboration and cooperation amongst the industry.

We are delighted to welcome The International Emergency Management Society (TIEMS - Home) annual conference as part of CIP Week in Europe, co-locating with Critical Infrastructure Protection & Resilience Europe.

The 'African Young People Support Centre (AYPSC)' & 'African Smart Cities Innovation Foundation' are also co-hosting a Workshop at CIP Week - 'Africa–Europe Cooperation for Critical Infrastructure Resilience'.

The latest Preliminary Conference Programme is available and you can download your guide to assist with your planning and preparations to attend the event in Brindisi.

The International Association of Critical Infrastructure Protection Professionals (IACIPP) will be co-hosting the 2025 ‘Critical Infrastructure Protection Wee

06/08/2025

Australia has officially adopted the AS IEC 62443 series as national standards for protecting Operational Technology (OT) in critical infrastructure from cyber threats. This decision comes as cyberattacks grow more frequent and sophisticated, increasingly targeting the systems that support our daily lives.

OT systems are the backbone of essential services such as energy, water, transport, medical devices, and building automation. A successful cyberattack on these systems could disrupt communities, threaten public safety, and harm the environment. The AS IEC 62443 standards help prevent this by offering a clear, structured approach to cybersecurity that supports safety, reliability, and resilience throughout the life of these systems.

A Practical Framework for Securing OT Systems

OT environments face unique cybersecurity challenges that differ from traditional IT systems. To address these, specialised standards were developed for Industrial Automation and Control Systems (IACS).