ABSTRACT
A few months after the terrorist attacks of Madrid, a Commission Communication (2004) and European Council conclusions (Council of the European Union 2004) launched the idea of the European Programme for Critical Infrastructure Protection. Previously, the UK, Sweden, the Netherlands, and Germany as well as NATO and the G8 (Abele-Wigert and Dunn 2006) had taken up the notion of CIP. The EU had also become active in the closely related area of information infrastructure security since the turn of the millennium (Rathmell 2003). In short, national and international policy-makers had become familiar with the notion of CIP, while the high salience of the terrorist threat, which was underlined by the London bombings in July 2005, provided an opportunity for common action.
