ABSTRACT
The UK strategic framework for Critical Information Infrastructure Protection (CIIP) was published in draft by the Cabinet Office in late 2009, and nine CII key sectors were identified. The Centre for the Protection of National Infrastructure (CPNI) is the Government authority for protective security advice to the national infrastructure relating to national security threats. The most widely known CIIP exercises are the US-led but multi-national Cyber Storm series. The US clearly has a more elaborate private sector organizational structure responding to cyber threats, while CIIP in Germany is largely attached to state-run civil defense mechanisms'. Deliberate cyber attacks, by countries, hackers or insiders, represent a major and continuing threat. The Process Control Security Response Team (PCSRT) must be involved at every step in the process of monitoring a situation, analysing any changes to the cyber threat and initiating appropriate responses.
