Mapping the World’s Critical Infrastructure Sectors 

According to German Council on Foreign Relations (DGAP) in its report Mapping the World's Critical Infrastructure Sectors by Dr. Valentin Weber, Maria Pericas Riera and Emma Laumann, only 100 of 194 countries have published what they perceive as CI sectors. The CI sectors that countries most frequently mention are ­energy (96%), information and communications technology (ICT) (95%), transport (93%), economy and finance (89%), public services (84%), and health (83%). 

94 countries, particularly in Asia and Africa, still have not defined their CI sectors, nor have they adopted systematic response plans to protect them. Most of these countries lack the resources to establish CI regulations and task forces. The international community should be encouraged to support those states in defining and protecting their CI. 

As per DGAP, no common definition of critical infrastructure (CI) exists among the 193 UN member states and Taiwan. In fact, there are at least 100 different national positions on the subject. Many countries lack lists of their CI or critical information infrastructure (CII) sectors, including two in Europe (Monaco and San Marino). 

Among the countries with specified sectors, the category incorporated by nearly all is energy (96%). This is followed by ICT (95%) and transport (93%), while economy and finance, public services, and health also scored above 80%. 

Referring to DGAP study, there are regional differences in formulating what CI is. The least-mentioned category in all regions is research and education, named by only 15% of all countries. On the African continent, 27% of the countries included this category. This is significantly higher than Europe (12%) and Asia (13%). Other categories that scored low globally are national security (45%), food (51%), and water (76%). 

Introduction to the Functional and Sector Summary of Cybersecurity Standards and Best Practices 

TAU RCRL website summarizes some of the most relevant resources on navigating Critical Infrastructure Protection (CIP). 

Cyber resilience is crucial for international development and the pursuit of Sustainable Development Goals ‎‎(SDGs). Embracing the benefits of digital transformation is a strategic approach to achieving SDGs. Establishing or modernizing Critical Infrastructure in developing countries plays a significant role in establishing and maintaining Critical Infrastructure Protection (CIP).

To advance cybersecurity capacity building and mainstream cyber resilience in international development, the World Bank Digital ‎Development Global Practice, in collaboration with Tel Aviv University's Blavatnik Interdisciplinary Cyber Research Center (TAU ICRC), has developed the Critical Information Infrastructure Protection (CIIP) Toolkit. This toolkit encompasses the Sector Cybersecurity Maturity Model (SCMM) and the list of resources for cyber resilience and CIP for non-experts in cybersecurity. 

CIP addresses policy and technical aspects, with several key challenges:

• Interdependence of critical infrastructures.
• Growing complexity of cyber and industrial systems and data.
• Diverse and / or conflicting interests among public and private stakeholders.
• The expanding range of cyber risks or threats.