How Critical Infrastructures are protected

15 Feb 2018

Share this article

In the face of physical and cybernetic attacks of all kinds, the industry develops technology and comprehensive protection systems that can neutralize multi-faceted criminals.

Critical infrastructures are those facilities that, because of their activity, are essential for the functioning of a country. Their relevance is such that they even have their own law to guarantee that both public and private operators apply the highest security standards for the protection of critical infrastructures. In some cases they are supranational in nature because their role can affect citizens of several countries. In the United States, for example, the concept of critical infrastructure not only includes those that are vital for the march of the country, but also certain monuments whose affection can undermine the morale of citizens. In the case of Spain, the regulation defines as strategic infrastructure that "whose operation is indispensable and does not allow alternative solutions, so that its disturbance or destruction would have a serious impact on essential services." In this definition, very different facilities fit together. all types of sectors, from water supply, to airports, through hospitals, research laboratories, communications (for example, satellites) or power plants ... Thus, 12 strategic sectors have been defined, including some cross-cutting ones such as the Administration Public and information technologies. The critical infrastructures are collected in a catalog that is not public. To improve its protection, an approach is made at different levels. There is a national plan, a sectoral plan for each of the 12 national production sectors identified as critical in the PIC Law, a protection plan for each operator, public or private, of one or several critical infrastructures, and also a plan for specific protection for each of them. Currently, the sectoral plans for seven of the 12 major strategic sectors are approved: chemical industry, water, nuclear industry, space, energy, transport and finance. In addition, there are 106 critical operators that must launch a series of specific protection plans on all their infrastructures, complemented by the application of the corresponding operational plans provided by the State Security Forces and, where appropriate, by the Armed Forces. According to Agustin SOLIS, director of Security Systems at Tales Spain, "although you can never be calm and you can always improve, there is a consensus that in Spain, which in the past was threatened by terrorism, the critical infrastructures are quite well prepared in front of physical threats. It is not the case against cyber attacks that, for different reasons, are the big area of improvement For the protection of this type of facilities ".

WHAT IS THE LAW OF PROTECTION OF CRITICAL INFRASTRUCTURES?

Law 8/2011 regulates the protection measures that must be applied, guiding the steps of the National Plan for the Protection of Critical Infrastructures. This encompasses both the public sector and private operators, with an approach that emphasizes collaboration Between both spheres. The objective is "to implement in the medium term a culture of security in which both the private sector and Public Administrations work on homogeneous and clearly defined parameters in terms of protection of their respective assets, achieving a coordination of efforts and a synergy in their objectives ", They explain from the National Center for the Protection of Infrastructures Critics (CNPIC).

Although the requirements and specific systems depend on the sector and the installation that is intended to protect, there are common elements that are taken into account when implementing any security system. It is key, for example, that it be a customized project and based on a concrete analysis of the activity, operation and possible risks of each asset. In parallel, it will always be designed under a global and integrated perspective, so that the different security tools are conceived as a single system, supported by the most advanced technology, to offer different answers depending on the possible Threats identified. For example, to protect an energy installation, such as a refinery or a gas plant, different levels of security are established, but all must be connected with each other with a single purpose: to avoid any type of intrusion, either physical or Cybernetics. These facilities usually have a security perimeter and access barriers. The vehicles authorized to enter the premises are equipped with automatic recognition technology and positioning control. The next level is equipped with video surveillance cameras, both short and long range, and even capable radars To capture any type of movement; while the admission of people to different buildings or offices has specific control systems, only for accredited workers. In these large infrastructures it is usual to install communication systems with loudspeakers, to be able to give general notices to the entire staff - or to visitors who are in the plant - and the emphasis is on specifically protecting the communication systems with the outside world. All the data collected by these surveillance systems is transmitted and analyzed in a data center.

Security equipped with a computer tool for the integral management of critical infrastructure protection mechanisms. This station not only serves to monitor the activity of the installation, through digital plans of the infrastructure or video images, but artificial intelligence helps the technicians to solve any type of incident. If there is a security breach, the system immediately gives the alarm signal, helping those responsible to resolve any crisis situation, indicating, for example, what is the protocol to follow in each scenario. If an intrusion occurs, the positioning radars will indicate where the strangers are in the digital plane, while the video surveillance cameras

they will provide the images in real time.

The operator can also see which security team is closest to go and solve the incident and whether or not it needs some kind of reinforcement for the intervention. In these cases, having a protected communication system is essential to coordinate all security agents, as well as the staff of the plant if necessary as an additional guarantee. Suppliers that, like Thales, work in this field use what is known as dual technology. These are developments designed to protect a specific infrastructure, but can be adapted and applied to any other sector and installation that needs this level of protection. Although the security perimeter of an airport is very different from that of an oil refinery, both need video surveillance technology, communication systems and artificial intelligence that help security personnel to intervene to prevent any problem and, in case of that an incidence occurs, that this can be resolved in the shortest possible time to minimize its impact. "In cybersecurity there is an added circumstance and that is that information and communication technologies are evolving very fast and the appearance of risks and threats is continuous.

That's why we have to respond not only from the technical point of view, but also organizational, with the awareness of employees and the redefinition of processes, taking into account what should be done and what not. We are constantly transforming systems to be able to anticipate risks and detect threats in a critical infrastructure. We do this, for example, through intelligence from open sources in social networks and through the development of methods to share information and coordinate response centers, to help react once an attack has been detected, "underlines Agustin Solís.

RED EMERGENCY TELEPHONE FOR CRITICAL INFRASTRUCTURES

In Spain there is a 24-hour Management Service for incidents that affect an infrastructure considered vital. It is a point of contact for the immediate exchange of information between the critical operators and the National Center for the Protection of Critical Infrastructures (CNPIC) through a protocol, and is hosted on a computer platform. Likewise, the Incident Response Center of Cybersecurity, which operates in León, provides specialized support in security and prevention in the detection of threats, and acts as a 'red telephone' for operators critical of any event that affects the cybernetic environment. Those assets that are part of the Critical Infrastructure Protection System have special consideration in the planning of the State Security Forces and Bodies.