Read the

online version | ISSN 2600-3570

March 2022

Critical Infrastructure Resilience:

News, Updates and
Events
Newsletter

In this Issue
o Introduction o Subscribe
o Policy Updates o Networks & Cooperation
o Research Findings & Uptake o Reports & Perspectives
o Upcoming Events

Introduction
Dear Colleague,

The European Commission is glad to publish a quarterly newsletter which provides

news concerning the main activities and events, carried out across EU and
beyond on critical entities and supply chains.

The invasion of Ukraine by Russian forces has sent shockwaves through Europe and
the world. Besides the human suffering, we observe a massive impact on
infrastructures, supply chains and essential services. Civilian infrastructures are
attacked deliberately and also non-military tactics are used, both cyber and non-
cyber, to disrupt their services. As EU we need to draw lessons from that and be
prepared to help rebuilding what was damaged, as well as enhance the
preparedness of EU Member States and the neighbourhood countries.

The Versailles Declaration, which EU leaders adopted in response to the Ukraine

crisis, underlines the importance of protecting critical infrastructure. The Strategic
Compass further details what needs to be done to make the EU a stronger and
more capable security provider, not only in the defence but also in the civilian
domain. Resilience of critical infrastructures, notably against hybrid threats is
singled out in that key document (more details below).
Thus, the work done by EU and national policy makers, operators,
practitioners and researchers to enhance resilience in various sectors has
become even more crucial.

The risks to critical infrastructures and essential services are however not
limited to armed conflict or the cyber domain. Therefore, the newsletter
focuses on broader developments, ongoing activities and relevant policy-
making aimed to enhance critical infrastructure protection and resilience-based
initiatives.

The newsletter is a joint effort of the European Commission's Directorate-General

Migration and Home Affairs (HOME) and Joint Research Centre (JRC).

WE WANT TO HEAR FROM YOU!

If you work or are interested in the area of critical infrastructure resilience, get in
touch and share any interesting information by emailing us.

Happy reading,

The Editorial Team

Policy Updates
News from the EU

EC unveils the
Strategic Compass for Security and Defence
The Strategic Compass aims to better link the EU's
strategic,
operational and capability needs for a shared vision
for EU
security and defence.

more

Massive
Cyber-attack on Satellites: thousands without
internet in Europe
An alleged cyberattack that happened across Europe
before
the commencement of the Russian offensive against Ukraine,
has left thousands of people without the internet.

more
REPower EU: Joint European Action for more Secure Energy
The EC published an outline of a plan to make
Europe
independent from Russian fossil fuels well before 2030,
starting with gas, for more affordable, secure and sustainable
energy.
more

EU Global
Gateway to support Infrastructure Development
The EC launches the Global Gateway Strategy to tackle the
most pressing global challenges, from fighting climate
change, to improving health systems, and boosting
competitiveness and security of global supply chains.

more

EU initiates
new Space-based Initiatives
The EU initiates a satellite-based connectivity
system and
boosts action on management of space traffic for a
more
digital and resilient Europe. These initiatives will help
safeguard the efficiency and security of EU current assets
while
developing European cutting-edge space technology.

more

EC boosts
Innovation and addresses Strategic
Dependencies
The EC puts forward new initiatives in areas
critical for
defence and security within the EU. They are
concrete steps
towards a more integrated and competitive European
defence market, particularly by enhancing cooperation within
the
EU.

more

A European
Chips Act to bolster EU competitiveness
The EC proposes a comprehensive set of measures to
ensure
the EU's security of supply, resilience and technological
leadership in semiconductor technologies and applications.
The
Chips Act will bolster Europe's competitiveness, resilience
and
help achieve both the digital and green transition.

more
News from outside EU

Australia
updates the Security Legislation Amendment Act
for CIs
The Security Legislation Amendment (Critical
Infrastructure)
Act 2021 expands the number of critical
infrastructure assets
to build upon the existing framework which
aims to
strengthen the security and resilience of critical
infrastructure.

more

USA Memorandum
enhances Pipeline Cybersecurity
The Cybersecurity and Infrastructure Security
Agency issued a
joint advisory on the increased cybersecurity
threat to surface
systems by hostile actors who have demonstrated
capability
to maintain persistent, long-term access in
compromised
enterprise.

more

Networks & Cooperation

TRANSTUN
addresses The
European Cluster for
Public-Private-Partnership Securing Critical
for CBRN risks Infrastructures (ECSCI)
TRANSTUN project is a public-private The European Cluster for Securing
initiative
which addresses CBRN risks Critical
Infrastructures (ECSCI) is a
related to European Critical cluster of H2020 projects for
securing
Infrastructures in cross-border tunnels. critical infrastructures. Its main
It aims to improve the
preparedness objective is to
create synergies and
and fast joint response of operators, foster emerging disruptive solutions to
emergency
responders, and Member security issues via cross-projects
States. collaboration and
innovation.

more more
European
Safety, Reliability weTHINK.eu: the Social
and Data Association Network for Strategy
(ESReDA)
ESReDA Project Group on Resilience weTHINK brings together CI
Engineering
and Modelling of companies and security actors in
Networked Infrastructure brings closed moderate subgroups on the
together
leading researchers from crowd analysis platform weTHINK.eu.
both academia and industry, with a Its network aims to conduct
focus on modelling techniques for simulation-games to develop and
resilience of networked
systems, in the exchange best practices for defence of
transport, energy and other sectors. CI against unmanned threats.

more more

Research Findings & Uptake

Water Security
Plan: towards a more Resilient Drinking
Water Infrastructure
ERNCIP Water group released the WSecP manual that
deals
with the implementation of security measures to counter
hostile actions and deliberate waterborne contamination
against
the physical and cyber integrity of water supply
systems. It also
guides EU policy-makers on how to enhance
CI security and
resilience aspects.

more

PRAETORIAN
project for Security and Resilience of CIs
PRAETORIAN strategic goal is to increase the
security and
resilience of European CIs, facilitating the
coordinated
protection of interrelated CI against combined
physical and
cyber threats. It provides a multidimensional
(economical,
technological, policy, societal)
installation-specific toolset.

more
SECUREGAS for Securing the European Gas Network
SECUREGAS project aims to secure gas networks and
make
them resilient to both physical and cyberthreats, ultimately
ensuring the safety and security of Europe’s energy supply. It
promotes resilience through a system-thinking approach.

more

Power failures
on hazardous sites and implications for the
Green Deal
From chemical manufacturing to refineries and
warehouses,
business continuity, security, and safety rely vastly
on an
uninterrupted supply of electricity. This study provides
insight
into the causality of power failure related chemical
accidents
and identifies prevention and mitigation measures

more

SATIE project:
Security of Air Transport Infrastructures
SATIE project aims to create new ‘Security Operation Centre’
philosophies for inclusion in a comprehensive airport security
policy. It provides an interoperable toolkit
that will help
improve cyber-physical correlations, forensic
investigations
and dynamic impact assessment at airports.

more

SAFECARE
fosters Cybersecurity for Medical Devices
The aim of SAFECARE is to provide solutions that
will improve
physical and cyber security in a seamless and
cost-effective
way. Thereby, it promotes new technologies and
novel
approaches to enhance threat prevention, threat detection,
incident response and mitigation of impacts.

more
 Reports & Perspectives

Railway EU Strategic ICT Industry: US

Cybersecurity: Dependencies assessment of
Good Practices in and Capacities the Critical
Cyber Risk 2022 Supply Chains
Management
This ENISA report The EC published the The report evaluates
provides good second edition of in- the current supply
practices for cyber risk depth analysis of chain conditions facing
management approaches Europe's strategic the US ICT industry,
that are applicable dependencies. The identifies key risks that
to the railway report looks at five threaten to disrupt
sector. It offers a guide areas – rare earths and those supply chains,
for railway magnesium, chemicals, and proposes a
undertakings and solar panels, strategy to mitigate risk
infrastructure managers cybersecurity and IT and strengthen supply
to select, combine or software - where chain resiliency.
adjust cyber risk Europe faces strategic
management methods. dependencies on third
countries.
more more more

The European CI Risk Critical Nordic Flows:

Plan for Management: Value Chain
Aviation Safety Securing the Oil Understanding as a
2022-2026 and Gas Supply Building Block of
Chain Resilience
The plan supports the This report provides an It reports of collaboration
modernisation of the overview of risk and between Finland, Norway
aviation system in the risk management in the oil and Sweden on Security of
areas of safety, and gas subsector -part Supply and CIP. It also
efficiency, level playing of the energy critical describes relevant findings
field and environmental infrastructure sector - on communications and
protection. It also considering inter- digital networks, energy,
addresses innovative dependencies between food, financial infrastructure,
technologies. its various segments pharmaceuticals, and
and a wide range of transport sectors.
other critical supply
functions.
more more more
 Upcoming Events

ECSCI Workshop
on Critical Infrastructure Protection

This workshop will present the different approaches on

integrated cyber-physical
security in different industrial sectors,
such as energy, transport, drinking and waste
water, health, digital
infrastructure, banking and financial market, space and public
administration.

date 27/04/2022
- 29/04/2022

venue Virtual
event

See also Website

Critical
Infrastructure Protection & Resilience Europe
(CIPRE - Postponed)

CIPRE 2022 will allow the industry to get back together

to share experiences, as well
as network and develop connections to
collaborate on securing Europe.

date 14/06/2022
- 16/06/2022

venue Bucharest,
Romania

See also Website

IEEE
International Conference on Cyber Security and
Resilience 2022

It focuses on theoretical and practical aspects of the

security, privacy, trust, and
resilience of networks, systems, and
services as well as novel ways for dealing with
their vulnerabilities
and mitigating sophisticated cyber-attacks.

date 27/07/2022 - 29/07/2022

venue Virtual event

See also Website

 European
Conference on Safety and Reliability (ESREL
2022)

ESREL is the key annual event for meetings and knowledge

exchange in the area of
risk assessment, risk management and
optimization of the performance of socio-
technological systems
world-wide.

date 28/08/2022
- 01/09/2022

venue Dublin,
Ireland

See also Website

World Water
Congress 2022

It will bring together core water sector groups, such as

those focused on water
services, as well as participants from industry,
the ICT sector, the financial sector,
and others.

date 11/09/2022
- 15/09/2022

venue Copenhagen, Denmark

See also Website

International
Conference on Critical Information
Infrastructures Security (CRITIS
2022)

CRITIS 2022 aims to bring together researchers, academic

professionals, critical
(information) infrastructure operators,
industry, defense and governmental
organizations working in the field
of complex infrastructure system security.

date 14/09/2022
- 16/09/2022

venue Munich,
Germany

See also Website

Subscribe | Unsubscribe | Contacts: HOME-EPCIP@ec.europa.eu or JRC-ERNCIP-OFFICE@ec.europa.eu

© European Union, 2022 KJ-BS-22-002-EN-N

The European Commission is committed to personal data protection. Any

personal data is processed in line with the Regulation (EU) 2018/1725. Please
read the privacy statement