Abstract
Critical infrastructures often lack resilience and easily lose critical functionalities if hit by adverse events. Continuity management strategies for critical infrastructure operators and the networks that they form, rely also on the functionality of other interrelated networks. Disruptions in operations may affect society and for this reason, securing the operations of critical infrastructure operators is important. The technological impacts of CPS become evident to the resilience of all fields of critical infrastructure, but there is also human elements to take into account. The research question of this study is: How to enhance business continuity of critical infrastructure? This case study research uses qualitative methods collected by conducting interviews of resilience and continuity professionals who work with Finnish critical infrastructure. Resilience and continuity management are key for critical infrastructure operators. Important factors identified were identifying risks, critical activities, key personnel, creating guidelines and procedures, and open communication, which themes were recognised as important to improve resilience and manage continuity.
Highlights
Critical infrastructures of society may lack resilience (Ruoslahti, Rajamäki & Koski, 2019), and lose critical functionalities when hit by an adverse event (Linkov et al, 2014)
Respondents noted that most important is to identify risks. This should be elaborated by estimating the effects of disruptions by performing a Business Impact Analysis (BIA) and determine Recovery Time Objective (RTO) and Recovery Point Objective (RPO)
Resilience and continuity are key for critical infrastructure operators
Summary
Critical infrastructures (e.g. transportation, communications, finance, energy, food and water supply) of society may lack resilience (Ruoslahti, Rajamäki & Koski, 2019), and lose critical functionalities when hit by an adverse event (Linkov et al, 2014). One practical example of an adverse event is the ransomware attack on the city of Baltimore that disrupted its critical services for weeks. Continuity management strategies for critical infrastructure operators and their networks, may rely on the functionality of other interrelated networks, and these can be considered being part of a system constituting of systems – a system of systems. Resilience and continuity can be enhanced by the study and improvement of interconnectivity between these relevant networks (Linkov et al, 2014). While risks in collaboration among networks can be reduced, they cannot be avoided. Organizational resilience provides tools and conditions to mitigate crises by understanding and reducing risks (Vos, 2017), and resilience and continuity build on situational intelligence (Pirinen, 2017)
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
