Public–private partnership (PPP) in the context of European Union policy initiatives on critical infrastructure protection (CIP) from cyber attacks

Abstract

Critical infrastructures (CIs) play a vital role for the performance of the essential functions of the State and society. Due to the spread of different information and communications technologies (ICTs), this criticality strictly relies on the complexity of networks and IT system, as well as on the provision of the related services, a fortiori when they are managed by the private sector. Understanding this tension between public and private sector has become the key element to allow an effective protection of the CI. Recognizing the responsibilities derived from national and international regulations, governments should take the most appropriate decisions to guarantee public safety and national security, assuring a high level of security and resilience. In this vein, the strengthen of private-public partnership (PPP) as useful tool for multi-stakeholder governance is reaffirmed by several legislatives and policies tools at EU-level. The paper aims at analyzing the current state of the art among Members States (MS) in this field. The analysis is based on the primary and secondary sources. The hypothesis concerns, in turn, the relation between participation and success of the PPP in the field of CIP from cyber attacks. To validate the hypothesis, we focus the analysis on the presence of PPPs in protecting critical infrastructures from cyber attacks in the European Member States (and the UK). Finally, we investigate the Italian practice through the BV TECH "Puglia Program" as reference study for the Italian PPP development in cyber security approach to CIP.