Critical infrastructure: Definition and examples

Critical infrastructure: Definition and examples

Critical infrastructure or critical national infrastructure is a term used by governments to refer to physical, non-physical, and cyber resources or assets and systems that are essential for maintaining government operations and the minimum functioning of the society and its economy.

Laws have been developed and designed to arm a particular government with the framework for protecting these infrastructures or for promoting critical infrastructure security through relevant government agencies.

These laws also provide a thorough definition of critical infrastructure. For example, the U.S. Patriot Act of 2001 defines such those “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.”

Under the Centre for the Protection of National Infrastructure of the United Kingdom, critical infrastructure is defined explicitly as “those facilities, systems, sites, information, people, networks and processes, necessary for a country to function and upon which daily life depends.” Part of this definition is the consideration of “some functions, sites and organizations which are not critical to the maintenance of essential services, but which need protection due to the potential danger to the public.”

What is Critical Infrastructure: A Further Look

Origins of Critical Infrastructure as a Concept

The term “critical infrastructure” has been thrown around during the 1990s. Take note that the United States has had a comprehensive infrastructure protection program in place since 1996. However, widespread attention to the term and the concept has begun at the dawn of the millennium.

In their book, security expert Robert S. Randvanovsky and asset protection and security consultant Allan McDougall noted that concern over the security of national infrastructures emerged during the Y2K or Millennium Bug that threatened to disable computer systems around the world and the 9/11 Terrorist Attack in the U.S.

The establishment of the U.S. Department of Homeland Security in 2002 marked a more serious effort of the American government to consider threats to key infrastructures as part of a comprehensive effort of promoting national security.

Several countries have followed the lead of the U.S. For example, in 2004, the European Council of the European Union rolled out the European Programme for Critical Infrastructure Protection or EPCIP. The United Kingdom formed the Centre for the Protection of National Infrastructure in 2007 from the merger of two former security advisory agencies.

Examples of Critical Infrastructure

Remember that a critical infrastructure refers to different assets and systems that are essential to the governmental, social, and economic function of a country. Several resources from different government agencies, such as the 2013 National Infrastructure Protection Plan or NIPP of the Department of Homeland Security, have listed down and defined examples of critical infrastructure. Take note of the following:

• Commercial Infrastructures: Telecommunication infrastructure and systems, healthcare systems, water supply and treatment management, energy production and electricity generation, food and agriculture, information technology, and financial services, among others

• Public Infrastructures: Security services from the police and military, transportation infrastructure such as roads and ports, utility infrastructures such as the power grid and telecommunication lines, and government facilities, among others.

The Purpose of Critical Infrastructure Security

Currently, programs and policies aimed at protecting these apparent important national infrastructures are generally based on the need to effectively and efficiently manage, respond, and minimize threats, vulnerabilities, and consequences.

Take note that the identification and management of threats are central to a critical infrastructure security program. The NIPP 2013 lists down these threats. These are extreme weather conditions and natural disasters, disease outbreaks or pandemics, human-made accidents and technical failures, acts of terrorism, and cyber threats.

Nevertheless, the goals and objectives of any a critical infrastructure security program are to ensure to protect assets and systems that are essential for maintaining government operations and the minimum functioning of the society and its economy. The program recognizes that any setback in one of these infrastructures can affect government functions, economic activities, the welfare of communities and its members, and public health, among others.


  • Center for the Protection of National Infrastructure. 2018. “Critical National Infrastructure.” Center for the Protection of the National Infrastructure. Available online
  • Department of Homeland Security: 2013. National Infrastructure Protection Plan 2013: Partnering for Critical Infrastructure Security and Resilience. Washington, DC: Department of Homeland Security
  • Randvanovsky, R. S. and McDougall, A. 2018. Critical infrastructure: Homeland security and emergency preparedness. 4th ed. Florida: CRC Press. ISBN: 978-1138-0577-91