Critical infrastructure protection (CIP) is a concept that relates to the preparedness and response to serious incidents that involve the critical infrastructure of a region or nation.
The American Presidential directive PDD-63 of May 1998 set up a national program of “Critical Infrastructure Protection”.[1] In 2014 the NIST Cybersecurity Framework was published after further presidential directives.
In Europe, the equivalent European Programme for Critical Infrastructure Protection (EPCIP) refers to the doctrine or specific programs created as a result of the European Commission’s directive EU COM(2006) 786 which designates European critical infrastructure that, in case of fault, incident, or attack, could impact both the country where it is hosted and at least one other European Member State. Member states are obliged to adopt the 2006 directive into their national statutes.
