This chapter analyzes the conjuncture of three events, originated in business efficiency, that have led to greater potential weaknesses of critical information infrastructures (CII). Modern societies depend on assets called “critical infrastructures”, which include financial services, energy, transportation, telecommunications, water supply, medical services, public administration, and so on. When these systems and utilities are operated, managed and/or controlled via computer networks, they become critical information infrastructures. The first event was the “internetization” of data-gathering and remote management of industrial control systems (ICS/SCADA) allowed businesses world wide to cut personnel costs and reduce time management. The second was the “privatization wave” of the 1980s, when, following the example of the United States, utilities were privatized in Europe and elsewhere, under the conviction that the private sector could be more efficient in delivering the same services. Finally, the emergence of transnational public–private partnerships (PPP) in the ownership, accountability, and governance of utilities and critical infrastructures further enlarged the sectors of CII and magnify the inherent vulnerabilities brought about by the “privatization wave”. In the end, the decision to “go private” for public utilities as CII hardly took into account what consequences such move could have had in terms of cybersecurity.
A perfect storm: privatization, public–private partnership and the security of critical infrastructure / Giacomello, G.. - STAMPA. - (2021), pp. 173-192.
A perfect storm: privatization, public–private partnership and the security of critical infrastructure
Giacomello, G.
2021
Abstract
This chapter analyzes the conjuncture of three events, originated in business efficiency, that have led to greater potential weaknesses of critical information infrastructures (CII). Modern societies depend on assets called “critical infrastructures”, which include financial services, energy, transportation, telecommunications, water supply, medical services, public administration, and so on. When these systems and utilities are operated, managed and/or controlled via computer networks, they become critical information infrastructures. The first event was the “internetization” of data-gathering and remote management of industrial control systems (ICS/SCADA) allowed businesses world wide to cut personnel costs and reduce time management. The second was the “privatization wave” of the 1980s, when, following the example of the United States, utilities were privatized in Europe and elsewhere, under the conviction that the private sector could be more efficient in delivering the same services. Finally, the emergence of transnational public–private partnerships (PPP) in the ownership, accountability, and governance of utilities and critical infrastructures further enlarged the sectors of CII and magnify the inherent vulnerabilities brought about by the “privatization wave”. In the end, the decision to “go private” for public utilities as CII hardly took into account what consequences such move could have had in terms of cybersecurity.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
