A Comprehensive Instrument for Identifying Critical Information Infrastructure Services
Luis Carlos Herrera Velasquez
The identification of Critical Information Infrastructure (CII) services has become a top priority for governments and organizations, and a crucial component of a sound cyber security policy. As the interconnectivity of essential services spreads, the probability of disruptions increases and with it the vulnerability of all Critical Infrastructure (CI) sectors public and private. The impact of an undue interruption of essential services may develop in a devastating cascading effect and the collapse of a country’s infrastructures system. The purpose of this work is to introduce an original comprehensive instrument that supports the escalated identification of CII services on the basis of three analytical components: the identification of main stakeholders, as an accurate terminology for establishing a common understanding of the terms; the calculating process for criticality ranking that works as an adaptable matrix; and, an illustrative framework called the 360- DEGREE-FEEDBACK that applies the complete perspective. Terminological development preceded the formulation of the instrument considering preliminary findings on that the field of CII warrants more clarity and precision, and that the CIIs, despite their commonalities with other dimensions of CIs, possess unique characteristics that should be assessed independently. The applicability of the instrument is illustrated in a case study of Colombia, which is used to exemplify the relationship between two potential essential services and map the likely position of them in the table of national protection priorities. This study combines qualitative and quantitative methods, benchmarking theoretical contributions, and relying mainly on documentary analysis, secondary statistical data from official sources, semi-structure interviews and a case study of practical implications. This thesis is written in English and is 56 pages long, including 22 figures and 26 tables.
Graduation Thesis language
Graduation Thesis type
Master - Cyber Security
Olaf Manuel Maennel; Raimundas Matulevičius