FEATURE: FUTURE READY AFRICA
Risk assessment
The department of homeland security is a very US concept, however many countries including the UAE have established a national security council that conducts on a regular basis comprehensive risk assessments to identify vulnerabilities and threats to critical infrastructure, including natural disasters, pandemics, cyberattacks, and technological failures. After the 2011 earthquake and tsunami for instance, Japan enhanced its disaster preparedness measures, focusing on infrastructure resilience, emergency response, and early warning systems that have since been adopted by other countries. It is also about identifying the weakest points and mitigating inherent risks.
According to the Swiss Cheese Model the protection of critical infrastructure depends on the holes in the different layers not aligning. We can have problems at institutional level, at supervision level, preconditions for unsafe acts and active failures. So in a real case scenario, such as a cyberattack on a power grid for instance, you could have: injected malwares affecting connected installations. This might involve backup power systems, multiple energy sources, alternative communication systems, back up data centres, and other transportation routes.
Singapore has invested heavily in smart infrastructure and technology, emphasising digital systems’ resilience, including energy, water, and cybersecurity measures. In particular, the City State focus on green tech optimises electricity distribution and predict maintenance requirements through their smart grids whilst diversifying energy sources and increasing resilience and reliability.
Scenario planning
• Layer one: SCADA software not updated
• Layer two: security team missing an alarm due to fatigue
• Layer three: operator does not report suspicious behaviour due to escalation issues
• Layer four: phishing email that steals credentials
Implementing the Swiss Cheese model will allow a more comprehensive, system thinking, encourage redundancy and multiple defences, push in identifying possible gaps, and conduct a post mortem to assess each step of intervention.
Resilience by design
Resilience should be integrated into the design and planning stages of infrastructure projects. This includes using durable materials, considering climate and environmental challenges, and following stringent building codes and safety standards.
A strong political will helps as well deploying a consistent policy and regulation that encourage resilience in infrastructure development and operations, ensuring compliance with best of breed standards coming from ICC, NFPA, ASIS, NITS amongst others.
Creating redundancy in critical systems and services to maintain operations during disruptions is key, especially in a day and age where threats do not only come from a hardware failure but could come from
Countries should develop and regularly update incident response plans that outline how to address disruptions and recovery strategies, including coordination among agencies and stakeholders and continuous training for personnel involved to ensure they are prepared for various scenarios. The aim here being to simulate potential disasters and confirm the adequate response time.
For instance, following the deadly floods of 1953 that saw the worst storm surge on record for the North Sea, the Netherlands has been known for its extensive flood defence systems and a strong focus on climate resilience. In 2024 the Rijkswaterstaat( Ministry of
Top: Marco Fornier, Sales Strategist, Speaker, Sales Trainer, The Academy for Sales Excellence
Bottom: Benedicte Hennebo, Speaker, Mentor, Ambassador Tech and Innovation, WBD
ACCORDING TO CISA, AMERICA’ S CYBER DEFENCE
AGENCY, THERE ARE 16 CRITICAL INFRASTRUCTURE
SECTORS THAT ARE PART OF A COMPLEX,
INTERCONNECTED ECOSYSTEM.
www. intelligentcio. com INTELLIGENTCIO AFRICA 43