Towards a Baltic Sea Region Strategy in Critical ... - Helsinki.fi
Towards a Baltic Sea Region Strategy in Critical ... - Helsinki.fi
Towards a Baltic Sea Region Strategy in Critical ... - Helsinki.fi
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
CHAPTER I: INTRODUCTION<br />
The Swedish model, which is still <strong>in</strong> process, is <strong>in</strong> a similar spirit to the F<strong>in</strong>nish<br />
one, and is called “<strong>Critical</strong> Societal Functions” (SEMA 2007) 18 . Thus Sweden too<br />
prefers to use the concept of critical ‘function’ <strong>in</strong>stead of critical ‘<strong>in</strong>frastructure’ to<br />
emphasise the broadness of the def<strong>in</strong>ition. While those functions, summarised <strong>in</strong><br />
Table 7, are aga<strong>in</strong> largely overlapp<strong>in</strong>g with the EU def<strong>in</strong>ition of CI, though be<strong>in</strong>g<br />
more comprehensive, the whole spirit of the Swedish approach is, like F<strong>in</strong>land’s,<br />
more about resilience than mere protection. However, the Swedish model differs<br />
from the F<strong>in</strong>nish one by putt<strong>in</strong>g much more emphasis on local than government<br />
level functions, <strong>in</strong>terest<strong>in</strong>gly expressed already <strong>in</strong> the implicit ‘hierarchy order’ of<br />
the critical or vital functions (cf. the role of the ‘government’ vs. ‘municipal’ <strong>in</strong> the<br />
Tables 5 and 7 respectively). Although F<strong>in</strong>land and Sweden resemble each other as<br />
to their respective political and adm<strong>in</strong>istrative systems, this difference reflects the<br />
Sweden’s rather more decentralised governance.<br />
An important feature <strong>in</strong> the Swedish def<strong>in</strong>ition is that societal functions that<br />
are critical <strong>in</strong> emergencies can vary from situation to situation. It is not possible to<br />
list all functions that are critical <strong>in</strong> every situation, which is why it is important to<br />
analyse societal functions that are critical <strong>in</strong> different situations. This approach is<br />
basically what the more analytical literature calls the “consequence-oriented<br />
def<strong>in</strong>ition of criticality”, whereby it is less the <strong>in</strong>frastructures themselves that are<br />
critical but more the criticality of the consequences of <strong>in</strong>frastructure failure (Egan<br />
2007, p. 5).<br />
Norway’s CIP system is <strong>in</strong> a way a comb<strong>in</strong>ation, or perhaps even a synthesis,<br />
of many approaches. As its Nordic neighbours, also Norway chooses to speak<br />
rather about critical societal functions than mere critical <strong>in</strong>frastructures. In the<br />
Norwegian approach – called “Protection of <strong>Critical</strong> Infrastructures and <strong>Critical</strong><br />
Societal Functions <strong>in</strong> Norway” (2006) 19 – both concepts are however <strong>in</strong>cluded as<br />
elements at different levels, critical societal functions form<strong>in</strong>g a more general level<br />
be<strong>in</strong>g dependent on <strong>in</strong>frastructures. The method, then, to def<strong>in</strong>e the criticality of a<br />
particular <strong>in</strong>frastructure <strong>in</strong>cludes three general criteria: Dependability, i.e. a high<br />
degree of dependability implies criticality; Alternatives, i.e. few or no alternatives<br />
imply criticality; and Tight coupl<strong>in</strong>g, i.e. a high degree of tight coupl<strong>in</strong>g (l<strong>in</strong>kage)<br />
<strong>in</strong> a network implies criticality. This method is illustrated <strong>in</strong> Figure 7. This twolayer<br />
system makes it possible to limit the number of CI considerably. The<br />
comb<strong>in</strong>ation of the Norwegian understand<strong>in</strong>g of CI and critical societal functions<br />
is illustrated <strong>in</strong> Table 8.<br />
18 See also: Risk- och sårbarhetsanalyser (2005); Threats and Risk Report (2005). However, while<br />
Sweden has rather developed CIP strategies <strong>in</strong> different <strong>fi</strong>elds, <strong>in</strong> practice this does not always<br />
mean that the risks are m<strong>in</strong>imized. For <strong>in</strong>stance, a recent (November 2007) of<strong>fi</strong>cial study on CIIP<br />
by the Swedish Emergency Management Agency shows that Sweden would be very vulnerable to<br />
attacks on CIIP or to cyber attacks aga<strong>in</strong>st other CI such as water and electricity supply. Sveriges<br />
beredskap mot nätangrepp (2007).<br />
19<br />
Når sikkerheten er viktigst (2006); and its English summary: Protection of critical<br />
<strong>in</strong>frastructures and critical societal functions <strong>in</strong> Norway (2006).<br />
NORDREGIO REPORT 2007:5 23