SWEDEN

MANUEL SUTER AND ELGIN BRUNNER

Center for Security Studies (CSS), ETH Zurich, Switzerland

1 CRITICAL SECTORS

Sweden does not yet have an official definition of CII or CIIP. However, CIIP can be understood as the protection of essential electronic information services, such as IT systems, electronic communications, and radio and television services. CIIP has not only a technical, but also a human aspect. The following are regarded as critical information infrastructure sectors:¹

• Air Control Systems,
• Supervisory Control And Data Acquisition (SCADA) systems in use within water, transport, and industry,
• Financial Systems,
• National Command Systems,
• Telecommunication Systems,
• The Internet.

Disruption of any of these systems would have immediate serious consequences for society.

2 PAST AND PRESENT INITIATIVES AND POLICIES

CIIP issues have been on the political agenda in Sweden for many decades. Measures to increase the robustness and security of critical national infrastructures have been implemented since World War II. The vulnerability problems associated with society's increasing dependence on IT and information infrastructures were identified early on as a matter of national security. In addition, management of IT-related vulnerabilities has been discussed since the early 1970s. The present Swedish CIIP policy is derived from these historical developments and from some more recent initiatives described below. The CIIP area in Sweden is currently in a transformative phase. ...