OAS Subregional Cyber Diplomacy Course:

Critical Infrastructure and Critical Information Infrastructure Protection Against Cyber Threats

This comprehensive course provides a comprehensive analysis of the interrelationship between cybersecurity and national critical infrastructure (NCI), highlighting the importance of:

· Regulations.

· Responsible conduct of States.

· Regional frameworks.

· Involvement of the private sector.

· And possible scenarios of confrontation.

The program begins with a presentation of the concepts of Critical Infrastructure and Critical Information Infrastructure, highlighting the cyber threats faced and the international framework for their protection, especially the United Nations framework on responsible state behavior.

Participants are taking a closer look at the implementation of UN Framework Standard 13(g), which urges States to take appropriate measures to safeguard their critical infrastructure against ICT threats. The course covers international best practices as well as technical and organizational measures for effective protection of Critical Infrastructure.

Additionally, the course examines Standard 13(f), which prohibits states from conducting or supporting ICT activities that cause intentional harm or harm to the use of critical infrastructure. Participants discuss obligations under international law, response options, and implementation recommendations to comply with this standard.

The program also addresses Standard 13(h), which requires states to respond to requests for assistance from other states whose critical infrastructure is subject to ICT-related malign acts. In addition, Standard 13(i) on ensuring the integrity of the ICT supply chain is discussed, providing guidance on how to build trust in the security of ICT products for end users.

Throughout the course, participants have the opportunity to apply their knowledge through interactive sessions, case studies and a tabletop exercise, allowing them to simulate real-world scenarios and develop practical strategies to protect their countries’ critical infrastructure and information infrastructure.