2026

Lehto, Martti; Pöyhönen, Jouni

The smooth functioning of modern society depends on the collaboration of multiple essential infrastructures, whose effectiveness increasingly relies on a robust national system of systems construction. In the realm of cyberspace, the central focus is on safeguarding this critical infrastructure (CI), which includes both physical and electronic components vital for societal operations. The recent surge in cyber-attacks targeting CI, critical information infrastructures, and the Internet, marked by increasing frequency and sophistication, poses significant threats. As attackers become more skilled, they can digitally disrupt physical infrastructure, causing damage to equipment and services without using physical force. This introduces considerable uncertainty into the operation of CI. The cornerstone of cyber security is well-designed architecture, which is crucial for implementing effective protective measures. This paper highlights a framework for cyber security management that integrates risk assessment and cyber resilience into the overall continuity management of an organization’s business processes.