What is Centre for the Protection of National Infrastructure (CPNI)? - Definition from WhatIs.com


Centre for the Protection of National Infrastructure (CPNI)

Part of the Application security glossary:

The Centre for the Protection of National Infrastructure (CPNI) is the agency charged with providing advice to any entity within the United Kingdom that owns or operates services or property critical to commerce, public health or security. These entities include public and private institutions, companies or organizations that are in charge of water and food supplies, energy, financial institutions, telecommunications networks, medicial facilities and emergency services. The CPNI primarily targets its advice and evaluations to preserving and protecting critical national infrastructure (CNI), particularly the elements vulnerable to terrorist attack.

The CPNI separates potential security concerns into three different areas: physical attacks, insider attacks and electronic attacks. In recent years, the CPNI has issued periodic warnings about increasing levels of cybercrime. Securing digital systems, including open wireless access points, implementing strong firewalls and encrypting communications are all important priorities, analogous to securing physical property and facilities. According to its Web site, the CPNI "examines all types of electronic attack on information and process control systems that form part of the UK's critical national infrastructure," including malware, botnets, keystroke loggers, phishing and dedicated denial of service (DDos) attacks. The agency works with vendors to ensure that patches for vulnerabilities are released effectively and responsibly.

CPNI was created from a merger of the United Kingdom's National Infrastructure Security Co-ordination Centre (NISCC), a part of MI5 and the National Security Advice Centre (NSAC).

This was last updated in February 2008
Posted by: Margaret Rouse

Related Terms


  • blacklist

    - A blacklist, in IT, is a collection of entities that are blocked from communicating with or logging into a computer, site or network. Blocked entities are typically identified as IP addresses, user... (WhatIs.com)

  • Internet Storm Center

    - The Internet Storm Center is a website provided by the SANS Institute that monitors current online security attacks and publishes information about them. The site is often referred to as an Interne... (WhatIs.com)

  • virtual machine escape

    - Virtual machine escape is an exploit in which the attacker runs code on a VM that allows an operating system running within it to break out and interact directly with the hypervisor. (WhatIs.com)


  • Application security

    - Terms related to application security, including procedural definitions for preventing software vulnerabilities and words and phrases about secure code development.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question. Find an Answer.Powered by ITKnowledgeExchange.com

Ask An IT Question

Get answers from your peers on your most technical challenges

Ask Question

Tech TalkComment



    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.