What is Centre for the Protection of National Infrastructure (CPNI)? - Definition from WhatIs.com

Definition

Centre for the Protection of National Infrastructure (CPNI)

Part of the Application security glossary:

The Centre for the Protection of National Infrastructure (CPNI) is the agency charged with providing advice to any entity within the United Kingdom that owns or operates services or property critical to commerce, public health or security. These entities include public and private institutions, companies or organizations that are in charge of water and food supplies, energy, financial institutions, telecommunications networks, medicial facilities and emergency services. The CPNI primarily targets its advice and evaluations to preserving and protecting critical national infrastructure (CNI), particularly the elements vulnerable to terrorist attack.

The CPNI separates potential security concerns into three different areas: physical attacks, insider attacks and electronic attacks. In recent years, the CPNI has issued periodic warnings about increasing levels of cybercrime. Securing digital systems, including open wireless access points, implementing strong firewalls and encrypting communications are all important priorities, analogous to securing physical property and facilities. According to its Web site, the CPNI "examines all types of electronic attack on information and process control systems that form part of the UK's critical national infrastructure," including malware, botnets, keystroke loggers, phishing and dedicated denial of service (DDos) attacks. The agency works with vendors to ensure that patches for vulnerabilities are released effectively and responsibly.

CPNI was created from a merger of the United Kingdom's National Infrastructure Security Co-ordination Centre (NISCC), a part of MI5 and the National Security Advice Centre (NSAC).

This was last updated in February 2008
Posted by: Margaret Rouse

Related Terms

Definitions

  • cybersecurity

    - Cybersecurity is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. (WhatIs.com)

  • security event

    - A security event is a change in the everyday operations of a network or IT service, indicating that an security policy may have been violated or a security safeguard may have failed. (WhatIs.com)

  • chief risk officer (CRO)

    - The chief risk officer (CRO) is the corporate executive tasked with assessing and mitigating significant competitive, regulatory and technological threats to an enterprise's capital and earnings. (SearchCompliance.com)

Glossaries

  • Application security

    - Terms related to application security, including procedural definitions for preventing software vulnerabilities and words and phrases about secure code development.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question. Find an Answer.Powered by ITKnowledgeExchange.com

Ask An IT Question

Get answers from your peers on your most technical challenges

Ask Question

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.