Who are we?
The
Malta Critical Infrastructure Protection (CIP) Directorate (CIPD) operates
within the portfolio of the Ministry for Home Affairs, Security, Reforms and Equality (MHSR) in Malta. It acts according the objectives defined by L.N. 434 of 2011
on Critical Infrastructures and European Critical Infrastructures
(Identification, Designation and Protection) Order as well as the objectives
defined by L.N. 216 of 2018 on Measures for High Common Level of Security of
Network and Information Systems Order of 2018. These Orders are the
transposition of Council Directive 2008/114/EC of 8th December 2008 and Council
Directive 2016/1148 of 6th July 2016 (better known as the NIS Directive),
respectively.
What do we do?
The
Malta CIP Directorate establishes the criteria for the identification and
designation of Critical Infrastructures (CI’s), Critical Information
Infrastructures (CII’s), and Operators of Essential Services (OES’s) and
maintains a national inventory of critical assets within designated Critical
Infrastructures and Critical Information Infrastructures. Moreover, the
Directorate ensures, amongst others, that Critical Infrastructure (CI) and
Critical Information Infrastructure (CII) owners or operators and Operators of
Essential Services (OES):
· Conduct an appropriate Risk
Assessment;
· Draw and maintain an suitable
Operator Security Plan (OSP);
· Perform operational
reviewing, updating and the necessary exercising of such plans (OSPs);
· Share CI, CII information as
may be required from time to time, and
· Operators of Essential
Services report incidents having a significant impact on the continuity of the
essential services they provide.
Malta CIP Directorate acts as the European CIP (ECIP) Contact Point on CIP
issues and is the Single Point of Contact (SPOC) on NIS issues communicating
and reporting on the above to the European Commission and to ENISA. In
addition, the CIPD, in close collaboration with public- and private-sector
critical infrastructure and critical information infrastructure stakeholders,
drives a coordinated national effort that oversees the development and
implementation of an effective critical information/infrastructure protection
for the country.
Finally, Malta CIP provides adequate early warnings/alerts and advice via
CSIRTMalta concerning Cyber threats and incidents, reaching out to operators of
Critical Information Infrastructures (CII) and ultimately to other sectors,
businesses and citizens.
The Critical Infrastructure (CI) Sectors
The national critical infrastructure spreads over nine
sectors. While not all sectors carry the same weight, any sector contains
critical elements/assets that the loss or compromise of which would have a
major impact on the availability or integrity of essential services that
support the nation’s security, economic stability and well-being of citizens.
These are Energy, Finance & Industry, Food, Government, Health, Telecoms
& Technology, Transport, Water and the Emergency Services.