Skip to content

Critical National Infrastructure

Last Updated 25 April 2023

Critical National Infrastructure

National Infrastructure are those facilities, systems, sites, information, people, networks and processes, necessary for a country to function and upon which daily life depends. It also includes some functions, sites and organisations which are not critical to the maintenance of essential services, but which need protection due to the potential danger to the public (civil nuclear and chemical sites for example).

The 13 national infrastructure sectors

In the UK, there are 13 national infrastructure sectors:

  • Chemicals 
  • Civil Nuclear
  • Communications
  • Defence
  • Emergency Services
  • Energy
  • Finance
  • Food
  • Government
  • Health
  • Space
  • Transport
  • Water

Several sectors have defined 'sub-sectors'; Emergency Services for example can be split into Police, Ambulance, Fire Services and Coast Guard.

Each sector has one or more Lead Government Department(s) (LGD) responsible for the sector, and ensuring protective security is in place for critical assets. 

Definition of CNI

Not everything within a national infrastructure sector is judged to be 'critical'. The UK government's official definition of CNI is:

'Those critical elements of infrastructure (namely assets, facilities, systems, networks or processes and the essential workers that operate and facilitate them), the loss or compromise of which could result in:

a)    Major detrimental impact on the availability, integrity or delivery of essential services - including those services whose integrity, if compromised, could result in significant loss of life or casualties - taking into account significant economic or social impacts; and/or

b)    Significant impact on national security, national defence, or the functioning of the state.'

NPSA is focussed on providing advice and assistance to those who have responsibility for protecting these most crucial elements of the UK's national infrastructure from national security threats.

Criticalities Process

CNI Criticalities Knowledge Base flyer

Responsibility for the protection of the CNI IT networks, data and systems from cyber attack sits with the National Cyber Security Centre (NCSC).  NPSA works in partnership with the NCSC so that collectively we deliver holistic advice that takes into account all aspects of protective security.

Contact your lead government department for sector-specific timelines and context.

Did you find this page useful? Yes No