SECTION II:  CYBER TERRORISM AND SECURITY IMPLICATION FOR CRITICAL INFRASTRUCTURE PROTECTION

        Establish lessons learned or lessons identified practices and codify best practice. Although AI
        systems represent a science fiction for now and will introduce novelty, sharing best practices
        and lessons identified and learned is a must for SEE. In general, this practice is very poorly
        developed in many of the SEE countries in the CIP and CIIP context. A closer look into gov-
        ernments’ budgeting rarely finds funds devoted to this type of activity (if any at all could be
        found). By developing models and forums for lessons learned, SEE will improve prevention,
        consequence management, and resilience to hyper-based threats. Moreover, this will help in
        prescribing and codifying these practices into regulation. This will eventually create a plat-
        form to raise awareness and mitigate upcoming hyper threats before it is too late.


        6  Conclusion


        Technological development, along with the intensified process of globalization and chang-
        es in the global political scene, has introduced new, highly unpredictable security threats.
        The contemporary security environment is complex and filled with asymmetric, cyber and
        hybrid-based threat vectors. Non-state actors and some states are using cyberspace and mod-
        ern technologies to challenge South-Eastern European democracies through different sectors
        of society. The ongoing geostrategic competition and the artificial intelligence (AI) race are
        bringing new uncertainties to the context of critical infrastructure protection (CIP) and critical
        information infrastructure protection (CIIP). AI applications and systems are defying assump-
        tions about human limitations in terms of space and time. As a result, their application in the
        security and defence sector is merging asymmetric, cyber and hybrid-based threats into a new
        level of hyper threat vectors.

        SEE leaders need to seriously consider the potential impacts of AI in the general security
        and specific CIP and CIIP contexts. AI is already changing perspectives and the understand-
        ing of what we consider as CI or CII. The threat in these terms is two-fold. Interconnectivity
        and interdependence intended for efficiency and welfare can cause unpredictable cascade
        effects. Compromising AI applications or systems that run CI and CII even of a friendly or
        partner country can cause severe strategic, economic and security consequences. In a digitally
        dominated world where AI applications and systems control and execute crucial functions,
        knowledge is changing fast and with that, the existing threats and threat vectors are evolving
        to hyper-threats.

        The trend of digitalization with the purpose of efficiency is heading toward the conclusion
        that AI will eventually be implemented in the CIP/CIIP processes. This, however, will drasti-
        cally change the approach in the overall process of CIP/CIIP. Therefore, the existing strate-
        gies, policies and tactics, techniques and procedures for CIP and CIIP need to be revised and
        updated to meet the current situation. Before that, however, SEE leaders need to comprehend
        that the hyper threats are around the corner and will become reality.













       106