SECTION II:  CYBER TERRORISM AND SECURITY IMPLICATION FOR CRITICAL INFRASTRUCTURE PROTECTION

        As hinted in the previous paragraph, the EU could make CIP a criterion for accession by
        labelling it as “capacity to manage the security outcomes of the interdependencies resulting
        from European integration”. The EU is nominally involved only in the protection of European
        Critical Infrastructure, but it has published documents of reference pertaining to national sys-
        tems as well, as one cannot have a framework for a national contribution to EPCIP without a
        national CIP system.

        Updates to the Instruments for Pre-Accession Assistance (EC, 2020a) could also accommo-
        date CIP transformation processes, especially since many of the areas of focus segue well into
        CIP areas, such as public administration critical infrastructure or food critical infrastructure.
        Another argument is the existence of a Western Balkans Connectivity Agenda investing in
        energy and transport (EC, 2020b), which are the two areas specifically addressed by EPCIP.

        On the EU side, the Western Balkans Strategy (EC, 2020c) could be updated to reflect CIP
        processes as a priority, along with the six flagship initiatives of the European Commission in
        the Western Balkans. CIP efforts could be integrated without adding a new flagship initiative,
        as four of the initiatives already address the functioning of systems included in CIP frame-
        works:
        •  The initiative to reinforce engagement on security and migration with its focus on security,
           fighting terrorism and organized crime;
        •  The initiative to enhance support for socio-economic development, with impact on health
           and education, among others;
        •  The initiative to increase connectivity, with impact on energy and transport;
        •  The initiative for a digital agenda for the Western Balkans, which related to ICT infrastruc-
           ture and, as remarked in a previous section, a cross-cutting issue for command, control,
           coordination and integration in all other critical infrastructures.

        A first step in this direction would be to introduce CIP onto the agenda of the next EU-Western
        Balkans Summit in 2021.

        In general, the EU should consider extending this form of assistance to all of its partners, re-
        gardless of whether or not accession will ever be in the cards. Whether we are discussing East-
        ern Europe, Turkey, or the Middle East and North Africa region, the EU features transborder
        interdependencies in critical infrastructure relating to energy, transport and national defence
        at the very least, and would therefore benefit from assisting these countries with CIP efforts
        and even integrating them, to a certain extent, in the EPCIP and ancillary initiatives, such as
        the Critical Infrastructure Warning Information Network (CIWIN).

        In the long run, the EU should consider setting up a European Critical Infrastructure Protec-
        tion Agency to take over and enhance EPCIP activities, and also introduce a component of
        cooperation with the EU’s near abroad in CIP both operationally and as a “soft/smart power”
        and capacity building tool. Cooperation with South-Eastern European non-EU states would
        be an important factor in this.

        The impact of the pandemic on Critical Infrastructure shows the lack of capacity and other
        investment of all European countries in critical health infrastructure and in the mitigation ca-
        pacity of impact on related infrastructure. Changes will have to be made in the CI landscape
        and in CIP processes to address the stark inadequacies highlighted (GCP, 2020). Cooperation



       144