SECTION II:  CYBER TERRORISM AND SECURITY IMPLICATION FOR CRITICAL INFRASTRUCTURE PROTECTION

        of critical infrastructure disruption or the manifestation of threats with disruptive potential.
        The representatives of the individual countries would come from the high level advisory and
        coordination body at national level for CIP operations. In the case of Romania, for instance,
        the main representative would be from within the Critical Infrastructure Protection Coordina-
        tion Centre, which also organizes communication with European authorities.

        Such an arrangement would provide an interesting form of flexibility. For instance, it could
        have China as an observer country, given the interest the countries in the region have dis-
        played for the connectivity aspects of the Belt and Road Initiative. This cooperation would be
        more fraught in an EU-based framework, given China’s designation as a “systemic rival” and
        the current anxieties in Brussels.

        As the countries in the region enter the EU, the SECIPC would eventually be absorbed by
        the designated EU entity for CIP efforts, and the participants will have already experienced a
        much faster convergence with EU norms and practices with regard to Critical Infrastructure
        Protection.

        Another variant, of interest in the wider region, would be to have Joint EU-NATO Integrated
        Operational Centres for certain CIP issues.

        4.5 Trust Building

        One of the main aspects that a workable framework for regional cooperation on CIP requires
        and, in general, any CIP effort that purports to generate resilience when it comes to transbor-
        der infrastructure networks, is trust. Building trust is key and is one of the most difficult ele-
        ments of the framework, more so than the technical challenge of implementing a framework.
        Trust networks, with adequate safeguards, make it possible to exchange vital information of
        common interest pertaining to the changes in the security environment, the disruption of vital
        infrastructures with transborder effects, and the presence of cascading disruptions. These are
        all effects of terrorist activity or adjacent activities in the organized crime sector, and they are
        also the result of specific hybrid warfare activities.

        The previous proposals, such as using the EPCIP or creating the SECIPC for operational
        cooperation, all have an underlying component of trust building that is implicit but remains
        unspoken. Countries are reluctant to share this information, even within established settings
        such as NATO. The ascent of cybersecurity as a cross-cutting element of the critical infra-
        structure security environment has also resulted in a deterioration of security outcomes, not
        just through the higher level surface contact between an asset or a system and an adversary-
        inhabited cyberspace, but also because of the reluctance of companies and countries to share
        any information regarding cyberattacks. NATO has tried to foster information-sharing on cy-
        berattacks, given their role in hybrid and asymmetric warfare, especially in the context of
        Russian “new generation warfare”, but success has been limited.

        One possibility for the region would be the creation of an arrangement such as a South-Eastern
        European Crisis Prevention Association headquartered outside the region to act as a clearing
        house for information concerning CI disruptions, especially through cyberattacks. One of the
        other forms of cooperation which have been highlighted (such as the SECIPC) could include
        a Cyber Stability Board specifically to address the cyber exchange issues.



       146