Skip to main content

Protecting Critical Energy Infrastructure: from Risk Analysis to Risk Management

During this course, participants will learn risk analysis and management techniques and tools for improving the resilience of critical energy infrastructure from natural and manmade disasters.

About This Course

Protecting Critical Energy Infrastructure:
From Risk Analysis to Risk Management

Energy infrastructures are complex systems combining physical and cyber components. Growing interdependencies across energy networks and other critical infrastructure systems, particularly reliance on information and communications technologies, have increased the potential vulnerabilities to physical and cyber threats and potential consequences resulting from the compromise of underlying systems or networks. While security may be effective at addressing certain aspects of risk, security solutions alone are insufficient for addressing interdependencies given their externality to the infrastructure system.

Interdependencies can be risk multipliers for critical infrastructure. A threat or hazard can result in the loss of a service (e.g., electric outage), potentially impacting the critical infrastructure using this resource, which further affects other critical infrastructure dependent upon that infrastructure’s services. The total consequences of an event may be amplified by these connections that exist among critical infrastructure systems.

The occurrence of emerging threats, like climate change, cyber-attacks, or the COVID-19 pandemic, adds another level of complexity for risk-informed decision-making and informing security and resilience policies.

Purpose of this course:

This course serves as an introduction to the complexity of risk analysis applied to critical infrastructure systems. This course provides the foundation for:

  • Understanding the elements of risk and resilience;
  • Understanding the fundamental operational characteristics of critical energy infrastructure and other lifeline infrastructure systems;
  • Understanding of the interrelated nature of infrastructure systems and the dependencies and interdependencies occurring between critical infrastructure systems;
  • Understanding the basic elements of information security and cybersecurity; and
  • Understanding more advanced concepts such as emerging threats and systemic risks.

Course goal and main objective:

This training is not intended to make students into experts in critical infrastructure systems and risk assessment methodology, but to provide foundational knowledge to grasp the importance of a holistic and all-hazard risk assessment approach to improve the security of energy infrastructure.

This introductory course clarifies the concepts underlying effective risk analysis processes required to inform policies and governance strategies. It seeks to provide the foundation for analysts and policy makers to understand and discuss critical infrastructure risk assessment in the context of their work.

Target audience:

This course is designed for an audience with no or limited expertise in critical infrastructure operations and risk analysis. The target audience will be professionals, with various background and experience, working in various fields from OSCE participating States.

Course structure:

The course focuses on developing the student’s knowledge and understanding of the characteristics of critical infrastructure systems, and the basic concepts of risk assessment. The course is divided into five e-learning modules:

  1. Module 1 - Introduction to Risk Analysis
  2. Module 2 - Critical Infrastructure Fundamentals
  3. Module 3 - Infrastructure Dependencies
  4. Module 4 - Information Security and Risk Analysis
  5. Module 5 - Intermediate Risk Assessment

The modules have been designed to work in sequence, each module building on concepts presented in the previous module(s) to increase the complexity of the concepts presented. This organization familiarizes students with the various dimensions and factors influencing risk assessment and develops a mindset for integrating these considerations in their daily activities.

Course duration:

The course consists of five modules of approximatively 2 hours each, to which is added a general presentation of the course, a summary section, and a final exam, for an approximative total duration of 10 hours. However, the course is designed for self-paced learning, and students can complete the training modules in their own time and schedule.

Pre-course activities:

This course has no pre-requisite. The five training modules have been specifically designed to provide risk analysis foundational concepts.

Frequently Asked Questions

What web browser should I use?

The Open edX platform works best with current versions of Chrome, Edge, Firefox, Internet Explorer, or Safari.

See our list of supported browsers for the most up-to-date information.