Public sector structure
However, regulation is still failing to create favourable market conditions for the provision of other key assets. These areas are therefore much less resilient as market failure means goods and services aren’t allocated efficiently, resulting in brittle and fragile networks.

With respect to the assets, services and systems that have remained within the public sector, resilience through redundancy and duplication driven by free market forces does not exist. Most public sector bodies continue to organise themselves along the lines described by the German political economist and sociologist Max Weber. They are formal hierarchical structures of power and authority, there is a systematic division of labour and they are governed by explicit and exhaustive rules.

Among the advantages of such structures are impartial decision making and stable administrative structures. However, among the disadvantages are stove-piped processes with information remaining in silos.

Superimposed on this, the tradition of ministerial accountability within the UK reinforces the tendency not to integrate service provisioning across departments. Additionally many of the assets and services systems associated with the public sector are largely to do with social welfare and they have been subject to repeated delegated responsibility to ensure effective local delivery. This not only makes it hard to assemble the requisite information on which to base a unified strategy, as it is buried deep within silos, it also makes it hard to agree on and implement decisive action. If power is divided, responsibility becomes diffuse. ‘Joint decision traps’ proliferate as decisions must be taken at the lowest common denominator because other departments may otherwise veto.

The challenge is to create broad consensus across many different elements, which all have unique vulnerabilities and agendas. Launched on 1 February 2007, the Centre for the Protection of National Infrastructure (CPNI) is an excellent first step toward such a strategy. It is the government authority that provides protective security advice to businesses and organisations across the national infrastructure and has been created by the merger of the National Security Advice Centre and the National Infrastructure Security Co-ordination Centre.

Likewise the MOD Counter-Terrorism (CT) Science and Technology Centre established to manage the MOD’s CT science and technology programme and to work across other government departments takes a bold step toward a unified approach.

However, the sheer volume and variety of entities – public, private and some a mixture of both – that now constitute the critical national infrastructure (CNI) means that the advice is largely confined to security of the system ‘as is’, rather than tackling the big strategic issues such as structure and ownership of the UK’s critical assets, services and systems. As a result there is a strategic gap that, unless filled, may constitute a significant national vulnerability.

There is no better time than now to take a more strategic long-term view of the security and resilience of our critical national infrastructure. On 29 March, then Prime Minister Tony Blair announced the formation of an Office for Security and Counter Terrorism designed to bring together domestic, foreign and defence affairs into a single approach to the management of the security threats facing the UK. Later the same day, former Home Secretary John Reid launched the Security and Resilience Industry Suppliers Council (RISC) at RUSI. The formation of these two bodies means that the UK can begin to take a strategic and integrated approach to reducing the security threats to the UK.

However, managing risk does not simply mean reducing threats: even if a threat or hazard exists it does not constitute a risk unless it can penetrate vulnerability and that penetration results in an undesirable consequence. My recommendation is to create an advisory body, made up of leaders from across both the public and privately owned parts of the CNI, to start to tackle this critical issue. Such a body would be able to work across the public and private sectors to reduce our vulnerability.