Modern society faces the risk of regressing to a “Stone Age” existence within days if interconnected systems fail, requiring a fundamental shift in how critical infrastructure is protected.
A new doctoral dissertation from the University of Vaasa in Finland argues that safeguarding networks — from power grids and transport to healthcare systems — requires a holistic approach rather than isolated technical fixes.
According to researcher Bahaa Eltahawy, the digitalisation of modern infrastructure has created vast interconnections between sectors that were once isolated. While this connectivity improves efficiency, it creates a dangerous vulnerability to cascading effects, where a failure in one sector triggers a collapse in others.
“In two or three days, we’re gonna find ourselves living like it’s the Stone Age,” Eltahawy said, describing the potential speed of widespread disruption across society.
Dangerous gaps
The study warns that current defence strategies are often fragmented. Critical areas such as cybersecurity, cyberprivacy and smart grid operations are typically studied as separate domains, leaving dangerous gaps in security that attackers can exploit.
To address this fragmentation, the research proposes a new model that expands protection strategies into seven distinct domains. These include data governance, socio-technical factors and risk analysis, creating a more comprehensive shield against cyber threats.
“When protection is viewed from only one angle, new problems inevitably emerge from another. We need experts from different disciplines to complement each other’s knowledge,” Eltahawy said.
The dissertation also highlights significant limitations in existing international standards. By analysing current frameworks governing data protection, cybersecurity and smart grid architecture, the research found that many standards fail to adequately address cross-sectoral risks. Eltahawy’s work identifies these gaps and suggests coordinated strategies to strengthen overall resilience.
Ultimately, the study concludes that protecting critical infrastructure cannot be left solely to IT departments. It must be treated as a shared responsibility involving coordination between technical experts, managers and decision-makers.
“Once we believe our systems are safe, that is when they start to weaken. Protection is a continuous and adaptive process that must evolve alongside new risks and technologies,” Eltahawy said.
