This course is designed to provide knowledge and understanding of the key policy issues underlying Critical Infrastructures (CI) security including both cyber security and natural disasters. This course describes the generalised trends in vulnerabilities observed from the literature, as well as typical reasons for importance of these security issues and an introduction to an effective mitigation strategy. Students will articulate security vulnerabilities in CI include failures to adequately define security sensitivity for automation system data, identify and protect a security perimeter, build comprehensive security through defence-in-depth, and restrict access to data and services to authenticated users based on operational requirements.