Critical information infrastructure (CII) and tertiary facilities are two important concepts in the field of information security, and they are obviously different in the protection object and protection level.
Key information infrastructure refers to the infrastructure that provides basic information networks, important information systems, data and business services in public communication networks, oil and gas pipelines, electric power, transportation, water supply, gas supply, finance, medical and health care, education and other important industries and fields related to the national economy and people's livelihood. Once these infrastructures are destroyed, lose their functions or data are leaked, it may seriously endanger national security, national economy and people's livelihood and social order. Therefore, the key information infrastructure is the most important thing in information security, and the highest level of protection measures need to be taken.
Three types of facilities, such as insurance, refer to facilities that will have a significant impact or consequence on social order, national security and economic operation after the information system is destroyed. The third level of equal protection is the third level and intermediate level in the information security level protection system, which requires relatively high security protection.
The protection scope of Level III facilities includes information processed, transmitted and stored in important information systems, as well as user information and important business data related to these information. Once it is destroyed or leaked, it will have great influence or consequences on social order, national security and economic operation.
Therefore, although key information infrastructure and tertiary facilities are both important objects of information security protection, there are obvious differences in the scope and level of protection. The protection scope of key information infrastructure is wider, involving many fields and infrastructures of the national economy and people's livelihood, while the third-level facilities mainly involve the security protection of important information systems and related information. In addition, the critical information infrastructure needs to take stricter and higher-level protection measures to ensure its safe and stable operation.