This document outlines practical critical infrastructure and information protection (CIIP) activities in Estonia. It discusses building a CIIP community through regular meetings and training, conducting security assessments of vital service providers to evaluate their security levels, and developing legislation and guidelines to regulate CIIP. The goal is to protect 43 vital services, including electricity, data communications, water, and air navigation, from cyber incidents that could interrupt these services and impact the economy.