In the last few years, there has been an increasing worry about Critical Information Infrastructures, their reliability, security and protection. Due to the huge complexity and novelty of the topic and the new challenge that it poses, world-wide large investment in R&D are planned for the future. Our study has shown that Critical Information Infrastructure Protection (CIIP) represents still a very immature field of research with very fuzzy and confused boundaries. This paper reports some of the results collected during the EU project CI2RCO about R&D activities on CIIP in Europe to illustrate the state of art and to emphasise the major areas of research. The study also identified the most relevant gaps between the stakeholder needs and the current research activities. This represents the base point to draw a R&D agenda on CIIP for Europe.