Understanding Security Policies in the Cyber Warfare Domain through System Dynamics (original) (raw)
Related papers
Today, cyber space has been embraced by individuals, organizations and nations as an indispensable instrument of daily life. Accordingly, impact of cyber threats has continuously been increasing. Critical infrastructure protection and fighting against cyber threats are crucial elements of national security agendas of governments. In this regard, governments need to assess the roles and responsibilities of public and private organizations to address the problems of current cyber protection postures and to respond with reorganization and reauthorization of these postures. A risk management approach is critical in placing these efforts in an ongoing lifecycle process. In this paper, a model is proposed to be used in national cyber security risk management processes. We argue that this model simplifies and streamlines national risk management processes. For this purpose, a matrix is created to partition the problem space. Cyber threat detection and response activities constitute one dimension of the matrix. The second dimension divides the timeline of cyber incidents into three: before, during and after incidents. The resulting matrix is then populated with responsible bodies which need to address each case. As a result, a national cyber security responsibility model is proposed for policy/decision makers and academics. We believe that the proposed model would be useful for governments in analyzing their national responsibility distribution to address gaps and conflicts in their current cyber security postures and for academics in analyzing natural cyber security systems and comparative studies.
The Politics of Cybersecurity: Balancing Different Roles of the State
St Antony’s International Review, 2019
In liberal democratic countries, the role of the state in cybersecurity is a politically contested space. We investigate that role along three dimensions: the first is theoretical and we look at existing cybersecurity literature, showing that international affairs literature is almost exclusively highlighting the role of the state as a security actor. We argue that this view is too narrow and risks limiting the discussion to only a few aspects of what cybersecurity entails. The second is empirical and we analyse policy development, showing the diversity of the roles the state imagines for itself. The state occupies six different roles in cybersecurity: (1) security guarantor, (2) legislator and regulator, (3) supporter and representative of the whole of society, (4) security partner, (5) knowledge generator and distributor, and (6) threat actor. The third dimension is normative and we investigate what the role of the state should be. To do that, we outline three main areas of tension between the state, the economy, and society in which cybersecurity policies are situated. Diverse coalitions of interests, spanning across the three social fields, support or challenge the six roles. Thus, two types of questions occupy the centre stage of cybersecurity policy: a question regarding the boundaries of responsibility (i.e., where does the responsibility of the state, economic, and societal actors start and end?) and a question regarding the concrete assumption of responsibilities (i.e., which means is an actor allowed to use to assume the responsibilities of his/her roles?). In sum, our conceptualisation enhances the understanding of cybersecurity as a diverse and crosscutting policy field. The result is a more comprehensive understanding of different roles of the state, which will help researchers with finding innovative research questions in the future.
Rome, IAI, September 2021, 51 p. (Documenti IAI ; 21|12en), 2021
Cyber defence has gained a growing relevance in Italy, as a result of a high number of serious attacks against private entities, the armed forces and the public administration-as in the case of the Lazio Region in 2021. Italy has addressed the problem with the creation of the Network Operations Command (Comando per le Operazioni in Rete-COR) within the national defence framework, and with a broader reform of the sector's governance that led to the definition of the National Cybersecurity Perimeter and the institution of the National Cybersecurity Agency (Agenzia per la Cybersicurezza Nazionale-ACN). At the international level, major NATO Allies as well as the Alliance as a whole are developing their own approach to cyber defence, in the context of a strategic and doctrinal debate over a new operational domain characterised by exceptional features. The disruptive roles acquired by technology and the private sector in this domain demand new forms of dialogue and collaboration between the institutions and the national industry.
International cybersecurity law review, 2024
Cyber warfare is a reality taking on increasing importance. Governments, state-sponsored actors, and non-state sponsored actors have used cyber-attacks as the "weapon of choice" due to their specific characteristics. Cyber-attacks can be highly targeted and focused, even tailored to a specific unit or system, providing limited to no physical destruction (unlike a cruise missile) and potentially resulting in no loss of life. There are several incident response frameworks and approaches that an organization can implement to enhance its security posture. Usually, these will address specific adverse events such as computer security incidents, which in turn are limited in scope and coverage, typically within an organization. Nations have made limited effort in confronting severe cyber-attacks targeting and/or threatening them, as well as in preventing these attacks from being launched. In this work, we identify and discuss a decision-taking framework that may allow state actors to adopt new options against severe cyber-attacks, not always complying with international norms. Such options are neither encouraged nor supported. On the contrary, we discuss them so that the international community is made aware of such potential frameworks. More specifically, by defining clear thresholds, roles, and responsibilities, by introducing a structured chain of command, and by identifying the potential
On the law, work and functioning of the EU agency for cybersecurity
Francesco Seatzu y Nicolás Carrillo Santarelli, 2024
The EU Cyber security Agency (carrying the acronym ENISA from its original name) is the main agency for the EU's cyber security programme. ENISA was initially created as an advisory body rather than as a traditional monitoring agency and its unique approach reflects the EU's shift towards a more regulatory approach to cyber security problem-solving. This study explores the role of ENISA in governance and presents the complex concept of observational memory “observation” from a critical Foucauldian perspective. ENISA's monitoring approach has allowed it to become a new form of management, with a model reminiscent of vision. This perspective has had a significant impact on the development of the EU cyber security regime and has challenged the traditional understanding of ENISA as an advisory body on cyber security issues. As the agency debates the balance between government and regulation, it continues to re-evaluate its role in the evolving cyber security landscape, forcing reflection on its success and events that shed light on cyber security issues.
2013
The modern welfare state faces significant challenges to be able to sustain a systematic cyber conflict that pursues the institutional destabilization of the targeted state. Cyber defense in these advanced democracies are limited, unstructured, and focused on anecdotal cyber interchanges of marginal geopolitical value. The factual reach of government activities once a conflict is initiated is likely to be miniscule. Therefore the information security activities, and assessments leading to cyberdefense efforts, have to be strategically pre-event coordinated within the state. This coordination should be following a framework that ensures institutional stability, public trust, and limit challenges to the state. The paper presents a case to use societal cyberwar theory to create a public sector cyber defense strategy beforehand facing a massive state actor initiated automated systematic cyber attacks to limit the risk for a societal system shock. Societal cyberwar theory utilizes a theoretical framework created by political scientist Dwight Waldo for government stability, turns it upside down, and uses the theory to identify cyber targets and aim points. As a theory it can be used in cyber defense and offense as the institutional weaknesses can be either attacked or defended. According to societal cyberwar theory the aim points to be targeted by an automated premeditated systematic attack that will cripple the targeted nation is the five pillars that upholds the state-legitimacy, authority, knowledge, control, and confidence. The failure to protect the institutional stability could undermine the state's ability to avoid submission to foreign power.
Security and Defence Quarterly
In the article, National Cyber Security Strategies (NCSS) of the Central and Eastern European states are compared and assessed. After it had become evident that a variety of crucial new threats to national security had emerged over recent years, virtually all states reacted with national strategies. Th ese strategies are aimed at securing national cyberspace from cyber threats through legal, operational, technical and policy-related measures. Th ey exist in addition to general national security strategies and are meant to support these. Even if most countries have National Cyber Security Strategies, the author demonstrates that these strategies show, at least in part, remarkable diff erences. Th e role national particularities play is explained, whether they are really this specifi c and whether they might be generalised and transferred to other national contexts and what approaches turned out best under what circumstances. Based on these results, existing strengths, weaknesses and best practices are explained to open avenues for improving existing strategies and generate a higher degree of strategy interoperability in an environment that maybe like no other requires international cooperation. It is evident that precise defi nitions of terms and concepts are essential. However, not all strategies provide those defi nitions, which might lead to misunderstandings and complicate cooperation both on domestic and international level. While some strategies off er clear cut responsibilities for the actors involved, others remain unclear. Even if laws are there to specify concrete procedures, the NCSS should not be too superfi cial. Th e NCSS itself should already make clear statements, particularly when it comes to the crucial aspect of coordinating the various cyber actors and stake holders. Th e author demonstrates that National Cyber Security Strategies ought to be detailed enough to clearly determine actors and responsibilities, but open and fl exible enough for adaptability to fast developments.