The future of Cybersecurity in Italy: Strategic focus area

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management

Trusted CI Experiences in Cybersecurity and Service to Open Science

This article describes experiences and lessons learned from the Trusted CI project, funded by the US National Science Foundation to serve the community as the NSF Cybersecurity Center of Excellence. Trusted CI is an effort to address cybersecurity for the open science community through a single organization that provides leadership, training, consulting, and knowledge to that community. The article describes the experiences and lessons learned of Trusted CI regarding both cybersecurity for open science and managing the process of providing centralized services to a broad and diverse community.Comment: 8 pages, PEARC '19: Practice and Experience in Advanced Research Computing, July 28-August 1, 2019, Chicago, IL, US

Cybersecurity by executive order

This report explores the details of the Obama Administration\u27s executive order on cybersecurity, breaking down the challenges, criticisms, and successes of the effort to date, before offering clear lessons from the US experience that can be applied to the Australian context. Summary: On 12 February 2014 the United States National Institute of Standards & Technology (NIST) released the Framework for Improving Critical Infrastructure Cybersecurity, the flagship accomplishment of the Obama Administration’s 2013 cybersecurity Executive Order. Just weeks before the White House announced its executive order, the then Australian Prime Minister Julia Gillard made an equally exciting declaration introducing the Australian Cyber Security Centre (ACSC). One year on, the contrast between the two efforts is stark. The United States and Australia share a common interests in developing a robust partnership between the government and private sector to develop whole-of-system cybersecurity. To move beyond political optics, the ACSC must embrace existing best practices, commit to meaningful public-private partnerships, and set a pragmatic strategy moving forward. The Obama Administration’s efforts, while far from perfect, offer critical lessons that the Australian government can adopt and adapt to ensure that the ACSC is a successful endeavour and critical infrastructure cybersecurity is improved. This Strategic Insight report explores the details of the executive order, breaking down the challenges, criticisms, and successes of the effort to date, before offering clear lessons from the US experience that can be applied to the Australian context

Democracy and Digital Authoritarianism: An Assessment of the EU’s External Engagement in the Promotion and Protection of Internet Freedom. College of Europe EU Diplomacy Paper 01/2020

The past decade has seen a gradual global increase in digital authoritarianism. Internet shutdowns, online censorship, mass surveillance and violations of privacy rights have all become more frequent in parts of the world where citizens are not guaranteed sufficient digital rights. The task of defending, promoting and protecting internet freedom is becoming increasingly relevant for the European Union (EU) − for internal digital and cybersecurity policies as well as for the EU’s external promotion of democracy and human rights. Whilst much has been written about the various internal policies which establish and protect internet freedom within the European Union and its member states, the EU’s external engagement in this field remains critically under-researched. To what extent does the EU engage externally in the promotion and protection of internet freedom? This paper answers this question by covering a wide variety of policy fields including human rights and democracy promotion, digital policy, enlargement and neighbourhood policy, development cooperation and trade policy. Whereas the EU faces a limited opportunity to shape global norms with regard to internet freedom or to change the course of digitally authoritarian states, it has demonstrated several strengths which deserve not to be overlooked. These include, for example, the externalisation of internal data protection and policies and the provision of direct support and protection for civil society. Despite facing significant obstacles, the promotion and protection of internet freedom has become an important area of the EU’s external action which is only set to become more relevant in the coming years

EU cybersecurity capacity building in the Mediterranean and the Middle East

Cyberthreats on the Rise The 2008 Report on the implementation of the European Security Strategy included “cybersecurity” for the first time among the priorities of the EU’s external action, stating that: “modern economies are heavily reliant on critical infrastructure including transport, communication and power supplies, but also the Internet.” If the EU Strategy for a Secure Information Society, adopted two years before, already addressed “cybercrime,” the proliferation of cyber-attacks “against private or government IT systems” gave the spread of cyber-capabilities a “new dimension, as a potential new economic, political and military weapon.” An EU Cybersecurity Strategy was adopted in 20132 followed, in 2016, by a first EU “Directive on Security of Network and Information Systems,” known as the “NIS Directive,” which harmonized the EU Member States’ legislations

How does intellectual capital align with cyber security?

Purpose – To position the preservation and protection of intellectual capital as a cyber security concern. We outline the security requirements of intellectual capital to help Boards of Directors and executive management teams to understand their responsibilities and accountabilities in this respect.Design/Methodology/Approach – The research methodology is desk research. In other words, we gathered facts and existing research publications that helped us to define key terms, to formulate arguments to convince BoDs of the need to secure their intellectual capital, and to outline actions to be taken by BoDs to do so.Findings – Intellectual capital, as a valuable business resource, is related to information, knowledge and cyber security. Hence, preservation thereof is also related to cyber security governance, and merits attention from boards of directors.Implications – This paper clarifies boards of directors’ intellectual capital governance responsibilities, which encompass information, knowledge and cyber security governance.Social Implications – If boards of directors know how to embrace their intellectual capital governance responsibilities, this will help to ensure that such intellectual capital is preserved and secured.Practical Implications – We hope that boards of directors will benefit from our clarifications, and especially from the positioning of intellectual capital in cyber space.Originality/Value – This paper extends a previous paper published by Von Solms and Von Solms (2018), which clarified the key terms of information and cyber security, and the governance thereof. The originality and value is the focus on the securing of intellectual capital, a topic that has not yet received a great deal of attention from cyber security researchers

European smart specialization for Ukrainian regional development: path from creation to implementation

The focus of the research is to develop recommendations of smart specialization (SS) for Ukrainian policymakers using European approaches. The authors revealed that the main SS projects are presented in such sectors as agri-food, industrial modernization and energy. More than 12 EU countries were the plot for conducted analysis of SS, as a result of which the level of activity of each country was determined. The creation of consortiums, including SMEs, associations, universities and other participants, disclosed the successful way of SS realization. The structure of SME’s innovative potential in Ukraine was identified underlining their main characteristic features like types of innovations and innovative activity, differentiation according to enterprise size, their regional distribution. The authors explored lack of innovations on regional and national level and significant territorial disparities, which could be eliminated through policy implementation of regional SS. The existing legislative norms for possibility of SS implementation in Ukraine were analyzed due to correspondence with the EU ones. The analysis provides the opportunity to consider them only as general framework documents without any action plans and sectoral prioritization at all. The weak points of these law documents are emphasized. As a result of research, the authors developed recommendations presented by direct action plan for Ukrainian policymakers, which include such activities as underlining key priorities (especially ICT applicability in every SS project) and their correspondence with the EU ones; eliminating regional imbalances by focusing on innovation development and reorientation of some regions according to SS priorities; respecting regional existing capacities; providing organizational mechanism for cooperation of stakeholders and financial mechanism for SS support through the EU structural funds