STOP-IT: strategic, tactical, operational protection of water infrastructure against cyberphysical threats

Water supply and sanitation infrastructures are essential for our welfare, but vulnerable to several attack types facilitated by the ever-changing landscapes of the digital world. A cyber-attack on critical infrastructures could for example evolve along these threat vectors: chemical/biological contamination, physical or communications disruption between the network and the supervisory SCADA. Although conceptual and technological solutions to security and resilience are available, further work is required to bring them together in a risk management framework, strengthen the capacities of water utilities to systematically protect their systems, determine gaps in security technologies and improve risk management approaches. In particular, robust adaptable/flexible solutions for prevention, detection and mitigation of consequences in case of failure due to physical and cyber threats, their combination and cascading effects (from attacks to other critical infrastructure, i.e. energy) are still missing. There is (i) an urgent need to efficiently tackle cyber-physical security threats, (ii) an existing risk management gap in utilities’ practices and (iii) an un-tapped technology market potential for strategic, tactical and operational protection solutions for water infrastructure: how the H2020 STOP-IT project aims to bridge these gaps is presented in this paper.Postprint (published version

Model-Based Mitigation of Availability Risks

The assessment and mitigation of risks related to the availability of the IT infrastructure is becoming increasingly important in modern organizations. Unfortunately, present standards for Risk Assessment and Mitigation show limitations when evaluating and mitigating availability risks. This is due to the fact that they do not fully consider the dependencies between the constituents of an IT infrastructure that are paramount in large enterprises. These dependencies make the technical problem of assessing availability issues very challenging. In this paper we define a method and a tool for carrying out a Risk Mitigation activity which allows to assess the global impact of a set of risks and to choose the best set of countermeasures to cope with them. To this end, the presence of a tool is necessary due to the high complexity of the assessment problem. Our approach can be integrated in present Risk Management methodologies (e.g. COBIT) to provide a more precise Risk Mitigation activity. We substantiate the viability of this approach by showing that most of the input required by the tool is available as part of a standard business continuity plan, and/or by performing a common tool-assisted Risk Management

Architecture-based Qualitative Risk Analysis for Availability of IT Infrastructures

An IT risk assessment must deliver the best possible quality of results in a time-effective way. Organisations are used to customise the general-purpose standard risk assessment methods in a way that can satisfy their requirements. In this paper we present the QualTD Model and method, which is meant to be employed together with standard risk assessment methods for the qualitative assessment of availability risks of IT architectures, or parts of them. The QualTD Model is based on our previous quantitative model, but geared to industrial practice since it does not require quantitative data which is often too costly to acquire. We validate the model and method in a real-world case by performing a risk assessment on the authentication and authorisation system of a large multinational company and by evaluating the results w.r.t. the goals of the stakeholders of the system. We also perform a review of the most popular standard risk assessment methods and an analysis of which one can be actually integrated with our QualTD Model

Addressing technical, social and economic constraints to rice fish culture in Laos, emphasising women’s involvement: DFID Aquaculture Research Programme Project R6380Cb, final technical report

[PDF contains 83 pages

United Nations Development Assistance Framework for Kenya

The United Nations Development Assistance Framework (2014-2018) for Kenya is an expression of the UN's commitment to support the Kenyan people in their self-articulated development aspirations. This UNDAF has been developed according to the principles of UN Delivering as One (DaO), aimed at ensuring Government ownership, demonstrated through UNDAF's full alignment to Government priorities and planning cycles, as well as internal coherence among UN agencies and programmes operating in Kenya. The UNDAF narrative includes five recommended sections: Introduction and Country Context, UNDAF Results, Resource Estimates, Implementation Arrangements, and Monitoring and Evaluation as well as a Results and Resources Annex. Developed under the leadership of the Government, the UNDAF reflects the efforts of all UN agencies working in Kenya and is shaped by the five UNDG programming principles: Human Rights-based approach, gender equality, environmental sustainability, capacity development, and results based management. The UNDAF working groups have developed a truly broad-based Results Framework, in collaboration with Civil Society, donors and other partners. The UNDAF has four Strategic Results Areas: 1) Transformational Governance encompassing Policy and Institutional Frameworks; Democratic Participation and Human Rights; Devolution and Accountability; and Evidence-based Decision-making, 2) Human Capital Development comprised of Education and Learning; Health, including Water, Sanitation and Hygiene (WASH), Environmental Preservation, Food Availability and Nutrition; Multi-sectoral HIV and AIDS Response; and Social Protection, 3) Inclusive and Sustainable Economic Growth, with Improving the Business Environment; Strengthening Productive Sectors and Trade; and Promoting Job Creation, Skills Development and Improved Working Conditions, and 4) Environmental Sustainability, Land Management and Human Security including Policy and Legal Framework Development; and Peace, Community Security and Resilience. The UNDAF Results Areas are aligned with the three Pillars (Political, Social and Economic) of the Government's Vision 2030 transformational agenda

Extending Credit Risk (Pricing) Models for the Simulation of Portfolios of Interest Rate and Credit Risk Sensitive Securities

We discuss extensions of intensity based models for pricing credit risk and derivative securities to the simulation and valuation of portfolios. The stochasticity in interest rates, credit spreads (default intensities) and rating migrations are incorporated in a unified framework. Scenarios of future prices of all securities are calculated in a risk-neutral world. The calculated prices are consistent with observed prices and the term structure of default free and defaultable interest rates. Three applications are discussed: (i) study of the inter-temporal price sensitivity of credit bonds to changes in interest rates, default probabilities, recovery rates and rating migration, (ii) portfolio simulations with attribution of changes to credit events and interest rates and, (iii) tracking of corporate bond indices. Key words: credit risk, default risk, simulation, integrated product management

Environmental Migrations from Conflict-Affected Countries: Focus on EU Policy Response

Given the strong evidence that most environmental migration is likely to occur within the Global South, the analysis of this paper and many of its recommendations focus on EU external and humanitarian policies in the field of environmental migration, as well as foreign policy and humanitarian aid and development-cooperation programs implemented in conflict-affected countries. The purpose of this paper is to contribute to the environmental migration debate with a multifaceted perspective that takes into account the relationship between climate change, migration and conflict. In doing so, it aims to highlight areas of particular political and geopolitical interest where further EU legal, policy, and humanitarian action is needed. On the basis of the analyzed legal, political, and institutional frameworks and the critical issues raised from the rograms implemented in the field, I will indicate areas of political and geopolitical interest for EU external action and humanitarian aid strategy and where further EU policy action is needed

What does it take to make integrated care work? A ‘cookbook’ for large-scale deployment of coordinated care and telehealth

The Advancing Care Coordination & Telehealth Deployment (ACT) Programme is the first to explore the organisational and structural processes needed to successfully implement care coordination and telehealth (CC&TH) services on a large scale. A number of insights and conclusions were identified by the ACT programme. These will prove useful and valuable in supporting the large-scale deployment of CC&TH. Targeted at populations of chronic patients and elderly people, these insights and conclusions are a useful benchmark for implementing and exchanging best practices across the EU. Examples are: Perceptions between managers, frontline staff and patients do not always match; Organisational structure does influence the views and experiences of patients: a dedicated contact person is considered both important and helpful; Successful patient adherence happens when staff are engaged; There is a willingness by patients to participate in healthcare programmes; Patients overestimate their level of knowledge and adherence behaviour; The responsibility for adherence must be shared between patients and health care providers; Awareness of the adherence concept is an important factor for adherence promotion; The ability to track the use of resources is a useful feature of a stratification strategy, however, current regional case finding tools are difficult to benchmark and evaluate; Data availability and homogeneity are the biggest challenges when evaluating the performance of the programmes

European Energy Union? Caught between securitisation and ‘riskification’

Fears about the security of supplies have been central to debates about the development of an integrated EU energy policy over the past decade, leading to claims that energy has been ‘securitised’. Previous analyses have found, however, that although shared security concerns are frequently used as justification for further integration, they can also serve as a rationale for Member States to resist sharing sovereignty. Transcending this apparent paradox would require not just agreement about whether energy supplies are security concerns, but also agreement about what kind of security concern they are. In this article, we examine whether such an agreement could emerge through a comparative analysis of constructions of gas security in the UK and Poland. Utilising a framework that draws from both the philosophical and sociological wings of Securitisation Studies, we demonstrate that although gas has been elevated on the security agendas of both states, the specific logic of insecurity – securitisation or riskification – underpinning these constructions differs substantially, and is conditioned by distinct modes of governance in each Member State. This, we contend, limits the potential for further integration of EU energy policies in the context of the European Commission’s proposals for an ‘Energy Union’

Institutional Change, Obsolescing Legitimacy, and Multinational Corporations: The Case of the Central American Banana Industry

This paper studies the practice of integration of influential host country actors to a multinational corporation as a strategy to decrease problems of legitimacy to the foreign firm before the host country's society. By developing the concept of obsolescing legitimacy, we argue that this strategy provides legitimacy to the foreign firm only in the absence of institutional changes in the host country. Once these changes take place, an alliance by the multinational to an elite or a political system no longer ruling the host country will become a liability and will generate problems of legitimacy for the multinational. We illustrate our argument with the case of the US multinational United Fruit Company in Central America.