Status Report on the Application of Integrated Approaches to Water Resources Management 2012

UN-Water produced a status report regarding the progress of water resources management in several countries as well as possible outcomes and impacts of integrated approaches. It is also based on a 2011 UN-Water survey sent to the governments of all UN member states and a series of complementary interviews in 30 representative countries

Assessing database and network threats in traditional and cloud computing

Cloud Computing is currently one of the most widely-spoken terms in IT. While it offers a range of technological and financial benefits, its wide acceptance by organizations is not yet wide spread. Security concerns are a main reason for this and this paper studies the data and network threats posed in both traditional and cloud paradigms in an effort to assert in which areas cloud computing addresses security issues and where it does introduce new ones. This evaluation is based on Microsoft’s STRIDE threat model and discusses the stakeholders, the impact and recommendations for tackling each threat

Framing the UK’s counter-terrorism policy within the context of a wicked problem

Terrorist attacks can be seen as the ultimate wicked problem. After 9/11, terrorists moved from so-called ‘spectacular’ events to relatively low-intensity attacks against individuals and groups. The emergence of what has become known as the ‘home-grown’ terrorist has added a further dimension to the ‘wicked’ nature of the problem. This paper considers the UK’s CONTEST and PREVENT strategies as a policy response to the threats from terrorism and the impact that the policies themselves can have on the radicalization of individuals. The author highlights some of the limitations of the PREVENT strand of the overall strategy and the constraints that are imposed on government policies by failing to take a holistic perspective on the nature of the problem

New Challenges in Critical Infrastructures : A US Perspective

L'émergence d'un plus large spectre de vulnérabilités (terrorisme, sabotage, conflits locaux et catastrophes naturelles) et l'interdépendance croissante de l'activité économique rendent particulièrement vulnérables les grands réseaux vitaux des pays industrialisés. Pour y faire face, des actions importantes doivent être menées à une échelle nationale, en particulier par le développement de partenariats étroits entre le secteur public et la sphère privée.Cet article analyse l'initiative présidentielle lancée dès 1996 aux Etats-Unis -premier pays au monde à inscrire ces questions à l'agenda du plus haut niveau décisionnel- ainsi que la structure nationale de partenariats mis en place depuis lors. Une telle démarche pourrait constituer un point de départ pour d'autres pays désireux d'élaborer leur propre analyse de vulnérabilités et leur stratégie d'amélioration.Les événements du 11 septembre 2001, comme les attaques à l'anthrax, ont néanmoins montré que les avancées américaines ne constituaient qu'une première étape d'un processus plus global de préparation nationale; les infrastructures critiques des Etats-Unis demeurent hautement vulnérables. Enfin, plusieurs idées fausses, par trop souvent récurrentes, doivent être dépassées pour traiter beaucoup plus efficacement ces risques à grande échelle sur un plan international.Partenariats public-privé;Risques à grande échelle;Infrastructures critiques;Nouvelles vulnérabilites;Sécurité nationale;Préparation collective

Understanding livelihoods dependent on inland fisheries in Bangladesh and Southeast Asia: final technical report

Inland fisheries, Wetlands, Livelihoods

Reliable, resilient and sustainable water management: The Safe & SuRe approach

Global threats such as climate change, population growth, and rapid urbanization pose a huge future challenge to water management, and, to ensure the ongoing reliability, resilience and sustainability of service provision, a paradigm shift is required. This paper presents an overarching framework that supports the development of strategies for reliable provision of services while explicitly addressing the need for greater resilience to emerging threats, leading to more sustainable solutions. The framework logically relates global threats, the water system (in its broadest sense), impacts on system performance, and social, economic, and environmental consequences. It identifies multiple opportunities for intervention, illustrating how mitigation, adaptation, coping, and learning each address different elements of the framework. This provides greater clarity to decision makers and will enable better informed choices to be made. The framework facilitates four types of analysis and evaluation to support the development of reliable, resilient, and sustainable solutions: “top‐down,” “bottom‐up,” “middle based,” and “circular” and provides a clear, visual representation of how/when each may be used. In particular, the potential benefits of a middle‐based analysis, which focuses on system failure modes and their impacts and enables the effects of unknown threats to be accounted for, are highlighted. The disparate themes of reliability, resilience and sustainability are also logically integrated and their relationships explored in terms of properties and performance. Although these latter two terms are often conflated in resilience and sustainability metrics, the argument is made in this work that the performance of a reliable, resilient, or sustainable system must be distinguished from the properties that enable this performance to be achieved

Управління ризиками інфокомунікаційної мережі при стратегічному плануванні безпеки систем критичної інраструктури

The subject matter of the article is information and communication networks of critical infrastructure systems. The goal of the work is to create an approach for strategic managing the security of critical infrastructure systems taking into account the risks of the information and communication network. The article deals with the following tasks: determining the procedure of strategic managing the security of critical infrastructure systems, identifying the risks of the information and communication network, assessing the importance and probability of partial network risks. The following methods are used: a systematic approach, cause-and-effect analysis, statistical methods. The following results are obtained: the diagram of multi-level risk management of critical infrastructure systems is developed; the diagram of the step-by-step method of information risks management is developed for increasing the safety of the system; the complex index is suggested for determining the category of information system security; probable variants of the full-factor environment of a set of values of the complex index elements and the corresponding categories of information systems security are analyzed; the process of adaptation of the system as an integral part of the selection and specification of measures for the risk reduction of the information and communication network is determined; the example of the risk assessment of the information and communication network for a software and hardware complex in the automated control system of technological processes is considered. Taking into account the categories of factors, a list of probable risks of the information and communication network and factors that cause them is given; the cause-and-effect diagram of "cause-risk-effect" interaction is created; the total effect of each factor on the final vertices of the diagram, that is possible effects, is calculated; the factors were grouped as the most important, quite important, of mean importance, and inconsiderable ones.Предметом дослідження в статті є інфокомунікаційні мережі систем критичної інфраструктури. Мета роботи – створення підходу для стратегічного управління безпекою систем критичної інфраструктури з урахуванням ризиків інфокомунікаційної мережі. В статті вирішуються наступні завдання: визначення процедури стратегічного управління безпекою систем критичної інфраструктури, ідентифікація ризиків інфокомунікаційної мережі, оцінка важливості та ймовірності часткових ризиків мережі. Використовуються такі методи: системний підхід, причинно-наслідковий аналіз, статистичні методи. Отримано наступні результати: Побудовано схему багаторівневого управління ризиками систем критичної інфраструктури. Розроблено схему покрокового методу управління інформаційними ризиками для підвищення безпеки системи. Запропоновано комплексний показник для визначення категорії безпеки інформаційної системи. Проаналізовано можливі варіанти повного факторного простору множини значень елементів комплексного показника і відповідні їм категорії безпеки інформаційних систем. Визначено процес адаптації системи як невід'ємну частину вибору і специфікації заходів щодо парирування ризиків інфокомунікаційної мережі. Розглянуто приклад оцінки ризику інфокомунікаційної мережі для програмно-технічного комплексу у складі автоматизованої системи управління технологічними процесами. З урахуванням категорій факторів наведено перелік можливих ризиків інфокомунікаційної мережі із зазначенням причин їх виникнення. Побудовано причинно-наслідкову діаграму взаємодії "причини-ризики-наслідки". Розраховано загальний вплив кожного фактора на кінцеві вершини діаграми – можливі наслідки. Було класифіковано фактори на чотири групи: найбільш важливі, досить значні, середньої значущості, незначні

Internet of Things for Sustainability: Perspectives in Privacy, Cybersecurity, and Future Trends

In the sustainability IoT, the cybersecurity risks to things, sensors, and monitoring systems are distinct from the conventional networking systems in many aspects. The interaction of sustainability IoT with the physical world phenomena (e.g., weather, climate, water, and oceans) is mostly not found in the modern information technology systems. Accordingly, actuation, the ability of these devices to make changes in real world based on sensing and monitoring, requires special consideration in terms of privacy and security. Moreover, the energy efficiency, safety, power, performance requirements of these device distinguish them from conventional computers systems. In this chapter, the cybersecurity approaches towards sustainability IoT are discussed in detail. The sustainability IoT risk categorization, risk mitigation goals, and implementation aspects are analyzed. The openness paradox and data dichotomy between privacy and sharing is analyzed. Accordingly, the IoT technology and security standard developments activities are highlighted. The perspectives on opportunities and challenges in IoT for sustainability are given. Finally, the chapter concludes with a discussion of sustainability IoT cybersecurity case studies