The European Union's digital assertiveness

The European institutions and EU member states are pushing hard for closer digital integration. In view of the diverse challenges -from protecting critical infrastructure and safeguarding civil liberties to the creation of common markets- "positive integration", that is targeted EU regulatory action, is the way to tackle market failure within and beyond Europe. Draft regulations at the EU level are to take effect inside and outside the internal market: the Digital Single Market Strategy (DSM), the General Data Protection Regulation (GDPR) and the Directive on Network and Information Security (NIS). Digital integration is a precondition for establishing European standards and norms effectively, especially in international politics. (Autorenreferat

BIBLIOMETRIC ANALYSIS ON CYBERSPACE SECURITY - NIS DIRECTIVES

The impact of security in cyberspace has been increasing, motivating companies to reconsider their security strategies. In addition, people from various countries who are aware of this growth are seeking to present studies in various journals that allow them to identify elements that contribute to the consolidation of the concept of security in cyberspace. With this reality in mind, this study, supported by a bibliometric analysis of security in cyberspace based on articles published in the last eight years, aims to analyze the evolution of scientific research, identify the most influential scientific publications on topics related to cyberspace security, and detect research opportunities in the field. The study also discusses the implementation of the legal framework for security in cyberspace and the NIS Directive, aspects that European companies should consider in their cybersecurity strategy. The study's conclusions highlight the multifaceted nature of cybersecurity challenges and the need for a holistic and collaborative approach to strengthening digital resilience, with an emphasis on promoting a culture of awareness encouraged at the organizational and social level by policymakers, industry leaders, and researchers.info:eu-repo/semantics/publishedVersio

BIBLIOMETRIC ANALYSIS ON CYBERSPACE SECURITY - NIS DIRECTIVES

The impact of security in cyberspace has been increasing, motivating companies to reconsider their security strategies. In addition, people from various countries who are aware of this growth are seeking to present studies in various journals that allow them to identify elements that contribute to the consolidation of the concept of security in cyberspace. With this reality in mind, this study, supported by a bibliometric analysis of security in cyberspace based on articles published in the last eight years, aims to analyze the evolution of scientific research, identify the most influential scientific publications on topics related to cyberspace security, and detect research opportunities in the field. The study also discusses the implementation of the legal framework for security in cyberspace and the NIS Directive, aspects that European companies should consider in their cybersecurity strategy. The study's conclusions highlight the multifaceted nature of cybersecurity challenges and the need for a holistic and collaborative approach to strengthening digital resilience, with an emphasis on promoting a culture of awareness encouraged at the organizational and social level by policymakers, industry leaders, and researchers.info:eu-repo/semantics/publishedVersio

Bibliometric Analysis on Cyberspace Security - NIS Directives

The impact of security in cyberspace has been increasing, motivating companies to reconsider their security strategies. In addition, people from various countries who are aware of this growth are seeking to present studies in various journals that allow them to identify elements that contribute to the consolidation of the concept of security in cyberspace. With this reality in mind, this study, supported by a bibliometric analysis of security in cyberspace based on articles published in the last eight years, aims to analyze the evolution of scientific research, identify the most influential scientific publications on topics related to cyberspace security, and detect research opportunities in the field. The study also discusses the implementation of the legal framework for security in cyberspace and the NIS Directive, aspects that European companies should consider in their cybersecurity strategy. The study's conclusions highlight the multifaceted nature of cybersecurity challenges and the need for a holistic and collaborative approach to strengthening digital resilience, with an emphasis on promoting a culture of awareness encouraged at the organizational and social level by policymakers, industry leaders, and researchers.info:eu-repo/semantics/publishedVersio

The new EU cybersecurity framework:The NIS Directive, ENISA's role and the General Data Protection Regulation

The NIS Directive is the first horizontal legislation undertaken at EU level for the protection of network and information systems across the Union. During the last decades e-services, new technologies, information systems and networks have become embedded in our daily lives. It is by now common knowledge that deliberate incidents causing disruption of IT services and critical infrastructures constitute a serious threat to their operation and consequently to the functioning of the Internal Market and the Union. This paper first discusses the Directive's addressees particularly with regard to their compliance obligations as well as Member States’ obligations as regards their respective national strategies and cooperation at EU level. Subsequently, the critical role of ENISA in implementing the Directive, as reinforced by the proposal for a new Regulation on ENISA (the EU Cybersecurity Act), is brought forward, before elaborating upon the, inevitable, relationship of the NIS Directive with EU's General Data Protection Regulatio

Cybersecurity and Liability in a Big Data World

The interplay between big data and cloud computing is at the same time undoubtedly promising, challenging and puzzling. The current technological landscape is not without paradoxes and risks, which under certain circumstances may raise liability issues for market operators. In this article we illustrate the several challenges in terms of security and resilience that market operators face as their overcoming is of strategic importance for businesses wishing to be deemed privacy-respectful and reliable market actors. After a brief overview of the potentialities and drawbacks deriving from the combination of big data and cloud computing, this article illustrates the challenges and the obligations imposed by the European institutions on providers processing personal data – pursuant to the General Data Protection Regulation – and on providers of digital services and essential services – according to the NIS Directive. We also survey the European institutions’ push towards the development and adoption of codes of conduct, standards and certificates, as well as their last proposal for a new Cybersecurity Act. We conclude by showing that, despite this articulate framework, big data and cloud service providers still leverage on their strong market power to use “contractual shields” and escape liability

Europeanization processes regarding matters of cybersecurity: The case of Portugal

In a world that receives technology with open arms, the issue of cybersecurity has increasingly become a daily reality and it is necessary to treat it as something essential for the protection of our online presence. Not only in terms of secure internet browsing practices, but also in the implementation of actions that are ready to tackle new and unknown threats: several countries have paid attention to these changes and modified their security policies. In this sense, we intend to use Europeanization in order to understand, in the sphere of European integration, how the European Union affects and influences its Member States in the formulation of measures related to the cybersecurity of its citizens. Hence, Portugal will be used as a case study. This choice stems from the fact that this country contains an unexplored volume of academic literature regarding the topic, in comparison with other larger ones. Therefore, the main objective of this work is precisely to provide a new view on how the EU has shaped the legislative process of a small country, but important nonetheless in its position on the European panorama.Tendo em conta um presente que abraça mais o tecnológico, a questão da cibersegurança tem-se tornado cada vez mais uma realidade diária e é necessário encará-la como algo essencial para a proteção da nossa presença online. Não só a nível de boas práticas de navegação na internet, mas também na implementação de ações prontas para combater novas e desconhecidas ameaças: vários são os países que prestaram atenção a estas mudanças e alteraram as suas políticas de segurança. Pretendemos neste sentido utilizar a Europeização para perceber, na esfera da integração europeia, como é que a União Europeia afeta e influencia os seus Estados-Membros na formulação de medidas relacionadas com a cibersegurança dos seus cidadãos. Seguidamente, é prestada uma atenção especial a Portugal, sendo utilizado como um caso de estudo. Esta escolha advém do facto deste país conter literatura académica ainda por explorar sobre o tema, em comparação com outros de maior dimensão. Sendo assim, o objetivo principal deste trabalho é precisamente proporcionar uma nova visão sobre como a UE tem moldado o processo legislativo de um país pequeno no seu tamanho, mas de qualquer forma importante na sua posição no panorama europeu

Avoiding the internet of insecure industrial things

Security incidents such as targeted distributed denial of service (DDoS) attacks on power grids and hacking of factory industrial control systems (ICS) are on the increase. This paper unpacks where emerging security risks lie for the industrial internet of things, drawing on both technical and regulatory perspectives. Legal changes are being ushered by the European Union (EU) Network and Information Security (NIS) Directive 2016 and the General Data Protection Regulation 2016 (GDPR) (both to be enforced from May 2018). We use the case study of the emergent smart energy supply chain to frame, scope out and consolidate the breadth of security concerns at play, and the regulatory responses. We argue the industrial IoT brings four security concerns to the fore, namely: appreciating the shift from offline to online infrastructure; managing temporal dimensions of security; addressing the implementation gap for best practice; and engaging with infrastructural complexity. Our goal is to surface risks and foster dialogue to avoid the emergence of an Internet of Insecure Industrial Things

The future of Cybersecurity in Italy: Strategic focus area

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management