A FRAMEWORK FOR THE EVALUATION OF CYBERSECURITY EFFECTIVENESS OF ABU DHABI GOVERNMENT ENTITIES

Cyberspace has become one of the new frontiers for countries to demonstrate their power to survive in the digitized world. The UAE has become a major target for cyber conflicts due to the rapid increase in economic activity and technology. Further, the widespread use of the internet in the region to the tune of 88% by the end of 2014 has exposed the critical infrastructure to all forms of cyber threats. In this dissertation, the researcher presents a detailed study of the existing cybersecurity defences globally and an investigation into the factors that influence the effectiveness of cybersecurity defences in Abu Dhabi government entities. Further, the role of cybersecurity education, training, and awareness in enhancing the effectiveness of cybersecurity and the role of senior management in providing strategic direction to government entities on cybersecurity are evaluated in addition to determining the contribution of strategic planning and technology level in ensuring an effective cybersecurity system. The study has evaluated the level of Cybersecurity Effectiveness (CSE) in Abu Dhabi Government Entities and the results show that Science and Technology entity performed better than all other Entities with CSE Mean = 4.37 while Public Order showed the least performance with CSE Mean = 3.83 and the combined model of six factors with R-square value 0.317 after multiple regression implying that 32% change in CSE in the government entities is occurring due to the six (6) independent variables used in the study. Further, results show that management has the responsibility of putting in place strategies, frameworks and policies that respond appropriately to the prevention, detection and mitigation of cyberattacks. Results further indicate that culture-sensitive training and awareness programmes add to the quality and effectiveness of cybersecurity systems in government entities. Further, study findings reveal that qualified and experienced personnel in government entities show a greater understanding of cyber and information security issues. Finally, the researcher proposes a cybersecurity framework and a checklist, with checkpoints, for evaluating the effectiveness of cybersecurity systems within government entities and future research interventions

SMALL STATES IN SPACE: CRAFTING A STRATEGY FOR SINGAPORE

Many nascent space powers have initiated strategic assessments and announced policy objectives to integrate space activities to serve their national interests. This thesis seeks to study: How should Singapore, a small state with limited capacities (e.g., geographical size, population, and resources), develop near-term policy objectives that best draw on its competitive advantages? This provides clarity to Singapore’s progress as an emerging spacefaring nation, in response to emerging global trends in space and in leveraging space in meeting its national interests. To draw meaningful comparisons and lessons, this thesis examines the key policies, strategies, and programs as well as the objectives and priorities driving the sectoral developments of two trailblazing small states (the United Arab Emirates and Luxembourg). This thesis presents policy recommendations for Singapore to best capitalize on its competitive strengths as it progresses as an emerging spacefaring nation. Recommendations include institutionalizing national authority and space act, increased participation in bilateral and multilateral space cooperation and diplomacy, dedicating budget to the application of space security, and nurturing space ecosystem and talent pipeline.Military Expert 5, Republic of Singapore Air ForceApproved for public release. Distribution is unlimited

The Global Energy Transition: A Review of the Existing Literature

This chapter presents an overview of the existing literature on the geopolitics of the global energy transition. Notwithstanding its potentially re-defining role for international relations, this issue has, so far, not been analysed in a comprehensive manner but in a rather fragmented way. This chapter represents a useful summary to the state-of-the-art of knowledge in the field, and therefore a useful starting point for the book

Developing a digital competence framework for UAE law enforcement agencies to enhance cyber security of Critical Physical Infrastructure (CPI)

Critical Physical Infrastructures (CPI) are assets and systems that are vital to the health, safety, security, and economic or social well-being of people, and have become increasingly vulnerable to cyberattacks that have the potential to cause severe debilitating and destructive impact on a nation’s economic security or public health and safety. The United Arab Emirates (UAE) has experienced a high level of cyberattacks targeted at its critical physical infrastructure which has also undergone rapid modernisation, digitisation and interconnection of systems that could expose it to potential vulnerabilities in cyberspace. This thesis addresses a major challenge in the capacity of law enforcement to address cyberattacks in respect of the digital capabilities that are necessary to maintain pace with technologies and respond effectively in a digital environment. The purpose of this study is to develop a digital competences framework for UAE law enforcement agencies to combat cyber security threats facing CPI. This identifies the key functions and role of law enforcement and prioritises primary domains and elements of digital competency for cyber security that are critical for law enforcement to perform its role in protecting CPI. A holistic case study design using multiple methods to generate qualitative and quantitative data is adopted. A Delphi method is applied over multiple stages aimed at achieving consensus among experts and professionals using open and semi-structured interviews, analytical hierarchy process (AHP), quantitative survey and group building methods. The sample consists of 25 experts from different law enforcement organisations and from different roles and different levels of the organisation. The findings present a digital competency framework for cybersecurity of CPI which models a holistic socio-technical approach and evaluation of digital competency requirements in line with the different functions and roles of law enforcement. Digital competency is conceptualised as an interplay of multiple interconnected dimensions including balance, type and relevance of training and future proofing. The highest ranked digital competencies for law enforcement to protect CPI are identified as Investigate, Analyse, Collect and Operate and Protect and Defend. The three highest ranked specialty areas are Cyber Investigation, Digital Forensics and All-Source Analysis. Cybercrime Investigator, Law Enforcement/Counterintelligence Forensics Analyst, and All-Source Analyst are the highest ranked work roles. The framework identifies knowledge skills and ability competencies for each of these domains. This study makes a novel contribution to theory of digital competency in identifying and prioritising key factors and processes for the design and implementation of digital competency development. The study prioritises the competences and speciality areas of digital competency and the associated knowledge, skills and abilities (KSAs) in the area of law enforcement for enhancing security of CPI

Governance of Dual-Use Technologies: Theory and Practice

The term dual-use characterizes technologies that can have both military and civilian applications. What is the state of current efforts to control the spread of these powerful technologies—nuclear, biological, cyber—that can simultaneously advance social and economic well-being and also be harnessed for hostile purposes? What have previous efforts to govern, for example, nuclear and biological weapons taught us about the potential for the control of these dual-use technologies? What are the implications for governance when the range of actors who could cause harm with these technologies include not just national governments but also non-state actors like terrorists? These are some of the questions addressed by Governance of Dual-Use Technologies: Theory and Practice, the new publication released today by the Global Nuclear Future Initiative of the American Academy of Arts and Sciences. The publication's editor is Elisa D. Harris, Senior Research Scholar, Center for International Security Studies, University of Maryland School of Public Affairs. Governance of Dual-Use Technologies examines the similarities and differences between the strategies used for the control of nuclear technologies and those proposed for biotechnology and information technology. The publication makes clear the challenges concomitant with dual-use governance. For example, general agreement exists internationally on the need to restrict access to technologies enabling the development of nuclear weapons. However, no similar consensus exists in the bio and information technology domains. The publication also explores the limitations of military measures like deterrence, defense, and reprisal in preventing globally available biological and information technologies from being misused. Some of the other questions explored by the publication include: What types of governance measures for these dual-use technologies have already been adopted? What objectives have those measures sought to achieve? How have the technical characteristics of the technology affected governance prospects? What have been the primary obstacles to effective governance, and what gaps exist in the current governance regime? Are further governance measures feasible? In addition to a preface from Global Nuclear Future Initiative Co-Director Robert Rosner (University of Chicago) and an introduction and conclusion from Elisa Harris, Governance of Dual-Use Technologiesincludes:On the Regulation of Dual-Use Nuclear Technology by James M. Acton (Carnegie Endowment for International Peace)Dual-Use Threats: The Case of Biotechnology by Elisa D. Harris (University of Maryland)Governance of Information Technology and Cyber Weapons by Herbert Lin (Stanford University

Enabling NATO’s Collective Defense: Critical Infrastructure Security and Resiliency (NATO COE-DAT Handbook 1)

In 2014 NATO’s Center of Excellence-Defence Against Terrorism (COE-DAT) launched the inaugural course on “Critical Infrastructure Protection Against Terrorist Attacks.” As this course garnered increased attendance and interest, the core lecturer team felt the need to update the course in critical infrastructure (CI) taking into account the shift from an emphasis on “protection” of CI assets to “security and resiliency.” What was lacking in the fields of academe, emergency management, and the industry practitioner community was a handbook that leveraged the collective subject matter expertise of the core lecturer team, a handbook that could serve to educate government leaders, state and private-sector owners and operators of critical infrastructure, academicians, and policymakers in NATO and partner countries. Enabling NATO’s Collective Defense: Critical Infrastructure Security and Resiliency is the culmination of such an effort, the first major collaborative research project under a Memorandum of Understanding between the US Army War College Strategic Studies Institute (SSI), and NATO COE-DAT. The research project began in October 2020 with a series of four workshops hosted by SSI. The draft chapters for the book were completed in late January 2022. Little did the research team envision the Russian invasion of Ukraine in February this year. The Russian occupation of the Zaporizhzhya nuclear power plant, successive missile attacks against Ukraine’s electric generation and distribution facilities, rail transport, and cyberattacks against almost every sector of the country’s critical infrastructure have been on world display. Russian use of its gas supplies as a means of economic warfare against Europe—designed to undermine NATO unity and support for Ukraine—is another timely example of why adversaries, nation-states, and terrorists alike target critical infrastructure. Hence, the need for public-private sector partnerships to secure that infrastructure and build the resiliency to sustain it when attacked. Ukraine also highlights the need for NATO allies to understand where vulnerabilities exist in host nation infrastructure that will undermine collective defense and give more urgency to redressing and mitigating those fissures.https://press.armywarcollege.edu/monographs/1951/thumbnail.jp