772 research outputs found
The future of Cybersecurity in Italy: Strategic focus area
This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management
Identifying the science and technology dimensions of emerging public policy issues through horizon scanning
Public policy requires public support, which in turn implies a need to enable the public not just to understand policy but also to be engaged in its development. Where complex science and technology issues are involved in policy making, this takes time, so it is important to identify emerging issues of this type and prepare engagement plans. In our horizon scanning exercise, we used a modified Delphi technique [1]. A wide group of people with interests in the science and policy interface (drawn from policy makers, policy adviser, practitioners, the private sector and academics) elicited a long list of emergent policy issues in which science and technology would feature strongly and which would also necessitate public engagement as policies are developed. This was then refined to a short list of top priorities for policy makers. Thirty issues were identified within broad areas of business and technology; energy and environment; government, politics and education; health, healthcare, population and aging; information, communication, infrastructure and transport; and public safety and national security.Public policy requires public support, which in turn implies a need to enable the public not just to understand policy but also to be engaged in its development. Where complex science and technology issues are involved in policy making, this takes time, so it is important to identify emerging issues of this type and prepare engagement plans. In our horizon scanning exercise, we used a modified Delphi technique [1]. A wide group of people with interests in the science and policy interface (drawn from policy makers, policy adviser, practitioners, the private sector and academics) elicited a long list of emergent policy issues in which science and technology would feature strongly and which would also necessitate public engagement as policies are developed. This was then refined to a short list of top priorities for policy makers. Thirty issues were identified within broad areas of business and technology; energy and environment; government, politics and education; health, healthcare, population and aging; information, communication, infrastructure and transport; and public safety and national security
Cyber defensive capacity and capability::A perspective from the financial sector of a small state
This thesis explores ways in which the financial sectors of small states are able todefend themselves against ever-growing cyber threats, as well as ways these states can improve their cyber defense capability in order to withstand current andfuture attacks. To date, the context of small states in general is understudied. This study presents the challenges faced by financial sectors in small states with regard to withstanding cyberattacks. This study applies a mixed method approach through the use of various surveys, brainstorming sessions with financial sector focus groups, interviews with critical infrastructure stakeholders, a literature review, a comparative analysis of secondary data and a theoretical narrative review. The findings suggest that, for the Aruban financial sector, compliance is important, as with minimal drivers, precautionary behavior is significant. Countermeasures of formal, informal, and technical controls need to be in place. This study indicates the view that defending a small state such as Aruba is challenging, yet enough economic indicators indicate it not being outside the realm of possibility. On a theoretical level, this thesis proposes a conceptual “whole-of-cyber” model inspired by military science and the VSM (Viable Systems Model). The concept of fighting power components and governance S4 function form cyber defensive capacity’s shield and capability. The “whole-of-cyber” approach may be a good way to compensate for the lack of resources of small states. Collaboration may be an only out, as the fastest-growing need will be for advanced IT skillsets
Transdisciplinary AI Observatory -- Retrospective Analyses and Future-Oriented Contradistinctions
In the last years, AI safety gained international recognition in the light of
heterogeneous safety-critical and ethical issues that risk overshadowing the
broad beneficial impacts of AI. In this context, the implementation of AI
observatory endeavors represents one key research direction. This paper
motivates the need for an inherently transdisciplinary AI observatory approach
integrating diverse retrospective and counterfactual views. We delineate aims
and limitations while providing hands-on-advice utilizing concrete practical
examples. Distinguishing between unintentionally and intentionally triggered AI
risks with diverse socio-psycho-technological impacts, we exemplify a
retrospective descriptive analysis followed by a retrospective counterfactual
risk analysis. Building on these AI observatory tools, we present near-term
transdisciplinary guidelines for AI safety. As further contribution, we discuss
differentiated and tailored long-term directions through the lens of two
disparate modern AI safety paradigms. For simplicity, we refer to these two
different paradigms with the terms artificial stupidity (AS) and eternal
creativity (EC) respectively. While both AS and EC acknowledge the need for a
hybrid cognitive-affective approach to AI safety and overlap with regard to
many short-term considerations, they differ fundamentally in the nature of
multiple envisaged long-term solution patterns. By compiling relevant
underlying contradistinctions, we aim to provide future-oriented incentives for
constructive dialectics in practical and theoretical AI safety research
Big data for monitoring educational systems
This report considers “how advances in big data are likely to transform the context and methodology of monitoring educational systems within a long-term perspective (10-30 years) and impact the evidence based policy development in the sector”, big data are “large amounts of different types of data produced with high velocity from a high number of various types of sources.” Five independent experts were commissioned by Ecorys, responding to themes of: students' privacy, educational equity and efficiency, student tracking, assessment and skills. The experts were asked to consider the “macro perspective on governance on educational systems at all levels from primary, secondary education and tertiary – the latter covering all aspects of tertiary from further, to higher, and to VET”, prioritising primary and secondary levels of education
System Security Assurance: A Systematic Literature Review
System security assurance provides the confidence that security features,
practices, procedures, and architecture of software systems mediate and enforce
the security policy and are resilient against security failure and attacks.
Alongside the significant benefits of security assurance, the evolution of new
information and communication technology (ICT) introduces new challenges
regarding information protection. Security assurance methods based on the
traditional tools, techniques, and procedures may fail to account new
challenges due to poor requirement specifications, static nature, and poor
development processes. The common criteria (CC) commonly used for security
evaluation and certification process also comes with many limitations and
challenges. In this paper, extensive efforts have been made to study the
state-of-the-art, limitations and future research directions for security
assurance of the ICT and cyber-physical systems (CPS) in a wide range of
domains. We conducted a systematic review of requirements, processes, and
activities involved in system security assurance including security
requirements, security metrics, system and environments and assurance methods.
We highlighted the challenges and gaps that have been identified by the
existing literature related to system security assurance and corresponding
solutions. Finally, we discussed the limitations of the present methods and
future research directions
- …