“Those who agree to play on our terms will be taken in” : a qualitative study on the perceptions of public authorities and NGO representatives regarding self-organizing fourth-sector activity

Interest is growing in the role of spontaneous volunteers and emergent citizens groups in safety and security functions. This study connects those actors to the broad concept of the self-organizing fourth sector and analyzes the opinions of more than 200 Finnish representatives of public- and the third-sector organizations gathered through interviews and small group discussion on the tensions related to fourth-sector activity. The study reveals a strong desire to control the fourth sector, a desire that dominates any associated desire to enable it. The tension between enabling and controlling can be tamed by moving the fourth-sector actors under the control of the third sector. However, the role of the fourth sector is then reduced to being merely an extra pair of hands, and its self-organizing and emergent nature is subsumed. The debate over the paradox of spontaneous volunteering needs to be resolved before the fourth sector becomes a normal and acknowledged part of the security and safety functions.fi=vertaisarvioitu|en=peerReviewed

If you are late, you are Beyond help : Disinformation and Authorities in Social Media

Fast paced, seemingly vast and ever-growing social media is a challenging environment for public authorities to communicate optimally. One challenge is malicious disinformation, which is intentionally disseminated to deceive and cause harm to citizens and authorities. It is known that exceptional circumstances create opportunities for malicious actors to negatively influence democratic societies. Disinformation is often designed to cause uncertainty towards information that public authorities offer and to decrease the overall trust in public authorities. The aim of disinformation is often to cause polarisation in society and to weaken national security. Furthermore, in a crisis, it is essential that authorities are able to deliver official information quickly, clearly and accurately to citizens. Communication between authorities and citizens in time-sensitive situations is typically online. One challenge to public authorities is how they can mitigate and repair the effects of disinformation and information influencing in complex and time-sensitive circumstances. In this article, our aim is to describe the challenges that public authorities face when communicating in social media spaces where disinformation is present. The empirical data, including 16 government official interviews, was collected in September 2021. The main theme of the interviews was related to how situational awareness about disinformation is formed in their organisations. Our research questions focus on how public authorities detect and counter disinformation in social media and what kind of problems and pressures they have when communicating in such environments. This study follows a qualitative design and the data was analysed using inductive content analysis. This study is part of larger project related to counterforces and the detection of disinformation. The results will provide a broader understanding of how different types of public authorities, from health to security organisations, and from agencies to ministries, communicate in complex environments such as social media

Public Authorities as a Target of Disinformation

Disinformation is a part of a modern digitalised society and thus affects public authorities´ daily work. Through disinformation, malicious actors can often erode the fundamentals of democratic societies. In practice, this can be achieved by influencing authorities’ decision-making processes and creating distrust towards public organisations which can weaken authorities’ ability to function. In Finland, public authorities have relatively transparent and open decision-making processes and communication practices compared to other democratic societies. This transparency and openness can be seen as a vulnerability, increasing the opportunities for malicious actors to use disinformation. The authorities of public services are also seen as producers of evidence-based official information. In general, Finns have very high trust in public authorities. Trust has a major impact on societies’ psychological resilience and susceptibility to disinformation. The results of this article strengthen the idea that disinformation weakens authorities’ ability to function. The producers of disinformation, aided by citizens’ high confidence of public authorities, aim to utilise authorities’ communication by misrepresenting the content according to their own agenda. In this study, our purpose is to describe public authorities’ experiences relating to disinformation in their own organisation. This study follows a qualitative design framework by analysing data collected in September 2021 using inductive content analysis. The empirical data includes 16 government officials’ interviews with themes exploring how disinformation affects their daily activities and why they are targets of disinformation. This article is part of a larger project relating to counterforces and detection of disinformation. The results contribute towards a broader understanding on how different types of public authorities, ranging from health to security organisations, communicate in complex social media environments

Adolescents and the dark side of social media—Law enforcement perspectives

Adolescents are the most active user group of social media sites. Due to being in a phase of both biological and psychological development, they may be particularly vulnerable to the darker side of social media, such as its illegal aspects or coordinated information influencing. With this research, we aimed to identify threats Finnish adolescents face on social media from a law-enforcement perspective. To reach this goal, we performed semi-structured interviews with police officers from Finnish preventive measures police units. To identify and structure threats that adolescents face, we employed a twofold analysis. In the first part, we conducted inductive content analysis, which revealed three primary threats: polarization, disinformation, and social media as a pathway to illegal activities. In the second part, we employed the Honeycomb-model of social media functionality as a classificatory device for structuring these threats. Our findings provide explorative insights into the threats social media might present to adolescents from the point of view of the Finnish law-enforcement system

Terveydenhuolto ja kyberuhkat

Finland’s cyber security strategy states that Finland has to be capable of protecting the vital functions of society, such as health care, against cyber threats. Currently, health care heads the TOP-5 list of cyber attacks because of the value of patient data in dark markets. In this article, we describe actual cyber threats, cyber vulnerabilities, and cyber attacks covering different dimensions of the cyber world. In this study, we use a five-layer cyber world network-model including physical, syntactic, semantic, service, and cognitive layers. The model covers widely the devices and networks from the physical layer to the human problem solving and interpretation environments in the cognitive layer. Also, the vulnerabilities of e.g. device-specific or human factor-related and realised attacks like phishing can be classified with the help of the model. Ransomwares, affecting the semantic layer, have received a lot of publicity lately. There are many ways to take safeguards against cyber threats in different layers. The starting point is that each organisation takes care of their cyber security in collaboration with other actors in recognising threats and in taking action against them. Creating cyber security is actually about managing the system. It is vital to focus on systems as a whole instead of individual devices. The target of the collaboration is that comprehensive know-how supports the facilities of each actor against a common threat. The continuous improvement of cyber security in health care, increasing awareness, and educating staff should be an essential part of the cyber strategy of any organisation.Kyberturvallisuusstrategian vision mukaan Suomen tulee kyetä suojaamaan elintärkeät toimintonsa kyberuhkaa vastaan kaikissa tilanteissa. Terveydenhuolto on yksi elintärkeistä toiminnoista. Terveystoimiala on kyberhyökkäysten top-5-listalla ensimmäisenä. Hyökkäysten keskeisin motivaatio on potilastietojen arvo pimeillä markkinoilla. Vuonna 2015 varastettiin yli satamiljoonaa potilastietoa, jotka sisältävät rikollisille arvokkaita tietoja, kuten luottokorttinumeroita, työnantajatietoja ja sairaushistoriatietoja. Tässä artikkelissa kuvataan terveydenhuoltoon liittyviä kyberuhkia, kyberhaavoittuvuuksia ja toteutuneita kyberhyökkäyksiä kybermaailman eri ulottuvuudet kattaen. Tarkastelussa käytetään kybermaailman viisikerroksista verkostomallia, joka sisältää fyysisen, syntaktisen, semanttisen, palvelu- ja kognitiivisen kerroksen. Malli kattaa laajasti koko kybermaailman fyysisen kerroksen laitteista ja verkoista kognitiivisen kerroksen inhimillisiin ongelmanratkaisu- ja tulkintaympäristöihin. Haavoittuvuuksia ja toteutuneita hyökkäyksiä voidaan mallin mukaan jaotella laitekohtaisista haavoittuvuuksista aina koulutuksen puutteista johtuviin haavoittuvuuksiin ja pelottelu- ja kalasteluohjelmilla tapahtuneisiin hyökkäyksiin. Paljon julkisuutta ovat saaneet myös terveydenhuoltoon kohdistuneet kiristyshaittaohjelmahyökkäykset. Kyberuhkia vastaan voidaan suojautua useilla eri tasoilla ja tavoilla. Lähtökohtana on se, että jokainen organisaatio huolehtii oman toimintansa kyberturvallisuudesta tehden yhteistyötä muiden toimijoiden kanssa uhkien tunnistamisessa ja torjumisessa. Terveydenhuollon kyberturvallisuuden rakentaminen on systeemin hallintaa, jossa tulee keskittyä järjestelmien kokonaisuuteen yksittäisten laitteiden sijaan. Yhteistoiminnan tavoitteena on, että kokonaisosaaminen tukee yksittäisen toimijan toimintaedellytyksiä yhteistä uhkaa vastaan. Terveydenhuollon kyberturvallisuuden jatkuva parantaminen ja tietoisuuden lisääminen ovat kaikkien kansalaisten etuja, jotka vaativat vahvaa ymmärrystä niin tietoturvasta kuin terveydenhuollon toimintatavoistakin. Tämän vuoksi tietoisuuden kohottamisen ja henkilökunnan kouluttamisen tuleekin olla keskeisellä sijalla organisaatioiden kyberturvallisuudessa

Suomalaisten käsityksiä sodan sekä kyber- ja informaatiosodankäynnin uhkasta

Citizens’ conceptions and emotions regarding the current security situation as well as future security outlooks are significant from a social viewpoint. The purpose of this article is to map Finns’ expectations to the possible changes in societal security and their trust towards authorities responsible for public security. The aim of this study is to describe the Finns’ feelings of security concerning both cyber and information operations and the threat of conventional war now and over the course of the following ten years. The data were collected by National Defense University as a part of the TAHTO2 project. The target group comprised the entire population of Finland between the ages of 15 and 79. The data were analyzed using quantitative methods; factor, variance, and cluster analysis. The empirical results suggest that respondents were concerned of cyber and information threats. However, they felt that the threat of conventional war was smaller at the time of the study. Both threats were expected to diminish in the future. The number of respondents who trust public security authorities was significantly higher than those who had a sceptic attitude. The security situation in Finland was regarded stable, possibly due to the fact that respondents trust the authorities’ ability to prevent the aforementioned threats

Lägesbild av regional säkerhet (ATT) – en modell för uppföljning, bedömning och framsyn som stöder regional säkerhetsplanering och beredskap

ATT-modellen som utvecklats för uppföljning av förändring i säkerhetsmiljön (Lägesbild av regional säkerhet) stöder den regionala säkerhetsplaneringen samt beredskapen för störningar och exceptionella situationer. Modellen vägleder en organisering av uppföljningen av säkerheten som ett samarbete mellan flera myndigheter och för att välja säkerhetsindikatorer som lämpar sig för området. Införandet av ATT-modellen får stöd av anvisningar för metoder med vilka man kan identifiera de grundläggande orsakerna till utmaningar i säkerhet och fenomen i anknytning till dessa samt ta i bruk framsynsmetoder som lämpar sig för regional säkerhetsplanering. ATT-modellen är en del av informationsstyrd säkerhetsplanering och beredskap. I kärnan av verksamhetsmodellen finns en framsynsgrupp med många aktörer, vars uppgift är att analysera information från området som beskriver säkerheten och att göra bedömningar av hur situationen utvecklas. Informationen som gruppen får grundas till stor del på verksamheten i framsynsnätverket som följer säkerhetsindikatorerna, statistiken och tyst kunskap som rör området enligt anvisningar från framsynsgruppen. Säkerhetsforumet tolkar den analyserade informationen från framsynsgruppen och lägger fram förslag antingen till en enskild ledningsgrupp eller exempelvis till ledningsgrupper i olika organisationer angående åtgärder som förbättrar säkerhetssituationen. I ATT-modellen granskas regional säkerhet med hjälp av fyra teman som riskerar och/eller försvagar säkerheten: naturfenomen och miljö, funktionen i tekniska system, mänskliga förhållanden samt avsiktlig skadegörelse och brottslighet. Det tvärsektoriella valet av teman stöder samarbete mellan många aktörer. Projektet gav indikatorer för olika teman som områdena kan ta i bruk för att bedöma sin säkerhetssituation. En övergripande utvärdering av säkerhetsmiljön förutsätter också att indikatorerna beskriver både upplevd (subjektiv) känsla av säkerhet och säkerhet som är oberoende av personen som tolkar den (objektiv). ATT-modellen utvecklades i VN-TEAS MATTI-projekt i samarbete med olika myndigheter och aktörer. Stöd och hjälp gavs av närmare 100 personer från 43 olika organisationer, däribland 16 kommuner. EKTURVA som fungerar i Södra Karelens område var en betydelsefull hjälp tack vare kommentarer och hjälp vid organisering av två arbetsgrupper. Projektet förverkligades av Teknologiska forskningscentralen VTT, Polisyrkeshögskolan, Räddningsbranschens Centralorganisation i Finland och Försvarshögskolan.Den här publikation är en del i genomförandet av statsrådets utrednings- och forskningsplan. (tietokayttoon.fi) De som producerar informationen ansvarar för innehållet i publikationen. Textinnehållet återspeglar inte nödvändigtvis statsrådets ståndpunkt