Transaction Search Form: please type in any of the fields below.
Date: November 22, 2024 Fri
Time: 11:42 am
Time: 11:42 am
Results for cyber-security
4 results foundAuthor: Grauman, Brigid Title: Cyber-security: The Vexed Question of Global Rules Summary: This report is made up of a survey of some 250 leading authorities worldwide and of interviews carried out in late 2011 and early 2012 with over 80 cyber-security experts in government, companies, international organisations and academia. It offers a global snapshot of current thinking about the cyber-threat and the measures that should be taken to defend against it, and assesses the way ahead. It is aimed at the influential layperson, and deliberately avoids specialised language. For the moment, the “bad guys” have the upper hand – whether they are attacking systems for industrial or political espionage reasons, or simply to steal money - because the lack of international agreements allows them to operate swiftly and mostly with impunity. Protecting data and systems against cyber-attack has so far been about dousing the flames, although recently the focus has been shifting towards more assertive self-protection. The first part of this two-part report concentrates on the main issues that are slowing progress, starting with the absence of agreement on what we mean by terms like cyber-war or cyber-attack. It reflects sharp divisions over the rights of individuals and states in cyber-space. Most Western countries believe that freedom of access to the internet is a basic human right, and that he or she also has a right to privacy and security that should be protected by laws. UNESCO argues that the right to assemble in cyberspace comes under Article 19 of the Declaration of Human Rights. At the other end of the spectrum are those countries, like Russia and China, that favour a global treaty but nevertheless believe that access to the internet should be limited if it threatens regime stability, and that information can also be seen as a cyber-threat. For these countries, any state has the right to control content within its sovereign internet space. Linked to the rights and responsibilities of states is the thorny issue of attribution. There are those countries that say that attribution to a specific attacker is impossible, and that the focus has to be defence from attacks. Others argue that attribution is possible, but requires international cooperation, sharing of information and assistance from local authorities. Some states believe that cooperation is a threat to their sovereignty; others say they can’t be held responsible for the activities of individuals or private companies. And a number apparently fear openness because they don’t want to see restrictions on their political or military objectives. Some clear themes emerge from the report, and they are issues that need fairly urgent resolution. Among these is how and to what degree should a more proactive, some would say more bellicose, stance be developed both in the military and private arenas; the need for much greater international cooperation; introducing a more solid security architecture to the internet; and establishing cyber-confidence building measures as an easier alternative to any global treaty, or at least as a gapfiller until a treaty is agreed. The second part of this report are 21 country stress tests, complemented by findings from the global survey the SDA conducted in the autumn of 2011 among 250 top cyber-security specialists in 35 countries. They included government ministers, staff at international organisations, leading academics, think-tankers and IT specialists, and their views diverged widely on how to improve international cooperation in cyberspace, which over half of them now consider a global common like the sea or space. Details: Brussels, Belgium: Security & Defence Agenda, 2012. 108p. Source: Internet Resource: Accessed February 14, 2012 at: http://www.securitydefenceagenda.org/Portals/14/Documents/Publications/SDA_Cyber_report_FINAL.pdf Year: 2012 Country: International URL: http://www.securitydefenceagenda.org/Portals/14/Documents/Publications/SDA_Cyber_report_FINAL.pdf Shelf Number: 124133 Keywords: Computer CrimesCyber-SecurityCybercrimeInternet Crimes |
Author: Levin, Avner Title: Securing Cyberspace: A Comparative Review of Strategies Worldwide Summary: Several distinct cyber-blocs have formed with their unique cyber-security strategies and emphases. The Anglosphere, led by the US and the UK, emphasizes a leading private sector role, an educated workforce, and outreach and diplomacy. The EU, led by Germany, focuses on a robust legal and regulatory framework, and on the promotion of the Council of Europe (Budapest) Convention of Cybercrime as a blueprint for international cooperation and enforcement. The Baltic States are in tight cooperation with NATO in the development of their national cyber-security strategies. The post-Soviet CIS bloc, led by Russia with some degree of Chinese cooperation, focuses on internal threats, abhors extra-territorial judicial action, and promotes a corresponding international framework under the auspices of the UN. Most cyber-strategies, with the notable exceptions of Russia, China and their allies, are compatible with Canadian interests. Strategies generally differ on the roles that they allocate to the public and private sectors, and within those, on the roles allocated to policy, regulation, for-profit and not-for profit ventures as promoters of cyber-security. Strategies also direct a wide range of resources in a variety of ways. The majority of countries reviewed are in the process of developing and implementing their cyber-security strategies, and setting the focus of their efforts. These rapidly occurring changes in strategies and policy implementation add to the challenge of determining best practices for securing cyberspace while protecting civil liberties. Information on the origin and ultimate target of many cyber-threats is contradictory due to the difficulty of pinpointing sources and destinations with ultimate certainty solely by technological means. China, for example, the current “cyber-villain” may be suffering from cybercrime more than commonly acknowledged and open to collaboration. Leading Western countries, such as the US and Germany, may not only be the target of attacks but the ultimate source of cyber-criminal activity as well. In order for Canada to proceed with its strategy in an informed manner, accurate, verifiable cybercrime data must be collected and evaluated to determine the optimal countries for collaboration. As it develops its own cyber-strategy, Canada should look to global leaders and learn from the approaches of the US, UK and Germany, that emphasize education, diplomatic outreach, private sector involvement and a legal and regulatory framework that balances cyber-security and privacy. Details: Toronto: Privacy and Cyber Crime Institute, Ted Rogers School of Management, Ryerson University, 2013. 58p. Source: Internet Resource: Accessed May 8, 2013 at: http://www.ryerson.ca/content/dam/tedrogersschool/privacy/documents/Ryerson_cyber_crime_final_report.pdf Year: 2013 Country: Canada URL: http://www.ryerson.ca/content/dam/tedrogersschool/privacy/documents/Ryerson_cyber_crime_final_report.pdf Shelf Number: 128676 Keywords: Computer CrimesCyber-SecurityCybercrimes (Canada)Internet Crimes |
Author: Ponemon Institute LLC Title: Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age Summary: With the increasing cost and volume of data breaches, cyber security is quickly moving from being considered by business leaders as a purely technical issue to a larger business risk. This shift has spurred increased interest in cyber insurance to mitigate the cost of these issues. In a new study sponsored by Experian® Data Breach Resolution, Ponemon Institute surveyed risk management professionals across multiple sectors that have considered or adopted cyber insurance. Based on responses, many understand that security is a clear and present risk. Indeed a majority of companies now rank cyber security risks as greater than natural disasters and other major business risks. Details: Ponemon Institute, 2013. 25p. Source: Internet Resource: Accessed August 19, 2013 at: http://www.experian.com/innovation/business-resources/ponemon-study-managing-cyber-security-as-business-risk.jsp?ecd_dbres_cyber_insurance_study_ponemon_referral Year: 2013 Country: International URL: http://www.experian.com/innovation/business-resources/ponemon-study-managing-cyber-security-as-business-risk.jsp?ecd_dbres_cyber_insurance_study_ponemon_referral Shelf Number: 129646 Keywords: Crimes Against BusinessesCyber-SecurityCybercrime (International)Internet CrimeRisk Management |
Author: Cortes, Carlos Title: Communications Surveillance in Colombia: The Chasm between Technological Capacity and the Legal Framework Summary: Last year, media outlets revealed that the National Police of Colombia would operationalize the Single Platform for Monitoring and Analysis (Plataforma Uinica de Monitoreo y Anailisis, or PUMA), through which it would be able to intercept "what is spoken, written or sent from e-mails, Facebook, Twitter, Line, Viber, Skype, and, in short, any type of communication undertaken via the internet." More recently, last February, Semana magazine revealed that the military was reviewing e-mails and chats of those involved in the peace talks in Havana, Cuba. In both cases, the government put its spin on the news. In the first case, the government presented PUMA as nothing more than the replacement of an older system, and stressed that it would be subject to legal controls. In the second, the Colombian president quickly announced the formation of a commission to develop the country's policy on cybersecurity and cyberdefense. Nonetheless, the underlying issues remain unsolved. What is, in the end, the technical capacity of PUMA? Is it possible to review anyone's e-mails? Can the military access someone's chat history? Is intercepting a phone call the same thing as intercepting internet traffic? Although new scandals regarding state intelligence emerge periodically in Colombia, the state never clarifies how intelligence works in practice or what controls exist for its exercise. Meanwhile, as time moves on, intelligence schemes grow more sophisticated along with our cell phones and computers. An analog rotary-dial telephone is as obsolete as "crocodile cables" used to intercept calls. Nonetheless, as the market facilitates the process of obsolescence and the incorporation of new massive technologies, it tells us little about the devices that are simultaneously developed to monitor individuals. Technological changes tend to alter long-established assumptions regarding the reach of specific rights. Privacy is arguably the right that faces the most challenges in the digital environment. Yet regulatory and jurisprudential lacunae persist in terms of how technology affects the exercise of fundamental rights. The cases of PUMA and the military's spying on peace negotiators occurred soon after Colombia's adoption of its new Intelligence Law, which, in theory, corrects previous irregularities and aligns with modern surveillance. But is this truly the case? Do we have a regulation that preserves national security without compromising citizens' privacy and freedom of expression, among other rights? The goal of this book is to examine the Colombian legal and jurisprudential framework regarding communications surveillance in light of today's technologies. Phrased in the form of a hypothesis, the purpose is to demonstrate how intelligence-related laws and jurisprudence fail to ensure that potentially affected rights remain intact. To test this hypothesis, I address several aspects of the country's Intelligence Law that I selected somewhat arbitrarily: the interception of communications, surveillance of the electromagnetic spectrum, and access to user data. This last point, which alone merits its own study, is developed as a complement to the first two. The book is divided as follows: The first chapter explains, from a technical point of view, the technologies that we use to communicate and that are used to monitor us. The second chapter explores the normative framework for communications surveillance. The third offers a comparative look at communications interception. Finally, the fourth chapter synthesizes the findings of the first three chapters in an effort to offer several conclusions. Details: Bogota: Centro de Estudios de Derecho, Justicia y Sociedad, 2015. 46p. Source: Internet Resource: Working Paper 3: Accessed May 23, 2015 at: http://www.dejusticia.org/files/r2_actividades_recursos/fi_name_recurso.683.pdf Year: 2015 Country: Colombia URL: http://www.dejusticia.org/files/r2_actividades_recursos/fi_name_recurso.683.pdf Shelf Number: 135766 Keywords: CommunicationsCyber-securityIntelligence GatheringNational SecurityPrivacySurveillance |