The Visio Journal: Volume 3 Posted by Visio institut in Knjige, Pravni red, Tehnologija 20 Dec 2018 Purchasing a print copy of The Visio Journal Obtaining permissions EDITOR’S NOTEBy Tanja Porčnik* In the highly-digitalized modern world of the 21st century, the citizens, private sector, and government alike face a growing challenge of securing cyberspace. Cyber threats and attacks pose as one of the newest and ever-growing security issues. On the one hand, they are faced with swiftly developing technologies, digitalization of communication and spread of social networks; while on the other, aiming to confront a threat to individual rights by the erosion of security and invasion of privacy being attacked by not only terrorists and criminals but also by state actors. Cyber threats range from the attacks on the integrity of individual information systems and international state-to-state engagement in cyberwarfare to more recently prevalent data breaches and manipulation of expectations and common understandings in the society. These cyber-attacks are not reserved to the authoritarian regimes, but they have lately become increasingly associated also with democracies where the rogue actors seem to thrive the most. In response, governments are putting in place policies to enable active defense and making sure computer technologies they use and the skills of those using them are up to speed on cybersecurity. At the same time, as Mee and Morgan (2017) layout, to become proficient in repelling cyber attacks private sector is engaging in protective steps on its own by quantifying cyber risk concerning capital and earnings at risk; anchoring cyber risk governance through risk appetite; ensure the effectiveness of independent cyber risk oversight using specialized skills; mapping and testing controls; and developing and exercising incident management playbooks. Similarly, private individuals are finding ways to become more resilient to cybercrime, mostly by rigorously installing security software on the computers or divides they use as well as being knowledgeable about cybersecurity risks and mitigations. Malware and viruses are not putting at risk only the individual’s financial standing, but also privacy. The latter, once lost, is almost impossible to regain. This issue of The Visio Journal offers papers analyzing the intersection between protection of citizen’s rights to both privacy and safety in cyberspace to offer informed and comprehensive solutions for better protection of citizen’s rights. The contributions in the third issue of the journal were presented at the IX. Liberal Colloquium, “The Future of Europe: Security and Privacy in Cyberspace,” held in Tallinn, Estonia, November 30 – December 1, 2018. It was a pleasure for Visio institut to partner with the Academy of Liberalism at this conference, which brought together participants from Poland, Romania, the United Kingdom, India, Croatia, Estonia, Germany, the Czech Republic, and Slovenia. Finally, I would like to recognize the generous contribution of the Friedrich-Naumann-Foundation for Freedom for supporting the journal that is before you. * Tanja Porčnik is President of the Visio Institute. Porčnik is coauthor of the Human Freedom Index. Mee, Paul, and James Morgan. 2017. “Deploying a Cyber Strategy – Five Moves Beyond Regulatory Compliance.” In MMC Cyber Handbook 2018 – Perspectives on the Next Wave of Cyber. Marsh & McLennan. Pandora’s Botnet – Cybercrime as a Persistent Systemic ThreatBy Alexandru Georgescu* ABSTRACTThe utopian fantasies projected onto the rapidly evolving cyberspace have given way to the realities of the assertion of age-old human instincts, clothed in new technology. New risks, vulnerabilities and threats are manifested in a complex security environment, where cyber-criminals are carving out their ecological niches, catering not only to the profit motive, but also to new ideologies, and frequently staying one step ahead of the capabilities of their victims or the traditional suppliers of security, the state. Their abilities, in a space which is a great multiplier of power, put them on par with groups or even states and their actions serve to undermine not only the consumer web but also the developing infrastructures of e-governance. * Alexandru Georgescu is Research Assistant with the Department of Cybersecurity and Critical Infrastructure Protection of the National Institute for Research and Development in Informatics, Bucharest. Georgescu holds a PhD in Critical Infrastructure Protection (school of Industrial Engineering) from the Polyethnic University of Bucharest, Romania. The European Union Effective System of Sanctions Against CyberattacksBy Andrzej Kozlowski* ABSTRACTLast days the European Union leaders discussed potential sanctions to deter cyberattacks. However, they did not provide any details. The European Union is not the first political organization, which engages in debate on such a topic. Others like the United Kingdom and particularly the United States have used a variety of means to deter cyberattacks and punish the assailantsThe paper aims to present the potential tools, which the EU could use to deter cyberaggression and later analyze the potential consequences of using them. What is more, the obstacles organization could meet will be presented and finally the evaluation of the effectiveness of these measures and the probability of using them. This analysis will be done to answer the central question: how to create a system of punishing for a cyberattack. The analysis will be done basing on the experience of other countries, especially the case of the United States. However, the situation with the EU looks different, because it is a political organization, which consists of 28 members. * Andrzej Kozłowski is the editor-in-chief of the biggest portal on cybersecurity and information warfare in Poland: Cyberdefence24.pl. He is also a lecturer at the University of Lodz, Collegium Civitas in Warsaw and European Academy of Diplomacy; and a security expert at the Pulaski Foundation and the Warsaw Institute for Strategic Initiatives. The Encryption Paradox: Examining Bottlenecks in Devising Policy ResponsesBy Anushka Kaushik* ABSTRACTThis paper aims to examine the hindrances to formulating policies on the use of encrypted communication including the fundamental contradiction between the interests of the government and manufacturers or companies aiming to build the most secure software. By using the concept of encryption workarounds, defined by Kerr and Schneier (2017), as lawful efforts undertaken by governments to reveal unencrypted plaintext of a target’s data, this paper will highlight the intractable path to developing policy responses at the regional and domestic level. Analysing these bottlenecks that significantly slow down policy formulation will pave the way for a better understanding of the approach that governments should adopt in mitigating technology-driven insecurity. This research effort will be augmented by reflecting on select past examples of governments seeking third-party assistance to decrypt information for the purposes of stemming future criminal or terrorist activity. * Anushka Kaushik is Research Fellow, GLOBSEC Policy Institute, Bratislava. The Political Culture in The Cyberspace. Profiling the Cyber Security By Cosmina Moghior* ABSTRACTConcepts like cyberspace, cyber security, and cyber war are increasingly raised either in media, public discourses or in everyday life. The main reason is likely the high interconnection of cyber-space with the physical space, our daily life. We live a double life, one in the virtual space and the other in the physical one. What is the role of the state in this constellation? Are the characteristics of a state influencing the level of cyber security? This article aims to identify some of the factors impacting the cyberspace, present the approaches on cyberspace in the selected countries, effectuate the preliminary analyses of the selected data, and provide the individual interpretation of the results, correlations, and graphics. * Cosmina Moghior holds a master’s degree in Security and Diplomacy from the National University of Political Studies and Public Administration, Romania. Cybersecurity in Banking and Payments in the United KingdomBy Gordon Kerr* ABSTRACTDespite the banking industry’s excellent level of cybersecurity protections for itself, the UK public, media and Parliament appear unaware of the security weaknesses in the UK’s payments architecture which has encouraged a new push button fraud trend. Banks claim that solutions are imminent, but meanwhile do little to protect customers. Manned help desks could easily be provided. A combination of factors has resulted in this state of affairs. On one level this is a variant on the too big to manage diagnosis of root problems of the global financial crisis – banks are giant businesses often comprised of an array of legacy systems which are not well understood by regulators or even their managers. At another level, there is the cost issue. Better to suppress the concerns in public today whilst a huge and publicly funded overhaul of the architecture takes place than risk making interim changes to systems and protocols which could saddle banks with liability for fraud losses which they are presently successfully imposing on innocent retail customers. Statements made by banks and their regulators on all aspects of this security issue are unreliable. How has this come to pass? The relationships between the key stakeholders and the regulator are simply too close and stakeholder banks are in control of all aspects. * Gordon Alexander Kerr is an investment banker, financial markets expert and founder of the British financial think tank Cobden Partners. Balancing Privacy and Security in a Multistakeholder Environment. ICANN, WHOIS and GDPRBy Joanna Kulesza* The chapter covers the perplexities of the internet governance multistakeholder model, its meaning and implications. While relying on the well-established reference to three principal groups of stakeholders (states, business, civil society), the chapter includes discussion on different approaches to internet governance and reflects on arguments against the current model of setting standards and norms for cyberspace. It contrasts the existing model of governance with challenges posed by international cybersecurity and protecting human rights online. The case study example focuses on the most recent challenges posed to the multistakeholder model by the European Union’s General Data Protection Regulation (GDPR) and its implementation by non-European legal persons operating on Europeans’ data. The analysis is focused on the Internet Corporation for Assigned Names and Numbers (ICANN) – a non-profit based in California, managing core internet resources, including the Internet Protocol (IP) and the Domain Name System (DNS). It concludes with a summary of perspectives for future development of multistakeholderism, referring to contemporary trends in meta-governance. * Joanna Kulesza, PhD is an assistant professor of international law and internet governance at the University of Lodz, Poland. She is also a Scientific Committee member of EU Fundamental Rights Agency (FRA) and represents European internet users within the At-Large Advisory Committee of the Internet Corporation for Assigned Names and Numbers (ICANN). Views expressed herein are her own. Binary-Coded Self, Society and State. From Bridging Homepages to Bordering HomelandsBy Octavian-Dragomir Jora* The development of cyberspace is leading to a massive increase in the number and complexity of interactions among inhabitants, generating new sources of profit, power, social capital and conflict. Despite the apparent suspension of scarcity online and of the subsequent need for proprietary limits, cyberspace fuels cooperation and competition, defining our species as well as defying our sociality. States are struggling to adapt to these evolutions by conceptualizing them in accordance with their preferred mental modes and instruments, setting borders, jurisdictions and spheres of influence. While cyberspace has not proved amenable so far, these efforts will impact cyber-governance, both in and among nations, in ways that will boost state powers and tighten the scope of freedoms online. * Octavian-Dragomir Jora is Associate Professor, Ph.D., at the Bucharest University of Economic Studies and the founder and editor-in-chief of The Market for Ideas magazine. Copyright © 2018 by Visio institut. All rights reserved. No part of this journal may be reproduced in any manner whatsoever without written permission except in the case of brief quotations embodied in critical articles and reviews. The authors of this publication have worked independently and opinions expressed by them are, therefore, their own and do not necessarily reflect the views of the supporters or staff of the Visio Institute. This publication in no way implies that the Visio Institute or its staff are in favor of, or oppose the passage of, any bill; or that they support or oppose any political alliance, party, or candidate. PURCHASING a print copy of THE VISIO JOURNAL: The price of a single copy of The Visio Journal is 9 euro. For order, kindly contact us at info@visio-institut.org. OBTAINING PERMISSIONS: To obtain permission to reproduce or reuse text or images from our journals, kindly contact us at info@visio-institut.org. The-Visio-Journal-3 no comments
