发布求助
文献互助 智能选刊 最新文献

Applied Cybersecurity & Internet Governance最新文献

筛选
英文 中文
The Use of Cyber Tools by the Russian Military: Lessons from the War against Ukraine and a Warning for NATO? 俄罗斯军方使用网络工具:对乌克兰战争的教训和对北约的警告?
Applied Cybersecurity & Internet Governance Pub Date : 2024-07-08 DOI: 10.60097/acig/190142
Marina Miron, Rod Thornton
{"title":"The Use of Cyber Tools by the Russian Military: Lessons from the War against Ukraine and a Warning for NATO?","authors":"Marina Miron, Rod Thornton","doi":"10.60097/acig/190142","DOIUrl":"https://doi.org/10.60097/acig/190142","url":null,"abstract":"This article examines the Russian military’s Information\u0000Warfare (IW) activities. The particular focus here is on the use by this\u0000military of operations in cyberspace as a strategic force-multiplier.\u0000It seeks to shed light on why such operations are so important to\u0000this military and what goals it hopes to achieve through their use.\u0000In particular, this article highlights the role played by what Russian\u0000analysts refer to as cyber-psychological and cyber-technical opera-\u0000tions. Having established the background to the Russian military’s\u0000IW thinking, this article then goes on to examine the application of\u0000its cyberspace operations against Ukraine: both before the 2022\u0000invasion and as part of it. It is from this examination of the cyber-\u0000attacks conducted against Ukraine that a better understanding of\u0000the potential of Russian IW can be generated. As such, lessons can\u0000be drawn from this conflict as to how, in the future, the Russian\u0000military might employ IW specifically against NATO states as part\u0000of a major kinetic confrontation. But, as this article notes, drawing\u0000lessons as to the actual strength of Russian IW capabilities from the\u0000Ukraine conflict may be a flawed process. It may be the case that\u0000the Russian military might not have shown its true cyber hand in\u0000Ukraine. It may be saving its best cyber tools for any future conflict\u0000with NATO itself.","PeriodicalId":123092,"journal":{"name":"Applied Cybersecurity & Internet Governance","volume":" February","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141669887","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Denmark’s Sector Responsibility Principle: A Tedious Cyber Resilience Strategy 丹麦的部门责任原则:乏味的网络复原力战略
Applied Cybersecurity & Internet Governance Pub Date : 2024-07-05 DOI: 10.60097/acig/190789
M. Jensen
{"title":"Denmark’s Sector Responsibility Principle: A Tedious Cyber Resilience Strategy","authors":"M. Jensen","doi":"10.60097/acig/190789","DOIUrl":"https://doi.org/10.60097/acig/190789","url":null,"abstract":"In 2014, Denmark launched its first national strategy for cyber resilience of critical infrastructure (CI). The ‘National Cyber and Information Security Strategy’ and its two subsequent successors from 2018 and 2022 follow the Sector Responsibility Principle (SRP). According to the principle, the state distributes the task of achieving and maintaining societal resilience to individual sectors, for example, health, energy supply, or finance, while maintaining central oversight and responsibility for implementation. Denmark is not alone in taking this approach: in fact, all the Nordic countries\u0000have applied some version of SRP. Danish governments have over the last decade taken significant steps to implement and facilitate societal cyber resilience through development of institutions, strategies, legal measures, and public-private partnerships (PPP). That said, Danish governments have gone less far than, for example, Finland’s to take measures to achieve efficacy, and significant weaknesses are still left to be addressed. The article outlines the principles behind SRP and, using mainly Danish examples, demonstrates why implementation of SRP is both legally, organisationally, and echnically difficult but also politically ‘unpleasant’. Resilience is desirable but also a tedious chore. An inherent risk with SRP at both strategic, political level and individual private or public entity level are incentives to strive for legal compliance, rather than operational efficacy and act more according to a ‘sector responsibility avoidance principle’. In that light, the article outlines how the SRP has been implemented in Denmark so far, along with examples of both what drives the effort and challenges to successful SRP implementation.","PeriodicalId":123092,"journal":{"name":"Applied Cybersecurity & Internet Governance","volume":" 44","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-07-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141675909","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Understanding Estonia’s Cyber Support for Ukraine: Building Resilience, Not Status 了解爱沙尼亚对乌克兰的网络支持:建设复原力,而非地位
Applied Cybersecurity & Internet Governance Pub Date : 2024-07-05 DOI: 10.60097/acig/190396
Matthew Crandall
{"title":"Understanding Estonia’s Cyber Support for Ukraine: Building Resilience, Not Status","authors":"Matthew Crandall","doi":"10.60097/acig/190396","DOIUrl":"https://doi.org/10.60097/acig/190396","url":null,"abstract":"This article explores Estonia’s cyber support for Ukraine\u0000following Russia’s invasion in February 2022. Despite its small size,\u0000Estonia has significant cyber expertise and has played a pivotal\u0000role in safeguarding Ukrainian digital infrastructure and provid-\u0000ing cybersecurity support. While Estonian cyber contributions to\u0000Ukraine are significant, it initially did not seek or receive interna-\u0000tional attention. Estonia is typically vocal in promoting its cyberse-\u0000curity and e-governance expertise. This article aims to first explore\u0000the impact of Estonia’s cyber support for Ukraine. Second, it aims\u0000to understand why Estonia did not try to use this support to bolster\u0000its status as a cyber authority. To do this, Estonia’s cyber support\u0000is analysed and put into the proper geopolitical context. Interviews\u0000with high-ranking Estonian officials were conducted and an analysis\u0000of policy output was performed. This article finds that the impor-\u0000tance of cybersecurity assistance is not as critical as military assis-\u0000tance, which is one reason why Estonia has not (yet) used its cyber\u0000assistance as a status opportunity. Although cybersecurity support\u0000may be considered secondary to military support, the significance\u0000of Estonia’s cybersecurity assistance should not be overlooked.\u0000Although Estonia did not pursue status initially, there are some\u0000signs that this is beginning to change and Estonia is recognised for\u0000its cyber expertise.","PeriodicalId":123092,"journal":{"name":"Applied Cybersecurity & Internet Governance","volume":" 9","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-07-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141673600","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Moscow and the World: From Soviet Active Measures to Russian Information Warfare 莫斯科与世界:从苏联的积极措施到俄罗斯的信息战
Applied Cybersecurity & Internet Governance Pub Date : 2024-04-18 DOI: 10.60097/acig/162742
R. Kanet
{"title":"Moscow and the World: From Soviet Active Measures to Russian Information Warfare","authors":"R. Kanet","doi":"10.60097/acig/162742","DOIUrl":"https://doi.org/10.60097/acig/162742","url":null,"abstract":"Russia under Vladimir Putin has expanded and moved rapidly to improve its ability to employ “disinformation,” or “information warfare,” as an effective instrument to help it to accomplish its specific foreign policy objectives. Although it has only been since direct Russian involvement in the U.S. presidential election of 2016 that this has been an issue of major public political concern in the United States, a flood of research on this topic has now begun to appear. Despite many years of preparation for cyber conflict against critical U.S. infrastructure and military forces, the U.S. government and cybersecurity industry were unprepared for Russian information operations targeting the 2016 U.S. presidential election. It is clear, however, that the Russian propaganda/disinformation activities in the U.S. are but one part of a policy targeted virtually everywhere across the entire world and that this policy builds upon the earlier propaganda and disinformation activities of Russia’s predecessor state, the USSR. In the present essay, we intend to track the reemergence and development of the information warfare and disinformation component of Russian policy under President Putin, including its largely successful attempt to reintegrate the components of the former Soviet Union and its deep roots in Soviet “active measures,” up until the invasion of Ukraine, when it expanded exponentially. We shall also track the areas of the world targeted, and the increasing breadth of its target audiences and the issues covered.","PeriodicalId":123092,"journal":{"name":"Applied Cybersecurity & Internet Governance","volume":" 21","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140688381","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Examining Supply Chain Risks in Autonomous Weapon Systems and Artificial Intelligence 研究自主武器系统和人工智能的供应链风险
Applied Cybersecurity & Internet Governance Pub Date : 2023-12-28 DOI: 10.60097/acig/162874
Austin Wyatt
{"title":"Examining Supply Chain Risks in Autonomous Weapon Systems and Artificial Intelligence","authors":"Austin Wyatt","doi":"10.60097/acig/162874","DOIUrl":"https://doi.org/10.60097/acig/162874","url":null,"abstract":"The development of increasingly AI-enabled autonomous systems and other military applications of Artificial Intelligence (AI) have been recognised as emergent major military innovations. In the absence of an effective and enforceable ban on their development and/or usage arising from the Group of Governmental Experts on Lethal Autonomous Weapon Systems (LAWS), it is likely that such systems will continue to be development. Amongst the legal, ethical, practical, and strategic concerns raised by the emergence of such systems, it is important not to lose sight of the risks involved in relying on a high-manufactured system in place of a human. This places additional strains and importance on securing diverse, complex, and over cross-jurisdictional supply chains. This article focuses on the vulnerability of and the risks to the integrity and security of the supply chains responsible for producing AI-enabled autonomous military systems.","PeriodicalId":123092,"journal":{"name":"Applied Cybersecurity & Internet Governance","volume":"25 4","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-12-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139150090","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Structured Field Coding and its Applications to National Risk and Cybersecurity Assessments 结构化现场编码及其在国家风险和网络安全评估中的应用
Applied Cybersecurity & Internet Governance Pub Date : 2023-12-28 DOI: 10.60097/acig/162857
William H. Dutton, R. Shillair, Louise Axon, Carolin Weisser
{"title":"Structured Field Coding and its Applications to National Risk and Cybersecurity Assessments","authors":"William H. Dutton, R. Shillair, Louise Axon, Carolin Weisser","doi":"10.60097/acig/162857","DOIUrl":"https://doi.org/10.60097/acig/162857","url":null,"abstract":"Data on cybersecurity capacity building efforts is critical to improving cybersecurity at national levels. Policy should be informed not only by measures that allow internal assessment of strengths and weaknesses that enable cross-national comparisons. The International Telecommunications Union (ITU) and its Global Cybersecurity Index (GCI) has used a standardized survey that has been adapted and used in multiple national assessments by the Global Cyber Security Capacity Centre. This adaptation includes an addition of open field coding assessments that rely heavily on trained experts and interactions with national focus groups. These assessments are checked using multiple coders to increase reliability and reduce bias. This process of ‘structured field coding’ (SFC) is an approach to collecting and coding observations based on multiple methods, quantitative as well as qualitative. This approach differs from open field coding in providing a set structure for coding observations from the field based on established frameworks for assessment. The SFC process is explained along with a discussion of the origin and the advantages and limitations of this methodological approach. It can be used in a variety of studies but is presented here as a means to integrate data for cross-national comparative analyses. Its application to improving the reliability and validity of data collection across a region, such as the EU, would help stakeholders evaluate where they should invest resources to improve their cybersecurity capacity.","PeriodicalId":123092,"journal":{"name":"Applied Cybersecurity & Internet Governance","volume":"31 40","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-12-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139148172","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Guerre à la Carte: Cyber, Information, Cognitive Warfare and the Metaverse Guerre à la Carte:网络战、信息战、认知战和元宇宙
Applied Cybersecurity & Internet Governance Pub Date : 2023-12-28 DOI: 10.60097/acig/162861
Marco Marsili
{"title":"Guerre à la Carte: Cyber, Information, Cognitive Warfare and the Metaverse","authors":"Marco Marsili","doi":"10.60097/acig/162861","DOIUrl":"https://doi.org/10.60097/acig/162861","url":null,"abstract":"Hybrid warfare is currently among the most trending topics. Hybrid threats arise in digital, cybernetic, and virtual environments and materialise in the real world. Despite being a somewhat vague term, hybrid activities include cyberwarfare, information warfare, and the emerging and evolving concept of cognitive warfare which appears from their intersection. These buzzwords gained popular attention in the context of the Russo- -Ukrainian conflict and such terms are now in vogue. Even though these topics are in the spotlight, there is also widespread confusion about what exactly these usages mean and what the implications are in branding them as “warfare”. Indeed, all these concepts are fluid, nebulous, and lack an undisputed legal definition. This article aims to clarify their meaning and to shed light on the characteristics of such terms – differences, similarities and overlaps – in the context of hybrid warfare and show the faulty reasoning upon which misunderstandings are based. The paper concludes with a glimpse into the future, closing with a reflection on multi-domain operations facilitated by a fully integrated human- -computer interaction in the metaverse, where physical reality is merged and interacts with digital virtuality.","PeriodicalId":123092,"journal":{"name":"Applied Cybersecurity & Internet Governance","volume":"46 5","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-12-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139150565","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Creating a Repeatable Nontechnical Skills Curriculum for the University of Southern Maine (USM) Cybersecurity Ambassador Program (CAP) 为南缅因州大学(USM)网络安全大使计划(CAP)创建可重复的非技术技能课程
Applied Cybersecurity & Internet Governance Pub Date : 2023-12-28 DOI: 10.60097/acig/162858
Lori L. Sussman, Zachary Leavitt
{"title":"Creating a Repeatable Nontechnical Skills Curriculum for the University of Southern Maine (USM) Cybersecurity Ambassador Program (CAP)","authors":"Lori L. Sussman, Zachary Leavitt","doi":"10.60097/acig/162858","DOIUrl":"https://doi.org/10.60097/acig/162858","url":null,"abstract":"The workforce demand for skilled cybersecurity talent has exceeded its supply for years. Historically, the pedagogical approach was to identify and create curricula for the most in-demand technical knowledge, skills, and abilities (KSAs). Unfortunately, the field has tended to neglect nontechnical counterparts. However, recent literature suggests a core set of nontechnical KSAs that employers seek after. This study explored the codification of a nontechnical curriculum for a cybersecurity internship program at the University of Southern Maine (USM). The USM faculty created the Cybersecurity Ambassador Program that can serve students and the community. The service to students is to make them more attractive to employers. The benefit to the community is to provide cybersecurity awareness training to vulnerable populations. This discussion about the USM CAP serves as a case study for other programs considering this type of enrichment using an internship model. CAP started as an informal program, but this research used objective data to create repeatable blueprints. The researchers designed these lesson plans to help students progress from novices to competent in crucial nontechnical skills delineated in the National Initiative for Cybersecurity Education (NICE) Workforce framework. The team used a mixed methods approach to baseline Tier 1/novice students’ skill levels, place them in a cybersecurity enrichment program, track their progress, and determine program efficacy in helping them achieve beginner status. The information shared can serve as a point of departure for a case study that might guide other programs interested in doing similar work.","PeriodicalId":123092,"journal":{"name":"Applied Cybersecurity & Internet Governance","volume":"55 3","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-12-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139151124","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Regulating Deep Fakes in the Artificial Intelligence Act 人工智能法》对深度造假进行监管
Applied Cybersecurity & Internet Governance Pub Date : 2023-12-28 DOI: 10.60097/acig/162856
Mateusz Łabuz
{"title":"Regulating Deep Fakes in the Artificial Intelligence Act","authors":"Mateusz Łabuz","doi":"10.60097/acig/162856","DOIUrl":"https://doi.org/10.60097/acig/162856","url":null,"abstract":"The Artificial Intelligence Act (AI Act) may be a milestone in the regulation of artificial intelligence by the European Union. The regulatory framework proposed by the European Commission has the potential to serve as a global benchmark and strengthen the position of the EU as one of the main players on the technology market. One of the components of the draft regulation are the provisions on deep fakes, which include a relevant definition, risk category classification and transparency obligations. Deep fakes rightly arouse controversy and are a complex phenomenon. When leveraged for negative purposes, they significantly increase the risk of political manipulation, and at the same time contribute to disinformation, undermining trust in information and the media. The AI Act may strengthen the protection of citizens against some of the negative consequences of misusing deep fakes, although the impact of the regulatory framework in its current form will be limited due to the specificity of their creation and dissemination. The effectiveness of the provisions will depend not only on enforcement capabilities, but also on the precision of phrasing provisions to prevent misinterpretation and deliberate abuse of exceptions. At the same time, the AI Act will not cover a significant portion of deep fakes, which, due to the malicious intentions of their creators, will not be subject to the transparency obligations. This study analyses provisions related to deep fakes in the AI Act and proposes improvements that will take into account the specificity of this phenomenon to a greater extent.","PeriodicalId":123092,"journal":{"name":"Applied Cybersecurity & Internet Governance","volume":"84 4","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-12-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139151853","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Tell Me Where You Live and I Will Tell Your P@Ssw0rd: Understanding the Macrosocial Variables Influencing Password’s Strength 告诉我你住在哪里,我会告诉你的密码:了解影响密码强度的宏观社会变量
Applied Cybersecurity & Internet Governance Pub Date : 2023-12-28 DOI: 10.60097/acig/162863
Andréanne Bergeron
{"title":"Tell Me Where You Live and I Will Tell Your P@Ssw0rd: Understanding the Macrosocial Variables Influencing Password’s Strength","authors":"Andréanne Bergeron","doi":"10.60097/acig/162863","DOIUrl":"https://doi.org/10.60097/acig/162863","url":null,"abstract":"Users’ habits in relation to cybersecurity are frequently examined from the micro perspective, using survey results to obtain impactful variables from individuals, focusing on usability and security factors of passwords. In this paper, the influence of macrosocial factors on password strength is studied in order to offer a global comprehension of the influence of the environment on users. Using the list of the 200 most common passwords by countries released by NordPass in 2021, logistic regression has been used to predict macrosocial variable influencing password strength. Results show that (1) Literacy level of a population; (2) Voice and accountability; (3) Level of global cybersecurity; and (4) Level of data breaches exposure significantly predict users’ password strength performance. The author discusses the impact of government on password hygiene of users hoping to influence the development of policies around cyber security configurations and investment set by nations and institutions.","PeriodicalId":123092,"journal":{"name":"Applied Cybersecurity & Internet Governance","volume":"22 47","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-12-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139148411","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信