Suchergebnisse

The research will find out feature-based functionalities concerning the national cybersecurity system HAVARO and how the system is possible to implement to the EU level early warning system. The research based on interviews, official materials concerning the HAVARO information sharing system, scientific literature and other official published documents. The European level decision-makers have recognized that lack of cooperation between EU member countries effects to completely public safety atmosphere. The only problem does not consist of separate operational functions and procedures between national Cyber situation centers. One main problem is that the European Union does not have a common cyber-ecosystem concerning intrusion detection systems for cyber-threats. The research will comprise a new database for the common Early Warning System concept. European EWS aims at delivering a security operations support tool enabling the members of the network to coordinate and share information in near real-time. Despite the development of the common EWS, partners can retain their fully independent management of cyber-sensitive information and related data management.

The revolution in information technology that began in the 1990s has been transforming Finland into an information society. Imaginative data processing and utilization, arising from the needs of citizens and the business community, are some of the most important elements in a thriving society. Information and know-how have become key 'commodities' in society, and they can be utilized all the more efficiently through information technology. For all nations, the information technology revolution quietly changed the way business and government operate, as well as the daily life of citizens. Our daily life, fundamental rights, social interactions and economies depend on information and communication technology working seamlessly. An open and free cyberspace has promoted political and social inclusion worldwide; it has broken down barriers between countries, communities and citizens, allowing interaction and sharing of information and ideas across the globe. Individuals, public and private organizations alike depend on the cyber world. From the citizens using social media, to banks growing their business, to law enforcement supporting national security – every sector of the society is increasingly dependent upon technology and networked systems. While the public sector, the economy and the business community as well as citizens benefit from globally networked services, the digital IT society contains inherent vulnerabilities which may generate security risks to citizens, the business community or the vital functions of society. Without sufficient awareness of the risks in cyber world, however, behavioral decisions and unseen threats can negatively impact the security of the critical infrastructure and can cause physical damage in the real world. On an individual level, what is at stake is the vulnerability of each individual user in cyber world. As the world grows more connected through cyber world, a highly skilled cyber security workforce is required to secure, protect, and defend national critical information infrastructure. Across the private and public sector organizations are looking for well-trained professionals to assess, design, develop, and implement cyber security solutions and strategies. While the demand for cyber security professionals is high, the supply is low. Meeting the growing demand for cyber security professionals begins in the education system. The most efficient custom to increase cyber security is the improvement of the know-how. The cyber security strategies and development plans require the improvement of the know-how of the citizens and actors of the economic life and public administration. Pursuant to Finland's Cyber Security Strategy (2013) "the implementation of cyber security R&D and education at different levels does not only strengthen national expertise, it also bolsters Finland as an information society." In this article are analyzed the cyber security research and education which is offered in Finland's universities and universities of applied sciences.

Threats in cyberspace can be classified in many ways. This is evident when you look at cyber security on a multinational level. One of the most common models is a threefold classification based on motivational factors. Most nations use this model as a foundation when creating a strategy to handle cyber security threats as it pertains to them. This paper will use the five level model: cyber activism, cybercrime, cyber espionage, cyber terrorism and cyber warfare. The National Cyber Security Strategy defines articulates the overall aim and objectives of the nation's cyber security policy and sets out the strategic priorities that the national government will pursue to achieve these objectives. The Cyber Security Strategy also describes the key objectives that will be undertaken through a comprehensive body of work across the nation to achieve these strategic priorities. Cyberspace underpins almost every facet of the national functions vital to society and provides critical support for areas like critical infrastructure, economy, public safety, and national security. National governments aim at making a substantial contribution to secure cyberspace and they have different focus areas in the cyber ecosystem. In this context the level of cyber security reached is the sum of all national and international measures taken to protect all activities in the cyber ecosystem. This paper will analyze the cyber security threats, vulnerabilities and cyber weaponry and the cyber security objectives of the Cyber Security Strategies made by Australia, Canada, Czech Republic, Estonia, Finland, Germany, the Netherlands, the United Kingdom and the United States.

Centralized hybrid emergency model with predictive emergency response functions is necessary when the purpose is to protect the critical infrastructure (CI). A shared common operational picture among Public Protection and Disaster Relief (PPDR) authorities means that a real-time communication link from the local level to the state-level exists. If a cyberattack would interrupt electricity transmission, telecommunication networks will discontinue operating. Cyberattack becomes physical in the urban and maritime area if an intrusion has not been detected. Hybrid threats require hybrid responses. The purpose of this qualitative research was to find out technological-related fundamental risks and challenges which are outside the official risk classification. The primary outcomes can be summarized so that there are crucial human-based factors that affect the whole cyber-ecosystem. Cybersecurity maturity, operational preparedness, and decision-making reliability are not separate parts of continuity management. If fundamental risk factors are not recognized, technical early warning solutions become useless. Therefore, decision-makers need reliable information for decision-making that does not expose them to hazards. One of the primary aims of hybrid influence is to change political decision-making. Practically, this means a need to rationalize organizational, administrative, and operative functions in public safety organizations. Trusted information sharing among decision-makers, intelligence authorities, and data protection authorities must be ensured by using Artificial Intelligence (AI) systems. In advanced design, protection of critical infrastructure would be ensured automatically as part of the cyber platform's functionalities where human-made decisions are also analyzed. Confidential information sharing to third parties becomes complicated when the weaknesses of crucial decision-making procedures have been recognized. Citizens' confidence in the intelligent system activities may strengthen because of the ...

This book gathers the latest research results of scientists from different countries who have made essential contributions to the novel analysis of cyber security. Addressing open problems in the cyber world, the book consists of two parts. Part I focuses on cyber operations as a new tool in global security policy, while Part II focuses on new cyber security technologies when building cyber power capabilities. The topics discussed include strategic perspectives on cyber security and cyber warfare, cyber security implementation, strategic communication, trusted computing, password cracking, systems security and network security among others.

Cyber security has become one of the biggest priorities for businesses and governments. Streamlining and strengthening strategic leadership are key aspects in making sure the cyber security vision is achieved. The strategic leadership of cyber security implies identifying and setting goals based on the protection of the digital operating environment. Furthermore, it implies coordinating actions and preparedness as well as managing extensive disruptions. The aim of this article is to define what is strategic leadership of cyber security and how it is implemented as part of the comprehensive security model in Finland. In terms of effective strategic leadership of cyber security, it is vital to identify structures that can respond to the operative requirements set by the environment. As a basis for national security development and preparedness, it is necessary to have a clear strategy level leadership model for crises management in disturbances in normal and in emergency conditions. In order to ensure cyber security and achieve the set strategic goals, society must be able to engage different parties and reconcile resources and courses of action as efficiently as possible. Cyber capability must be developed in the entire society, which calls for strategic coordination, management and executive capability. ; peerReviewed

Lisää oa-artikkeli, kun julkaistu. ; Cyber security has become one of the biggest priorities for businesses and governments. Streamlining and strengthening strategic leadership are key aspects in making sure the cyber security vision is achieved. The strategic leadership of cyber security implies identifying and setting goals based on the protection of the digital operating environment. Furthermore, it implies coordinating actions and preparedness as well as managing extensive disruptions. The aim of this article is to define what is strategic leadership of cyber security and how it is implemented as part of the comprehensive security model in Finland. In terms of effective strategic leadership of cyber security, it is vital to identify structures that can respond to the operative requirements set by the environment. As a basis for national security development and preparedness, it is necessary to have a clear strategy level leadership model for crises management in disturbances in normal and in emergency conditions. In order to ensure cyber security and achieve the set strategic goals, society must be able to engage different parties and reconcile resources and courses of action as efficiently as possible. Cyber capability must be developed in the entire society, which calls for strategic coordination, management and executive capability. ; Peer reviewed

Cyber warfare, information warfare, electronic warfare, command and control warfare, spectrum warfare. Those are only some of the names by which researchers and military experts describe their offensive and defensive non-kinetic actions. The reason for the diversity of the non-kinetic environment is the evolution of the military Electromagnetic Spectrum (EMS) and digital environment over 100 years. With the arrival of radio in the early 20th century, the militarization of the electronic operating environment began. The latest expansion is the formation of the cyber space. Also, the definitions vary significantly. There are differences between USA, Russia, China and NATO. Western countries talk about cyber space, while Russia and China talk about the information environment/space. A recent development in superpowers defense networks has been the integration of Electronic Warfare (EW), Information Warfare (IW) and Cyber Warfare (CW) systems designed to generate non-kinetic effects on intruders in partnership with the traditional use of kinetic weapons. The new capacities of armed forces create new possibilities, both the kinetic and non-kinetic use of force in battlespace. This paper addresses the non-kinetic battlespace elements Electronic Warfare, Information Warfare and Cyber Warfare and the operations in those environments, and which constitute a complete non-kinetic warfare environment (NKW). These advanced and new capabilities form a whole new non-kinetic environment in which they become a game changer in battle space. This paper argues that, although there is an overlap between Cyber Warfare, Information Warfare and Electronic Warfare, these three concepts are not totally analogous. In this paper we focus on EW, IW, CW definitions in the new man made non-kinetic environment and create a Non-Kinetic Warfare environment description and describe EW, IW, CW in the levels of warfare. ; peerReviewed

The Unmanned Aerial Vehicles (UAV) commonly known as drones are currently used in a wide range of operations such as border monitoring, aerial reconnaissance, traffic control and military interventions in armed conflicts. These aerial vehicles are expected to be reliable, automated and sometimes autonomous machines, albeit the human factor continues to play a crucial role in programming and control. At their genesis, drones were complex, large and reserved to an exclusive club of technologically advanced military powers. They tended to be used against technologically weak military targets. Developments in the price, size and sophistication of drones has now enabled almost anyone to purchase them. These contemporary machines are often small, and, with increasing usage of Artificial Intelligence (AI) has put them in the cost and usage range of almost any combatant. Therefore, there is a need to re-think strategies and tactics for their use. These 'mini-drones' rarely have the sophistication and capabilities of 'conventional' drones, but they do have the ability to provide an asset in large numbers and increasing capabilities. Although they might not have such attributes as the lifting capabilities of the larger models, they can be used economically and en masse and so have can have a different but equally effective outcomes. This paper examines the swarming and associated abilities to overwhelm a combatant as well as bring extra functionality by means of extra sensors spread throughout the swarm. Thus, sophisticated AI provides a swarm with various types of functionality to the drones: for instance, dummy/distraction drones, kinetic and non-kinetic attack drones, surveillance drones as well as drones that can be equipped with wireless access points and deployed to configure an ad-hoc flying network. This paper also examines UAV/drone categories and autonomy and also how autonomy and Swarm intelligence (SI) can be used to create efficiency for a variety of operation concepts. ; peerReviewed

The research will find out feature-based functionalities concerning the national cybersecurity system HAVARO and how the system is possible to implement to the EU level early warning system. The research based on interviews, official materials concerning the HAVARO information sharing system, scientific literature and other official published documents. The European level decision-makers have recognized that lack of cooperation between EU member countries effects to completely public safety atmosphere. The only problem does not consist of separate operational functions and procedures between national Cyber situation centers. One main problem is that the European Union does not have a common cyber-ecosystem concerning intrusion detection systems for cyber-threats. The research will comprise a new database for the common Early Warning System concept. European EWS aims at delivering a security operations support tool enabling the members of the network to coordinate and share information in near real-time. Despite the development of the common EWS, partners can retain their fully independent management of cyber-sensitive information and related data management. ; peerReviewed

Cyber security has become one of the biggest priorities for businesses and governments. Streamlining and strengthening strategic leadership are key aspects in making sure the cyber security vision is achieved. The strategic leadership of cyber security implies identifying and setting goals based on the protection of the digital operating environment. Furthermore, it implies coordinating actions and preparedness as well as managing extensive disruptions. The aim of this paper is to define what is strategic leadership of cyber security and how it is implemented as part of the comprehensive security model in Finland. The paper also asks (and answers) how the strategic leadership of cyber security must be organised. This paper provides proposals for managing strategic cyber security in society and public administration, for managing large disruptions in the cyber operating environment. Key data consists of different security-related strategies and instructions, existing research information, and interviews with public sector actors and experts of the field. In terms of effective strategic leadership of cyber security, it is vital to identify structures that can respond to the operative requirements set by the environment. As a basis for national development and preparedness, it is necessary to have a clear strategy level leadership model and situation awareness that supports management. They are also necessary for the management of serious, extensive disruptions in both normal and exceptional conditions of the cyber operating environment. The challenges of cyber security management are particularly prominent at the level of strategic leadership. In order to ensure cyber security and achieve the set strategic goals, society must be able to engage different parties and reconcile resources and courses of action as efficiently as possible. Cyber capability must be developed in the entire society, which calls for strategic coordination, management and executive capability. The goals presented in Finland's Cyber Security Strategy have guided the creation of strategic leadership models for cyber security. Alternative models for the strategic leadership of cyber security in Finland is presented in the paper. ; peerReviewed

There is fundamental need in EU-level to develop common alarm procedures and emergency response models with preventive functions which work well from local to national level and from national to international level. European Public Protection and Disaster Relief (PPDR) services such as law enforcement, firefighting, emergency medical and disaster recovery services have recognized that lack of interoperability of technical systems limits cooperation between the PPDR authorities. Also, the military (MIL) and critical infrastructure protection (CIP) faces similar challenges. Recent major accidents have indicated that lack of human resources affects to disaster recovery. PPDR-actors cannot start operations, if there is a human factor preventing the flow of information. Preventing a domino effect after a disaster may be delayed. There is a need to understand how public safety authorities can act in a preventive manner so that a potential accident or offense can be prevented in advance. This paper´s goal is to find out main factors which affect to implementing of the next generation hybrid emergency response system for critical infrastructure protection. Early detection of any threat and rapid response to neutralize the threat may help to save human lives and vital functions before any disaster occurs. By comparing present emergency response processes to the next generation Smart hybrid emergency process model, it can be found effects and factors which prevent to implement this architecture. For example, legislation, organizational changes, lack of using cyber dimension and emergency procedures effects to combine different kind of PPDR-functions. Cyber dimension as a part of situational awareness raises its value for the continuity management. For traditional purposes, PPDR services are being seen as separate physical operational functions. This study proposes to solve the problems of development needs through technical, organizational and structural alternatives. The main issue regarding dividing reliable decision support information to decision-makers is related to at which point in chain-reaction a human action is more harmful than useful. It has been seen in earlier empirical studies that human activities may prevent to manage functions of essential emergency response procedures during a disaster. It´s necessary to create emergency response model, that will be functionally capable and modern combining cyber and physical elements in a right proportion. ; peerReviewed

The goal of this study is to explore the components of defence strategies faced by society in its information environment, and how
these strategies are inter-related. This qualitative in-depth case study applied past research and empirical evidence to identify the
components of defence strategies in a society's information environment. The data collected was analysed using the Grounded Theory
approach and a conceptual framework with the components of defence strategies and the relationships between these components was
developed using the Grounded Theory. This study shows that the goal of politically and militarily hostile actors is to weaken society's
information environment, and that their operations are coordinated and carried out over a long time period. The data validates past
studies and reveals relationships between the components of defence strategies. These relationships increase confidence in the validity
of these components and their relationships, and expand the emerging theory. First, the data and findings showed 16 inter-connected
components of defence strategies. Second, they showed that the political, military, societal, power, and personal goals of the hostile actors carrying out cyber operations and cyber attacks are to weaken society's information environment. Third, they revealed that cyber
operations and cyber attacks against networks, information and infrastructures are coordinated operations, carried out over a long
time period. Finally, it was revealed that the actors defending society's information environment must rapidly change their own components of defence strategies and use the newest tools and methods for these components in networks, infrastructures and social media.

Security strategy work requires a definition for 'cyberspace'. This article discusses national definitions and analyses their contents. Defining what cyberspace is equals the exercise of political power. Therefore, it is important to discuss what the definitions mean in practice - whether cyberspace is seen as a restricted mathematical-technological domain or a social construction. Government publications highlight the technological aspect of cyberspace, whereas threats stem from human behaviour. For some, cyberspace is a primary operational environment for national security that must be protected with defensive and offensive military means. For others, cyberspace is primarily a digital civil society in which the free flow and usability of information and the identity and anonymity of citizens must be secured. Cyberspace can also be seen as a place for business, where material and immaterial products and services can be offered. The authors argue for the broad definition of cyberspace, incorporating both technological and social concepts. But cyberspace may never be comprehensively defined. If only a strictly technology-oriented approach is used to define cyberspace, many of its risks and problems cannot be addressed. Cyberspace allows the exercise of power; therefore, its definition should not be reduced to pure technology.

Objectives: The goal of this study is to explore the components of defence strategies faced by society in its information environment, and how these strategies are inter-related. Methods: This qualitative in-depth case study applied past research and empirical evidence to identify the components of defence strategies in a society's information environment. The collected data were analysed using the Grounded Theory approach and a conceptual framework with the components of defence strategies and the relationships between these components being developed using the Grounded Theory. Results: This study shows that the goal of politically and militarily hostile actors is to weaken society's information environment, and that their operations are coordinated and carried out over a long time period. The data validate past studies and reveal relationships between the components of defence strategies. These relationships increase the confidence in the validity of these components and their relationships, and expand the emerging theory. Conclusions: First, the data and findings showed 16 inter-connected components of defence strategies. Second, they showed that the political, military, societal, power, and personal goals of the hostile actors carrying out cyber operations and cyber attacks are to weaken society's information environment. Third, they revealed that cyber operations and cyber attacks against networks, information and infrastructures are coordinated operations, carried out over a long time period. Finally, it was revealed that the actors defending society's information environment must rapidly change their own components of defence strategies and use the newest tools and methods for these components in networks, infrastructures and social media. ; peerReviewed