digitalWorld
11/07/2022
Cybersecurity: A model of cooperation
The degree of seriousness that we attribute to cyber threats is a matter of perspective, experience, interaction and awareness. Seeing them as a criminal action, a terrorist act or a hybrid of both constitutes an important subject of debate. Solving this dilemma helps to define our perception of those responsible for cyber attacks and to decide the punishment that their actions deserve.
It is an issue that concerns the police, prosecutors, defense attorneys and the judiciary. Cooperation in cybersecurity in order to minimize the impact of an attack. The purpose of the cooperation model is to offer institutional mechanisms to prevent or, at least, minimize the damage that comes with the threat of a cyber attack and a real attack.
In this sense, some potential targets of cyberattacks have the strong interest and ability to minimize the threat. However, retrospective analysis of how they fail to join forces presents a disconcerting picture; a scenario that, in a nutshell, reflects an unwillingness, stemming from multiple reasons, to recognize the benefits of a unified response to cyberattacks.
Given the persistent, determined and tireless efforts of those responsible for cyberterrorism or cyberattacks, not adopting a cooperative model as a matter of course is as remarkable as it is worrying.
Contextualizing a problem is important in determining what resources are dedicated to countering, mitigating, and minimizing threats. Similarly, in order to specify the applicable operational measures against the perpetrator(s) responsible for a particular attack, it is important to decide to resolve the terrorism-criminal-hybrid dilemma.
In any case, as important as this debate is, it will not be the one that occupies this chapter, whose main topic is, as the title indicates, cooperation in cybersecurity in order to minimize the impact of attacks. As we will see, cooperation raises reluctance in several areas; reservations that, in some cases, are legitimate and that must be addressed and receive a convincing response.
The impact of cybercriminals is increased by the inability of their potential targets to recognize the advantages of adopting a cooperative model.
What are cyber attacks?
We define cyber attacks as "the deliberate and perverse use of technology for the purpose of harming people, communities, institutions and governments." Although this proposed definition may be subject to disagreement, it is assumed that there is broad consensus regarding what constitutes "harm", regardless of whether or not an attack has been successful.
For an action in cyberspace to be effective, it is neither necessary for it to be an attack nor for it to be successful. Given the pervasiveness of cyberspace, the mere fear of such an attack causes us, individually and collectively, to devote a significant amount of resources, time, and energy to minimizing its potential impact.
Much like counter-terrorism policy, significant measures are devoted both to preventing an attack and, when one occurs, to responding to its impact and consequences. We are asked the following questions: What is the best way to protect ourselves? Are we already putting it into practice? Are there more effective and creative mechanisms? We can assume that these are the same questions that, conversely, are raised by those who are dedicated to deliberately harming civil society (defined in general or particular terms). This is so, regardless of the paradigm we assign to cyberspace. As we have already underlined, the importance of defining and categorizing actions in cyberspace cannot be minimized. However, as important as it is and as little as it can be denied, this chapter will focus on a different aspect.
The goal is cooperation between different potential attack targets and between different law enforcement agencies, as well as between targets and law enforcement agencies. In a nutshell, we maintain that by implementing cooperation models aimed at offering institutionalized mechanisms, it is possible to avoid or, at least, minimize the damage represented by the mere threat of a cyber attack or, even more so, by a successful attack. Given the consequences of an attack and the resources needed to minimize its impact, the proposed cooperation model aims to reduce the costs, both direct and indirect, of actions in cyberspace. The model is based on a premise: preventing an attack or, in the worst case, carrying out a concerted and determined effort is preferable to bearing the costs of a successful attack.
By implementing cooperation models aimed at offering institutionalized mechanisms, it is possible to avoid or, at least, minimize the damage represented by the mere threat of a cyber attack or, even more so, a successful attack.
It is known that there are large companies that subscribe to the opposite argument: it is more profitable to absorb an attack than to invest in advanced protection models. However, I have not met managers whose companies have been successfully attacked and who adhere to this theory.
What is the most effective way to improve cybersecurity? Cooperation is positive, that it should be considered that way and that models must be developed to implement it successfully.
Sharing
Multimedia
04/08/2023
Smart & Green Fundazioa Summer Courses from UPV/EHU
Disruption in applied sustainability to change the world through education, technology and the city. FROM EMOTION TO DIGITAL TRANSFORMATION
06/06/2023
What are you waiting for? Sign up
https://www.uik.eus/es/curso/smart-green-disrupzion-jasangarria-apena-mundua zehar-hezkuntza-teknologia
24/01/2022
Blockchain Conference La Rioja
Montse Guardia Güel, Eduardo Aginako, Luis Garvía and Javier Sánchez Marcos
09/11/2021