Connect with us

Intelligence

EU Companies and Cybersecurity Threats

Published

on

Companies must be the protagonists in the fight against cybercrime through the synergic application of different skills and disciplines, in the perspective of tackling complex phenomena such as cybercrime.

There are many and challenges that the EU companies, in a globalized economy, in the face of modern digital development, are called to face – they must be personally involved in the prevention, emergence and containment of the effects of cyber-attacks.

A company must be appropriately adequate to the level of concrete risks for the conduct of its activities, in order to make possible and facilitate the exercise of public functions of monitoring and ascertaining wrongdoing activities.

The Numbers of Cybercrime

The issue of the relationship between cybersecurity and companies is increasingly significant, and this report is now central by going hand in hand with the development of digital technologies and their use, not only for economic growth and development, but also for criminal purposes.

At the same time, many cyber-events precisely confirmed that the essential use of IT tools in the management of business activities – and are market players – are particularly vulnerable and exposed to cyber-attacks, as evidenced by the data processed by IOCTA – the Internet Organized Crime Threat Assessment – prepared annually by the European Cyber Center (EC3), which operates within Europol.

Only in 2017 the WannaCry and Notpetya attacks, consisting of the spread of 300,000 users’ data worldwide, in more than 150 countries, with economic damage of around 4 billion dollars.

The World Economic Forum, which, in its 2019 Global Risk Report, ranked cyberattacks among the top five global risks.

The Close Connection Between Computer Security and Personal Data Protection

All that is indicative of the need for an effective, innovative and integrated approach to the problem of fighting cybercrime, based on active corporate involvement and fruitful collaboration between the public and private sectors.

It is no longer possible to react without an integration of technical-scientific, legal and economic expertise to ensure the development of appropriate cybersecurity systems in order to protect the confidentiality of data, by including the prevention, containment and management of cyber-risks.

This trend has begun to develop over the last twenty years – we have seen the emergence of new safety control systems in EU companies who have to facilitate the sharing of good practices.

From a legal point of view, the focus is on finding effective ways of protecting against illegal activities that can jeopardize the confidentiality of information stored by companies, causing considerable capital damage.

The Need for Supranational Regulation

The need for a uniform regulation of the subject in the supranational field is based on the adoption of European Union legislation, i.g. with the adoption of GDPR to protect the treatment and free movement of personal data.

This goal gives private market entities a central role in  fighting cyber-attacks and protecting the confidentiality of personal data from the same threats, as well as the massive amount of information of employees, agents, associates and suppliers that companies possess.

New Organization and Control Obligations for Companies

The imposition of new obligations on companies about cyberthreats against their organizations and control, as well as notifications to the relevant authorities, aim to make private entities accountable and aware by promoting the spread of a culture of cyber-security, capable of developing virtuous synergies with the functions of public authorities.

By implementing an effective circulation of information, that will achieve an acceptable  level of containment and risk management in a globalised economy environment.

Information Circulation, Exchange and Development of Best Practices

A central importance is given to the breach notification system prepared by the current EU regulations that provide for a timely communication of the incident that affected the continuity and/or provision of the service.

The logic of public-private partnership serves not only in the preparation of prevention and risk control procedures but also for an information exchange system with companies – in fact, the relevance of this mechanism of rapid transmission of news and immediate intervention is expressed with the possibility of reporting a different subject, compared to the recipients of the legislation.

The prospect of information circulation, exchange and development of best practices is also enhanced in the supranational field, as required by the current cross-border survey of economic activities, with the dissemination and processing of data, as well as cybercrime itself.

The configuration of a network of bodies from different countries belonging to the European Union in order to achieve a fruitful form of cooperation in the exercise of their respective powers will be a single point of contact for facilitating effective contacts between the relevant public authorities within the European Union and international authorities.

Non-EU Data Protections

All of this has been mentioned before, including companies in borders beyond the European Union, provided that the owner or controller is established within the European Union, a testament to the global dimension of the phenomenon: the necessary appropriate organisational and technical measures to protect the integrity and confidentiality of data is essential for the EU recipients of the legislation.

It also enhances the provision by the private sector of good practices and guidelines, stipulating that compliance of the treatment to the current legislation can be provided by adhering to codes of conduct drawn up by associations of category, as well as by obtaining ad hoc certifications.

The Function of the Data Protection Officer (DPO)

EU companies, in the near future, a must operate with forms of risk assessment in practice and with preparation of the organizational measures, extended to all stages of the processes of management of confidential information and evaluation of the real effectiveness of the carried measures.

The provision of an additional monitoring body is represented by the DPO – Data Protection Officer – with the important function of raising awareness of those involved in the exercise of activities at risk – he will train the company’s staff and will be a contact and control exchange with national authorities.

DPO can be tied with solutions tested in other areas where models have been tested and based on the independent provision of rules in a broad sense of caution with the exercise of effective internal controls, as well as on the enhancement of virtuous practices and acts of soft law.

Access and Cooperation in Digital Evidence

It is a role that works in the field of investigation and research of evidence, especially when accessing digital evidence: forms of direct cooperation between public authorities and service providers of other countries are contemplated in recent regulatory proposals drawn up within the European Union and the African Union.

Such measures would be carried out in the absence of mediation by the public authority of the reference country, and it must be align with the requirements of speed/effectiveness of computer investigations.

It is also a matter of using cooperation tools that reflect the new needs of research and the acquisition of volatile and virtual evidence, which need to be insured and protected quickly – small companies included, will have to become prominent players in the fight against cybercrime through the synergic application of different skills and disciplines in the perspective of tackling complex phenomena such as cybercrime.

Dr. Luciano Magaldi Orta Nova, after his PhD in Cloud Computing at Cloud Universityby Rackspace in San Antonio, Texas, a Master of Science in Security Engineeering at Cibrary Faculty of Washington, the Tesol certificate at Arizona State University in Tempe, a Bachelor of arts in Interpreting and Translating at Lus Pio V in Rome, an SEO specialization at the University of California Davis (UC Davis), a DSA specialisation at the University of London, an ETL specialisation at the Universitat Aut'onoma of Barcelona, an academic diploma in Forensic Sciences at Oxford Royale Academy, a specialising certificate in American Politics at Harvard Kennedy School, a professional certificate in mathematics at Stanford University, a Copyright Law certificate at MIT in Cambridge, used to work for Google Ireland in Dublin, Apple European campus in Cork, Ireland, and Amazon Slovakia in Bratislava. Dr. Luciano Magaldi finally obtained his specialisation in journalism at Michigan State University School of Journalism. His career as a journalist began writing articles for AgoraVox France and AgoraVox Italia about world politics, military issues and cyber-tech.

Continue Reading
Comments

Intelligence

The Impact of Management in Information Security

Published

on

Authors: Sajad Abedi and Mahdi Mohammadi

Due to the increasing role of information security in the management of any society, public and private organizations and institutions are inevitably required to provide the necessary infrastructure to achieve this. In addition to material resources, management techniques also have a great impact on the optimal and successful implementation of information security management systems. The recording of management standards in the field of ICT information security can be designed in a planned way to change the security situation of organizations according to the needs of the organization and ensure security in terms of business continuity and to some extent at other levels (crisis management and soft war). Despite extensive research in this area, unfortunately for various reasons, including the level of security of the issue for governmental and non-governmental institutions or the direct relationship of the field with their interests, clear and useful information on how to implement and prioritize the implementation of a system over the years. The past has not happened until today.

The protection of the organization’s information resources is essential to ensure the successful continuation of business activities. The fact that information and information assets play a key role in the success of organizations has necessitated a new approach to protecting them. Until now, risk analysis and management has been used to identify the information security needs of the organization. After analyzing the risks, security controls were identified and implemented to bring the risks to an acceptable level. But it seems that risk analysis is not enough to identify the information security needs of the organization. Evidence of this claim is that risk analysis does not take into account legal requirements, regulations and other factors that are not considered as risk, but are mandatory for the organization.

Identifying, assessing and managing information security risks is one of the key steps in reducing cyber threats to organizations and also preventing the unfortunate consequences of security incidents that make organizations more prepared to face cyber risks. The risk assessment process, which is the first phase of a set of risk management activities, provides significant assistance to organizations in making the right decision to select security solutions. Risk assessment is actually done to answer the following questions: * If a particular hazard occurs in the organization, how much damage will it cause? * What is the probability of any risk occurring? * Controlling how much each risk costs. Is it affordable or not? The results of risk assessment can help in the correct orientation in choosing solutions (which is to eliminate the main threats) and can also be used in formulating and modifying the security policies of the organization. Risk management is a comprehensive process used to determine, identify, control, and minimize the effects and consequences of potential events. This process allows managers to strike the right balance between operating costs and financial costs, and to achieve relevant benefits by protecting business processes that support the organization’s goals. The risk management process can greatly reduce the number and severity of security incidents that occur in the organization. Risk management has 5 steps, which are: 1. Planning: At this stage, how to manage potential risks in the organization is determined and completed by developing a risk management plan. This plan defines the risk management team, defines the roles and responsibilities of individuals and the criteria for assessing identified risks. Documented. 2. Identification: At this stage, team members gather around each other, identify potential hazards, and record them in the organization’s risk list. Arranging group brainstorming sessions is a good way to identify hazards 3. Assessment: In this step, the assessment of identified risks is performed using the criteria defined in the risk management plan. Risks are assessed based on their probability of occurrence and possible consequences.

Continue Reading

Intelligence

The impact of the Covid-19 on State, Stability, and Globalization

Published

on

Many questions have been exposed in the evolution of Covid -19 in the World. This point is very important to see him and explain it because is the same with Peace and war. But his construction isn’t adoptable with the level of all societies.

Seriously, this change is the biological necessity with analytical of science, industrialization and medical, etc. the men are visual by Covid-19 in anything society who the state hasn’t some capacities for all patients in hospitalizes in the world. The war of masks has paralyzed many countries. This battle cemented the level of capacities of states about public health. 

  A lot of studies explain the return of the Nation-State when they compared it with globalization because it can control sovereignty, borders, war, and Peace, etc. The second, she diffused the Markets, bourses, and information, etc. This big mutation is very important to compare it under Covid-19 but this challenge is funded by this pandemic in China. This country will be emplaced the USA country in the future. 

  Many discussions and conflicts after Covid-19 had been remarked with these countries during the commercial war but the Coronavirus has had his direction to the Third War. Why the nature of This impact for this mutation? It seriously questions when the Coronavirus posed these challengers on all states but they haven’t a solution against this new epidemic ravaged millions of persons.    

International security is menaced when the nation-state hasn’t a solution for public health. This point is the same when the big states like the USA or China disputed this situation with them but without international law protected like conflicts who the power definition hasn’t another conception laid the Coronavuris and here impact under stability and security.

  Simultaneously, I consider the epidemic of Coronavirus like a new serious factor about International Relations if we integers it among challengers biological and environment to explain the level of states and their difficulties face the Globalization.

  The International System is in crisis when the dominant American doesn’t relation with many states like China or Russia during Coronavirus, but the cooperation international isn’t the same conception about International Cooperation because the world lives in this moment with the Risks of a pandemic. Negatively, this way is the same vision as in war why the cooperation among states doesn’t participate in the Globalization.

 Thus the limit of strategic vision during globalization encouraged the return of the nation-state because the Covid-19 is an exam of all states to take their responsibility forthe destiny of their societies. Nobody thinks this pandemic choc and his consequently on many sectors and activities.

  During Covid-19, the International Anarchic is concerted after but without stability in the International Relations.Does this stability do her as a concept or practice? The complexity in International Relations is necessary or evolution who the Covid-19 accelerate these processes but he has anything possibility of changing other themes like State, Security, Communication, Integration, Development, and Democracy, etc.

New Realism doesn’t take this point in changing of International Relations because the political level of states is influenced by Economic Crisis. This one is developing the Commercial War between Beijing and Washington. 

The Union European has been fragile during the Covid-19 especially since Italy and Serbia face the bavettes. This dangerous situation of Coronavirus explains the fragility of Union Europe. Globalization had been created by the European Union but this one hasn’t the power to save its identity and money existences during this crisis epidemic.

 In Balkan, The European Union doesn’t take a strategic position about the Civil War between Armenia and Azerbaijan. This left about 300 people dead on September 27, 2020.Atthis moment, the Peace isn’t funded in the surrounding territories face the central regions, especially during the Covid-19 and American election.

 This upheaval epidemic in the XXI Century doesn’t usually challenge if the public health is a dangerous situation in the big states who the politics modern have many experiences of developing hospitably, Research and Industrialization, etc. In Italy, for example, the person’s burn a flag of Union European and emplace it by the China Republic. We are from this ambiguous and weakened passage.

  This conceptualizing of statism in Europe and America during the Covid-19 can be developed the notion of public politics of governments in the World. This one is very important for Nation-state to develop it by theory politics. Because is characterized by the new power of states and not by Globalization.

International Relations are developing by this level of states when we take the Foreign policy of state who reflecting his image clearly or not participating in an international environment. 

The nature of Covid-19 isn’t compactable with institutes against it because the fundaments of there are basing on the War in the International Relations and Anarchy in the International System.

  Consequently, the Nation-State hasn’t many solutions to opposite it because this one is very fundamentally influenced by Globalization for three or fortune decades. But the question who can pose it is: Where is the World moving in the light of what it has passed and what is coming from it? The term Security is very important but it’s not globally when we take it in the other angles of Development, Dialogue, and Research, etc.

 The Nation-State is needed very well of Security or Dialogue with all factors in every society. The Security is consequently of the level of development and changing it when isn’t demined by State and society. The World is changing by his volunteer or by his Violence? 

Why the nature of this epidemic on a lot of actors of bureaucratic management on governments, but this only context is favorable to explosive at least conceptualization like nation-State, Security and Globalization and others. This situation isn’t the same in the past but is the product of their evolution. Maybe the solution isn’t definitive but approximately relative.

Finally, what’s the link between Sciences on practical policies? But all the concepts bring to this kind of crisis. The world is changing but without guarantee of all states and public politics and International relations. The shock is varied and multiple of all humanity in this history cycle during the XXI e centuries.

  This evolution isn’t positive because the states haven’t only strategic vision but the great means who the question of legitimacy posed a problem about democratic of peace. Simultaneously, this way is corrected by ideas, values, and sciences. If the states don’t occupy from representative popularity election, the result is minimally about institutes and policies.             

  This vision can’t global system that the management of administration, economic, and commercial needs many rationally position and efficacy about the treatment of society’s problems.

  In order of Covid-19, the World take another direction without seriously guarantee to participate by all states and organizations. In opposite to Covid-19, humanity observed a big difference between the past and present. This point is clarifying the nature of this crisis of Health, Communication, and Medicine.

  I wait as Researcher in International Relations, the third War Covid-19 between China and USA, but the commercial economic domineer their relations beyond this epidemic. This changing of the deal is very challenging for multiple operations but without solutions.  This mutation of deployment gravity center between states to societies is very dangerous in the World. The Died is a big challenger of humanity but the renovation doesn’t a common fundament of all structures by injection of money during the economic crisis.

   What’s the final solution? This question is very important to pose because History is removed by cycle but the volunteer and consciousness are a common culture. Nobody can answer this orientation about this occupation of humanity. In this perspective, the World is in crisis by their states? We can thinkabout it. But this crisis is multidisciplinary, horizontal, and vertical.

 International Relations have funded on war who the peace is their ideal of politics. This point is contradictory between states and societies. Their relation is based on Security, Stability, and Sovereignty. The Nation-State is seriously needed more treatment in his territory if he takes it as sovereignty like the principal of it. Globalization has been changing the direction if she opposite with Nation-State.

 This contradictory building of conceptualization posed very difficulties than practice because it’s very important for Researchers in International Relations. Many centers in the world talking about this challenge but this fragility structure is the level of this construction of institutes and their policies.

 The Covid-19 like natural danger posed a big problem on humanity who the man is veritably in front of his hearth in hospital: Philosophical point or limit of modernity? What’s the lied with themes’ if the remedy isn’t non-existent. From this question, we can attach a big good consideration for this limitation of several sectors and activities of each State face his population.   

Continue Reading

Intelligence

Technological Competition and National Security. The War Begins

Published

on

The COVID-19 epidemic has given a powerful boost to information and communication technologies. The economic blow dealt by global lockdowns has been reduced thanks to remote platforms. Already-existing ecosystems of financial transactions, electronic document management, data storage, etc. have mitigated the shock emanating from the rupture of usual communications. It would seem that the pandemic should have consolidated the world community in the development and implementation of new technologies for the common good. In fact, in 2020, the competition between the largest technology leaders has only intensified. COVID-19 is hardly a direct cause of increased competition. However, it was in 2020 that it reached a fundamentally new level.

The main opponents in the technology race today are China and the United States. The telecommunications industry is at the forefront of this competition. At the same time, it should be seen in the context of the new Cold War between Beijing and Washington. The US proceeds from the premise that China is an increasingly serious threat. During the presidency of Donald Trump, containment of the PRC became a key priority of White House foreign policy. The situation is unlikely to change seriously with the Joe Biden administration. Key provisions of the “United States Strategic Approach to the People’s Republic of China” recently published by the White House will remain relevant for the new administration.

The problems emanating from Chinese telecoms began with relatively minor episodes during the Obama presidency. On April 1, 2015, the President of the United States imposed a state of emergency over threats to national security in the digital environment, prompted by a hacker attack and theft of the data of more than 4 million US government employees. The Americans linked the actions of the hackers with the government structures of the PRC, although China wasn’t mentioned specifically in the state of emergency decree.

The next wake-up call was the investigation by the US Treasury and Department of Commerce of the Chinese company ZTE. It was suspected of supplying equipment with American components to Iran. As a result, the company agreed to pay significant fines to American regulators (a $100.8 million penalty was levied by the Treasury Department and a $1.4 billion fine was levied by the Trade Department). The Chinese telecommunications giant Huawei also had Iran-related problems. On December 1, 2018, Huawei CFO Meng Wanzhou was arrested in Canada at the behest of the United States. In the US, she is accused of providing HSBC bank with misleading information in an attempt to circumvent US sanctions against Iran. Huawei viewed the arrest as a politically motivated attack on the company. Huawei is still under heavy pressure from American regulators and legislators. The U.S. Defense Budget Act of 2018 and 2019 restricted US defence and government agencies from obtaining supplies from Huawei. Similar restrictions were extended to ZTE. But that was only just the beginning.

On May 15, 2019, President Trump declared a state of emergency over threats to US national security in the telecommunications sector, and the same day Huawei was subject to US Department of Commerce sanctions. They significantly limited the opportunity of American companies to supply components to Huawei. Later, the restrictions were expanded. Since May 2020, the sanctions began to apply to Huawei semiconductors manufactured overseas using US technology or US software, and the list of Huawei subsidiaries subject to sanctions was expanded. In parallel, the Americans have worked with their allies, not without success, convincing them to stop using Huawei equipment in the most advanced areas (such as 5G technologies), citing the threat of PRC espionage. Among the results is the UK’s abandonment of the Chinese company’s equipment for 5G networks in connection with US sanctions.

In addition to Huawei and ZTE, other Chinese companies also had problems. In August, the list was expanded to include the WeChat messenger and TikTok, a video service. Donald Trump banned their use in the United States in separate executive orders, which noted that both services allow the collection of information about users, their location and online activity. This information can be used for blackmail, espionage, censorship, disinformation, etc. However, the White House did not provide examples of such actions by Chinese companies. Interestingly, a month and a half after Trump’s decision, the Alliance of WeChat Users in the United States succeeded in lifting the ban on WeChat in California’s Northern District Court, and in October 2020, the Eastern District of Pennsylvania’s Federal District Court suspended enforcement of the TikTok order.

In China, restrictions on telecommunications have also been in place for quite some time. However, they are of a different nature and are related to information limitations rather than technology. The country has a ‘Golden Shield’ project that restricts access to a number of foreign websites and filters out politically inappropriate information. In China, it is difficult or impossible to use Facebook, YouTube, Twitter, WhatsApp and a number of other services. However, their Chinese counterparts are functioning quite successfully.

Obviously, the politically motivated technology war is just beginning. National security interests will increasingly influence the competition between technology platforms in a wide variety of areas. On both sides of the barricades, businesses will have to cope with growing political risks.

From our partner RIAC

Continue Reading

Publications

Latest

Trending