cyber vs legislation and ethics colonel john doody panel chair
TRANSCRIPT
Cyber vs Legislation and Ethics
Colonel John DoodyPanel Chair
Cyber vs. Legislation and Ethics1. Introduction Colonel John Doody2. Legislation versus Ethics in National Security - Military
Operations versus Intelligence Collection versus Law Enforcement Air Cdre Bruce Wynn
3. Cyber and the law of war Lt Col Jan Stinissen3. The basic legal principles that are at stake with regards to
the development of the cybersecurity legal regulatory framework. Dr Radim Polcak
5. Cyber; cross boundary pursuit Mr Michael Drury
6. Cyber threats; the presentational problem of a legal response for politicians and the press? Mr Peter Warren
What is cyber security?MARKET SEGMENTATION
© 2011 Ultra Electronics
NetworksData Devices People
Avai
labi
lity
Inte
grity
Confi
denti
ality
© 2011 Ultra Electronics
What is cyber security?KEY MARKETS
NetworksData Devices People
Avai
labi
lity
Inte
grity
Confi
denti
ality
Traffic Encryption&
Key Management
Network Hardening&
Boundary Protection
Data at RestEncryption
& Key Management
TransactionProtection
Multi-factorAuthentication
Legal Intercept&
CloudComputing
ReliabilityDDoS
ProtectionCollaborative
Working
Penetration Testing&
Vulnerability Scanning
Attack Identification&
ResponseTraining
© 2011 Ultra Electronics
A model to analyse the cyber security market
© 2011Ultra Electronics
What is cyber security?Components subject to Legislation and Ethics?
NetworksData Devices People
Avai
labi
lity
Inte
grity
Confi
denti
ality Cryptography
Key ManagementMeta-Data Production
Legal InterceptKeyless Decryption
DisposalObfuscation
StorageAudited ActionsSecure SoftwareAuthentication
Non-RepudiationAttack Vector
Unauthorised DuplicationMalwareTestingAudit
ManipulationRisk Assessment
Remote RetrievalMeta-Data Provision
Flow ControlLegal InterceptLocal retrievalCompression
SpoofingAccess
AccessKey Management
AuthenticationRecovery
TestingData Retention
Link CryptographyNetwork Cryptography
ObfuscationAccess
Key ManagementMulti-level SecurityLogical Separation
Testing
AuthenticationAccess
KnowledgeSpoofingTesting
Usage RestrictionsAudited Actions
Intrusion DetectionIntrusion ResponseSecure Operation
Attack VectorOperational Validation
TestingRisk Assessment
Damage
Usage RestrictionsRouting
Attack VectorAuthentication
MonitoringDirection ControlAudited Actions
SpoofingAccuracy
Risk AssessmentTesting
Risk AssessmentRisk AppetiteProcedures
PracticeBehaviour
Situational AwarenessSocial Networks
Business ContinuityBusiness Recovery
Access
User InterfacePrioritisation
Legal InterceptOperation
Continued OperationSpoofingEfficiency
RestorationSafety
Wired AccessWireless Access
PrioritisationFlow Control
Legal InterceptShaping
Attack ResponseSafety
© 2011 Ultra Electronics
…and drill down to identify the market
niches that comprise the cyber security
market
© 2011Ultra Electronics
Cyber and the law of war
Lt Col Jan Stinissen
Law of War
• use of force is prohibited, unless …. – self defence, – UNSC Resolution, – humanitarian intervention (?)
• law of armed conflict – humanity, – distinction, – military necessity, – proportionality
Developments
Examples in Cyber
neutralitydespite the borderless character of cyber, also in a cyber conflict a State can be neutral
indiscriminate attackscyber attacks that are not directed at a lawful target, and are of a nature to strike lawful targets and civilian objects without distinction are prohibited