Dialogue, partnership and empowerment for network and information security:the changing role of the private sector from objects of regulation to regulation shapers

The protection of cyberspace has become one of the highest security priorities of governments worldwide. The EU is not an exception in this context, given its rapidly developing cyber security policy. Since the 1990s, we could observe the creation of three broad areas of policy interest: cyber-crime, critical information infrastructures and cyber-defence. One of the main trends transversal to these areas is the importance that the private sector has come to assume within them. In particular in the area of critical information infrastructure protection, the private sector is seen as a key stakeholder, given that it currently operates most infrastructures in this area. As a result of this operative capacity, the private sector has come to be understood as the expert in network and information systems security, whose knowledge is crucial for the regulation of the field. Adopting a Regulatory Capitalism framework, complemented by insights from Network Governance, we can identify the shifting role of the private sector in this field from one of a victim in need of protection in the first phase, to a commercial actor bearing responsibility for ensuring network resilience in the second, to an active policy shaper in the third, participating in the regulation of NIS by providing technical expertise. By drawing insights from the above-mentioned frameworks, we can better understand how private actors are involved in shaping regulatory responses, as well as why they have been incorporated into these regulatory networks.

Location and network effects on innovation success:evidence for UK, German and Irish manufacturing plants

Recent developments in the new economic geography and the literature on regional innovation systems have emphasised the potentially important role of networking and the characteristics of firms' local operating environment in shaping their innovative activity. Modeling UK, German and Irish plants' investments in R&D, technology transfer and networking, and their effect on the extent and success of plants' innovation activities, casts some doubt on the importance of both of these relationships. In particular, our analysis provides no support for the contention that firms or plants in the UK, Ireland or Germany with more strongly developed external links (collaborative networks or technology transfer) develop greater innovation intensity. However, although inter-firm links also have no effect on the commercial success of plants' innovation activity, intra-group links are important in terms of achieving commercial success. We also find evidence that R&D, technology transfer and networking inputs are substitutes rather than complements in the innovation process, and that there are systematic sectoral and regional influences in the efficiency with which such inputs are translated into innovation outputs. © 2001 Elsevier Science B.V.

EU governance of the internet:analyzing Europol’s role in the development of a EU cyber crime and cyber security policies

In recent years, the European Union has come to view cyber security, and in particular, cyber crime as one of the most relevant challenges to the completion of its Area of Freedom, Security and Justice. Given European societies’ increased reliance on borderless and decentralized information technologies, this sector of activity has been identified as an easy target for actors such as organised criminals, hacktivists or terrorist networks. Such analysis has been accompanied by EU calls to step up the fight against unlawful online activities, namely through increased cooperation among law enforcement authorities (both national and extra- communitarian), the approximation of legislations, and public- private partnerships. Although EU initiatives in this field have, so far, been characterized by a lack of interconnection and an integrated strategy, there has been, since the mid- 2000s, an attempt to develop a more cohesive and coordinated policy. An important part of this policy is connected to the activities of Europol, which have come to assume a central role in the coordination of intelligence gathering and analysis of cyber crime. The European Cybercrime Center (EC3), which will become operational within Europol in January 2013, is regarded, in particular, as a focal point of the EU’s fight against this phenomenon. Bearing this background in mind, the present article wishes to understand the role of Europol in the development of a European policy to counter the illegal use of the internet. The article proposes to reach this objective by analyzing, through the theoretical lenses of experimental governance, the evolution of this agency’s activities in the area of cyber crime and cyber security, its positioning as an expert in the field, and the consequences for the way this policy is currently developing and is expected to develop in the near future.

Municipal benchmarking:organisational learning and network performance in the public sector

The main purpose of this dissertation is to assess the relation between municipal benchmarking and organisational learning with a specific emphasis on benchlearning and performance within municipalities and between groups of municipalities in the building and housing sector in the Netherlands. The first and main conclusion is that this relation exists, but that the relative success of different approaches to dimensions of change and organisational learning are a key explanatory factor for differences in the success of benchlearning. Seven other important conclusions could be derived from the empirical research. First, a combination of interpretative approaches at the group level with a mixture of hierarchical and network strategies, positively influences benchlearning. Second, interaction among professionals at the inter-organisational level strengthens benchlearning. Third, stimulating supporting factors can be seen as a more important strategy to strengthen benchlearning than pulling down barriers. Fourth, in order to facilitate benchlearning, intrinsic motivation and communication skills matter, and are supported by a high level of cooperation (i.e., team work), a flat organisational structure and interactions between individuals. Fifth, benchlearning is facilitated by a strategy that is based on a balanced use of episodic (emergent) and systemic (deliberate) forms of power. Sixth, high levels of benchlearning will be facilitated by an analyser or prospector strategic stance. Prospectors and analysers reach a different learning outcome than defenders and reactors. Whereas analysers and prospectors are willing to change policies when it is perceived as necessary, the strategic stances of defenders and reactors result in narrow process improvements (i.e., single-loop learning). Seventh, performance improvement is influenced by functional perceptions towards performance, and these perceptions ultimately influence the elements adopted. This research shows that efforts aimed at benchlearning and ultimately improved service delivery, should be directed to a multi-level and multi-dimensional approach addressing the context, content and process of dimensions of change and organisational learning.

Exploring the relationships between network change and network learning

This paper relates the concept of network learning - learning by a group of organizations as a group - to change and notions of change management. Derived initially from a review of literature on organizational learning (OL) and interorganizational networks, and secondary cases of network learning, the concept was evaluated and developed through empirical investigation of five network learning episodes in the group of organizations that comprises the English prosthetics service. We argue that the notion of network learning enables a richer understanding of developments in networks over extended periods of time than can be afforded through more established concepts of change and change management alone.

Learning and change in interorganizational networks:the case for network learning and network change

The ALBA 2002 Call for Papers asks the question ‘How do organizational learning and knowledge management contribute to organizational innovation and change?’. Intuitively, we would argue, the answer should be relatively straightforward as links between learning and change, and knowledge management and innovation, have long been commonly assumed to exist. On the basis of this assumption, theories of learning tend to focus ‘within organizations’, and assume a transfer of learning from individual to organization which in turn leads to change. However, empirically, we find these links are more difficult to articulate. Organizations exist in complex embedded economic, political, social and institutional systems, hence organizational change (or innovation) may be influenced by learning in this wider context. Based on our research in this wider interorganizational setting, we first make the case for the notion of network learning that we then explore to develop our appreciation of change in interorganizational networks, and how it may be facilitated. The paper begins with a brief review of lite rature on learning in the organizational and interorganizational context which locates our stance on organizational learning versus the learning organization, and social, distributed versus technical, centred views of organizational learning and knowledge. Developing from the view that organizational learning is “a normal, if problematic, process in every organization” (Easterby-Smith, 1997: 1109), we introduce the notion of network learning: learning by a group of organizations as a group. We argue this is also a normal, if problematic, process in organizational relationships (as distinct from interorganizational learning), which has particular implications for network change. Part two of the paper develops our analysis, drawing on empirical data from two studies of learning. The first study addresses the issue of learning to collaborate between industrial customers and suppliers, leading to the case for network learning. The second, larger scale study goes on to develop this theme, examining learning around several major change issues in a healthcare service provider network. The learning processes and outcomes around the introduction of a particularly controversial and expensive technology are described, providing a rich and contrasting case with the first study. In part three, we then discuss the implications of this work for change, and for facilitating change. Conclusions from the first study identify potential interventions designed to facilitate individual and organizational learning within the customer organization to develop individual and organizational ‘capacity to collaborate’. Translated to the network example, we observe that network change entails learning at all levels – network, organization, group and individual. However, presenting findings in terms of interventions is less meaningful in an interorganizational network setting given: the differences in authority structures; the less formalised nature of the network setting; and the importance of evaluating performance at the network rather than organizational level. Academics challenge both the idea of managing change and of managing networks. Nevertheless practitioners are faced with the issue of understanding and in fluencing change in the network setting. Thus we conclude that a network learning perspective is an important development in our understanding of organizational learning, capability and change, locating this in the wider context in which organizations are embedded. This in turn helps to develop our appreciation of facilitating change in interorganizational networks, both in terms of change issues (such as introducing a new technology), and change orientation and capability.

The governance of justice and internal security in Scotland:between the Scottish independence referendum and British decisions on the EU

This article examines how the governance of justice and internal security in Scotland could be affected by the outcome of the Scottish independence referendum in September 2014. The article argues that it is currently impossible to equate a specific result in the referendum with a given outcome for the governance of justice and internal security in Scotland. This is because of the complexities of the current arrangements in that policy area and the existence of several changes that presently affect them and are outside the control of the government and of the people of Scotland. This article also identifies an important paradox. In the policy domain of justice and internal security, a ‘no’ vote could, in a specific set of circumstances, actually lead to more changes than a victory of the ‘yes’ camp.

Integrating security services into computer supported cooperative work

This research describes the development of a groupware system which adds security services to a Computer Supported Cooperative Work system operating over the Internet. The security services use cryptographic techniques to provide a secure access control service and an information protection service. These security services are implemented as a protection layer for the groupware system. These layers are called External Security Layer (ESL) and Internal Security Layer (ISL) respectively. The security services are sufficiently flexible to allow the groupware system to operate in both synchronous and asynchronous modes. The groupware system developed - known as Secure Software Inspection Groupware (SecureSIG) - provides security for a distributed group performing software inspection. SecureSIG extends previous work on developing flexible software inspection groupware (FlexSIG) Sahibuddin, 1999). The SecureSIG model extends the FlexSIG model, and the prototype system was added to the FlexSIG prototype. The prototype was built by integrating existing software, communication and cryptography tools and technology. Java Cryptography Extension (JCE) and Internet technology were used to build the prototype. To test the suitability and transparency of the system, an evaluation was conducted. A questionnaire was used to assess user acceptability.

QoS guarantee with adaptive transmit power and message rate control for DSRC vehicle network based road safety applications

Quality of services (QoS) support is critical for dedicated short range communications (DSRC) vehicle networks based collaborative road safety applications. In this paper we propose an adaptive power and message rate control method for DSRC vehicle networks at road intersections. The design objective is to provide high availability and low latency channels for high priority emergency safety applications while maximizing channel utilization for low priority routine safety applications. In this method an offline simulation based approach is used to find out the best possible configurations of transmit power and message rate for given numbers of vehicles in the network. The identified best configurations are then used online by roadside access points (AP) according to estimated number of vehicles. Simulation results show that this adaptive method significantly outperforms a fixed control method. © 2011 Springer-Verlag.

Globalisation and security in the Taiwan Straits

Only recently the Sino-Taiwanese issue has again been in the headlines of the international media. On Saturday, 3 August 2002, Taiwan's President Chen Shui-bian insisted in a passionate speech that there is 'one country on each side' of the Taiwan Strait. He went even further by calling for new legislation that would allow a referendum to be held on changing the island's current international status, saying that this would be a 'basic human right'. Chen's remarks resulted in a furious response from the mainland. Although the conflict between Beijing and Taipei can be interpreted as a legacy of the Chinese Civil War, the tensions intensified during the 1990s. The following article suggests that the linkages and dynamics between the globalization process and international security are increasingly important for a better understanding of the development of relations at the international level in general and in the China-Taiwan conflict in particular.

Distributed control of computer communication systems

Flow control in Computer Communication systems is generally a multi-layered structure, consisting of several mechanisms operating independently at different levels. Evaluation of the performance of networks in which different flow control mechanisms act simultaneously is an important area of research, and is examined in depth in this thesis. This thesis presents the modelling of a finite resource computer communication network equipped with three levels of flow control, based on closed queueing network theory. The flow control mechanisms considered are: end-to-end control of virtual circuits, network access control of external messages at the entry nodes and the hop level control between nodes. The model is solved by a heuristic technique, based on an equivalent reduced network and the heuristic extensions to the mean value analysis algorithm. The method has significant computational advantages, and overcomes the limitations of the exact methods. It can be used to solve large network models with finite buffers and many virtual circuits. The model and its heuristic solution are validated by simulation. The interaction between the three levels of flow control are investigated. A queueing model is developed for the admission delay on virtual circuits with end-to-end control, in which messages arrive from independent Poisson sources. The selection of optimum window limit is considered. Several advanced network access schemes are postulated to improve the network performance as well as that of selected traffic streams, and numerical results are presented. A model for the dynamic control of input traffic is developed. Based on Markov decision theory, an optimal control policy is formulated. Numerical results are given and throughput-delay performance is shown to be better with dynamic control than with static control.

Overcoming network overload and redundancy in inter-organizational networks:the roles of potential and latent ties

This paper builds on Granovetter's distinction between strong and weak ties [Granovetter, M. S. 1973. The strength of weak ties. Amer. J. Sociol. 78(6) 1360–1380] in order to respond to recent calls for a more dynamic and processual understanding of networks. The concepts of potential and latent tie are deductively identified, and their implications for understanding how and why networks emerge, evolve, and change are explored. A longitudinal empirical study conducted with companies operating in the European motorsport industry reveals that firms take strategic actions to search for potential ties and reactivate latent ties in order to solve problems of network redundancy and overload. Examples are given, and their characteristics are examined to provide theoretical elaboration of the relationship between the types of tie and network evolution. These conceptual and empirical insights move understanding of the managerial challenge of building effective networks beyond static structural contingency models of optimal network forms to highlight the processes and capabilities of dynamic relationship building and network development. In so doing, this paper highlights the interrelationship between search and redundancy and the scope for strategic action alongside path dependence and structural influences on network processes.