Economic Impacts of Rules-based vs Risk-based Cybersecurity Regulations in Critical Infrastructure Providers (Bulk Electricity Providers)

Economics of Cybersecurity Part 2. SPSI-2015-01-0024.

Geopolitical shifts in the Eastern Mediterranean. Security Policy Brief No. 43, February 2013

Three major geopolitical events are putting the stability of the Eastern Mediterranean at risk. Most of the region is in a deep monetary and economic crisis. The Arab Spring is causing turmoil in the Levant and the Maghreb. Gas and oil discoveries, if not well managed, could further destabilise the region. At the same time, Russia and Turkey are staging a comeback. In the face of these challenges, the EU approaches the Greek sovereign debt crisis nearly exclusively from a financial and economic viewpoint. This brief argues that the EU has to develop a comprehensive strategy for the region, complementing its existing multilateral regional framework with bilateral agreements in order to secure its interests in the Eastern Mediterranean.

Pool it, share it, use it: the European Council on defence. Security Policy Brief No. 44, March 2013

Three major geopolitical events are putting the stability of the Eastern Mediterranean at risk. Most of the region is in a deep monetary and economic crisis. The Arab Spring is causing turmoil in the Levant and the Maghreb. Gas and oil discoveries, if not well managed, could further destabilise the region. At the same time, Russia and Turkey are staging a comeback. In the face of these challenges, the EU approaches the Greek sovereign debt crisis nearly exclusively from a financial and economic viewpoint. This brief argues that the EU has to develop a comprehensive strategy for the region, complementing its existing multilateral regional framework with bilateral agreements in order to secure its interests in the Eastern Mediterranean.

Russian belligerence and Europe's energy security. EPC Commentary, 19 March 2014

Recent Russian actions have unequivocally underlined that it does not play by the rules. This provides a wake-up call and should alert not only the countries of the former Soviet Union, but the EU as a whole. For the EU, this has one clear implication: it cannot continue to depend on an unreliable energy supplier, which is prone to use energy as a political tool. Luckily for the EU, summer is approaching and Europeans will need less Russian gas for heating. However, potential gas supply disruptions remind Europe of its energy vulnerabilities, and of the 2006 and 2009 winters, when Russia’s decision to stop the flow of gas to Ukraine led to supply crises in a number of EU Member States. As the EU’s heads of states and governments gather in the European Council on 20 and 21 March, the developments in Ukraine and the possible Russian illegal annexation of Crimea will undoubtedly dominate the discussions. Securing energy supply will figure on the agenda, but energy should also be seen as a means to pressure Russia. It is important that the Member States use the occasion to commit to working together on energy security. If this is addressed in a holistic way, it can also support European industry and climate policy – the other issues on the Council agenda that run the risk of being forgotten.

National Security and Secret Evidence in Legislation and before the Courts: Exploring the Challenges. CEPS Liberty and Security in Europe No. 78/January 2015

This study provides a comparative analysis of the national legal regimes and practices governing the use of intelligence information as evidence in the United Kingdom, France, Germany, Spain, Italy, the Netherlands and Sweden. It explores notably how national security can be invoked to determine the classification of information and evidence as 'state secrets' in court proceedings and whether such laws and practices are fundamental rights- and rule of law-compliant. The study finds that, in the majority of Member States under investigation, the judiciary is significantly hindered in effectively adjudicating justice and guaranteeing the rights of the defence in ‘national security’ cases. The research also illustrates that the very term ‘national security’ is nebulously defined across the Member States analysed, with no national definition meeting legal certainty and “in accordance with the law” standards and a clear risk that the executive and secret services may act arbitrarily. The study argues that national and transnational intelligence community practices and cooperation need to be subject to more independent and effective judicial accountability and be brought into line with EU 'rule of law' standards.

A weak link? Germany in the Euro-Atlantic security system. OSW Point of View Number 47, January 2015

The political, military and economic parameters of German power influence the vision of the international order that Berlin favours. Politically, Germany is a regional power in the EU with considerable diplomatic potential. Economically, it is the world's third largest power with growing global trade and investment links. At the same time, Germany's military potential is limited and the German strategic culture makes the country sceptical about the use of military instruments. Berlin is thus essentially interested in maintaining peace and stability, both in Europe and globally, and in developing diplomatic mechanisms to manage regional and global crises and conflicts. The German preference for dialogue and compromise in conflict situations in the regional and global dimensions may increasingly pose a risk to maintaining the cohesion and credibility of NATO – both from the perspective of the USA and Germany’s allies from Central-Eastern and Northern Europe.

The impact of the withdrawal from Afghanistan on Russia’s security. Egmont Security Policy Brief No. 54, March 2014

ISAF’s withdrawal from Afghanistan in 2014 will directly impact the wider region. Not only is there a risk of instability spilling over to Central Asia, but the drawdown will also accelerate the ongoing shift in the balance of power in Central Asia towards China. Should a spillover occur, the burden will mainly fall on Russia and China. Russia will, however, only continue playing the dominant role in the security of the former Soviet Central Asia (FSCA) until China takes on responsibility for the security of its direct sphere of influence or “dingwei”. Russia’s Near Abroad, however, overlaps both with the EU’s Eastern Neighbourhood in Europe and China’s dingwei in Central Asia and the Far East. It is, therefore, necessary to approach Russian reactions to these encroachments on its historical spheres of influence in a single context, taking into account the interrelationship between these three.

EU Budgetary Responses to the ‘Refugee Crisis’: Reconfiguring the Funding Landscape. CEPS Paper Liberty and Security in Europe No. 93/May 2016

This paper analyses the EU budgetary responses to the ‘refugee crisis’ in Europe. The European Commission has proposed several changes to the EU budget as well as the establishment of new funding instruments. The paper explores what the announced funding consists of, what role it plays in policy-making and what issues it generates. Throughout these budgetary responses the search for flexibility has been dominant, motivated by the need to respond more swiftly to humanitarian and operational needs. In addition, the paper argues that beyond implementation or management, the role of funding is also symbolic and communicative. In light of limited competences that are difficult to exercise, funding represents a powerful tool enabling the Commission to shape policy-making in times of crisis. At the same time, the dominant search for flexibility also challenges established funding rules and procedures. It has furthermore led to reduced space for democratic scrutiny by the European Parliament. More profoundly, EU funding for cooperation with third countries to prevent the inflow of refugees and asylum seekers has monetised questions over the responsibility for these individuals. As the EU–Turkey agreement shows, this has created a self-imposed dependence on third countries, with the risk of potentially insatiable demands for EU funding. This paper questions the proportionality and rule of law compliance of allocating funding for the implementation of this agreement. Moreover, it proposes that the Commission take steps to practically safeguard the humanitarian aid principles in the management structures of the new funding instruments, and it stresses the need for more scrutiny of the reconfigured funding landscape by the European Parliament and the European Court of Auditors.

Heterogeneity in health and morality risk among early retiree men /

"SSA Publication No. 13-11712"--P. of cover.

Fault evaluation for security-critical communications devices

Communications devices for government or military applications must keep data secure, even when their electronic components fail. Combining information flow and risk analyses could make fault-mode evaluations for such devices more efficient and cost-effective.

Maximum security: 'Being in the belly of the beast'

Very little information or research is available about the operation of Maximum Security Units (MSUs) in Queensland prisons. These units were developed within existing prisons in the early 1980s to deal with the incarceration of prisoners considered to be the worst and highest risk. Drawing on a number of interviews with prison visitors and on published documents and cases, this article examines the purpose and possible shortcomings of MSUs in Queensland in light of the Standard Guidelines for Corrections in Australia (1996).

Adoption, adult attachment security, and relationship outcomes

Despite reports that adopted persons are destined for poor psychological and relational adjustment, this conclusion remains controversial. Previous research on this topic has been inconclusive, and has failed to provide a complex assessment of the predictors of adjustment. For instance, whether attachment security plays a key role in later relationship outcomes remains unresolved. This paper presents the results of a longitudinal study of adults who were adopted as infants, and a comparison sample of adults who grew up with both biological parents. Two research questions were addressed: differences in attachment security between the two samples, and the predictive relations between initial attachment scales and relationship variables (e.g., risk in intimacy, loneliness) assessed at follow-up. Attachment profiles at Time 1 indicated less security in the adopted sample than the comparison sample, and these differences were maintained at follow-up. However, adoptees who had not searched for birth relatives did not differ from the comparison sample. Although sample (adopted / comparison) was an important predictor of some relationship variables, it became less influential when attachment measures were included. Discussion focused on the complex factors that influence attachment security, and the need for in-depth study of the relational experiences of adopted people.

A software audit framework for spyware risk mitigation

Our research described in this paper identifies a three part premise relating to the spyware paradigm. Firstly the data suggests spyware is proliferating at an exponential rate. Secondly ongoing research confirms that spyware produces many security risks – including that of privacy/confidentiality breaches via illicit data collection and reporting. Thirdly, anti-spyware controls are improving but are still considered problematic for several reasons. Our research then concludes that control measures to counter this very significant challenge should merit compliance auditing – and this auditing may effectively target the vital message passing performed by all illicit data collection spyware. Our research then evolves into an experiment involving the design and implementation of a software audit tool to conduct the desired compliance auditing. The software audit tool is positioned at the protected network’s gateway. The software audit tool uses ‘phone-home’ IP addresses as spyware signatures to detect the presence of the offending software. The audit tool also has the capability to differentiate legitimate message passing software from that produced by spyware – and ‘learn’ both new spyware signatures and new legitimate message passing profiles. The testing stage of the software has proven successful – albeit using very limited levels of network message passing variety and frequency.

Articulating wider smartphone emerging security issues in the case of M-government in Turkey

For the last several years, mobile devices and platform security threats, including wireless networking technology, have been top security issues. A departure has occurred from automatic anti-virus software based on traditional PC defense: risk management (authentication and encryption), compliance, and disaster recovery following polymorphic viruses and malware as the primary activities within many organizations and government services alike. This chapter covers research in Turkey as a reflection of the current market – e-government started officially in 2008. This situation in an emerging country presents the current situation and resistances encountered while engaging with mobile and e-government interfaces. The authors contend that research is needed to understand more precisely security threats and most of all potential solutions for sustainable future intention to use m-government services. Finally, beyond m-government initiatives' success or failure, the mechanisms related to public administration mobile technical capacity building and security issues are discussed.

Establishing a framework for dynamic risk management in 'intelligent' aero-engine control

The behaviour of control functions in safety critical software systems is typically bounded to prevent the occurrence of known system level hazards. These bounds are typically derived through safety analyses and can be implemented through the use of necessary design features. However, the unpredictability of real world problems can result in changes in the operating context that may invalidate the behavioural bounds themselves, for example, unexpected hazardous operating contexts as a result of failures or degradation. For highly complex problems it may be infeasible to determine the precise desired behavioural bounds of a function that addresses or minimises risk for hazardous operation cases prior to deployment. This paper presents an overview of the safety challenges associated with such a problem and how such problems might be addressed. A self-management framework is proposed that performs on-line risk management. The features of the framework are shown in context of employing intelligent adaptive controllers operating within complex and highly dynamic problem domains such as Gas-Turbine Aero Engine control. Safety assurance arguments enabled by the framework necessary for certification are also outlined.