this paper deals with military mobility, which in recent years has become one of the strategic priorities for both the North Atlantic Treaty Organization (NATO) and the European Union (EU). The authors argue that the ability to quickly transport soldiers and military equipment over long distances across member states’ territories is a prerequisite for an effective and rapid military response by the allies. An analysis of the achievements to date shows that the European Union is one of the key actors in identifying and eliminating existing barriers and initiating necessary infrastructure construction. Simultaneously, close cooperation with the North Atlantic Treaty Organization in this area allows the parties involved to achieve synergies.
This Chapter discusses the possible problems arising from the application of the principle of distinction under the law of armed conflict to cyber attacks. It first identifies when cyber attacks qualify as ‘attacks’ under the law of armed conflict and then examines the two elements of the definition of ‘military objective’ contained in Article 52(2) of the 1977 Protocol I additional to the 1949 Geneva Conventions on the Protection of Victims of War.
In recent years, both academia and industry in cyber security have tried to develop innovative defense technologies, expecting that to change the rules of the game between attackers and defenders. The authors start by analysing the root causes of security problems in cyberspace: (i) vulnerabilities in cyber systems are universal; (ii) current cyber systems are static, predictable and monoculture which allows adversaries to plan and launch attacks effectively; (iii) existing techniques cannot detect and eliminates attacks employing unknown vulnerabilities. Based on their analysis, they develop a novel defense framework, mimic defense (MD), that employs ‘dynamic, heterogeneity, redundancy (DHR)’ mechanism to defense cyber attacks.
In term of operation based cyber-security exercise these teams include in general:
1. White team: A team that creates or generates a cyber-security exercise environment.
2. Red team: A team that attacks the cyber-security exercise environment.
3. Blue team: A team that defends the cyber-security exercise environment
Yet, despite this emphatic recognition of the importance of transparency, the activities of government and private sector actors involved in the development, sale, and export of Offensive Cyber Capabilities (OCC) remain cloaked in secrecy regardless of the sector’s role in facilitating human rights abuses. In this article, we tackle this broader challenge of secrecy via a case study on the export of dual-use technologies. We theorize why secrecy has been so prevalent in the OCC sector. We consider the role of different forms of secrecy—such as commercial secrecy and opportunistic secrecy by governments—in facilitating this situation.
One of the main security concerns of enterprise-level organizations which provide network-based services is combating with complex cybersecurity attacks like advanced persistent threats (APTs). The main features of these attacks are being multilevel, multi-step, long-term and persistent. Also they use an intrusion kill chain (IKC) model to proceed the attack steps and reach their goals on targets. Traditional security solutions like firewalls and intrusion detection and prevention systems (IDPSs) are not able to prevent APT attack strategies and block them. Recently, deception techniques are proposed to defend network assets against malicious activities during IKC progression. One of the most promising approaches against APT attacks is Moving Target Defense (MTD). MTD techniques can be applied to attack steps of any abstraction levels in a networked infrastructure (application, host, and network) dynamically for disruption of successful execution of any on the fly IKCs.
In 2018, Switzerland released its second national cybersecurity strategy. To put the Swiss approach into perspective, this CSS study compares the strategies, policies and governmental structures of Germany, Finland, France, Israel, Italy and the Netherland to highlight similarities and differences and to discuss the relevant challenges and further implications for Switzerland. The results show that, despite their national idiosyncrasies in terms of structures, all states underline the need for a holistic and integrated approach to cybersecurity focused on developing capabilities, awareness and education, while fostering international and public-private cooperation. In addition, they all face challenges that are inherently crosscutting, ranging from issues of policy integration and coordination to crisis management and legislative harmonization