Private sector Active Cyber Defence (ACD) lies on the intersection of domestic security and international security and is a recurring subject, often under the more provocative flag of ‘hack back’, in the American debate about cyber security. This article looks at the theory and practice of private cyber security provision and analyses in more detail a number of recent reports and publications on ACD by Washington DC based commissions and think tanks. Many of these propose legalizing forms of active cyber defence, in which private cyber security companies would be allowed to operate beyond their own, or their clients’ networks, and push beyond American law as it currently stands

The National Cyber Security Division (NCSD), under the US Department of Homeland Security oversees the nation-wide effort of securing and ensuring unimpeded use of the cyberspace domain. The NCSD hosts the Cyber Storm series of national cyber security exercises as an important component of the public-private cyber security partnership. This paper uses a case study approach to explore the motivations of private sector actors to contribute to the national cyber security regime by analyzing their participation in Cyber Storm II. This research tests the assumption that the private sector actors can be motivated to participate in the cooperative national security measures by empowering them to contribute to the development of the measures. It contains a literature review of cyber security challenges and current theories on self-regulation that are applicable to this partnership.

The purpose of this capstone was research a proactive cybersecurity that used an active cyber defense and about the role of integrating proactive and active strategies into an organization’s enterprise. There is a need to establish cybersecurity techniques that effective in preventing organizations from losing billions of dollars in digital assets. Proactive active cyber defense requires a lot of planning and management involvement to transform an organization’s cybersecurity approach to into one that utilizes active cyber defense.

The proportionality calculation in a cyber operation that shuts down a dual-use power station, will have to factor in both the loss of the civilian function performed by the installation, with consequent negative repercussions on its civilian users, and the fact that the malware might infect other computer systems. Cyber operations present both opportunities and dangers for the principle of proportionality in attack.

Nation-states are increasing their utilization of cyber operations against other nation-states and will likely enhance their effects in times of armed conflict. As much as cyber operations can be specific and limit casualties, they can also be used to inflict direct or indirect harm to civilians. Cyber operations directed at critical infrastructure like industrial control systems and healthcare organizations can have a direct impact on civilian life. Other malware developed by nation-states
may also spread from target networks with unforeseen effects that if not properly executed can potentially harm civilian networks.

Cyber operations targeting civilian data can in a present-day context operate in somewhat of a grey area. Because of this, states and non-state groups can attack civilian data during an armed conflict without consequens in most cases, which can rapidly cause more harm to the civilian population than the destruction of physical civilian objects. Since states have in many cases been reluctant to share their views on how international humanitarian law applies to the case of data as a civilian object, this thesis sets out to clarify whether data is protected from attack during an armed conflict.

This report is part of a broader OECD study into Future Global Shocks, examples of which could include a further failure of the global financial system and large-scale pandemics. The authors have concluded that very few single cyber-related events have the capacity to cause a global shock. Governments nevertheless need to make detailed preparations to withstand and recover from a wide range of unwanted cyber events, both accidental and deliberate.

Information pervades today's human activities, essentially making every sector of society an information environment. Due to the ubiquity of technological innovations and their interconnectivity, there is no aspect of lives of individuals that has not been affected. Individuals & organizations use multiple devices and networking platforms to interact with each other, businesses, and governments, as well as to search, retrieve, and consume information. Adoption and use of information and communication technologies (ICTs) and the nature of information in general and its management and use have been topics of discussion at events such as the ASIS&T Annual Meeting. However, what is often lacking, if not missing, is a broader discussion about information and ICTs, in applied areas such as emergency management, homeland security, and cybersecurity. 83rd Annual Meeting of the Association for Information Science & Technology October 25-29, 2020. Author(s) retain copyright, but ASIS&T receives an exclusive publication license.

The objective of the present study is to explore the role of cyber security in enhancing civil protection in Greek reality. Methodologically, the study has been based on a survey with a sample of 345 executives of IT companies in Greece by using a structured questionnaire. The basic results of the research study showed that cyber security technologies positively affect civil protection, cybercrime reduction practices have a positive influence on civil protection, and there is a significant relationship between the government’s role in cyber security and civil protection. Cybersecurity also may have a significant influence on the principles of emergency operations: prevention, mitigation, preparation, response, or emergency evacuation and recovery.

Risk perception is an important driver of netizens’ (Internet users’) cybersecurity behaviours, with a number of factors influencing its formation. It has been argued that the affect heuristic can be a source of variation in generic risk perception. However, a major shortcoming of the supporting research evidence for this assertion is that the central construct, affect, has not been measured or analysed. Moreover, its influence in the cybersecurity domain has not yet been tested.