Good Governance and Virtue in South Africa's Cyber Security Policy Implementation

Good governance from an ethical perspective in cyberdefence policy has been seen in terms of duty and consequentialism. Yet the negotiated view of virtue ethics can also address how nation states mitigate the risks of a cyber attack to their national interests and to prepare for a cyber offence in response to an attack. A discourse analysis of the “0x Omar”-Israeli conflict of 2012, as reported in the Arabic and English media and on the Internet, is used to explore ethical issues that this case raises and to examine how the risks posed could be mitigated in relation to relevant elements of the South African cybersecurity policy framework. Questions raised include: At what point does the policy require a nation state to prepare for a cyber offence in response to a cyber attack? Ethically, how are such actions consistent with the principle of good governance?

Download Full-text

Cybersecurity: Toward a Meaningful Policy Framework

10.31228/osf.io/b8hms ◽

2018 ◽

Author(s):

Peter M. Shane

Keyword(s):

Cyber Security ◽

Security Policy ◽

Legal Framework ◽

Public Understanding ◽

Policy Framework ◽

Military Effectiveness ◽

The Public ◽

Trade Offs ◽

National Debate ◽

Sharing Responsibility

This critique of Karson K. Thompson’s note, "Not Like an Egyptian: Cybersecurity and the Internet Kill Switch Debate," argues that the U.S. lacks a framework of laws and regulations, "smart" or otherwise, that adequately incentivizes the parties with the greatest capacity to improve our cyber security to do so. It attributes the poor state of U.S. cyber policy to the "bewildering array of overlapping responsibilities" scattered among government offices and departments; the difficult imperative of sharing responsibility among military and civilian authorities; the fact that most of the networks (and the dependent critical infrastructures) that need protecting are in private hands; and the lack of public understanding of the kinds of regulation that are necessary or appropriate. The essay argues that meaningful progress towards an adequate legal framework depends on a broad national debate aimed at defining the public good with regard to cyber-security, and the inevitable trade-offs among security, privacy, productivity, economic growth, organizational flexibility, military effectiveness, government transparency, and accountability that must be confronted in making sensible cyber-security policy.

Download Full-text

Warring from the virtual to the real: Assessing the public’s threshold for war over cyber security

Research & Politics ◽

10.1177/2053168017715930 ◽

2017 ◽

Vol 4 (2) ◽

pp. 205316801771593 ◽

Cited By ~ 4

Author(s):

Sarah Kreps ◽

Debak Das

Keyword(s):

Cyber Security ◽

Presidential Election ◽

Security Policy ◽

Public Support ◽

Cyber Attacks ◽

Economic Consequences ◽

Cyber Attack ◽

The Real ◽

Policy Responses ◽

Us Presidential Election

Accusations of Russian hacking in the 2016 US presidential election has raised the salience of cyber security among the American public. However, there are still a number of unanswered questions about the circumstances under which particular policy responses are warranted in response to a cyber-attack and the public’s attitudes about the conditions that justify this range of responses. This research investigates the attributes of a cyber-attack that affect public support for retaliation. It finds that cyber-attacks that produce American casualties dramatically increase support for retaliatory airstrikes compared to attacks with economic consequences. Assessments of attribution that have bipartisan support increase support to a lesser extent but for a broader range of retaliatory measures. The findings have important implications for ongoing debates about cyber security policy.

Download Full-text

Cyber War - Trends and Technologies

National security and the future ◽

10.37458/nstf.21.3.2 ◽

2021 ◽

Vol 21 (3) ◽

pp. 65-94

Author(s):

Darko Trifunović ◽

Zoran Bjelica

Keyword(s):

Cyber Security ◽

Soft Power ◽

Security Policy ◽

Security Level ◽

Cyber Warfare ◽

Cyber Attack ◽

Short Period ◽

Attack And Defense ◽

Cyber War

Cyberspace has become an indispensable part in which special operations such as cyber war or warfare take place. The role of special war as the use of so-called soft power was emphasized. The country's number of potential adversaries in cyber warfare is unlimited, making highly endangered aspects of cyber civilian infrastructure, which is essentially military readiness, including the mobilization of forces through the civilian sector, also a likely target. A special type of cyber war or warfare is hybrid warfare. This type of warfare is increasingly resorted to because it is extremely cheaper than the conventional method of warfare and at the same time brings exceptional results. The first thing that affects cyber security policy analysts comes with the issue of neutrality, as well as the huge variety of assessments about future attack and defense technologies. There is also a consideration that the new (problematic) cyber technology will be deployed in a short period of time, in time periods, in just a few days in terms of warnings. Second, is the trends in cyber-attack and defense technologies and who is following those processes. Third, decision making technology having in mind high-performance computers, technologies that are well known, although rapidly evolving, are increasingly seen as a basic means of managing cyber defense at the national military and security level, as well as a new weapon in the hands of opponents. Fourth, role of intelligence in planning future scenarios for defense against hybrid or any other cyber threat/s.

Download Full-text

An Approach to Governance of CyberSecurity in South Africa

Cyber Behavior ◽

10.4018/978-1-4666-5942-1.ch082 ◽

2014 ◽

pp. 1583-1597

Author(s):

Joey Jansen van Vuuren ◽

Louise Leenen ◽

Jackie Phahlamohlaka ◽

Jannie Zaaiman

Keyword(s):

South Africa ◽

South African ◽

Cyber Security ◽

Security Policy ◽

Critical Infrastructure ◽

Holistic Approach ◽

Governance Structure ◽

Policy Framework ◽

The Uk ◽

And Control

A government has the responsibility to provide, regulate and maintain national security, which includes human security for its citizens. Recent declarations from the UK and USA governments about setting up cybersecurity organisations and the appointment of cyber czars reflect a global recognition that the Internet is part of the national critical infrastructure that needs to be safeguarded and protected. Although the South African government approved a draft National Cyber Security Policy Framework in March 2012, the country still needs a national cybersecurity governance structure in order to effectively control and protect its cyber infrastructure. Whilst various structures have been established to deal with cybersecurity in South Africa, they are inadequate and implementation of the policy is still in the very early stages. Structures need to be in place to set the security controls and policies and also to govern their implementation. It is important to have a holistic approach to cybersecurity, with partnerships between business, government and civil society put in place to achieve this goal. This paper investigates different government organisational structures created for the control of national cybersecurity in selected countries of the world. The main contribution is a proposed approach that South Africa could follow in implementing its proposed cybersecurity policy framework, taking into account the challenges of legislation and control of cybersecurity in Africa, and in particular, in South Africa.

Download Full-text

Cybersecurity Policy Framework in Saudi Arabia: Literature Review

Frontiers in Computer Science ◽

10.3389/fcomp.2021.736874 ◽

2021 ◽

Vol 3 ◽

Author(s):

Nawaf Alhalafi ◽

Prakash Veeraraghavan

Keyword(s):

Saudi Arabia ◽

Cyber Security ◽

Smart City ◽

Security Policy ◽

Smart Cities ◽

New Technology ◽

Policy Framework ◽

Cyber Threats ◽

The Usa ◽

City Model

Saudi Arabia has a goal of ensuring that it has at least two cities among the top 100 smart cities of the future. However, increasing connectivity and incorporation of smart solutions in cities still raises concerns over cyber security with threats arising daily including denial of services and phishing as some of the most significant. Saudi Arabia, therefore, needs a cybersecurity policy framework that will ensure effective protection for all stakeholders in the smart city from these cyber threats. User acceptance is foremost important in any new technology, including smart-cities. Due to ongoing cyber threats and in the absence of an efficient cyber policies, Saudi end-user community is not keen to accept newer technologies where their interaction with online medium is required. The proliferation of smart cities globally affords the opportunity to analyze and compare the efforts made in Saudi Arabia with other nations like the USA, India and Singapore which is the premier smart city model in the globe currently. This review looks at the similarities and differences between KSA’s cyber security policy framework with these three nations. The review will note some of the defining characteristics and approaches to cyber security in the smart cities of USA, India, and Singapore. After reviewing the current framework in Saudi Arabia, this paper will make suggestions such as updating Saudi’s cybercrime legislation like in the US or formulating a master cyber security plan as seen in Singapore that will improve KSA’s framework creating the best framework model for cyber security in its smart cities.

Download Full-text

Attributed State Actors

Real-Time and Retrospective Analyses of Cyber Security - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-3979-8.ch004 ◽

2021 ◽

pp. 105-137

Keyword(s):

Cyber Security ◽

Cyber Attacks ◽

Cyber Attack ◽

Focus Attention ◽

Technical Aspects ◽

High Profile ◽

Government Institutions ◽

Nation States ◽

Constructive Evolution ◽

The Impact

Chapter 4 looks at the technical aspects and effects of some attributed and high-profile state-sponsored cyber-attacks that have been encountered through our interaction with the networked world. Coverage also includes a look at the approach of nation-states against commercial companies as well as government institutions to achieve various objectives. The author uses these scenarios to focus attention on the important pillars of cyber security that all have important interrelationships in safeguarding of data and information. Within the context of their implementation, a weakness or series of weaknesses within one or more pillars can be enough to facilitate a cyber-attack. These pillars are underpinned by important factors, and the impact of improper cyber security considerations can be directly and indirectly problematic to continued e-commerce and our constructive evolution of knowledge sharing across the internet.

Download Full-text

Estonia after the 2007 Cyber Attacks

International Journal of Cyber Warfare and Terrorism ◽

10.4018/ijcwt.2011010103 ◽

2011 ◽

Vol 1 (1) ◽

pp. 24-34 ◽

Cited By ~ 12

Author(s):

Christian Czosseck ◽

Rain Ottis ◽

Anna-Maria Talihärm

Keyword(s):

National Security ◽

Cyber Security ◽

Security Policy ◽

Legal Framework ◽

Cyber Attacks ◽

Lessons Learned ◽

Comprehensive Overview ◽

Nation States ◽

Information And Communication ◽

Developed Nations

At the time of the state-wide cyber attacks in 2007, Estonia was one of the most developed nations in Europe regarding the ubiquitous use of information and communication technology (ICT) in all aspects of society. Relaying on the Internet for conducting a range of business transactions is common practice. But naturally, the more a society depends on ICT, the more it becomes vulnerable to cyber attacks. Unlike other research on the Estonian incident, this paper does not focus on the analysis of the events themselves. Instead, the authors examine Estonia’s cyber security policy and subsequent changes made in response to the cyber attacks. As such, the authors provide a comprehensive overview of the strategic, legal, and organisational changes based on lessons learned by Estonia after the 2007 cyber attacks. The analysis is based on a review of national security governing strategies, changes in the Estonia’s legal framework, and organisations with direct impact on cyber security. The paper discusses six important lessons learned and manifested in actual changes: each followed by a set of cyber security policy recommendations appealing to national security analysts as well as nation states developing their own cyber security strategy.

Download Full-text

An Approach to Governance of CyberSecurity in South Africa

International Journal of Cyber Warfare and Terrorism ◽

10.4018/ijcwt.2012100102 ◽

2012 ◽

Vol 2 (4) ◽

pp. 13-27 ◽

Cited By ~ 4

Author(s):

Joey Jansen van Vuuren ◽

Louise Leenen ◽

Jackie Phahlamohlaka ◽

Jannie Zaaiman

Keyword(s):

South Africa ◽

Cyber Security ◽

Security Policy ◽

Critical Infrastructure ◽

Holistic Approach ◽

Governance Structure ◽

Policy Framework ◽

Security Controls ◽

The Uk ◽

And Control

A government has the responsibility to provide, regulate and maintain national security, which includes human security for its citizens. Recent declarations from the UK and USA governments about setting up cybersecurity organisations and the appointment of cyber czars reflect a global recognition that the Internet is part of the national critical infrastructure that needs to be safeguarded and protected. Although the South African government approved a draft National Cyber Security Policy Framework in March 2012, the country still needs a national cybersecurity governance structure in order to effectively control and protect its cyber infrastructure. Whilst various structures have been established to deal with cybersecurity in South Africa, they are inadequate and implementation of the policy is still in the very early stages. Structures need to be in place to set the security controls and policies and also to govern their implementation. It is important to have a holistic approach to cybersecurity, with partnerships between business, government and civil society put in place to achieve this goal. This paper investigates different government organisational structures created for the control of national cybersecurity in selected countries of the world. The main contribution is a proposed approach that South Africa could follow in implementing its proposed cybersecurity policy framework, taking into account the challenges of legislation and control of cybersecurity in Africa, and in particular, in South Africa.

Download Full-text

Renewable Energy in the East African Communitys and its Role in Sustainable Development

10.31132/2412-5717-2018-42-1-25-38 ◽

2018 ◽

pp. 25-38

Author(s):

Liudmila Kalinichenko

Keyword(s):

Sustainable Development ◽

Renewable Energy ◽

Rural Areas ◽

Security Policy ◽

Private Investment ◽

Policy Framework ◽

Solar Pv ◽

East African ◽

Geothermal Resources ◽

East African Community

The article analyses the role of renewable energy in the process of the development of the energy market of the East African Community (EAC) . The author underlines the necessity of finding solutions for such challenges as rising wood and charcoal prices, deforestation, lack of affordable and reliable electricity for a large number of consumers. The study reveals that nowadays the percentage of people with access to modern sources of energy is very low, varying from 7 % in Burundi to 36% in Kenya, although the EAC countries made significant progress in 2000s. Most people in rural areas rely on traditional biomass for cooking and heating, which leads to ecological and health problems. The author concludes that renewable energy development is considered by the Community as one of the prospective ways for providing energy to remote regions in view of abundant solar, wind and geothermal resources. Their strategy aims at the construction of micro and mini hydro stations, stand-alone solar PV systems and off-grids for rural population usage. The study shows that the investment in off-grid renewables has been steadily rising in recent times . Analyzing grid-connected power generation electricity, the author elicits that it is also based on renewable electricity, which accounts for 65% of the total amount. Kenya, with the highest installed capacity in this sector, is investing mainly in geothermal, solar and wind sources of energy, while the others are focusing on hydropower and solar. For the purpose of attracting private investment, the EAC partner states adopted different regulations, including Feed-in Tariff, zero-VAT and GET FIT Programme. The author assumes that renewable energy financing is one of the main challenges despite the support of different international financial institutions, such as the World Bank, UNIDO, AfDB and others. Nowadays energy efficiency measures are becoming important instruments for the EAC countries resulted in power savings. The other important trend is increasing cooperation among them due to their grid-connected power systems in the East African Power Pool. In this context, in November 2017, the EAC Partner States adopted Energy Security Policy Framework, in order to ensure the sustainable development of their energy sector.

Download Full-text