Top

Published in:

2022 | OriginalPaper | Chapter

Arms Control in the Cyber Domain: A European Approach to Mitigate Digital Threats

Author : Michael Zinkanell

Published in: Cybersecurity Policy in the EU and South Korea from Consultation to Action

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

While it has become evident that hostile acts of cyber aggression are increasing, policy makers still struggle to fully comprehend the interconnected nature and potential threats of the digital realm. Against this background, this chapter analyses EU cybersecurity strategies and mechanisms from an arms control perspective. Several decisive elements of European cyber arms control have been identified, limiting and regulating the militarisation of the digital environment through traditional and non-traditional means of arms control mechanisms. These include mainly the limitation of potentially harmful programmes by enforcing standards and regulations as well as the restriction of malicious behaviour and intent in the form of sanctions. The chapter finds that the EU has effectively developed and implemented these instruments to successfully mitigating digital threats in a preventive and proactive fashion, indicating aspects of arms control and non-proliferation. The chapter also provides an outlook into the field of artificial intelligence (AI), stressing that the EU is responsible for preventing the multifaceted risks and threats posed by AI.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Cyber Arms Control on the Korean Peninsula: Challenges and Opportunities with a View to North Korea’s Asymmetry Strategy

next chapter South Korea’s Cyber Defence and Digital Cooperation with the EU

Simon Kemp, “Digital 2021: Global Overview Report”, Datareportal, January 27, 2021, https://datareportal.com/reports/digital-2021-global-overview-report

Gilad David Maayan, “The IoT Rundown For 2020: Stats, Risks, and Solutions”, January 13, 2020, https://securitytoday.com/articles/2020/01/13/the-iot-rundown-for-2020.aspx

CEPS, “Strengthening the EU’s Cyber Defence Capabilities, Report of a CEPS Task Force”, Centre for European Policy Studies (CEPS) Brussels (2018):iv.

Javier Jordan, “International Competition Below the Threshold of War: Toward a Theory of Gray Zone Conflict.” Journal of Strategic Security 14, no. 1 (2020): 1-24.

Sun Tzu, The Art of War: Complete Text and Commentaries, trans. Thomas Cleary (Boston: Shambhala, 2003).

Lesley Seebeck, “Why the fifth domain is different “, Australian Strategic Policy Institute ASPI, September 5, 2019, https://www.aspistrategist.org.au/why-the-fifth-domain-is-different/

ENISA, “ENISA Threat Landscape for 5G Networks - Threat assessment for the fifth generation of mobile telecommunications networks (5G)”, European Union Agency for Cybersecurity (ENISA), (November 2019):4.

National Security Commission on Artificial Intelligence, “Final Report”, (2021):7 https://www.nscai.gov/wp-content/uploads/2021/03/Full-Report-Digital-1.pdf.

Herbert Lin, “The existential threat from cyber-enabled information warfare”, Bulletin of the Atomic Scientists”, 75(4), (June 2019): 187–196.

NATO Strategic Communications Centre of Excellence, “Hybrid Threats: 2007 cyber-attacks on Estonia”, May, 2017.

ENISA, 2020: „ENISA Threat Landscape 2020: Cyber Attacks Becoming More Sophisticated, Targeted, Widespread and Undetected“, October, 2020, https://www.enisa.europa.eu/news/enisa-news/enisa-threat-landscape-2020

European Union Institute for Security Studies (EUISS), “Guardian of the Galaxy EU cyber sanctions and norms in cyberspace”, Chaillot Paper 155, (October 2019):4.

Tania Lațici, “At a Glance – Cyber: How big is the threat?”, European Parliamentary Research Service, (July 2019):1

Daniel Schatz; Rabih Bashroush and Julie Wall, “Towards a More Representative Definition of Cyber Security”, Journal of Digital Forensics, Security and Law 12, no. 2, (2017):8.

Sven Herpig, “Anti-War and the Cyber Triangle. Strategic Implications of Cyber Operations and Cybersecurity for the State”, Hull University, January 2016, https://www.stiftung-nv.de/de/publikation/anti-war-and-cyber-triangle-strategic-implications-cyber-operations-and-cyber-security

European Commission, “Joint Communication to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions – Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace”, JOIN (2013) 1 final, February 7, 2013.

European Commission, “EU Cybersecurity plan to protect open internet and online freedom and opportunity”, Press Release, 7 February 2013, https://ec.europa.eu/commission/presscorner/detail/en/IP_13_94.

ENISA, “NIS Directive”, 2021, https://www.enisa.europa.eu/topics/nis-directive.

Official Journal of the European Union, “Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union”, OJ L 194, July 19, 2016.

Official Journal of the European Union, “Regulation (EU) 2019/881 of the European Parliament and the Council of 17 April 2019 on ENISA (the European Union Agency for Cybersecurity) and on information and communications technology cybersecurity certification and repealing Regulation (EU) No 526/2013 (Cybersecurity Act)”, L151/15, (June 2019):4.

European Commission, “The EU Cybersecurity Act”, 2021, https://digital-strategy.ec.europa.eu/en/policies/cybersecurity-act.

European Commission, “The EU cybersecurity certification framework”, 2021, https://digital-strategy.ec.europa.eu/en/policies/cybersecurity-certification-framework.

Council of the European Union, “Council Decision concerning restrictive measures against cyber-attacks threatening the Union or its Member States”, 7299/19, May 14, 2019.

Council of the European Union, “Draft Council Conclusions on a Framework for a Joint EU Diplomatic Response to Malicious Cyber Activities (“Cyber Diplomacy Toolbox”) – Adoption”, 9916/17, June 7, 2017.

Council of the European Union, “Council conclusions on malicious cyber activities – approval”, 7925/18, April 16, 2018.

Council of the European Union, “Council Decision concerning restrictive measures against cyber-attacks threatening the Union or its Member States”, 7299/19, (May 2019):4

Council of the European Union, “Council Decision concerning restrictive measures against cyber-attacks threatening the Union or its Member States”, 7299/19, May 14, 2019.

Council of the European Union, “Cyber-attacks: Council is now able to impose sanctions”, Press release, May 17, 2019, https://www.consilium.europa.eu/en/press/press-releases/2019/05/17/cyber-attacks-council-is-now-able-to-impose-sanctions/.

Council of the European Union, “Cyber-attacks: Council extends sanctions regime until 18 May 2025”, Press Release, Brussels, 16 May, 2022, https://www.consilium.europa.eu/en/press/press-releases/2022/05/16/cyber-attacks-council-extends-sanctions-regime-until-18-may-2025/.

Katriina Härmä and Tomáš Minárik,“European Union Equipping Itself against Cyber Attacks with the Help of Cyber Diplomacy Toolbox”, The NATO Cooperative Cyber Defence Centre of Excellence, June 19, 2017, https://ccdcoe.org/incyder-articles/european-union-equipping-itself-against-cyber-attacks-with-the-help-of-cyber-diplomacy-toolbox/.

European Commission, “Proposal for a Regulation of the European Parliament and of the Council Laying Down Harmonised Rules on Artificial Intelligence (Artificial Intelligence Act) and Amending Certain Union Legislative Acts”, (2021): 30.

Martin Hagström, “Military applications of machine learning and autonomous systems”, in The Impact of Artificial Intelligence on Strategic Stability and Nuclear Risk, Volume I Euro-Atlantic Perspectives, ed. Vincent Boulanin, May 2019.

Centre for European Policy Studies (CEPS), “Strengthening the EU’s Cyber Defence Capabilities, Report of a CEPS Task Force”, November 2018, Centre for European Policy Studies (CEPS) Brussels.

Council of the European Union, “Cyber-attacks: Council is now able to impose sanctions”, Press release, 17 May 2019a. https://www.consilium.europa.eu/en/press/press-releases/2019/05/17/cyber-attacks-council-is-now-able-to-impose-sanctions/.

Council of the European Union, “Draft Council Conclusions on a Framework for a Joint EU Diplomatic Response to Malicious Cyber Activities ("Cyber Diplomacy Toolbox") – Adoption”, 9916/17, Brussels, June 7, 2017a.

Council of the European Union. “Council conclusions on malicious cyber activities – approval”, 7925/18, Brussels, April 16, 2018.

Council of the European Union. “Council Decision concerning restrictive measures against cyber-attacks threatening the Union or its Member States”, 7299/19, Brussels, May 14, 2019b.

Council of the European Union. “Draft Council Conclusions on a Framework for a Joint EU Diplomatic Response to Malicious Cyber Activities ("Cyber Diplomacy Toolbox") – Adoption”, 9916/17, Brussels, June 7, 2017b.

European Union Agency for Cybersecurity (ENISA). “ENISA Threat Landscape for 5G Networks - Threat assessment for the fifth generation of mobile telecommunications networks (5G)”, European Union Agency for Cybersecurity (ENISA), November 2019, p. 4.

European Commission, “EU Cybersecurity Plan to Protect Open Internet and Online Freedom and Opportunity.” European Commission Press Corner, February 7, 2013a. European Commission. https://ec.europa.eu/commission/presscorner/detail/en/IP_13_94.

European Commission. “Joint Communication to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions – Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace”, JOIN (2013) 1 final, Brussels, (February 7, 2013b). https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A52013JC0001.

European Commission. “Proposal for a Regulation of the European Parliament and of the Council Laying Down Harmonised Rules on Artificial Intelligence (Artificial Intelligence Act) and Amending Certain Union Legislative Acts”, COM 206 final, Brussels, April 21, 2021a.

European Commission. “The EU Cybersecurity Act”, 2021b. https://digital-strategy.ec.europa.eu/en/policies/cybersecurity-act.

European Commission. “The EU cybersecurity certification framework”, 2021c. https://digital-strategy.ec.europa.eu/en/policies/cybersecurity-certification-framework.

European Union Agency for Cybersecurity (ENISA). “ENISA Threat Landscape 2020: Cyber Attacks Becoming More Sophisticated, Targeted, Widespread and Undetected”, (October 2020), https://www.enisa.europa.eu/news/enisa-news/enisa-threat-landscape-2020.

European Union Agency for Cybersecurity (ENISA). “NIS Directive”, 2021. https://www.enisa.europa.eu/topics/nis-directive.

European Union Institute for Security Studies (EUISS). “Guardian of the Galaxy EU cyber sanctions and norms in cyberspace.” Chaillot Paper 155 (October 2019).

Hagström, Martin. “Military applications of machine learning and autonomous systems”. In The Impact of Artificial Intelligence on Strategic Stability and Nuclear Risk, edited by Vincent Boulanin, Volume I Euro-Atlantic Perspectives, Stockholm International Peace Research Institute, May 2019.

Härmä, Katriina, and Tomáš Minárik. “European Union Equipping Itself against Cyber Attacks with the Help of Cyber Diplomacy Toolbox”, The NATO Cooperative Cyber Defence Centre of Excellence, https://ccdcoe.org/incyder-articles/european-union-equipping-itself-against-cyber-attacks-with-the-help-of-cyber-diplomacy-toolbox/.

Herpig, Sven. “Anti-War and the Cyber Triangle. Strategic Implications of Cyber Operations and Cybersecurity for the State”, Hull University (January 2016). https://www.stiftung-nv.de/de/publikation/anti-war-and-cyber-triangle-strategic-implications-cyber-operations-and-cyber-security.

Jordan, Javier. "International Competition Below the Threshold of War: Toward a Theory of Gray Zone Conflict." Journal of Strategic Security 14, no. 1 (2020): 1-24.CrossRef

Kemp, Simon, “Digital 2021: Global Overview Report”, DATAREPORTAL, 27 January, 2021. https://datareportal.com/reports/digital-2021-global-overview-report.

Lațici, Tania. “At a Glance – Cyber: How big is the threat?” EPRS | European Parliamentary Research Service, (July 2019).

Lin, Herbert. “The existential threat from cyber-enabled information warfare.” Bulletin of the Atomic Scientists 75, no. 4, (2019): 187–196.CrossRef

Maayan, Gilad David, “The IoT Rundown For 2020: Stats, Risks, and Solutions”, Security Today, 2020. https://securitytoday.com/articles/2020/01/13/the-iot-rundown-for-2020.aspx

National Security Commission on Artificial Intelligence, “Final Report” (2021): p. 7. https://www.nscai.gov/wp-content/uploads/2021/03/Full-Report-Digital-1.pdf.

NATO Strategic Communications Centre of Excellence, 2019: “Hybrid Threats: 2007 cyber attacks on Estonia” in Aday, Sean, and Māris Andžāns, Una Aleksandra Bērziņa Čerenkova, Francesca Granelli, John-Paul Gravelines, Mils Hills, Miranda Holmstrom, Adam Klus, Irene Martinez-Sanchez, Mariita Mattiisen, Holger Molder, Yeganeh Morakabati, James Pamment, Aurel Sari, Vladimir Sazonov, Gregory Simons, andJonathen Terra, “Hybrid Threats. A Strategic Communications Perspective”, (2019).

Official Journal of the European Union. “Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union”, OJ L 194, (July 19, 2016). https://eur-lex.europa.eu/eli/dir/2016/1148/oj.

Official Journal of the European Union. “Regulation (EU) 2019/881 of the European Parliament and the Council of 17 April 2019 on ENISA (the European Union Agency for Cybersecurity) and on information and communications technology cybersecurity certification and repealing Regulation (EU) No 526/2013 (Cybersecurity Act)”, L151/15, (June 7, 2019). https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2019.151.01.0015.01.ENG.

Schatz, Daniel, Rabih Bashroush, and Julie Wall. “Towards a More Representative Definition of Cyber Security”, Journal of Digital Forensics, Security and Law 12, no. 2, Article 8, (2017).

Seebeck, Lesley. “Why the fifth domain is different.” Australian Strategic Policy Institute ASPI, (2019). https://www.aspistrategist.org.au/why-the-fifth-domain-is-different/.

Sun Tzu, The Art of War: Complete Text and Commentaries, trans. Thomas Cleary (Shambhala, 2003).

Title: Arms Control in the Cyber Domain: A European Approach to Mitigate Digital Threats
Author: Michael Zinkanell
Publisher: Springer International Publishing
Book: Cybersecurity Policy in the EU and South Korea from Consultation to Action
Print ISBN: 978-3-031-08383-9

Electronic ISBN: 978-3-031-08384-6

Copyright Year: 2022
DOI: https://doi.org/10.1007/978-3-031-08384-6_7

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"