Council of the European Union Rue de la Loi/Wetstraat 175 - B-1048 Bruxelles/Brussel - Belgique/België Tel. +32 (0)2 281 65 25 Follow us http://www.consilium.europa.eu/en/library-blog/ - #EUCOlibrary 1/18 Council of the European Union General Secretariat READING REFERENCES 2020 Council Library An introduction to Cybersecurity
18
Embed
An introduction to Cybersecurity - Europa...comprehensive guide to getting started in cybersecurity Erdal Ozkaya Birmingham : Packt , 2019 Request via Eureka "This book explores the
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 118
Council of the European Union General Secretariat
READING REFERENCES 2020
Council Library
An introduction to Cybersecurity
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 218
Introduction
Cybersecurity is becoming a more crucial topic in both policy making and the every-day life of EU
citizens
With October being the European Cyber Security Month the Council Library has compiled a
reading list relating to personal cybersecurity as well as the importance of a strong national and
international cybersecurity infrastructure It contains numerous books and articles that you can
access via Eureka
European Cybersecurity Month (ECSM) is the European Unionrsquos annual campaign dedicated to
promoting cybersecurity among EU citizens and organisations and to providing up-to-date online
security information through awareness raising and sharing of good practices
The Cyber Security policy page on the Eureopean Commissions website also contains many
useful resources
Reading list compiled by the Council Libraries
Please note
This bibliography is not exhaustive it provides a selection of resources made by the Council
Library Most of the titles are hyperlinked to Eureka the resource discovery service of the
Council Library where you can find additional materials on the subject Access to some resources
might be limited to registered Council Library users or to users in subscribing institutions
The contents are the sole responsibility of their authors Resources linked from this bibliography do
not necessarily represent the positions policies or opinions of the Council of the European Union
or the European Council Reuse of the covers is prohibited they belong to the respective
copyrightholders
The Council Libraries cooperate with the Learning Centres of the European Commission
along with other Belgian and international libraries and can borrow material from them
If you are interested in any of these references please submit your request to the Council
Library The books can be delivered to your office Click on Request interlibrary loan via
Eureka hyperlink and fill in the form or contact Libraryconsiliumeuropaeu
Additional resources may be added to this list by request - please contact the Council Library to
suggest a title libraryconsiliumeuropaeu
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 318
BOOKS
The books marked Request once signed into Eureka are not yet owned by the Council Library
Once signed into Eureka you can request the Council Library to purchase them or borrow them via inter-library loan
Cybersecurity the beginners guide a comprehensive guide to getting started in cybersecurity
Erdal Ozkaya
Birmingham Packt 2019
Request via Eureka
This book explores the need for cyber security and
what individuals can do to fill the cybersecurity talent
gap Additionally it also looks at security domain
changes and how artificial intelligence and machine
learning are helping to secure systems It examines the
skills and tools that everyone who wants to work as
security personal need to be aware of as well as how to
think like an attacker and explore some advanced
security methodologies
Cyber smart five habits to protect your family money and identity from cyber criminals
Bart McDonough
Indianapolis IN Wiley 2019
Request via Eureka
In Cyber Smart author Bart McDonough uses his
extensive cybersecurity experience speaking at
conferences for the FBI major financial institutions and
other clients to answer the most common question he
hears How can I protect myself at home on a personal
level away from the office
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 418
The ethics of cybersecurity
Markus Christen Bert Gordijn Michele Loi
Cham Springer 2020
Request via Eureka
This open access book provides the first
comprehensive collection of papers that provide an
integrative view on cybersecurity It discusses theories
problems and solutions on the relevant ethical issues
involved This work is sorely needed in a world where
cybersecurity has become indispensable to protect trust
and confidence in the digital infrastructure whilst
respecting fundamental values like equality fairness
freedom or privacy The book has a strong practical
focus as it includes case studies outlining ethical issues
in cybersecurity and presenting guidelines and other
measures to tackle those issues It is thus not only
relevant for academics but also for practitioners in
cybersecurity
Cybersecurity
Alex Blau et al
Boston Massachusetts Harvard Business Review
Press 2019
Request via Eureka No data is completely safe Cyberattacks on companies
and individuals are on the rise and growing not only in
number but also in ferocity And while you may think
your company has taken all the precautionary steps to
prevent an attack no individual company or country is
safe Cybersecurity can no longer be left exclusively to
IT specialists Improving and increasing data security
practices and identifying suspicious activity is
everyones responsibility from the boardroom to the
break room Cybersecurity The Insights You Need from
Harvard Business Review brings you todays most
essential thinking on cybersecurity
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 518
Cyber security and policy a substantive dialogue
Andrew Colarik editor Julian Jang-Jaccard editor
Anuradha Mathrani editor Auckland New Zealand Massey University Press 2017
Request via via Eureka
ldquoThis book discusses cyber security and cyber policy in
an effort to improve the use and acceptance of security
services It argues that a substantive dialogue around
cyberspace cyber security and cyber policy is critical to
a better understanding of the serious security issues we
face
Digital privacy and security using Windows a practical guide
systems security and network security among others
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1118
Cybersecurity in the European digital single market
European Commission Directorate-General for
Research and Innovation Brussels European Commission 2017
Available Council Library Main Collection 104480
The internet has revolutionised our social and
economic lives However online transactions and our
trust in them are threatened by cybercrime
Cybersecurity protects us and our data from these
threats This scientific opinion provides guidance on how
to enhance cybersecurity in the context of the European
Digital Single Market Its recommendations informed the
EU cybersecurity act
ABSTRACTS
Cybersecurity and cyberwar what everyone needs to know PW Singer and Allan Friedman Oxford UP 2014 Online access
PW Singer and Allan Friedman of the Brookings Institution reveal the mysteries of botnets and shed light on the murky areas of cyberwar and clandestine military operations
Dark territory the secret history of cyber war Fred Kaplan Simon amp Schuster 2016 Online access
Much of the work of national security agencies and private or hired-gun hackers occurs in secret and some of it involves cyberwarfare a realm of constantly changing esoteric technology When events come to light they provoke considerable denial and conflicting narratives This makes Pulitzer Prize-winning reporter Fred Kaplanrsquos lucid history of US involvement in cyberwarfare all the more impressive In this useful look at a complicated subject he explains cyberwarrsquos main participants and events and he clarifies the politics and technologies involved getAbstract recommends his welcome precision and strong moral sense to anyone interested in global politics civil liberties in cyberspace history or the intersection of technology and society
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1218
ARTICLES
The COVID-19 Hackers Mind-set White Paper of the ECHO Network of cybersecurity centres European Network of Cybersecurity Centres (ECHO) White Paper 1 April 8 2020 Online access
Monitoring the cybersecurity landscape and the increase of COVID-19 related cybercrimes reporting by cyber experts and law enforcement agencies worldwide the ECHO network of cybersecurity centres (ECHO) has joined forces to establish its COVID-19 Cyber Defence Alliance Its aim is to support all initiatives that aim at protecting the EU Member States key services and critical infrastructure from cyber attacks
How organisations can ramp up their cybersecurity efforts right now Brenda R Sharton Harvard Business Review May 01 2020 Online access
Prior to Covid-19 most companies perceived their worst-case cybersecurity scenario as a computer virus that would shut down company computer systems In fact just the opposite happened a human virus has forced virtually entire workforces online making companies more reliant than ever on their systems The stakes of protecting those systems from a cyberattack could not be higher In the words of the old American Express commercial ldquoWhat will you do What will you dordquoOnce a cyberattack occurs companies largely are on their own They have to scramble to counteract the attack and ensure that the threat actor is out of the system They then may have to navigate industry regulators while also trying to steer clear of the dreaded post-breach class action suit What is a company to do
Will Coronavirus lead to more cyber attacks by Brenda R Sharton Harvard Business Review March 16 2020 Online access
While the world is focused on the systemic threat posed by Covid-19 cybercriminals around the world undoubtedly are poised to capitalize on the crisis by launching a different kind of ldquovirusrdquo More and more employees are working remotely by the day and companies may eventually face the prospect of functioning with little to no personnel on-site or skeleton crews in IT and other important support functionsAgainst this backdrop both employers and employees need to take the utmost care to protect themselves as well as confidential company information Here are some things for employers and employees to keep in mind to minimize the risk
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1318
How to think about cybersecurity in the era of COVID-19 Sara Brown MIT Management August 20 2020 Online access
Cyber incidents are consistently ranked at the top of business concerns and itrsquos easy to see why According to one estimate the global cost of cybercrime will rise to $6 trillion a year by the end of 2021 And this was before the COVID-19 pandemic disrupted businesses worldwide and offered new opportunities for hackers and bad actors Working from home may change a lot of employee behavior but relaxed security standards shouldnrsquot be one of them Here is the expertsrsquo top advice for cybersecurity leaders during the pandemic and beyond
Espionnage attaques subversives et cyber seacutecuriteacute de lrsquoimpact des actions de laquo social engineering raquo et des vulneacuterabiliteacutes humaines sur la seacutecuriteacute globale des entreprises DeCloquement Franck Club des Directeurs de Seacutecuriteacute des Entreprises Seacutecuriteacute et strateacutegie 2016 Vol22 (2) p21-29 Online access
La manipulation apparue en mecircme temps que lecirctre humain comme son corollaire naturel est devenue un outil priseacute des acteurs de la cybercriminaliteacute Les techniques dingeacutenierie sociale mises au service de la captation des donneacutees informatiques frappent deacutesormais lensemble des entreprises autant que les particuliers Dans cet article Franck DeCloquement enseignant agrave lIRIS et speacutecialiste en intelligence strateacutegique pour le groupe KER-MEUR livre des eacuteleacutements de compreacutehension et dintelligence agrave ce sujet en mettant laccent sur la centraliteacute de la dimension humaine beaucoup plus que sur les failles techniques permettant aux cybercriminels de commettre leurs forfaits LHomme doit ecirctre placeacute au centre de toute politique de protection des donneacutees rappelle lauteur suivant un des principes fondateurs du philosophe chinois Sun Tzu dans son ceacutelegravebre Art de la guerre laquo Connais ton ennemi et connais-toi toi-mecircme eussiez-vous cent guerres agrave soutenir cent fois vous serez victorieux
There is a growing recognition that technical cyber security measures do not exist in a vacuum and need to operate in harmony with people This has led to a plethora of academic research that seeks to address the role of the human in cybersecurity It is against this backdrop that ENISA has conducted four evidence-based reviews of human aspects of cybersecurity two based on the use (and effectiveness) of models from social science one on qualitative studies and one on current practise within organisations These reviews are published online as a technical annex Across all four reviews ENISA
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1418
found a relatively small number of models none of which were a particularly good fit for understanding predicting or changing cyber-security behaviour Many ignored the context in which much cybersecurity behaviour occurs (ie the workplace) and the constraints and other demands on peoplersquos time and resources that it causes
8 non-technical ways to improve your companyrsquos cybersecurity Sara Brown MIT Management January 29 2020 Online access
Cyberattacks are a growing threat facing businesses major cities and political campaigns Cyber risk ranked as the top business concern for 2020 according to a recent survey of more than 2700 global business leaders and security experts Cybersecurity solutions arenrsquot always complicated From planning ahead to simple fixes herersquos what you should be doing right now
Does your board really understand your cyber risks Daniel Dobrygowski and Derek Vadala Harvard Business Review 01 September 2020 Online access
Over the past decade business leaders have had to face an uncomfortable truth Itrsquos become impossible to sit at the head of a company and not address the threat of cyber risk Cyber attacks are increasingly pervasive and can present near existential threats to companies and boards of directors and CEOs need ways to evaluate them even if they canrsquot grasp the technical details This has led to an explosion in the demand for cyber-risk measurements both inside companies and among external stakeholders Becoming literate in cyber risk doesnrsquot mean that all executives need to become technical experts What it does mean is that they need to be able to establish their companyrsquos tolerance for cyber risk define the outcomes that are most important in guiding cybersecurity investment and be able to foster a culture of cybersecurity and resilience
Constructing norms for global cybersecurity Martha Finnemore Duncan B Hollis New York USA Cambridge University Press The American journal of international law 2016-07 Vol110 (3) p425-479 Online access
On February 16 2016 a US court ordered Apple to circumvent the security features of an iPhone 5C used by one of the terrorists who committed the San Bernardino shootings Apple refused It argued that breaking encryption for one phone could not be done without undermining the security of encryption more generally It made a public appeal for ldquoeveryone to step back and consider the implicationsrdquo of having a ldquoback doorrdquo key to unlock any phonemdashwhich governments (and others) could deploy to track users or access their data The US government eventually withdrew its suit after the FBI hired an outside party to access the phone But the incident sparked a wide-ranging debate over the appropriate standards of behavior for companies like Apple and for their customers in constructing and using information and communication technologies (ICTs) That debate
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1518
in turn is part of a much larger conversation Essential as the Internet is ldquorules of the roadrdquo for cyberspace are often unclear and have become the focus of serious conflicts
Sizing up your cyberrisks Thomas J Parenty and Jack J Domet Harvard Business Review November-December 2019 Online access
When cybersecurity efforts address only technology the result is company leaders who are poorly informed and organizations that are poorly protected Discussions of cyberthreats end up being filled with specialized tech jargon and senior executives canrsquot participate meaningfully in them The responsibility for addressing risks then gets relegated entirely to cybersecurity and IT staff whose attention falls mainly on corporate computer systems The outcome tends to be a long ill-prioritized list of mitigation tasks Since no company has the resources to fix every cybersecurity problem important threats can go unaddressed A more fruitful approach is to adopt the view that cybersecurity should focus more on threatsrsquo potential impact on a businessrsquos activities That adjustment might seem minor but when leaders start with crucial activities they can better prioritize the development of cyberdefenses
What countries and companies can do when trade and cybersecurity overlap
Stuart Madnick Simon Johnson and Keman Huang Harvard Business Review January 4 2019 Online Access
Since it is not feasible to thoroughly examine the software firmware and hardware of every single product what should countries and companies do to prevent cyber intrusions Countries and companies need to consider their options At present there is no framework for understanding and categorizing the cybersecurity concerns involved in trade Without a clear understanding governments may implement policies that result in cyber conflicts while businesses will struggle to keep up with how cybersecurity concerns and restrictions are evolving We have developed a framework to systematically organize these cases basing it on our in-depth interviews with domain expe
The EU as a coherent (Cyber)security actor Helena Carrapico Andreacute Barrinha Journal of common market studies 2017-11 Vol55 (6) p1254-1272 Online Access
The last three decades have seen the development of the European Union (EU) as a security actor The transnational character of the security threats and the challenges identified by the EU have led to progressive integration between internal and external security concerns These concerns have often led to calls for greater coherence within EU security policies The literature however indicates that this need for coherence has so far not been systematically operationalized leading to a fragmented security field This article has two main aims To devise a framework for the analysis of the EUs coherence as a security actor and to apply it to the cybersecurity field By focusing on
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1618
EU cybersecurity policy this article will explore whether the EU can be considered a coherent actor in this field or whether this policy is being implemented according to different and unco‐ordinated rationales
Cyber security in the Internet of Things
Christopher J Rezendes and W David Stephenson Harvard Business Review June 21 2013 Online Access
Every enterprise will be affected by the Internet of Things (IoT) the growing phenomenon by which not only people but also ldquothingsrdquo mdash vehicles commercial and industrial equipment medical devices remote sensors in natural environments mdash are linked to networks that are connected to the internet Expect the impact on your business to be profound In particular expect it to challenge your conception of cybersecurity and your ability to deliver it in IoT-enabled digital networks your commercial operations and your partner ecosystems Paradoxically the very principle that makes the IoT so powerful mdash the potential to share data instantly with everyone and everything (every authorized entity that is) mdash creates a huge cybersecurity threat
TED TALKS
The humanity behind cybersecurity attacks
Mark Burnette
TEDX Nashvile 2019
Online access Companies spend millions of dollars every year to
protect their private data from cyberattack However
ordinary people can undermine all their hard work with
one mistake - and we often do Most successful security
breaches happen not because of sophisticated attacks
but due to human failures In this engaging talk one of
Americarsquos foremost cybersecurity experts will explore the
three human characteristics that hackers abuse to
conduct cyberattacks
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1718
Your human firewall ndash the answer to the cyber security problem Rob May TEDxWoking 2017 Online access Personal data is a precious commodity but sometimes
we can share too much Rob thinks we need to develop
our human firewall in an age where some much of our
lives is online
I cyber security Tom Hofmann TEDxZuriberg July 2018 Online access Tom talks about why (cyber) security doesnt become
more efficient and effective as technology progresses
and how human-centered innovation can be leveraged to
achieve a joint optimization of complex social and
technical systems
PODCASTS
Security Now Steve Gibson Leo Laporte Online access Security Now is a weekly podcast featuring Steve
Gibson and Leo Laporte who spend nearly two
hours discussing vital security concerns ranging
from news to long-standing issues concerns and
solutions Security Now focuses on personal
security offering valuable insights to help their
audience overcome common challenges and ramp
up their personal security
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1818
Cybersecurity Kerckhoffs principle amp why attack is the best form of defence Kerckhoffs Principle amp Why Attack Is the Best Form of Defence Euromoney 2018
Online access Cybersecurity is of paramount importance for
corporations as cybercriminals continue to become
more and more sophisticated Villains hack their way
into business computer systems including customer
records This lively podcast from Euromoneyrsquos
series Treasury and Turbulence informs executives
about the security practice of ldquoradical
transparencyrdquo
Security Weekly Paul Asadoorian Online access Security Weekly covers IT security news
vulnerabilities hacking research and related topics
of interest for the IT community by serving as a
security podcast network Their goal is to reach a
wide global audience to share insights and
information that help them learn grow and become
savvy IT professionals
This selection of resources was compiled by the Library of the General Secretariat
of the Council of the European Union for information only The contents are the sole
responsibility of their authors Books linked from this review do not represent the
positions policies or opinions of the Council of the European Union or the
European Council Reuse of the covers is prohibited they belong to the respective
copyright holders
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 218
Introduction
Cybersecurity is becoming a more crucial topic in both policy making and the every-day life of EU
citizens
With October being the European Cyber Security Month the Council Library has compiled a
reading list relating to personal cybersecurity as well as the importance of a strong national and
international cybersecurity infrastructure It contains numerous books and articles that you can
access via Eureka
European Cybersecurity Month (ECSM) is the European Unionrsquos annual campaign dedicated to
promoting cybersecurity among EU citizens and organisations and to providing up-to-date online
security information through awareness raising and sharing of good practices
The Cyber Security policy page on the Eureopean Commissions website also contains many
useful resources
Reading list compiled by the Council Libraries
Please note
This bibliography is not exhaustive it provides a selection of resources made by the Council
Library Most of the titles are hyperlinked to Eureka the resource discovery service of the
Council Library where you can find additional materials on the subject Access to some resources
might be limited to registered Council Library users or to users in subscribing institutions
The contents are the sole responsibility of their authors Resources linked from this bibliography do
not necessarily represent the positions policies or opinions of the Council of the European Union
or the European Council Reuse of the covers is prohibited they belong to the respective
copyrightholders
The Council Libraries cooperate with the Learning Centres of the European Commission
along with other Belgian and international libraries and can borrow material from them
If you are interested in any of these references please submit your request to the Council
Library The books can be delivered to your office Click on Request interlibrary loan via
Eureka hyperlink and fill in the form or contact Libraryconsiliumeuropaeu
Additional resources may be added to this list by request - please contact the Council Library to
suggest a title libraryconsiliumeuropaeu
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 318
BOOKS
The books marked Request once signed into Eureka are not yet owned by the Council Library
Once signed into Eureka you can request the Council Library to purchase them or borrow them via inter-library loan
Cybersecurity the beginners guide a comprehensive guide to getting started in cybersecurity
Erdal Ozkaya
Birmingham Packt 2019
Request via Eureka
This book explores the need for cyber security and
what individuals can do to fill the cybersecurity talent
gap Additionally it also looks at security domain
changes and how artificial intelligence and machine
learning are helping to secure systems It examines the
skills and tools that everyone who wants to work as
security personal need to be aware of as well as how to
think like an attacker and explore some advanced
security methodologies
Cyber smart five habits to protect your family money and identity from cyber criminals
Bart McDonough
Indianapolis IN Wiley 2019
Request via Eureka
In Cyber Smart author Bart McDonough uses his
extensive cybersecurity experience speaking at
conferences for the FBI major financial institutions and
other clients to answer the most common question he
hears How can I protect myself at home on a personal
level away from the office
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 418
The ethics of cybersecurity
Markus Christen Bert Gordijn Michele Loi
Cham Springer 2020
Request via Eureka
This open access book provides the first
comprehensive collection of papers that provide an
integrative view on cybersecurity It discusses theories
problems and solutions on the relevant ethical issues
involved This work is sorely needed in a world where
cybersecurity has become indispensable to protect trust
and confidence in the digital infrastructure whilst
respecting fundamental values like equality fairness
freedom or privacy The book has a strong practical
focus as it includes case studies outlining ethical issues
in cybersecurity and presenting guidelines and other
measures to tackle those issues It is thus not only
relevant for academics but also for practitioners in
cybersecurity
Cybersecurity
Alex Blau et al
Boston Massachusetts Harvard Business Review
Press 2019
Request via Eureka No data is completely safe Cyberattacks on companies
and individuals are on the rise and growing not only in
number but also in ferocity And while you may think
your company has taken all the precautionary steps to
prevent an attack no individual company or country is
safe Cybersecurity can no longer be left exclusively to
IT specialists Improving and increasing data security
practices and identifying suspicious activity is
everyones responsibility from the boardroom to the
break room Cybersecurity The Insights You Need from
Harvard Business Review brings you todays most
essential thinking on cybersecurity
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 518
Cyber security and policy a substantive dialogue
Andrew Colarik editor Julian Jang-Jaccard editor
Anuradha Mathrani editor Auckland New Zealand Massey University Press 2017
Request via via Eureka
ldquoThis book discusses cyber security and cyber policy in
an effort to improve the use and acceptance of security
services It argues that a substantive dialogue around
cyberspace cyber security and cyber policy is critical to
a better understanding of the serious security issues we
face
Digital privacy and security using Windows a practical guide
systems security and network security among others
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1118
Cybersecurity in the European digital single market
European Commission Directorate-General for
Research and Innovation Brussels European Commission 2017
Available Council Library Main Collection 104480
The internet has revolutionised our social and
economic lives However online transactions and our
trust in them are threatened by cybercrime
Cybersecurity protects us and our data from these
threats This scientific opinion provides guidance on how
to enhance cybersecurity in the context of the European
Digital Single Market Its recommendations informed the
EU cybersecurity act
ABSTRACTS
Cybersecurity and cyberwar what everyone needs to know PW Singer and Allan Friedman Oxford UP 2014 Online access
PW Singer and Allan Friedman of the Brookings Institution reveal the mysteries of botnets and shed light on the murky areas of cyberwar and clandestine military operations
Dark territory the secret history of cyber war Fred Kaplan Simon amp Schuster 2016 Online access
Much of the work of national security agencies and private or hired-gun hackers occurs in secret and some of it involves cyberwarfare a realm of constantly changing esoteric technology When events come to light they provoke considerable denial and conflicting narratives This makes Pulitzer Prize-winning reporter Fred Kaplanrsquos lucid history of US involvement in cyberwarfare all the more impressive In this useful look at a complicated subject he explains cyberwarrsquos main participants and events and he clarifies the politics and technologies involved getAbstract recommends his welcome precision and strong moral sense to anyone interested in global politics civil liberties in cyberspace history or the intersection of technology and society
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1218
ARTICLES
The COVID-19 Hackers Mind-set White Paper of the ECHO Network of cybersecurity centres European Network of Cybersecurity Centres (ECHO) White Paper 1 April 8 2020 Online access
Monitoring the cybersecurity landscape and the increase of COVID-19 related cybercrimes reporting by cyber experts and law enforcement agencies worldwide the ECHO network of cybersecurity centres (ECHO) has joined forces to establish its COVID-19 Cyber Defence Alliance Its aim is to support all initiatives that aim at protecting the EU Member States key services and critical infrastructure from cyber attacks
How organisations can ramp up their cybersecurity efforts right now Brenda R Sharton Harvard Business Review May 01 2020 Online access
Prior to Covid-19 most companies perceived their worst-case cybersecurity scenario as a computer virus that would shut down company computer systems In fact just the opposite happened a human virus has forced virtually entire workforces online making companies more reliant than ever on their systems The stakes of protecting those systems from a cyberattack could not be higher In the words of the old American Express commercial ldquoWhat will you do What will you dordquoOnce a cyberattack occurs companies largely are on their own They have to scramble to counteract the attack and ensure that the threat actor is out of the system They then may have to navigate industry regulators while also trying to steer clear of the dreaded post-breach class action suit What is a company to do
Will Coronavirus lead to more cyber attacks by Brenda R Sharton Harvard Business Review March 16 2020 Online access
While the world is focused on the systemic threat posed by Covid-19 cybercriminals around the world undoubtedly are poised to capitalize on the crisis by launching a different kind of ldquovirusrdquo More and more employees are working remotely by the day and companies may eventually face the prospect of functioning with little to no personnel on-site or skeleton crews in IT and other important support functionsAgainst this backdrop both employers and employees need to take the utmost care to protect themselves as well as confidential company information Here are some things for employers and employees to keep in mind to minimize the risk
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1318
How to think about cybersecurity in the era of COVID-19 Sara Brown MIT Management August 20 2020 Online access
Cyber incidents are consistently ranked at the top of business concerns and itrsquos easy to see why According to one estimate the global cost of cybercrime will rise to $6 trillion a year by the end of 2021 And this was before the COVID-19 pandemic disrupted businesses worldwide and offered new opportunities for hackers and bad actors Working from home may change a lot of employee behavior but relaxed security standards shouldnrsquot be one of them Here is the expertsrsquo top advice for cybersecurity leaders during the pandemic and beyond
Espionnage attaques subversives et cyber seacutecuriteacute de lrsquoimpact des actions de laquo social engineering raquo et des vulneacuterabiliteacutes humaines sur la seacutecuriteacute globale des entreprises DeCloquement Franck Club des Directeurs de Seacutecuriteacute des Entreprises Seacutecuriteacute et strateacutegie 2016 Vol22 (2) p21-29 Online access
La manipulation apparue en mecircme temps que lecirctre humain comme son corollaire naturel est devenue un outil priseacute des acteurs de la cybercriminaliteacute Les techniques dingeacutenierie sociale mises au service de la captation des donneacutees informatiques frappent deacutesormais lensemble des entreprises autant que les particuliers Dans cet article Franck DeCloquement enseignant agrave lIRIS et speacutecialiste en intelligence strateacutegique pour le groupe KER-MEUR livre des eacuteleacutements de compreacutehension et dintelligence agrave ce sujet en mettant laccent sur la centraliteacute de la dimension humaine beaucoup plus que sur les failles techniques permettant aux cybercriminels de commettre leurs forfaits LHomme doit ecirctre placeacute au centre de toute politique de protection des donneacutees rappelle lauteur suivant un des principes fondateurs du philosophe chinois Sun Tzu dans son ceacutelegravebre Art de la guerre laquo Connais ton ennemi et connais-toi toi-mecircme eussiez-vous cent guerres agrave soutenir cent fois vous serez victorieux
There is a growing recognition that technical cyber security measures do not exist in a vacuum and need to operate in harmony with people This has led to a plethora of academic research that seeks to address the role of the human in cybersecurity It is against this backdrop that ENISA has conducted four evidence-based reviews of human aspects of cybersecurity two based on the use (and effectiveness) of models from social science one on qualitative studies and one on current practise within organisations These reviews are published online as a technical annex Across all four reviews ENISA
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1418
found a relatively small number of models none of which were a particularly good fit for understanding predicting or changing cyber-security behaviour Many ignored the context in which much cybersecurity behaviour occurs (ie the workplace) and the constraints and other demands on peoplersquos time and resources that it causes
8 non-technical ways to improve your companyrsquos cybersecurity Sara Brown MIT Management January 29 2020 Online access
Cyberattacks are a growing threat facing businesses major cities and political campaigns Cyber risk ranked as the top business concern for 2020 according to a recent survey of more than 2700 global business leaders and security experts Cybersecurity solutions arenrsquot always complicated From planning ahead to simple fixes herersquos what you should be doing right now
Does your board really understand your cyber risks Daniel Dobrygowski and Derek Vadala Harvard Business Review 01 September 2020 Online access
Over the past decade business leaders have had to face an uncomfortable truth Itrsquos become impossible to sit at the head of a company and not address the threat of cyber risk Cyber attacks are increasingly pervasive and can present near existential threats to companies and boards of directors and CEOs need ways to evaluate them even if they canrsquot grasp the technical details This has led to an explosion in the demand for cyber-risk measurements both inside companies and among external stakeholders Becoming literate in cyber risk doesnrsquot mean that all executives need to become technical experts What it does mean is that they need to be able to establish their companyrsquos tolerance for cyber risk define the outcomes that are most important in guiding cybersecurity investment and be able to foster a culture of cybersecurity and resilience
Constructing norms for global cybersecurity Martha Finnemore Duncan B Hollis New York USA Cambridge University Press The American journal of international law 2016-07 Vol110 (3) p425-479 Online access
On February 16 2016 a US court ordered Apple to circumvent the security features of an iPhone 5C used by one of the terrorists who committed the San Bernardino shootings Apple refused It argued that breaking encryption for one phone could not be done without undermining the security of encryption more generally It made a public appeal for ldquoeveryone to step back and consider the implicationsrdquo of having a ldquoback doorrdquo key to unlock any phonemdashwhich governments (and others) could deploy to track users or access their data The US government eventually withdrew its suit after the FBI hired an outside party to access the phone But the incident sparked a wide-ranging debate over the appropriate standards of behavior for companies like Apple and for their customers in constructing and using information and communication technologies (ICTs) That debate
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1518
in turn is part of a much larger conversation Essential as the Internet is ldquorules of the roadrdquo for cyberspace are often unclear and have become the focus of serious conflicts
Sizing up your cyberrisks Thomas J Parenty and Jack J Domet Harvard Business Review November-December 2019 Online access
When cybersecurity efforts address only technology the result is company leaders who are poorly informed and organizations that are poorly protected Discussions of cyberthreats end up being filled with specialized tech jargon and senior executives canrsquot participate meaningfully in them The responsibility for addressing risks then gets relegated entirely to cybersecurity and IT staff whose attention falls mainly on corporate computer systems The outcome tends to be a long ill-prioritized list of mitigation tasks Since no company has the resources to fix every cybersecurity problem important threats can go unaddressed A more fruitful approach is to adopt the view that cybersecurity should focus more on threatsrsquo potential impact on a businessrsquos activities That adjustment might seem minor but when leaders start with crucial activities they can better prioritize the development of cyberdefenses
What countries and companies can do when trade and cybersecurity overlap
Stuart Madnick Simon Johnson and Keman Huang Harvard Business Review January 4 2019 Online Access
Since it is not feasible to thoroughly examine the software firmware and hardware of every single product what should countries and companies do to prevent cyber intrusions Countries and companies need to consider their options At present there is no framework for understanding and categorizing the cybersecurity concerns involved in trade Without a clear understanding governments may implement policies that result in cyber conflicts while businesses will struggle to keep up with how cybersecurity concerns and restrictions are evolving We have developed a framework to systematically organize these cases basing it on our in-depth interviews with domain expe
The EU as a coherent (Cyber)security actor Helena Carrapico Andreacute Barrinha Journal of common market studies 2017-11 Vol55 (6) p1254-1272 Online Access
The last three decades have seen the development of the European Union (EU) as a security actor The transnational character of the security threats and the challenges identified by the EU have led to progressive integration between internal and external security concerns These concerns have often led to calls for greater coherence within EU security policies The literature however indicates that this need for coherence has so far not been systematically operationalized leading to a fragmented security field This article has two main aims To devise a framework for the analysis of the EUs coherence as a security actor and to apply it to the cybersecurity field By focusing on
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1618
EU cybersecurity policy this article will explore whether the EU can be considered a coherent actor in this field or whether this policy is being implemented according to different and unco‐ordinated rationales
Cyber security in the Internet of Things
Christopher J Rezendes and W David Stephenson Harvard Business Review June 21 2013 Online Access
Every enterprise will be affected by the Internet of Things (IoT) the growing phenomenon by which not only people but also ldquothingsrdquo mdash vehicles commercial and industrial equipment medical devices remote sensors in natural environments mdash are linked to networks that are connected to the internet Expect the impact on your business to be profound In particular expect it to challenge your conception of cybersecurity and your ability to deliver it in IoT-enabled digital networks your commercial operations and your partner ecosystems Paradoxically the very principle that makes the IoT so powerful mdash the potential to share data instantly with everyone and everything (every authorized entity that is) mdash creates a huge cybersecurity threat
TED TALKS
The humanity behind cybersecurity attacks
Mark Burnette
TEDX Nashvile 2019
Online access Companies spend millions of dollars every year to
protect their private data from cyberattack However
ordinary people can undermine all their hard work with
one mistake - and we often do Most successful security
breaches happen not because of sophisticated attacks
but due to human failures In this engaging talk one of
Americarsquos foremost cybersecurity experts will explore the
three human characteristics that hackers abuse to
conduct cyberattacks
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1718
Your human firewall ndash the answer to the cyber security problem Rob May TEDxWoking 2017 Online access Personal data is a precious commodity but sometimes
we can share too much Rob thinks we need to develop
our human firewall in an age where some much of our
lives is online
I cyber security Tom Hofmann TEDxZuriberg July 2018 Online access Tom talks about why (cyber) security doesnt become
more efficient and effective as technology progresses
and how human-centered innovation can be leveraged to
achieve a joint optimization of complex social and
technical systems
PODCASTS
Security Now Steve Gibson Leo Laporte Online access Security Now is a weekly podcast featuring Steve
Gibson and Leo Laporte who spend nearly two
hours discussing vital security concerns ranging
from news to long-standing issues concerns and
solutions Security Now focuses on personal
security offering valuable insights to help their
audience overcome common challenges and ramp
up their personal security
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1818
Cybersecurity Kerckhoffs principle amp why attack is the best form of defence Kerckhoffs Principle amp Why Attack Is the Best Form of Defence Euromoney 2018
Online access Cybersecurity is of paramount importance for
corporations as cybercriminals continue to become
more and more sophisticated Villains hack their way
into business computer systems including customer
records This lively podcast from Euromoneyrsquos
series Treasury and Turbulence informs executives
about the security practice of ldquoradical
transparencyrdquo
Security Weekly Paul Asadoorian Online access Security Weekly covers IT security news
vulnerabilities hacking research and related topics
of interest for the IT community by serving as a
security podcast network Their goal is to reach a
wide global audience to share insights and
information that help them learn grow and become
savvy IT professionals
This selection of resources was compiled by the Library of the General Secretariat
of the Council of the European Union for information only The contents are the sole
responsibility of their authors Books linked from this review do not represent the
positions policies or opinions of the Council of the European Union or the
European Council Reuse of the covers is prohibited they belong to the respective
copyright holders
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 318
BOOKS
The books marked Request once signed into Eureka are not yet owned by the Council Library
Once signed into Eureka you can request the Council Library to purchase them or borrow them via inter-library loan
Cybersecurity the beginners guide a comprehensive guide to getting started in cybersecurity
Erdal Ozkaya
Birmingham Packt 2019
Request via Eureka
This book explores the need for cyber security and
what individuals can do to fill the cybersecurity talent
gap Additionally it also looks at security domain
changes and how artificial intelligence and machine
learning are helping to secure systems It examines the
skills and tools that everyone who wants to work as
security personal need to be aware of as well as how to
think like an attacker and explore some advanced
security methodologies
Cyber smart five habits to protect your family money and identity from cyber criminals
Bart McDonough
Indianapolis IN Wiley 2019
Request via Eureka
In Cyber Smart author Bart McDonough uses his
extensive cybersecurity experience speaking at
conferences for the FBI major financial institutions and
other clients to answer the most common question he
hears How can I protect myself at home on a personal
level away from the office
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 418
The ethics of cybersecurity
Markus Christen Bert Gordijn Michele Loi
Cham Springer 2020
Request via Eureka
This open access book provides the first
comprehensive collection of papers that provide an
integrative view on cybersecurity It discusses theories
problems and solutions on the relevant ethical issues
involved This work is sorely needed in a world where
cybersecurity has become indispensable to protect trust
and confidence in the digital infrastructure whilst
respecting fundamental values like equality fairness
freedom or privacy The book has a strong practical
focus as it includes case studies outlining ethical issues
in cybersecurity and presenting guidelines and other
measures to tackle those issues It is thus not only
relevant for academics but also for practitioners in
cybersecurity
Cybersecurity
Alex Blau et al
Boston Massachusetts Harvard Business Review
Press 2019
Request via Eureka No data is completely safe Cyberattacks on companies
and individuals are on the rise and growing not only in
number but also in ferocity And while you may think
your company has taken all the precautionary steps to
prevent an attack no individual company or country is
safe Cybersecurity can no longer be left exclusively to
IT specialists Improving and increasing data security
practices and identifying suspicious activity is
everyones responsibility from the boardroom to the
break room Cybersecurity The Insights You Need from
Harvard Business Review brings you todays most
essential thinking on cybersecurity
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 518
Cyber security and policy a substantive dialogue
Andrew Colarik editor Julian Jang-Jaccard editor
Anuradha Mathrani editor Auckland New Zealand Massey University Press 2017
Request via via Eureka
ldquoThis book discusses cyber security and cyber policy in
an effort to improve the use and acceptance of security
services It argues that a substantive dialogue around
cyberspace cyber security and cyber policy is critical to
a better understanding of the serious security issues we
face
Digital privacy and security using Windows a practical guide
systems security and network security among others
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1118
Cybersecurity in the European digital single market
European Commission Directorate-General for
Research and Innovation Brussels European Commission 2017
Available Council Library Main Collection 104480
The internet has revolutionised our social and
economic lives However online transactions and our
trust in them are threatened by cybercrime
Cybersecurity protects us and our data from these
threats This scientific opinion provides guidance on how
to enhance cybersecurity in the context of the European
Digital Single Market Its recommendations informed the
EU cybersecurity act
ABSTRACTS
Cybersecurity and cyberwar what everyone needs to know PW Singer and Allan Friedman Oxford UP 2014 Online access
PW Singer and Allan Friedman of the Brookings Institution reveal the mysteries of botnets and shed light on the murky areas of cyberwar and clandestine military operations
Dark territory the secret history of cyber war Fred Kaplan Simon amp Schuster 2016 Online access
Much of the work of national security agencies and private or hired-gun hackers occurs in secret and some of it involves cyberwarfare a realm of constantly changing esoteric technology When events come to light they provoke considerable denial and conflicting narratives This makes Pulitzer Prize-winning reporter Fred Kaplanrsquos lucid history of US involvement in cyberwarfare all the more impressive In this useful look at a complicated subject he explains cyberwarrsquos main participants and events and he clarifies the politics and technologies involved getAbstract recommends his welcome precision and strong moral sense to anyone interested in global politics civil liberties in cyberspace history or the intersection of technology and society
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1218
ARTICLES
The COVID-19 Hackers Mind-set White Paper of the ECHO Network of cybersecurity centres European Network of Cybersecurity Centres (ECHO) White Paper 1 April 8 2020 Online access
Monitoring the cybersecurity landscape and the increase of COVID-19 related cybercrimes reporting by cyber experts and law enforcement agencies worldwide the ECHO network of cybersecurity centres (ECHO) has joined forces to establish its COVID-19 Cyber Defence Alliance Its aim is to support all initiatives that aim at protecting the EU Member States key services and critical infrastructure from cyber attacks
How organisations can ramp up their cybersecurity efforts right now Brenda R Sharton Harvard Business Review May 01 2020 Online access
Prior to Covid-19 most companies perceived their worst-case cybersecurity scenario as a computer virus that would shut down company computer systems In fact just the opposite happened a human virus has forced virtually entire workforces online making companies more reliant than ever on their systems The stakes of protecting those systems from a cyberattack could not be higher In the words of the old American Express commercial ldquoWhat will you do What will you dordquoOnce a cyberattack occurs companies largely are on their own They have to scramble to counteract the attack and ensure that the threat actor is out of the system They then may have to navigate industry regulators while also trying to steer clear of the dreaded post-breach class action suit What is a company to do
Will Coronavirus lead to more cyber attacks by Brenda R Sharton Harvard Business Review March 16 2020 Online access
While the world is focused on the systemic threat posed by Covid-19 cybercriminals around the world undoubtedly are poised to capitalize on the crisis by launching a different kind of ldquovirusrdquo More and more employees are working remotely by the day and companies may eventually face the prospect of functioning with little to no personnel on-site or skeleton crews in IT and other important support functionsAgainst this backdrop both employers and employees need to take the utmost care to protect themselves as well as confidential company information Here are some things for employers and employees to keep in mind to minimize the risk
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1318
How to think about cybersecurity in the era of COVID-19 Sara Brown MIT Management August 20 2020 Online access
Cyber incidents are consistently ranked at the top of business concerns and itrsquos easy to see why According to one estimate the global cost of cybercrime will rise to $6 trillion a year by the end of 2021 And this was before the COVID-19 pandemic disrupted businesses worldwide and offered new opportunities for hackers and bad actors Working from home may change a lot of employee behavior but relaxed security standards shouldnrsquot be one of them Here is the expertsrsquo top advice for cybersecurity leaders during the pandemic and beyond
Espionnage attaques subversives et cyber seacutecuriteacute de lrsquoimpact des actions de laquo social engineering raquo et des vulneacuterabiliteacutes humaines sur la seacutecuriteacute globale des entreprises DeCloquement Franck Club des Directeurs de Seacutecuriteacute des Entreprises Seacutecuriteacute et strateacutegie 2016 Vol22 (2) p21-29 Online access
La manipulation apparue en mecircme temps que lecirctre humain comme son corollaire naturel est devenue un outil priseacute des acteurs de la cybercriminaliteacute Les techniques dingeacutenierie sociale mises au service de la captation des donneacutees informatiques frappent deacutesormais lensemble des entreprises autant que les particuliers Dans cet article Franck DeCloquement enseignant agrave lIRIS et speacutecialiste en intelligence strateacutegique pour le groupe KER-MEUR livre des eacuteleacutements de compreacutehension et dintelligence agrave ce sujet en mettant laccent sur la centraliteacute de la dimension humaine beaucoup plus que sur les failles techniques permettant aux cybercriminels de commettre leurs forfaits LHomme doit ecirctre placeacute au centre de toute politique de protection des donneacutees rappelle lauteur suivant un des principes fondateurs du philosophe chinois Sun Tzu dans son ceacutelegravebre Art de la guerre laquo Connais ton ennemi et connais-toi toi-mecircme eussiez-vous cent guerres agrave soutenir cent fois vous serez victorieux
There is a growing recognition that technical cyber security measures do not exist in a vacuum and need to operate in harmony with people This has led to a plethora of academic research that seeks to address the role of the human in cybersecurity It is against this backdrop that ENISA has conducted four evidence-based reviews of human aspects of cybersecurity two based on the use (and effectiveness) of models from social science one on qualitative studies and one on current practise within organisations These reviews are published online as a technical annex Across all four reviews ENISA
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1418
found a relatively small number of models none of which were a particularly good fit for understanding predicting or changing cyber-security behaviour Many ignored the context in which much cybersecurity behaviour occurs (ie the workplace) and the constraints and other demands on peoplersquos time and resources that it causes
8 non-technical ways to improve your companyrsquos cybersecurity Sara Brown MIT Management January 29 2020 Online access
Cyberattacks are a growing threat facing businesses major cities and political campaigns Cyber risk ranked as the top business concern for 2020 according to a recent survey of more than 2700 global business leaders and security experts Cybersecurity solutions arenrsquot always complicated From planning ahead to simple fixes herersquos what you should be doing right now
Does your board really understand your cyber risks Daniel Dobrygowski and Derek Vadala Harvard Business Review 01 September 2020 Online access
Over the past decade business leaders have had to face an uncomfortable truth Itrsquos become impossible to sit at the head of a company and not address the threat of cyber risk Cyber attacks are increasingly pervasive and can present near existential threats to companies and boards of directors and CEOs need ways to evaluate them even if they canrsquot grasp the technical details This has led to an explosion in the demand for cyber-risk measurements both inside companies and among external stakeholders Becoming literate in cyber risk doesnrsquot mean that all executives need to become technical experts What it does mean is that they need to be able to establish their companyrsquos tolerance for cyber risk define the outcomes that are most important in guiding cybersecurity investment and be able to foster a culture of cybersecurity and resilience
Constructing norms for global cybersecurity Martha Finnemore Duncan B Hollis New York USA Cambridge University Press The American journal of international law 2016-07 Vol110 (3) p425-479 Online access
On February 16 2016 a US court ordered Apple to circumvent the security features of an iPhone 5C used by one of the terrorists who committed the San Bernardino shootings Apple refused It argued that breaking encryption for one phone could not be done without undermining the security of encryption more generally It made a public appeal for ldquoeveryone to step back and consider the implicationsrdquo of having a ldquoback doorrdquo key to unlock any phonemdashwhich governments (and others) could deploy to track users or access their data The US government eventually withdrew its suit after the FBI hired an outside party to access the phone But the incident sparked a wide-ranging debate over the appropriate standards of behavior for companies like Apple and for their customers in constructing and using information and communication technologies (ICTs) That debate
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1518
in turn is part of a much larger conversation Essential as the Internet is ldquorules of the roadrdquo for cyberspace are often unclear and have become the focus of serious conflicts
Sizing up your cyberrisks Thomas J Parenty and Jack J Domet Harvard Business Review November-December 2019 Online access
When cybersecurity efforts address only technology the result is company leaders who are poorly informed and organizations that are poorly protected Discussions of cyberthreats end up being filled with specialized tech jargon and senior executives canrsquot participate meaningfully in them The responsibility for addressing risks then gets relegated entirely to cybersecurity and IT staff whose attention falls mainly on corporate computer systems The outcome tends to be a long ill-prioritized list of mitigation tasks Since no company has the resources to fix every cybersecurity problem important threats can go unaddressed A more fruitful approach is to adopt the view that cybersecurity should focus more on threatsrsquo potential impact on a businessrsquos activities That adjustment might seem minor but when leaders start with crucial activities they can better prioritize the development of cyberdefenses
What countries and companies can do when trade and cybersecurity overlap
Stuart Madnick Simon Johnson and Keman Huang Harvard Business Review January 4 2019 Online Access
Since it is not feasible to thoroughly examine the software firmware and hardware of every single product what should countries and companies do to prevent cyber intrusions Countries and companies need to consider their options At present there is no framework for understanding and categorizing the cybersecurity concerns involved in trade Without a clear understanding governments may implement policies that result in cyber conflicts while businesses will struggle to keep up with how cybersecurity concerns and restrictions are evolving We have developed a framework to systematically organize these cases basing it on our in-depth interviews with domain expe
The EU as a coherent (Cyber)security actor Helena Carrapico Andreacute Barrinha Journal of common market studies 2017-11 Vol55 (6) p1254-1272 Online Access
The last three decades have seen the development of the European Union (EU) as a security actor The transnational character of the security threats and the challenges identified by the EU have led to progressive integration between internal and external security concerns These concerns have often led to calls for greater coherence within EU security policies The literature however indicates that this need for coherence has so far not been systematically operationalized leading to a fragmented security field This article has two main aims To devise a framework for the analysis of the EUs coherence as a security actor and to apply it to the cybersecurity field By focusing on
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1618
EU cybersecurity policy this article will explore whether the EU can be considered a coherent actor in this field or whether this policy is being implemented according to different and unco‐ordinated rationales
Cyber security in the Internet of Things
Christopher J Rezendes and W David Stephenson Harvard Business Review June 21 2013 Online Access
Every enterprise will be affected by the Internet of Things (IoT) the growing phenomenon by which not only people but also ldquothingsrdquo mdash vehicles commercial and industrial equipment medical devices remote sensors in natural environments mdash are linked to networks that are connected to the internet Expect the impact on your business to be profound In particular expect it to challenge your conception of cybersecurity and your ability to deliver it in IoT-enabled digital networks your commercial operations and your partner ecosystems Paradoxically the very principle that makes the IoT so powerful mdash the potential to share data instantly with everyone and everything (every authorized entity that is) mdash creates a huge cybersecurity threat
TED TALKS
The humanity behind cybersecurity attacks
Mark Burnette
TEDX Nashvile 2019
Online access Companies spend millions of dollars every year to
protect their private data from cyberattack However
ordinary people can undermine all their hard work with
one mistake - and we often do Most successful security
breaches happen not because of sophisticated attacks
but due to human failures In this engaging talk one of
Americarsquos foremost cybersecurity experts will explore the
three human characteristics that hackers abuse to
conduct cyberattacks
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1718
Your human firewall ndash the answer to the cyber security problem Rob May TEDxWoking 2017 Online access Personal data is a precious commodity but sometimes
we can share too much Rob thinks we need to develop
our human firewall in an age where some much of our
lives is online
I cyber security Tom Hofmann TEDxZuriberg July 2018 Online access Tom talks about why (cyber) security doesnt become
more efficient and effective as technology progresses
and how human-centered innovation can be leveraged to
achieve a joint optimization of complex social and
technical systems
PODCASTS
Security Now Steve Gibson Leo Laporte Online access Security Now is a weekly podcast featuring Steve
Gibson and Leo Laporte who spend nearly two
hours discussing vital security concerns ranging
from news to long-standing issues concerns and
solutions Security Now focuses on personal
security offering valuable insights to help their
audience overcome common challenges and ramp
up their personal security
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1818
Cybersecurity Kerckhoffs principle amp why attack is the best form of defence Kerckhoffs Principle amp Why Attack Is the Best Form of Defence Euromoney 2018
Online access Cybersecurity is of paramount importance for
corporations as cybercriminals continue to become
more and more sophisticated Villains hack their way
into business computer systems including customer
records This lively podcast from Euromoneyrsquos
series Treasury and Turbulence informs executives
about the security practice of ldquoradical
transparencyrdquo
Security Weekly Paul Asadoorian Online access Security Weekly covers IT security news
vulnerabilities hacking research and related topics
of interest for the IT community by serving as a
security podcast network Their goal is to reach a
wide global audience to share insights and
information that help them learn grow and become
savvy IT professionals
This selection of resources was compiled by the Library of the General Secretariat
of the Council of the European Union for information only The contents are the sole
responsibility of their authors Books linked from this review do not represent the
positions policies or opinions of the Council of the European Union or the
European Council Reuse of the covers is prohibited they belong to the respective
copyright holders
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 418
The ethics of cybersecurity
Markus Christen Bert Gordijn Michele Loi
Cham Springer 2020
Request via Eureka
This open access book provides the first
comprehensive collection of papers that provide an
integrative view on cybersecurity It discusses theories
problems and solutions on the relevant ethical issues
involved This work is sorely needed in a world where
cybersecurity has become indispensable to protect trust
and confidence in the digital infrastructure whilst
respecting fundamental values like equality fairness
freedom or privacy The book has a strong practical
focus as it includes case studies outlining ethical issues
in cybersecurity and presenting guidelines and other
measures to tackle those issues It is thus not only
relevant for academics but also for practitioners in
cybersecurity
Cybersecurity
Alex Blau et al
Boston Massachusetts Harvard Business Review
Press 2019
Request via Eureka No data is completely safe Cyberattacks on companies
and individuals are on the rise and growing not only in
number but also in ferocity And while you may think
your company has taken all the precautionary steps to
prevent an attack no individual company or country is
safe Cybersecurity can no longer be left exclusively to
IT specialists Improving and increasing data security
practices and identifying suspicious activity is
everyones responsibility from the boardroom to the
break room Cybersecurity The Insights You Need from
Harvard Business Review brings you todays most
essential thinking on cybersecurity
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 518
Cyber security and policy a substantive dialogue
Andrew Colarik editor Julian Jang-Jaccard editor
Anuradha Mathrani editor Auckland New Zealand Massey University Press 2017
Request via via Eureka
ldquoThis book discusses cyber security and cyber policy in
an effort to improve the use and acceptance of security
services It argues that a substantive dialogue around
cyberspace cyber security and cyber policy is critical to
a better understanding of the serious security issues we
face
Digital privacy and security using Windows a practical guide
systems security and network security among others
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1118
Cybersecurity in the European digital single market
European Commission Directorate-General for
Research and Innovation Brussels European Commission 2017
Available Council Library Main Collection 104480
The internet has revolutionised our social and
economic lives However online transactions and our
trust in them are threatened by cybercrime
Cybersecurity protects us and our data from these
threats This scientific opinion provides guidance on how
to enhance cybersecurity in the context of the European
Digital Single Market Its recommendations informed the
EU cybersecurity act
ABSTRACTS
Cybersecurity and cyberwar what everyone needs to know PW Singer and Allan Friedman Oxford UP 2014 Online access
PW Singer and Allan Friedman of the Brookings Institution reveal the mysteries of botnets and shed light on the murky areas of cyberwar and clandestine military operations
Dark territory the secret history of cyber war Fred Kaplan Simon amp Schuster 2016 Online access
Much of the work of national security agencies and private or hired-gun hackers occurs in secret and some of it involves cyberwarfare a realm of constantly changing esoteric technology When events come to light they provoke considerable denial and conflicting narratives This makes Pulitzer Prize-winning reporter Fred Kaplanrsquos lucid history of US involvement in cyberwarfare all the more impressive In this useful look at a complicated subject he explains cyberwarrsquos main participants and events and he clarifies the politics and technologies involved getAbstract recommends his welcome precision and strong moral sense to anyone interested in global politics civil liberties in cyberspace history or the intersection of technology and society
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1218
ARTICLES
The COVID-19 Hackers Mind-set White Paper of the ECHO Network of cybersecurity centres European Network of Cybersecurity Centres (ECHO) White Paper 1 April 8 2020 Online access
Monitoring the cybersecurity landscape and the increase of COVID-19 related cybercrimes reporting by cyber experts and law enforcement agencies worldwide the ECHO network of cybersecurity centres (ECHO) has joined forces to establish its COVID-19 Cyber Defence Alliance Its aim is to support all initiatives that aim at protecting the EU Member States key services and critical infrastructure from cyber attacks
How organisations can ramp up their cybersecurity efforts right now Brenda R Sharton Harvard Business Review May 01 2020 Online access
Prior to Covid-19 most companies perceived their worst-case cybersecurity scenario as a computer virus that would shut down company computer systems In fact just the opposite happened a human virus has forced virtually entire workforces online making companies more reliant than ever on their systems The stakes of protecting those systems from a cyberattack could not be higher In the words of the old American Express commercial ldquoWhat will you do What will you dordquoOnce a cyberattack occurs companies largely are on their own They have to scramble to counteract the attack and ensure that the threat actor is out of the system They then may have to navigate industry regulators while also trying to steer clear of the dreaded post-breach class action suit What is a company to do
Will Coronavirus lead to more cyber attacks by Brenda R Sharton Harvard Business Review March 16 2020 Online access
While the world is focused on the systemic threat posed by Covid-19 cybercriminals around the world undoubtedly are poised to capitalize on the crisis by launching a different kind of ldquovirusrdquo More and more employees are working remotely by the day and companies may eventually face the prospect of functioning with little to no personnel on-site or skeleton crews in IT and other important support functionsAgainst this backdrop both employers and employees need to take the utmost care to protect themselves as well as confidential company information Here are some things for employers and employees to keep in mind to minimize the risk
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1318
How to think about cybersecurity in the era of COVID-19 Sara Brown MIT Management August 20 2020 Online access
Cyber incidents are consistently ranked at the top of business concerns and itrsquos easy to see why According to one estimate the global cost of cybercrime will rise to $6 trillion a year by the end of 2021 And this was before the COVID-19 pandemic disrupted businesses worldwide and offered new opportunities for hackers and bad actors Working from home may change a lot of employee behavior but relaxed security standards shouldnrsquot be one of them Here is the expertsrsquo top advice for cybersecurity leaders during the pandemic and beyond
Espionnage attaques subversives et cyber seacutecuriteacute de lrsquoimpact des actions de laquo social engineering raquo et des vulneacuterabiliteacutes humaines sur la seacutecuriteacute globale des entreprises DeCloquement Franck Club des Directeurs de Seacutecuriteacute des Entreprises Seacutecuriteacute et strateacutegie 2016 Vol22 (2) p21-29 Online access
La manipulation apparue en mecircme temps que lecirctre humain comme son corollaire naturel est devenue un outil priseacute des acteurs de la cybercriminaliteacute Les techniques dingeacutenierie sociale mises au service de la captation des donneacutees informatiques frappent deacutesormais lensemble des entreprises autant que les particuliers Dans cet article Franck DeCloquement enseignant agrave lIRIS et speacutecialiste en intelligence strateacutegique pour le groupe KER-MEUR livre des eacuteleacutements de compreacutehension et dintelligence agrave ce sujet en mettant laccent sur la centraliteacute de la dimension humaine beaucoup plus que sur les failles techniques permettant aux cybercriminels de commettre leurs forfaits LHomme doit ecirctre placeacute au centre de toute politique de protection des donneacutees rappelle lauteur suivant un des principes fondateurs du philosophe chinois Sun Tzu dans son ceacutelegravebre Art de la guerre laquo Connais ton ennemi et connais-toi toi-mecircme eussiez-vous cent guerres agrave soutenir cent fois vous serez victorieux
There is a growing recognition that technical cyber security measures do not exist in a vacuum and need to operate in harmony with people This has led to a plethora of academic research that seeks to address the role of the human in cybersecurity It is against this backdrop that ENISA has conducted four evidence-based reviews of human aspects of cybersecurity two based on the use (and effectiveness) of models from social science one on qualitative studies and one on current practise within organisations These reviews are published online as a technical annex Across all four reviews ENISA
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1418
found a relatively small number of models none of which were a particularly good fit for understanding predicting or changing cyber-security behaviour Many ignored the context in which much cybersecurity behaviour occurs (ie the workplace) and the constraints and other demands on peoplersquos time and resources that it causes
8 non-technical ways to improve your companyrsquos cybersecurity Sara Brown MIT Management January 29 2020 Online access
Cyberattacks are a growing threat facing businesses major cities and political campaigns Cyber risk ranked as the top business concern for 2020 according to a recent survey of more than 2700 global business leaders and security experts Cybersecurity solutions arenrsquot always complicated From planning ahead to simple fixes herersquos what you should be doing right now
Does your board really understand your cyber risks Daniel Dobrygowski and Derek Vadala Harvard Business Review 01 September 2020 Online access
Over the past decade business leaders have had to face an uncomfortable truth Itrsquos become impossible to sit at the head of a company and not address the threat of cyber risk Cyber attacks are increasingly pervasive and can present near existential threats to companies and boards of directors and CEOs need ways to evaluate them even if they canrsquot grasp the technical details This has led to an explosion in the demand for cyber-risk measurements both inside companies and among external stakeholders Becoming literate in cyber risk doesnrsquot mean that all executives need to become technical experts What it does mean is that they need to be able to establish their companyrsquos tolerance for cyber risk define the outcomes that are most important in guiding cybersecurity investment and be able to foster a culture of cybersecurity and resilience
Constructing norms for global cybersecurity Martha Finnemore Duncan B Hollis New York USA Cambridge University Press The American journal of international law 2016-07 Vol110 (3) p425-479 Online access
On February 16 2016 a US court ordered Apple to circumvent the security features of an iPhone 5C used by one of the terrorists who committed the San Bernardino shootings Apple refused It argued that breaking encryption for one phone could not be done without undermining the security of encryption more generally It made a public appeal for ldquoeveryone to step back and consider the implicationsrdquo of having a ldquoback doorrdquo key to unlock any phonemdashwhich governments (and others) could deploy to track users or access their data The US government eventually withdrew its suit after the FBI hired an outside party to access the phone But the incident sparked a wide-ranging debate over the appropriate standards of behavior for companies like Apple and for their customers in constructing and using information and communication technologies (ICTs) That debate
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1518
in turn is part of a much larger conversation Essential as the Internet is ldquorules of the roadrdquo for cyberspace are often unclear and have become the focus of serious conflicts
Sizing up your cyberrisks Thomas J Parenty and Jack J Domet Harvard Business Review November-December 2019 Online access
When cybersecurity efforts address only technology the result is company leaders who are poorly informed and organizations that are poorly protected Discussions of cyberthreats end up being filled with specialized tech jargon and senior executives canrsquot participate meaningfully in them The responsibility for addressing risks then gets relegated entirely to cybersecurity and IT staff whose attention falls mainly on corporate computer systems The outcome tends to be a long ill-prioritized list of mitigation tasks Since no company has the resources to fix every cybersecurity problem important threats can go unaddressed A more fruitful approach is to adopt the view that cybersecurity should focus more on threatsrsquo potential impact on a businessrsquos activities That adjustment might seem minor but when leaders start with crucial activities they can better prioritize the development of cyberdefenses
What countries and companies can do when trade and cybersecurity overlap
Stuart Madnick Simon Johnson and Keman Huang Harvard Business Review January 4 2019 Online Access
Since it is not feasible to thoroughly examine the software firmware and hardware of every single product what should countries and companies do to prevent cyber intrusions Countries and companies need to consider their options At present there is no framework for understanding and categorizing the cybersecurity concerns involved in trade Without a clear understanding governments may implement policies that result in cyber conflicts while businesses will struggle to keep up with how cybersecurity concerns and restrictions are evolving We have developed a framework to systematically organize these cases basing it on our in-depth interviews with domain expe
The EU as a coherent (Cyber)security actor Helena Carrapico Andreacute Barrinha Journal of common market studies 2017-11 Vol55 (6) p1254-1272 Online Access
The last three decades have seen the development of the European Union (EU) as a security actor The transnational character of the security threats and the challenges identified by the EU have led to progressive integration between internal and external security concerns These concerns have often led to calls for greater coherence within EU security policies The literature however indicates that this need for coherence has so far not been systematically operationalized leading to a fragmented security field This article has two main aims To devise a framework for the analysis of the EUs coherence as a security actor and to apply it to the cybersecurity field By focusing on
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1618
EU cybersecurity policy this article will explore whether the EU can be considered a coherent actor in this field or whether this policy is being implemented according to different and unco‐ordinated rationales
Cyber security in the Internet of Things
Christopher J Rezendes and W David Stephenson Harvard Business Review June 21 2013 Online Access
Every enterprise will be affected by the Internet of Things (IoT) the growing phenomenon by which not only people but also ldquothingsrdquo mdash vehicles commercial and industrial equipment medical devices remote sensors in natural environments mdash are linked to networks that are connected to the internet Expect the impact on your business to be profound In particular expect it to challenge your conception of cybersecurity and your ability to deliver it in IoT-enabled digital networks your commercial operations and your partner ecosystems Paradoxically the very principle that makes the IoT so powerful mdash the potential to share data instantly with everyone and everything (every authorized entity that is) mdash creates a huge cybersecurity threat
TED TALKS
The humanity behind cybersecurity attacks
Mark Burnette
TEDX Nashvile 2019
Online access Companies spend millions of dollars every year to
protect their private data from cyberattack However
ordinary people can undermine all their hard work with
one mistake - and we often do Most successful security
breaches happen not because of sophisticated attacks
but due to human failures In this engaging talk one of
Americarsquos foremost cybersecurity experts will explore the
three human characteristics that hackers abuse to
conduct cyberattacks
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1718
Your human firewall ndash the answer to the cyber security problem Rob May TEDxWoking 2017 Online access Personal data is a precious commodity but sometimes
we can share too much Rob thinks we need to develop
our human firewall in an age where some much of our
lives is online
I cyber security Tom Hofmann TEDxZuriberg July 2018 Online access Tom talks about why (cyber) security doesnt become
more efficient and effective as technology progresses
and how human-centered innovation can be leveraged to
achieve a joint optimization of complex social and
technical systems
PODCASTS
Security Now Steve Gibson Leo Laporte Online access Security Now is a weekly podcast featuring Steve
Gibson and Leo Laporte who spend nearly two
hours discussing vital security concerns ranging
from news to long-standing issues concerns and
solutions Security Now focuses on personal
security offering valuable insights to help their
audience overcome common challenges and ramp
up their personal security
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1818
Cybersecurity Kerckhoffs principle amp why attack is the best form of defence Kerckhoffs Principle amp Why Attack Is the Best Form of Defence Euromoney 2018
Online access Cybersecurity is of paramount importance for
corporations as cybercriminals continue to become
more and more sophisticated Villains hack their way
into business computer systems including customer
records This lively podcast from Euromoneyrsquos
series Treasury and Turbulence informs executives
about the security practice of ldquoradical
transparencyrdquo
Security Weekly Paul Asadoorian Online access Security Weekly covers IT security news
vulnerabilities hacking research and related topics
of interest for the IT community by serving as a
security podcast network Their goal is to reach a
wide global audience to share insights and
information that help them learn grow and become
savvy IT professionals
This selection of resources was compiled by the Library of the General Secretariat
of the Council of the European Union for information only The contents are the sole
responsibility of their authors Books linked from this review do not represent the
positions policies or opinions of the Council of the European Union or the
European Council Reuse of the covers is prohibited they belong to the respective
copyright holders
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 518
Cyber security and policy a substantive dialogue
Andrew Colarik editor Julian Jang-Jaccard editor
Anuradha Mathrani editor Auckland New Zealand Massey University Press 2017
Request via via Eureka
ldquoThis book discusses cyber security and cyber policy in
an effort to improve the use and acceptance of security
services It argues that a substantive dialogue around
cyberspace cyber security and cyber policy is critical to
a better understanding of the serious security issues we
face
Digital privacy and security using Windows a practical guide
systems security and network security among others
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1118
Cybersecurity in the European digital single market
European Commission Directorate-General for
Research and Innovation Brussels European Commission 2017
Available Council Library Main Collection 104480
The internet has revolutionised our social and
economic lives However online transactions and our
trust in them are threatened by cybercrime
Cybersecurity protects us and our data from these
threats This scientific opinion provides guidance on how
to enhance cybersecurity in the context of the European
Digital Single Market Its recommendations informed the
EU cybersecurity act
ABSTRACTS
Cybersecurity and cyberwar what everyone needs to know PW Singer and Allan Friedman Oxford UP 2014 Online access
PW Singer and Allan Friedman of the Brookings Institution reveal the mysteries of botnets and shed light on the murky areas of cyberwar and clandestine military operations
Dark territory the secret history of cyber war Fred Kaplan Simon amp Schuster 2016 Online access
Much of the work of national security agencies and private or hired-gun hackers occurs in secret and some of it involves cyberwarfare a realm of constantly changing esoteric technology When events come to light they provoke considerable denial and conflicting narratives This makes Pulitzer Prize-winning reporter Fred Kaplanrsquos lucid history of US involvement in cyberwarfare all the more impressive In this useful look at a complicated subject he explains cyberwarrsquos main participants and events and he clarifies the politics and technologies involved getAbstract recommends his welcome precision and strong moral sense to anyone interested in global politics civil liberties in cyberspace history or the intersection of technology and society
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1218
ARTICLES
The COVID-19 Hackers Mind-set White Paper of the ECHO Network of cybersecurity centres European Network of Cybersecurity Centres (ECHO) White Paper 1 April 8 2020 Online access
Monitoring the cybersecurity landscape and the increase of COVID-19 related cybercrimes reporting by cyber experts and law enforcement agencies worldwide the ECHO network of cybersecurity centres (ECHO) has joined forces to establish its COVID-19 Cyber Defence Alliance Its aim is to support all initiatives that aim at protecting the EU Member States key services and critical infrastructure from cyber attacks
How organisations can ramp up their cybersecurity efforts right now Brenda R Sharton Harvard Business Review May 01 2020 Online access
Prior to Covid-19 most companies perceived their worst-case cybersecurity scenario as a computer virus that would shut down company computer systems In fact just the opposite happened a human virus has forced virtually entire workforces online making companies more reliant than ever on their systems The stakes of protecting those systems from a cyberattack could not be higher In the words of the old American Express commercial ldquoWhat will you do What will you dordquoOnce a cyberattack occurs companies largely are on their own They have to scramble to counteract the attack and ensure that the threat actor is out of the system They then may have to navigate industry regulators while also trying to steer clear of the dreaded post-breach class action suit What is a company to do
Will Coronavirus lead to more cyber attacks by Brenda R Sharton Harvard Business Review March 16 2020 Online access
While the world is focused on the systemic threat posed by Covid-19 cybercriminals around the world undoubtedly are poised to capitalize on the crisis by launching a different kind of ldquovirusrdquo More and more employees are working remotely by the day and companies may eventually face the prospect of functioning with little to no personnel on-site or skeleton crews in IT and other important support functionsAgainst this backdrop both employers and employees need to take the utmost care to protect themselves as well as confidential company information Here are some things for employers and employees to keep in mind to minimize the risk
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1318
How to think about cybersecurity in the era of COVID-19 Sara Brown MIT Management August 20 2020 Online access
Cyber incidents are consistently ranked at the top of business concerns and itrsquos easy to see why According to one estimate the global cost of cybercrime will rise to $6 trillion a year by the end of 2021 And this was before the COVID-19 pandemic disrupted businesses worldwide and offered new opportunities for hackers and bad actors Working from home may change a lot of employee behavior but relaxed security standards shouldnrsquot be one of them Here is the expertsrsquo top advice for cybersecurity leaders during the pandemic and beyond
Espionnage attaques subversives et cyber seacutecuriteacute de lrsquoimpact des actions de laquo social engineering raquo et des vulneacuterabiliteacutes humaines sur la seacutecuriteacute globale des entreprises DeCloquement Franck Club des Directeurs de Seacutecuriteacute des Entreprises Seacutecuriteacute et strateacutegie 2016 Vol22 (2) p21-29 Online access
La manipulation apparue en mecircme temps que lecirctre humain comme son corollaire naturel est devenue un outil priseacute des acteurs de la cybercriminaliteacute Les techniques dingeacutenierie sociale mises au service de la captation des donneacutees informatiques frappent deacutesormais lensemble des entreprises autant que les particuliers Dans cet article Franck DeCloquement enseignant agrave lIRIS et speacutecialiste en intelligence strateacutegique pour le groupe KER-MEUR livre des eacuteleacutements de compreacutehension et dintelligence agrave ce sujet en mettant laccent sur la centraliteacute de la dimension humaine beaucoup plus que sur les failles techniques permettant aux cybercriminels de commettre leurs forfaits LHomme doit ecirctre placeacute au centre de toute politique de protection des donneacutees rappelle lauteur suivant un des principes fondateurs du philosophe chinois Sun Tzu dans son ceacutelegravebre Art de la guerre laquo Connais ton ennemi et connais-toi toi-mecircme eussiez-vous cent guerres agrave soutenir cent fois vous serez victorieux
There is a growing recognition that technical cyber security measures do not exist in a vacuum and need to operate in harmony with people This has led to a plethora of academic research that seeks to address the role of the human in cybersecurity It is against this backdrop that ENISA has conducted four evidence-based reviews of human aspects of cybersecurity two based on the use (and effectiveness) of models from social science one on qualitative studies and one on current practise within organisations These reviews are published online as a technical annex Across all four reviews ENISA
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1418
found a relatively small number of models none of which were a particularly good fit for understanding predicting or changing cyber-security behaviour Many ignored the context in which much cybersecurity behaviour occurs (ie the workplace) and the constraints and other demands on peoplersquos time and resources that it causes
8 non-technical ways to improve your companyrsquos cybersecurity Sara Brown MIT Management January 29 2020 Online access
Cyberattacks are a growing threat facing businesses major cities and political campaigns Cyber risk ranked as the top business concern for 2020 according to a recent survey of more than 2700 global business leaders and security experts Cybersecurity solutions arenrsquot always complicated From planning ahead to simple fixes herersquos what you should be doing right now
Does your board really understand your cyber risks Daniel Dobrygowski and Derek Vadala Harvard Business Review 01 September 2020 Online access
Over the past decade business leaders have had to face an uncomfortable truth Itrsquos become impossible to sit at the head of a company and not address the threat of cyber risk Cyber attacks are increasingly pervasive and can present near existential threats to companies and boards of directors and CEOs need ways to evaluate them even if they canrsquot grasp the technical details This has led to an explosion in the demand for cyber-risk measurements both inside companies and among external stakeholders Becoming literate in cyber risk doesnrsquot mean that all executives need to become technical experts What it does mean is that they need to be able to establish their companyrsquos tolerance for cyber risk define the outcomes that are most important in guiding cybersecurity investment and be able to foster a culture of cybersecurity and resilience
Constructing norms for global cybersecurity Martha Finnemore Duncan B Hollis New York USA Cambridge University Press The American journal of international law 2016-07 Vol110 (3) p425-479 Online access
On February 16 2016 a US court ordered Apple to circumvent the security features of an iPhone 5C used by one of the terrorists who committed the San Bernardino shootings Apple refused It argued that breaking encryption for one phone could not be done without undermining the security of encryption more generally It made a public appeal for ldquoeveryone to step back and consider the implicationsrdquo of having a ldquoback doorrdquo key to unlock any phonemdashwhich governments (and others) could deploy to track users or access their data The US government eventually withdrew its suit after the FBI hired an outside party to access the phone But the incident sparked a wide-ranging debate over the appropriate standards of behavior for companies like Apple and for their customers in constructing and using information and communication technologies (ICTs) That debate
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1518
in turn is part of a much larger conversation Essential as the Internet is ldquorules of the roadrdquo for cyberspace are often unclear and have become the focus of serious conflicts
Sizing up your cyberrisks Thomas J Parenty and Jack J Domet Harvard Business Review November-December 2019 Online access
When cybersecurity efforts address only technology the result is company leaders who are poorly informed and organizations that are poorly protected Discussions of cyberthreats end up being filled with specialized tech jargon and senior executives canrsquot participate meaningfully in them The responsibility for addressing risks then gets relegated entirely to cybersecurity and IT staff whose attention falls mainly on corporate computer systems The outcome tends to be a long ill-prioritized list of mitigation tasks Since no company has the resources to fix every cybersecurity problem important threats can go unaddressed A more fruitful approach is to adopt the view that cybersecurity should focus more on threatsrsquo potential impact on a businessrsquos activities That adjustment might seem minor but when leaders start with crucial activities they can better prioritize the development of cyberdefenses
What countries and companies can do when trade and cybersecurity overlap
Stuart Madnick Simon Johnson and Keman Huang Harvard Business Review January 4 2019 Online Access
Since it is not feasible to thoroughly examine the software firmware and hardware of every single product what should countries and companies do to prevent cyber intrusions Countries and companies need to consider their options At present there is no framework for understanding and categorizing the cybersecurity concerns involved in trade Without a clear understanding governments may implement policies that result in cyber conflicts while businesses will struggle to keep up with how cybersecurity concerns and restrictions are evolving We have developed a framework to systematically organize these cases basing it on our in-depth interviews with domain expe
The EU as a coherent (Cyber)security actor Helena Carrapico Andreacute Barrinha Journal of common market studies 2017-11 Vol55 (6) p1254-1272 Online Access
The last three decades have seen the development of the European Union (EU) as a security actor The transnational character of the security threats and the challenges identified by the EU have led to progressive integration between internal and external security concerns These concerns have often led to calls for greater coherence within EU security policies The literature however indicates that this need for coherence has so far not been systematically operationalized leading to a fragmented security field This article has two main aims To devise a framework for the analysis of the EUs coherence as a security actor and to apply it to the cybersecurity field By focusing on
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1618
EU cybersecurity policy this article will explore whether the EU can be considered a coherent actor in this field or whether this policy is being implemented according to different and unco‐ordinated rationales
Cyber security in the Internet of Things
Christopher J Rezendes and W David Stephenson Harvard Business Review June 21 2013 Online Access
Every enterprise will be affected by the Internet of Things (IoT) the growing phenomenon by which not only people but also ldquothingsrdquo mdash vehicles commercial and industrial equipment medical devices remote sensors in natural environments mdash are linked to networks that are connected to the internet Expect the impact on your business to be profound In particular expect it to challenge your conception of cybersecurity and your ability to deliver it in IoT-enabled digital networks your commercial operations and your partner ecosystems Paradoxically the very principle that makes the IoT so powerful mdash the potential to share data instantly with everyone and everything (every authorized entity that is) mdash creates a huge cybersecurity threat
TED TALKS
The humanity behind cybersecurity attacks
Mark Burnette
TEDX Nashvile 2019
Online access Companies spend millions of dollars every year to
protect their private data from cyberattack However
ordinary people can undermine all their hard work with
one mistake - and we often do Most successful security
breaches happen not because of sophisticated attacks
but due to human failures In this engaging talk one of
Americarsquos foremost cybersecurity experts will explore the
three human characteristics that hackers abuse to
conduct cyberattacks
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1718
Your human firewall ndash the answer to the cyber security problem Rob May TEDxWoking 2017 Online access Personal data is a precious commodity but sometimes
we can share too much Rob thinks we need to develop
our human firewall in an age where some much of our
lives is online
I cyber security Tom Hofmann TEDxZuriberg July 2018 Online access Tom talks about why (cyber) security doesnt become
more efficient and effective as technology progresses
and how human-centered innovation can be leveraged to
achieve a joint optimization of complex social and
technical systems
PODCASTS
Security Now Steve Gibson Leo Laporte Online access Security Now is a weekly podcast featuring Steve
Gibson and Leo Laporte who spend nearly two
hours discussing vital security concerns ranging
from news to long-standing issues concerns and
solutions Security Now focuses on personal
security offering valuable insights to help their
audience overcome common challenges and ramp
up their personal security
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1818
Cybersecurity Kerckhoffs principle amp why attack is the best form of defence Kerckhoffs Principle amp Why Attack Is the Best Form of Defence Euromoney 2018
Online access Cybersecurity is of paramount importance for
corporations as cybercriminals continue to become
more and more sophisticated Villains hack their way
into business computer systems including customer
records This lively podcast from Euromoneyrsquos
series Treasury and Turbulence informs executives
about the security practice of ldquoradical
transparencyrdquo
Security Weekly Paul Asadoorian Online access Security Weekly covers IT security news
vulnerabilities hacking research and related topics
of interest for the IT community by serving as a
security podcast network Their goal is to reach a
wide global audience to share insights and
information that help them learn grow and become
savvy IT professionals
This selection of resources was compiled by the Library of the General Secretariat
of the Council of the European Union for information only The contents are the sole
responsibility of their authors Books linked from this review do not represent the
positions policies or opinions of the Council of the European Union or the
European Council Reuse of the covers is prohibited they belong to the respective
copyright holders
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 618
Cybersecurity essentials
Charles J Brooks Christopher Grow Philip Craig
Donald Short Hoboken NJ Sybex 2018
Request via Eureka Cybersecurity Essentials provides a comprehensive
introduction to the field An effective defense consists of
four distinct challenges securing the infrastructure
securing devices securing local networks and securing
the perimeter Overcoming these challenges requires a
detailed understanding of the concepts and practices
within each realm This book covers each challenge
individually for greater depth of information with real-
world scenarios that show what vulnerabilities look like
in everyday computing scenarios
Understanding security issues
Scott E Donaldson Chris K Williams Stanley G
Siegel Boston Walter de Gruyter Incorporated 2018
Request via Eureka With the threats that affect every computer phone or
other device connected to the internet security has
become a responsibility not just for law enforcement
authorities or business leaders but for every individual
This book discusses security awareness issues and how
you can take steps to reduce the risk of becoming a
victim The threats that face every individual and
business all the time Specific indicators of threats so
that you understand when you might be attacked and
what to do if they occur
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 718
Cybersecurity protecting your identity and data
Mary-Lane Kamberg 1948- author New York New York Rosen Central 2018
Request via Eureka
This book introduces readers to the importance of
cybersecurity and addresses the current risks from
hackers viruses and other malware identity thieves
and other online perils It provides concrete measures
that young digital natives can take to protect themselves
and their computers smartphones and other devices
This volumes lively cautionary narrative and useful tips
will help readers effectively defend their identities and
data
Personal cybersecurity how to avoid and
recover from cybercrime
Marvin Waschke Berkeley CA Apress Imprint Apress 2017
Request via Eureka Covers personal cybersecurity for all modes of personal
computing whether on consumer-acquired or company-
issued devices desktop PCs laptops mobile devices
smart TVs WiFi and Bluetooth peripherals and IoT
objects embedded with network-connected sensors
Through instructive examples and scenarios the author
shows you how to adapt and apply best practices to
your own particular circumstances how to automate and
routinize your personal cybersecurity how to recognize
security breaches and act swiftly to seal them and how
to recover losses and restore functionality when attacks
succeed
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 818
Hacken fur Dummies
Kevin M Beaver Gerhard Franken translator Weinheim Wiley 2018
Request via Eureka
Der beste Weg den eigenen Computer vor Hack-
Angriffen zu schuumltzen ist zu wissen wie Hacker
arbeiten Betrachten Sie Ihren Computer oder Ihr
Computersystem vom Standpunkt eines Hackers und
verstehen Sie wie Hacker Passwoumlrter knacken welche
Schwachstellen Netzwerke haben wie die
Betriebssysteme Windows Linux und MacOS X
angreifbar sind und wie Datenbanken ausspioniert
werden koumlnnen Der Autor zeigt Ihnen wie Sie Ihre
Systeme auf Schwachstellen uumlberpruumlfen und
Sicherheitsluumlcken ausbessern koumlnnen Machen Sie sich
die Tricks der Hacker zu eigen und drehen Sie den
Spieszlig um
Caught on the web the ultimate cybersecurity guide Jonathan Reuvid editor London Legend Business 2018
Request via Eureka
From passwords to opening emails everyone knows
what they should do but do you do it Tons of malicious
content floods the internet which can compromise your
system and your device be it your laptop tablet or
phone How often do you make payments online This
book will guide you and provide solutions to avoid
common mistakes and to combat cyber-attacks
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 918
Cybersecurity and cyberwar what everyone needs to know PW Singer Allan Friedman New York Oxford University Press 2014
Available at Legal Library Main Collection (SJUR INF 100591)
A generation ago cyberspace was just a term from
science fiction used to describe the nascent network of
computers linking a few university labs Today our
entire modern way of life from communication to
commerce to conflict fundamentally depends on the
Internet We face new questions in everything from our
rights and responsibilities as citizens of both the online
and real world to simply how to protect ourselves and
our families from a new type of danger The book is
structured around the key question areas of cyberspace
and its security how it all works why it all matters and
what can we do
Cybersecurity expert
Daniel R Faust New York NY PowerKids Press 2018
Request via Eureka
With our use of technology increasing every day its not
surprising that our need for cybersecurity experts is also
growing In this informative text readers will learn about
why we need cybersecurity and what these security
experts do to keep sensitive digital information safe
Students are introduced to the concept of computational
thinking as well as STEM concepts addressed in the
Next Generation Science Standards Informational
diagrams and full-color photographs help students make
connections with the text
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1018
What is cybersecurity Haq Kamar New York Britannica Educational Publishing in association with Rosen Educational Services 2017
Request via Eureka
Inexperienced users of computers often jump at the
chance to click colorful flashing ads on the sidebar and
are also tempted to download files from sites not worthy
of trust In short people need to learn how to stay safe
online This book will introduce readers to different types
of online threats including viruses and malware They
will learn how different dangers spread and some basic
steps to stop or prevent them Additionally this book will
illuminate the scary consequences of falling prey to
those threats such as having personal information
stolen or deleted and cyberstalking
Cyber security power and technology Martti Lehto P Neittaanmaki (Pekka) Cham Springer 2018
Request Council Library Loan 105252
Addressing open problems in the cyber world the book
consists of two parts Part I focuses on cyber operations
as a new tool in global security policy while Part II
focuses on new cyber security technologies when
building cyber power capabilities The topics discussed
include strategic perspectives on cyber security and
systems security and network security among others
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1118
Cybersecurity in the European digital single market
European Commission Directorate-General for
Research and Innovation Brussels European Commission 2017
Available Council Library Main Collection 104480
The internet has revolutionised our social and
economic lives However online transactions and our
trust in them are threatened by cybercrime
Cybersecurity protects us and our data from these
threats This scientific opinion provides guidance on how
to enhance cybersecurity in the context of the European
Digital Single Market Its recommendations informed the
EU cybersecurity act
ABSTRACTS
Cybersecurity and cyberwar what everyone needs to know PW Singer and Allan Friedman Oxford UP 2014 Online access
PW Singer and Allan Friedman of the Brookings Institution reveal the mysteries of botnets and shed light on the murky areas of cyberwar and clandestine military operations
Dark territory the secret history of cyber war Fred Kaplan Simon amp Schuster 2016 Online access
Much of the work of national security agencies and private or hired-gun hackers occurs in secret and some of it involves cyberwarfare a realm of constantly changing esoteric technology When events come to light they provoke considerable denial and conflicting narratives This makes Pulitzer Prize-winning reporter Fred Kaplanrsquos lucid history of US involvement in cyberwarfare all the more impressive In this useful look at a complicated subject he explains cyberwarrsquos main participants and events and he clarifies the politics and technologies involved getAbstract recommends his welcome precision and strong moral sense to anyone interested in global politics civil liberties in cyberspace history or the intersection of technology and society
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1218
ARTICLES
The COVID-19 Hackers Mind-set White Paper of the ECHO Network of cybersecurity centres European Network of Cybersecurity Centres (ECHO) White Paper 1 April 8 2020 Online access
Monitoring the cybersecurity landscape and the increase of COVID-19 related cybercrimes reporting by cyber experts and law enforcement agencies worldwide the ECHO network of cybersecurity centres (ECHO) has joined forces to establish its COVID-19 Cyber Defence Alliance Its aim is to support all initiatives that aim at protecting the EU Member States key services and critical infrastructure from cyber attacks
How organisations can ramp up their cybersecurity efforts right now Brenda R Sharton Harvard Business Review May 01 2020 Online access
Prior to Covid-19 most companies perceived their worst-case cybersecurity scenario as a computer virus that would shut down company computer systems In fact just the opposite happened a human virus has forced virtually entire workforces online making companies more reliant than ever on their systems The stakes of protecting those systems from a cyberattack could not be higher In the words of the old American Express commercial ldquoWhat will you do What will you dordquoOnce a cyberattack occurs companies largely are on their own They have to scramble to counteract the attack and ensure that the threat actor is out of the system They then may have to navigate industry regulators while also trying to steer clear of the dreaded post-breach class action suit What is a company to do
Will Coronavirus lead to more cyber attacks by Brenda R Sharton Harvard Business Review March 16 2020 Online access
While the world is focused on the systemic threat posed by Covid-19 cybercriminals around the world undoubtedly are poised to capitalize on the crisis by launching a different kind of ldquovirusrdquo More and more employees are working remotely by the day and companies may eventually face the prospect of functioning with little to no personnel on-site or skeleton crews in IT and other important support functionsAgainst this backdrop both employers and employees need to take the utmost care to protect themselves as well as confidential company information Here are some things for employers and employees to keep in mind to minimize the risk
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1318
How to think about cybersecurity in the era of COVID-19 Sara Brown MIT Management August 20 2020 Online access
Cyber incidents are consistently ranked at the top of business concerns and itrsquos easy to see why According to one estimate the global cost of cybercrime will rise to $6 trillion a year by the end of 2021 And this was before the COVID-19 pandemic disrupted businesses worldwide and offered new opportunities for hackers and bad actors Working from home may change a lot of employee behavior but relaxed security standards shouldnrsquot be one of them Here is the expertsrsquo top advice for cybersecurity leaders during the pandemic and beyond
Espionnage attaques subversives et cyber seacutecuriteacute de lrsquoimpact des actions de laquo social engineering raquo et des vulneacuterabiliteacutes humaines sur la seacutecuriteacute globale des entreprises DeCloquement Franck Club des Directeurs de Seacutecuriteacute des Entreprises Seacutecuriteacute et strateacutegie 2016 Vol22 (2) p21-29 Online access
La manipulation apparue en mecircme temps que lecirctre humain comme son corollaire naturel est devenue un outil priseacute des acteurs de la cybercriminaliteacute Les techniques dingeacutenierie sociale mises au service de la captation des donneacutees informatiques frappent deacutesormais lensemble des entreprises autant que les particuliers Dans cet article Franck DeCloquement enseignant agrave lIRIS et speacutecialiste en intelligence strateacutegique pour le groupe KER-MEUR livre des eacuteleacutements de compreacutehension et dintelligence agrave ce sujet en mettant laccent sur la centraliteacute de la dimension humaine beaucoup plus que sur les failles techniques permettant aux cybercriminels de commettre leurs forfaits LHomme doit ecirctre placeacute au centre de toute politique de protection des donneacutees rappelle lauteur suivant un des principes fondateurs du philosophe chinois Sun Tzu dans son ceacutelegravebre Art de la guerre laquo Connais ton ennemi et connais-toi toi-mecircme eussiez-vous cent guerres agrave soutenir cent fois vous serez victorieux
There is a growing recognition that technical cyber security measures do not exist in a vacuum and need to operate in harmony with people This has led to a plethora of academic research that seeks to address the role of the human in cybersecurity It is against this backdrop that ENISA has conducted four evidence-based reviews of human aspects of cybersecurity two based on the use (and effectiveness) of models from social science one on qualitative studies and one on current practise within organisations These reviews are published online as a technical annex Across all four reviews ENISA
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1418
found a relatively small number of models none of which were a particularly good fit for understanding predicting or changing cyber-security behaviour Many ignored the context in which much cybersecurity behaviour occurs (ie the workplace) and the constraints and other demands on peoplersquos time and resources that it causes
8 non-technical ways to improve your companyrsquos cybersecurity Sara Brown MIT Management January 29 2020 Online access
Cyberattacks are a growing threat facing businesses major cities and political campaigns Cyber risk ranked as the top business concern for 2020 according to a recent survey of more than 2700 global business leaders and security experts Cybersecurity solutions arenrsquot always complicated From planning ahead to simple fixes herersquos what you should be doing right now
Does your board really understand your cyber risks Daniel Dobrygowski and Derek Vadala Harvard Business Review 01 September 2020 Online access
Over the past decade business leaders have had to face an uncomfortable truth Itrsquos become impossible to sit at the head of a company and not address the threat of cyber risk Cyber attacks are increasingly pervasive and can present near existential threats to companies and boards of directors and CEOs need ways to evaluate them even if they canrsquot grasp the technical details This has led to an explosion in the demand for cyber-risk measurements both inside companies and among external stakeholders Becoming literate in cyber risk doesnrsquot mean that all executives need to become technical experts What it does mean is that they need to be able to establish their companyrsquos tolerance for cyber risk define the outcomes that are most important in guiding cybersecurity investment and be able to foster a culture of cybersecurity and resilience
Constructing norms for global cybersecurity Martha Finnemore Duncan B Hollis New York USA Cambridge University Press The American journal of international law 2016-07 Vol110 (3) p425-479 Online access
On February 16 2016 a US court ordered Apple to circumvent the security features of an iPhone 5C used by one of the terrorists who committed the San Bernardino shootings Apple refused It argued that breaking encryption for one phone could not be done without undermining the security of encryption more generally It made a public appeal for ldquoeveryone to step back and consider the implicationsrdquo of having a ldquoback doorrdquo key to unlock any phonemdashwhich governments (and others) could deploy to track users or access their data The US government eventually withdrew its suit after the FBI hired an outside party to access the phone But the incident sparked a wide-ranging debate over the appropriate standards of behavior for companies like Apple and for their customers in constructing and using information and communication technologies (ICTs) That debate
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1518
in turn is part of a much larger conversation Essential as the Internet is ldquorules of the roadrdquo for cyberspace are often unclear and have become the focus of serious conflicts
Sizing up your cyberrisks Thomas J Parenty and Jack J Domet Harvard Business Review November-December 2019 Online access
When cybersecurity efforts address only technology the result is company leaders who are poorly informed and organizations that are poorly protected Discussions of cyberthreats end up being filled with specialized tech jargon and senior executives canrsquot participate meaningfully in them The responsibility for addressing risks then gets relegated entirely to cybersecurity and IT staff whose attention falls mainly on corporate computer systems The outcome tends to be a long ill-prioritized list of mitigation tasks Since no company has the resources to fix every cybersecurity problem important threats can go unaddressed A more fruitful approach is to adopt the view that cybersecurity should focus more on threatsrsquo potential impact on a businessrsquos activities That adjustment might seem minor but when leaders start with crucial activities they can better prioritize the development of cyberdefenses
What countries and companies can do when trade and cybersecurity overlap
Stuart Madnick Simon Johnson and Keman Huang Harvard Business Review January 4 2019 Online Access
Since it is not feasible to thoroughly examine the software firmware and hardware of every single product what should countries and companies do to prevent cyber intrusions Countries and companies need to consider their options At present there is no framework for understanding and categorizing the cybersecurity concerns involved in trade Without a clear understanding governments may implement policies that result in cyber conflicts while businesses will struggle to keep up with how cybersecurity concerns and restrictions are evolving We have developed a framework to systematically organize these cases basing it on our in-depth interviews with domain expe
The EU as a coherent (Cyber)security actor Helena Carrapico Andreacute Barrinha Journal of common market studies 2017-11 Vol55 (6) p1254-1272 Online Access
The last three decades have seen the development of the European Union (EU) as a security actor The transnational character of the security threats and the challenges identified by the EU have led to progressive integration between internal and external security concerns These concerns have often led to calls for greater coherence within EU security policies The literature however indicates that this need for coherence has so far not been systematically operationalized leading to a fragmented security field This article has two main aims To devise a framework for the analysis of the EUs coherence as a security actor and to apply it to the cybersecurity field By focusing on
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1618
EU cybersecurity policy this article will explore whether the EU can be considered a coherent actor in this field or whether this policy is being implemented according to different and unco‐ordinated rationales
Cyber security in the Internet of Things
Christopher J Rezendes and W David Stephenson Harvard Business Review June 21 2013 Online Access
Every enterprise will be affected by the Internet of Things (IoT) the growing phenomenon by which not only people but also ldquothingsrdquo mdash vehicles commercial and industrial equipment medical devices remote sensors in natural environments mdash are linked to networks that are connected to the internet Expect the impact on your business to be profound In particular expect it to challenge your conception of cybersecurity and your ability to deliver it in IoT-enabled digital networks your commercial operations and your partner ecosystems Paradoxically the very principle that makes the IoT so powerful mdash the potential to share data instantly with everyone and everything (every authorized entity that is) mdash creates a huge cybersecurity threat
TED TALKS
The humanity behind cybersecurity attacks
Mark Burnette
TEDX Nashvile 2019
Online access Companies spend millions of dollars every year to
protect their private data from cyberattack However
ordinary people can undermine all their hard work with
one mistake - and we often do Most successful security
breaches happen not because of sophisticated attacks
but due to human failures In this engaging talk one of
Americarsquos foremost cybersecurity experts will explore the
three human characteristics that hackers abuse to
conduct cyberattacks
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1718
Your human firewall ndash the answer to the cyber security problem Rob May TEDxWoking 2017 Online access Personal data is a precious commodity but sometimes
we can share too much Rob thinks we need to develop
our human firewall in an age where some much of our
lives is online
I cyber security Tom Hofmann TEDxZuriberg July 2018 Online access Tom talks about why (cyber) security doesnt become
more efficient and effective as technology progresses
and how human-centered innovation can be leveraged to
achieve a joint optimization of complex social and
technical systems
PODCASTS
Security Now Steve Gibson Leo Laporte Online access Security Now is a weekly podcast featuring Steve
Gibson and Leo Laporte who spend nearly two
hours discussing vital security concerns ranging
from news to long-standing issues concerns and
solutions Security Now focuses on personal
security offering valuable insights to help their
audience overcome common challenges and ramp
up their personal security
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1818
Cybersecurity Kerckhoffs principle amp why attack is the best form of defence Kerckhoffs Principle amp Why Attack Is the Best Form of Defence Euromoney 2018
Online access Cybersecurity is of paramount importance for
corporations as cybercriminals continue to become
more and more sophisticated Villains hack their way
into business computer systems including customer
records This lively podcast from Euromoneyrsquos
series Treasury and Turbulence informs executives
about the security practice of ldquoradical
transparencyrdquo
Security Weekly Paul Asadoorian Online access Security Weekly covers IT security news
vulnerabilities hacking research and related topics
of interest for the IT community by serving as a
security podcast network Their goal is to reach a
wide global audience to share insights and
information that help them learn grow and become
savvy IT professionals
This selection of resources was compiled by the Library of the General Secretariat
of the Council of the European Union for information only The contents are the sole
responsibility of their authors Books linked from this review do not represent the
positions policies or opinions of the Council of the European Union or the
European Council Reuse of the covers is prohibited they belong to the respective
copyright holders
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 718
Cybersecurity protecting your identity and data
Mary-Lane Kamberg 1948- author New York New York Rosen Central 2018
Request via Eureka
This book introduces readers to the importance of
cybersecurity and addresses the current risks from
hackers viruses and other malware identity thieves
and other online perils It provides concrete measures
that young digital natives can take to protect themselves
and their computers smartphones and other devices
This volumes lively cautionary narrative and useful tips
will help readers effectively defend their identities and
data
Personal cybersecurity how to avoid and
recover from cybercrime
Marvin Waschke Berkeley CA Apress Imprint Apress 2017
Request via Eureka Covers personal cybersecurity for all modes of personal
computing whether on consumer-acquired or company-
issued devices desktop PCs laptops mobile devices
smart TVs WiFi and Bluetooth peripherals and IoT
objects embedded with network-connected sensors
Through instructive examples and scenarios the author
shows you how to adapt and apply best practices to
your own particular circumstances how to automate and
routinize your personal cybersecurity how to recognize
security breaches and act swiftly to seal them and how
to recover losses and restore functionality when attacks
succeed
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 818
Hacken fur Dummies
Kevin M Beaver Gerhard Franken translator Weinheim Wiley 2018
Request via Eureka
Der beste Weg den eigenen Computer vor Hack-
Angriffen zu schuumltzen ist zu wissen wie Hacker
arbeiten Betrachten Sie Ihren Computer oder Ihr
Computersystem vom Standpunkt eines Hackers und
verstehen Sie wie Hacker Passwoumlrter knacken welche
Schwachstellen Netzwerke haben wie die
Betriebssysteme Windows Linux und MacOS X
angreifbar sind und wie Datenbanken ausspioniert
werden koumlnnen Der Autor zeigt Ihnen wie Sie Ihre
Systeme auf Schwachstellen uumlberpruumlfen und
Sicherheitsluumlcken ausbessern koumlnnen Machen Sie sich
die Tricks der Hacker zu eigen und drehen Sie den
Spieszlig um
Caught on the web the ultimate cybersecurity guide Jonathan Reuvid editor London Legend Business 2018
Request via Eureka
From passwords to opening emails everyone knows
what they should do but do you do it Tons of malicious
content floods the internet which can compromise your
system and your device be it your laptop tablet or
phone How often do you make payments online This
book will guide you and provide solutions to avoid
common mistakes and to combat cyber-attacks
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 918
Cybersecurity and cyberwar what everyone needs to know PW Singer Allan Friedman New York Oxford University Press 2014
Available at Legal Library Main Collection (SJUR INF 100591)
A generation ago cyberspace was just a term from
science fiction used to describe the nascent network of
computers linking a few university labs Today our
entire modern way of life from communication to
commerce to conflict fundamentally depends on the
Internet We face new questions in everything from our
rights and responsibilities as citizens of both the online
and real world to simply how to protect ourselves and
our families from a new type of danger The book is
structured around the key question areas of cyberspace
and its security how it all works why it all matters and
what can we do
Cybersecurity expert
Daniel R Faust New York NY PowerKids Press 2018
Request via Eureka
With our use of technology increasing every day its not
surprising that our need for cybersecurity experts is also
growing In this informative text readers will learn about
why we need cybersecurity and what these security
experts do to keep sensitive digital information safe
Students are introduced to the concept of computational
thinking as well as STEM concepts addressed in the
Next Generation Science Standards Informational
diagrams and full-color photographs help students make
connections with the text
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1018
What is cybersecurity Haq Kamar New York Britannica Educational Publishing in association with Rosen Educational Services 2017
Request via Eureka
Inexperienced users of computers often jump at the
chance to click colorful flashing ads on the sidebar and
are also tempted to download files from sites not worthy
of trust In short people need to learn how to stay safe
online This book will introduce readers to different types
of online threats including viruses and malware They
will learn how different dangers spread and some basic
steps to stop or prevent them Additionally this book will
illuminate the scary consequences of falling prey to
those threats such as having personal information
stolen or deleted and cyberstalking
Cyber security power and technology Martti Lehto P Neittaanmaki (Pekka) Cham Springer 2018
Request Council Library Loan 105252
Addressing open problems in the cyber world the book
consists of two parts Part I focuses on cyber operations
as a new tool in global security policy while Part II
focuses on new cyber security technologies when
building cyber power capabilities The topics discussed
include strategic perspectives on cyber security and
systems security and network security among others
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1118
Cybersecurity in the European digital single market
European Commission Directorate-General for
Research and Innovation Brussels European Commission 2017
Available Council Library Main Collection 104480
The internet has revolutionised our social and
economic lives However online transactions and our
trust in them are threatened by cybercrime
Cybersecurity protects us and our data from these
threats This scientific opinion provides guidance on how
to enhance cybersecurity in the context of the European
Digital Single Market Its recommendations informed the
EU cybersecurity act
ABSTRACTS
Cybersecurity and cyberwar what everyone needs to know PW Singer and Allan Friedman Oxford UP 2014 Online access
PW Singer and Allan Friedman of the Brookings Institution reveal the mysteries of botnets and shed light on the murky areas of cyberwar and clandestine military operations
Dark territory the secret history of cyber war Fred Kaplan Simon amp Schuster 2016 Online access
Much of the work of national security agencies and private or hired-gun hackers occurs in secret and some of it involves cyberwarfare a realm of constantly changing esoteric technology When events come to light they provoke considerable denial and conflicting narratives This makes Pulitzer Prize-winning reporter Fred Kaplanrsquos lucid history of US involvement in cyberwarfare all the more impressive In this useful look at a complicated subject he explains cyberwarrsquos main participants and events and he clarifies the politics and technologies involved getAbstract recommends his welcome precision and strong moral sense to anyone interested in global politics civil liberties in cyberspace history or the intersection of technology and society
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1218
ARTICLES
The COVID-19 Hackers Mind-set White Paper of the ECHO Network of cybersecurity centres European Network of Cybersecurity Centres (ECHO) White Paper 1 April 8 2020 Online access
Monitoring the cybersecurity landscape and the increase of COVID-19 related cybercrimes reporting by cyber experts and law enforcement agencies worldwide the ECHO network of cybersecurity centres (ECHO) has joined forces to establish its COVID-19 Cyber Defence Alliance Its aim is to support all initiatives that aim at protecting the EU Member States key services and critical infrastructure from cyber attacks
How organisations can ramp up their cybersecurity efforts right now Brenda R Sharton Harvard Business Review May 01 2020 Online access
Prior to Covid-19 most companies perceived their worst-case cybersecurity scenario as a computer virus that would shut down company computer systems In fact just the opposite happened a human virus has forced virtually entire workforces online making companies more reliant than ever on their systems The stakes of protecting those systems from a cyberattack could not be higher In the words of the old American Express commercial ldquoWhat will you do What will you dordquoOnce a cyberattack occurs companies largely are on their own They have to scramble to counteract the attack and ensure that the threat actor is out of the system They then may have to navigate industry regulators while also trying to steer clear of the dreaded post-breach class action suit What is a company to do
Will Coronavirus lead to more cyber attacks by Brenda R Sharton Harvard Business Review March 16 2020 Online access
While the world is focused on the systemic threat posed by Covid-19 cybercriminals around the world undoubtedly are poised to capitalize on the crisis by launching a different kind of ldquovirusrdquo More and more employees are working remotely by the day and companies may eventually face the prospect of functioning with little to no personnel on-site or skeleton crews in IT and other important support functionsAgainst this backdrop both employers and employees need to take the utmost care to protect themselves as well as confidential company information Here are some things for employers and employees to keep in mind to minimize the risk
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1318
How to think about cybersecurity in the era of COVID-19 Sara Brown MIT Management August 20 2020 Online access
Cyber incidents are consistently ranked at the top of business concerns and itrsquos easy to see why According to one estimate the global cost of cybercrime will rise to $6 trillion a year by the end of 2021 And this was before the COVID-19 pandemic disrupted businesses worldwide and offered new opportunities for hackers and bad actors Working from home may change a lot of employee behavior but relaxed security standards shouldnrsquot be one of them Here is the expertsrsquo top advice for cybersecurity leaders during the pandemic and beyond
Espionnage attaques subversives et cyber seacutecuriteacute de lrsquoimpact des actions de laquo social engineering raquo et des vulneacuterabiliteacutes humaines sur la seacutecuriteacute globale des entreprises DeCloquement Franck Club des Directeurs de Seacutecuriteacute des Entreprises Seacutecuriteacute et strateacutegie 2016 Vol22 (2) p21-29 Online access
La manipulation apparue en mecircme temps que lecirctre humain comme son corollaire naturel est devenue un outil priseacute des acteurs de la cybercriminaliteacute Les techniques dingeacutenierie sociale mises au service de la captation des donneacutees informatiques frappent deacutesormais lensemble des entreprises autant que les particuliers Dans cet article Franck DeCloquement enseignant agrave lIRIS et speacutecialiste en intelligence strateacutegique pour le groupe KER-MEUR livre des eacuteleacutements de compreacutehension et dintelligence agrave ce sujet en mettant laccent sur la centraliteacute de la dimension humaine beaucoup plus que sur les failles techniques permettant aux cybercriminels de commettre leurs forfaits LHomme doit ecirctre placeacute au centre de toute politique de protection des donneacutees rappelle lauteur suivant un des principes fondateurs du philosophe chinois Sun Tzu dans son ceacutelegravebre Art de la guerre laquo Connais ton ennemi et connais-toi toi-mecircme eussiez-vous cent guerres agrave soutenir cent fois vous serez victorieux
There is a growing recognition that technical cyber security measures do not exist in a vacuum and need to operate in harmony with people This has led to a plethora of academic research that seeks to address the role of the human in cybersecurity It is against this backdrop that ENISA has conducted four evidence-based reviews of human aspects of cybersecurity two based on the use (and effectiveness) of models from social science one on qualitative studies and one on current practise within organisations These reviews are published online as a technical annex Across all four reviews ENISA
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1418
found a relatively small number of models none of which were a particularly good fit for understanding predicting or changing cyber-security behaviour Many ignored the context in which much cybersecurity behaviour occurs (ie the workplace) and the constraints and other demands on peoplersquos time and resources that it causes
8 non-technical ways to improve your companyrsquos cybersecurity Sara Brown MIT Management January 29 2020 Online access
Cyberattacks are a growing threat facing businesses major cities and political campaigns Cyber risk ranked as the top business concern for 2020 according to a recent survey of more than 2700 global business leaders and security experts Cybersecurity solutions arenrsquot always complicated From planning ahead to simple fixes herersquos what you should be doing right now
Does your board really understand your cyber risks Daniel Dobrygowski and Derek Vadala Harvard Business Review 01 September 2020 Online access
Over the past decade business leaders have had to face an uncomfortable truth Itrsquos become impossible to sit at the head of a company and not address the threat of cyber risk Cyber attacks are increasingly pervasive and can present near existential threats to companies and boards of directors and CEOs need ways to evaluate them even if they canrsquot grasp the technical details This has led to an explosion in the demand for cyber-risk measurements both inside companies and among external stakeholders Becoming literate in cyber risk doesnrsquot mean that all executives need to become technical experts What it does mean is that they need to be able to establish their companyrsquos tolerance for cyber risk define the outcomes that are most important in guiding cybersecurity investment and be able to foster a culture of cybersecurity and resilience
Constructing norms for global cybersecurity Martha Finnemore Duncan B Hollis New York USA Cambridge University Press The American journal of international law 2016-07 Vol110 (3) p425-479 Online access
On February 16 2016 a US court ordered Apple to circumvent the security features of an iPhone 5C used by one of the terrorists who committed the San Bernardino shootings Apple refused It argued that breaking encryption for one phone could not be done without undermining the security of encryption more generally It made a public appeal for ldquoeveryone to step back and consider the implicationsrdquo of having a ldquoback doorrdquo key to unlock any phonemdashwhich governments (and others) could deploy to track users or access their data The US government eventually withdrew its suit after the FBI hired an outside party to access the phone But the incident sparked a wide-ranging debate over the appropriate standards of behavior for companies like Apple and for their customers in constructing and using information and communication technologies (ICTs) That debate
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1518
in turn is part of a much larger conversation Essential as the Internet is ldquorules of the roadrdquo for cyberspace are often unclear and have become the focus of serious conflicts
Sizing up your cyberrisks Thomas J Parenty and Jack J Domet Harvard Business Review November-December 2019 Online access
When cybersecurity efforts address only technology the result is company leaders who are poorly informed and organizations that are poorly protected Discussions of cyberthreats end up being filled with specialized tech jargon and senior executives canrsquot participate meaningfully in them The responsibility for addressing risks then gets relegated entirely to cybersecurity and IT staff whose attention falls mainly on corporate computer systems The outcome tends to be a long ill-prioritized list of mitigation tasks Since no company has the resources to fix every cybersecurity problem important threats can go unaddressed A more fruitful approach is to adopt the view that cybersecurity should focus more on threatsrsquo potential impact on a businessrsquos activities That adjustment might seem minor but when leaders start with crucial activities they can better prioritize the development of cyberdefenses
What countries and companies can do when trade and cybersecurity overlap
Stuart Madnick Simon Johnson and Keman Huang Harvard Business Review January 4 2019 Online Access
Since it is not feasible to thoroughly examine the software firmware and hardware of every single product what should countries and companies do to prevent cyber intrusions Countries and companies need to consider their options At present there is no framework for understanding and categorizing the cybersecurity concerns involved in trade Without a clear understanding governments may implement policies that result in cyber conflicts while businesses will struggle to keep up with how cybersecurity concerns and restrictions are evolving We have developed a framework to systematically organize these cases basing it on our in-depth interviews with domain expe
The EU as a coherent (Cyber)security actor Helena Carrapico Andreacute Barrinha Journal of common market studies 2017-11 Vol55 (6) p1254-1272 Online Access
The last three decades have seen the development of the European Union (EU) as a security actor The transnational character of the security threats and the challenges identified by the EU have led to progressive integration between internal and external security concerns These concerns have often led to calls for greater coherence within EU security policies The literature however indicates that this need for coherence has so far not been systematically operationalized leading to a fragmented security field This article has two main aims To devise a framework for the analysis of the EUs coherence as a security actor and to apply it to the cybersecurity field By focusing on
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1618
EU cybersecurity policy this article will explore whether the EU can be considered a coherent actor in this field or whether this policy is being implemented according to different and unco‐ordinated rationales
Cyber security in the Internet of Things
Christopher J Rezendes and W David Stephenson Harvard Business Review June 21 2013 Online Access
Every enterprise will be affected by the Internet of Things (IoT) the growing phenomenon by which not only people but also ldquothingsrdquo mdash vehicles commercial and industrial equipment medical devices remote sensors in natural environments mdash are linked to networks that are connected to the internet Expect the impact on your business to be profound In particular expect it to challenge your conception of cybersecurity and your ability to deliver it in IoT-enabled digital networks your commercial operations and your partner ecosystems Paradoxically the very principle that makes the IoT so powerful mdash the potential to share data instantly with everyone and everything (every authorized entity that is) mdash creates a huge cybersecurity threat
TED TALKS
The humanity behind cybersecurity attacks
Mark Burnette
TEDX Nashvile 2019
Online access Companies spend millions of dollars every year to
protect their private data from cyberattack However
ordinary people can undermine all their hard work with
one mistake - and we often do Most successful security
breaches happen not because of sophisticated attacks
but due to human failures In this engaging talk one of
Americarsquos foremost cybersecurity experts will explore the
three human characteristics that hackers abuse to
conduct cyberattacks
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1718
Your human firewall ndash the answer to the cyber security problem Rob May TEDxWoking 2017 Online access Personal data is a precious commodity but sometimes
we can share too much Rob thinks we need to develop
our human firewall in an age where some much of our
lives is online
I cyber security Tom Hofmann TEDxZuriberg July 2018 Online access Tom talks about why (cyber) security doesnt become
more efficient and effective as technology progresses
and how human-centered innovation can be leveraged to
achieve a joint optimization of complex social and
technical systems
PODCASTS
Security Now Steve Gibson Leo Laporte Online access Security Now is a weekly podcast featuring Steve
Gibson and Leo Laporte who spend nearly two
hours discussing vital security concerns ranging
from news to long-standing issues concerns and
solutions Security Now focuses on personal
security offering valuable insights to help their
audience overcome common challenges and ramp
up their personal security
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1818
Cybersecurity Kerckhoffs principle amp why attack is the best form of defence Kerckhoffs Principle amp Why Attack Is the Best Form of Defence Euromoney 2018
Online access Cybersecurity is of paramount importance for
corporations as cybercriminals continue to become
more and more sophisticated Villains hack their way
into business computer systems including customer
records This lively podcast from Euromoneyrsquos
series Treasury and Turbulence informs executives
about the security practice of ldquoradical
transparencyrdquo
Security Weekly Paul Asadoorian Online access Security Weekly covers IT security news
vulnerabilities hacking research and related topics
of interest for the IT community by serving as a
security podcast network Their goal is to reach a
wide global audience to share insights and
information that help them learn grow and become
savvy IT professionals
This selection of resources was compiled by the Library of the General Secretariat
of the Council of the European Union for information only The contents are the sole
responsibility of their authors Books linked from this review do not represent the
positions policies or opinions of the Council of the European Union or the
European Council Reuse of the covers is prohibited they belong to the respective
copyright holders
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 818
Hacken fur Dummies
Kevin M Beaver Gerhard Franken translator Weinheim Wiley 2018
Request via Eureka
Der beste Weg den eigenen Computer vor Hack-
Angriffen zu schuumltzen ist zu wissen wie Hacker
arbeiten Betrachten Sie Ihren Computer oder Ihr
Computersystem vom Standpunkt eines Hackers und
verstehen Sie wie Hacker Passwoumlrter knacken welche
Schwachstellen Netzwerke haben wie die
Betriebssysteme Windows Linux und MacOS X
angreifbar sind und wie Datenbanken ausspioniert
werden koumlnnen Der Autor zeigt Ihnen wie Sie Ihre
Systeme auf Schwachstellen uumlberpruumlfen und
Sicherheitsluumlcken ausbessern koumlnnen Machen Sie sich
die Tricks der Hacker zu eigen und drehen Sie den
Spieszlig um
Caught on the web the ultimate cybersecurity guide Jonathan Reuvid editor London Legend Business 2018
Request via Eureka
From passwords to opening emails everyone knows
what they should do but do you do it Tons of malicious
content floods the internet which can compromise your
system and your device be it your laptop tablet or
phone How often do you make payments online This
book will guide you and provide solutions to avoid
common mistakes and to combat cyber-attacks
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 918
Cybersecurity and cyberwar what everyone needs to know PW Singer Allan Friedman New York Oxford University Press 2014
Available at Legal Library Main Collection (SJUR INF 100591)
A generation ago cyberspace was just a term from
science fiction used to describe the nascent network of
computers linking a few university labs Today our
entire modern way of life from communication to
commerce to conflict fundamentally depends on the
Internet We face new questions in everything from our
rights and responsibilities as citizens of both the online
and real world to simply how to protect ourselves and
our families from a new type of danger The book is
structured around the key question areas of cyberspace
and its security how it all works why it all matters and
what can we do
Cybersecurity expert
Daniel R Faust New York NY PowerKids Press 2018
Request via Eureka
With our use of technology increasing every day its not
surprising that our need for cybersecurity experts is also
growing In this informative text readers will learn about
why we need cybersecurity and what these security
experts do to keep sensitive digital information safe
Students are introduced to the concept of computational
thinking as well as STEM concepts addressed in the
Next Generation Science Standards Informational
diagrams and full-color photographs help students make
connections with the text
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1018
What is cybersecurity Haq Kamar New York Britannica Educational Publishing in association with Rosen Educational Services 2017
Request via Eureka
Inexperienced users of computers often jump at the
chance to click colorful flashing ads on the sidebar and
are also tempted to download files from sites not worthy
of trust In short people need to learn how to stay safe
online This book will introduce readers to different types
of online threats including viruses and malware They
will learn how different dangers spread and some basic
steps to stop or prevent them Additionally this book will
illuminate the scary consequences of falling prey to
those threats such as having personal information
stolen or deleted and cyberstalking
Cyber security power and technology Martti Lehto P Neittaanmaki (Pekka) Cham Springer 2018
Request Council Library Loan 105252
Addressing open problems in the cyber world the book
consists of two parts Part I focuses on cyber operations
as a new tool in global security policy while Part II
focuses on new cyber security technologies when
building cyber power capabilities The topics discussed
include strategic perspectives on cyber security and
systems security and network security among others
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1118
Cybersecurity in the European digital single market
European Commission Directorate-General for
Research and Innovation Brussels European Commission 2017
Available Council Library Main Collection 104480
The internet has revolutionised our social and
economic lives However online transactions and our
trust in them are threatened by cybercrime
Cybersecurity protects us and our data from these
threats This scientific opinion provides guidance on how
to enhance cybersecurity in the context of the European
Digital Single Market Its recommendations informed the
EU cybersecurity act
ABSTRACTS
Cybersecurity and cyberwar what everyone needs to know PW Singer and Allan Friedman Oxford UP 2014 Online access
PW Singer and Allan Friedman of the Brookings Institution reveal the mysteries of botnets and shed light on the murky areas of cyberwar and clandestine military operations
Dark territory the secret history of cyber war Fred Kaplan Simon amp Schuster 2016 Online access
Much of the work of national security agencies and private or hired-gun hackers occurs in secret and some of it involves cyberwarfare a realm of constantly changing esoteric technology When events come to light they provoke considerable denial and conflicting narratives This makes Pulitzer Prize-winning reporter Fred Kaplanrsquos lucid history of US involvement in cyberwarfare all the more impressive In this useful look at a complicated subject he explains cyberwarrsquos main participants and events and he clarifies the politics and technologies involved getAbstract recommends his welcome precision and strong moral sense to anyone interested in global politics civil liberties in cyberspace history or the intersection of technology and society
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1218
ARTICLES
The COVID-19 Hackers Mind-set White Paper of the ECHO Network of cybersecurity centres European Network of Cybersecurity Centres (ECHO) White Paper 1 April 8 2020 Online access
Monitoring the cybersecurity landscape and the increase of COVID-19 related cybercrimes reporting by cyber experts and law enforcement agencies worldwide the ECHO network of cybersecurity centres (ECHO) has joined forces to establish its COVID-19 Cyber Defence Alliance Its aim is to support all initiatives that aim at protecting the EU Member States key services and critical infrastructure from cyber attacks
How organisations can ramp up their cybersecurity efforts right now Brenda R Sharton Harvard Business Review May 01 2020 Online access
Prior to Covid-19 most companies perceived their worst-case cybersecurity scenario as a computer virus that would shut down company computer systems In fact just the opposite happened a human virus has forced virtually entire workforces online making companies more reliant than ever on their systems The stakes of protecting those systems from a cyberattack could not be higher In the words of the old American Express commercial ldquoWhat will you do What will you dordquoOnce a cyberattack occurs companies largely are on their own They have to scramble to counteract the attack and ensure that the threat actor is out of the system They then may have to navigate industry regulators while also trying to steer clear of the dreaded post-breach class action suit What is a company to do
Will Coronavirus lead to more cyber attacks by Brenda R Sharton Harvard Business Review March 16 2020 Online access
While the world is focused on the systemic threat posed by Covid-19 cybercriminals around the world undoubtedly are poised to capitalize on the crisis by launching a different kind of ldquovirusrdquo More and more employees are working remotely by the day and companies may eventually face the prospect of functioning with little to no personnel on-site or skeleton crews in IT and other important support functionsAgainst this backdrop both employers and employees need to take the utmost care to protect themselves as well as confidential company information Here are some things for employers and employees to keep in mind to minimize the risk
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1318
How to think about cybersecurity in the era of COVID-19 Sara Brown MIT Management August 20 2020 Online access
Cyber incidents are consistently ranked at the top of business concerns and itrsquos easy to see why According to one estimate the global cost of cybercrime will rise to $6 trillion a year by the end of 2021 And this was before the COVID-19 pandemic disrupted businesses worldwide and offered new opportunities for hackers and bad actors Working from home may change a lot of employee behavior but relaxed security standards shouldnrsquot be one of them Here is the expertsrsquo top advice for cybersecurity leaders during the pandemic and beyond
Espionnage attaques subversives et cyber seacutecuriteacute de lrsquoimpact des actions de laquo social engineering raquo et des vulneacuterabiliteacutes humaines sur la seacutecuriteacute globale des entreprises DeCloquement Franck Club des Directeurs de Seacutecuriteacute des Entreprises Seacutecuriteacute et strateacutegie 2016 Vol22 (2) p21-29 Online access
La manipulation apparue en mecircme temps que lecirctre humain comme son corollaire naturel est devenue un outil priseacute des acteurs de la cybercriminaliteacute Les techniques dingeacutenierie sociale mises au service de la captation des donneacutees informatiques frappent deacutesormais lensemble des entreprises autant que les particuliers Dans cet article Franck DeCloquement enseignant agrave lIRIS et speacutecialiste en intelligence strateacutegique pour le groupe KER-MEUR livre des eacuteleacutements de compreacutehension et dintelligence agrave ce sujet en mettant laccent sur la centraliteacute de la dimension humaine beaucoup plus que sur les failles techniques permettant aux cybercriminels de commettre leurs forfaits LHomme doit ecirctre placeacute au centre de toute politique de protection des donneacutees rappelle lauteur suivant un des principes fondateurs du philosophe chinois Sun Tzu dans son ceacutelegravebre Art de la guerre laquo Connais ton ennemi et connais-toi toi-mecircme eussiez-vous cent guerres agrave soutenir cent fois vous serez victorieux
There is a growing recognition that technical cyber security measures do not exist in a vacuum and need to operate in harmony with people This has led to a plethora of academic research that seeks to address the role of the human in cybersecurity It is against this backdrop that ENISA has conducted four evidence-based reviews of human aspects of cybersecurity two based on the use (and effectiveness) of models from social science one on qualitative studies and one on current practise within organisations These reviews are published online as a technical annex Across all four reviews ENISA
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1418
found a relatively small number of models none of which were a particularly good fit for understanding predicting or changing cyber-security behaviour Many ignored the context in which much cybersecurity behaviour occurs (ie the workplace) and the constraints and other demands on peoplersquos time and resources that it causes
8 non-technical ways to improve your companyrsquos cybersecurity Sara Brown MIT Management January 29 2020 Online access
Cyberattacks are a growing threat facing businesses major cities and political campaigns Cyber risk ranked as the top business concern for 2020 according to a recent survey of more than 2700 global business leaders and security experts Cybersecurity solutions arenrsquot always complicated From planning ahead to simple fixes herersquos what you should be doing right now
Does your board really understand your cyber risks Daniel Dobrygowski and Derek Vadala Harvard Business Review 01 September 2020 Online access
Over the past decade business leaders have had to face an uncomfortable truth Itrsquos become impossible to sit at the head of a company and not address the threat of cyber risk Cyber attacks are increasingly pervasive and can present near existential threats to companies and boards of directors and CEOs need ways to evaluate them even if they canrsquot grasp the technical details This has led to an explosion in the demand for cyber-risk measurements both inside companies and among external stakeholders Becoming literate in cyber risk doesnrsquot mean that all executives need to become technical experts What it does mean is that they need to be able to establish their companyrsquos tolerance for cyber risk define the outcomes that are most important in guiding cybersecurity investment and be able to foster a culture of cybersecurity and resilience
Constructing norms for global cybersecurity Martha Finnemore Duncan B Hollis New York USA Cambridge University Press The American journal of international law 2016-07 Vol110 (3) p425-479 Online access
On February 16 2016 a US court ordered Apple to circumvent the security features of an iPhone 5C used by one of the terrorists who committed the San Bernardino shootings Apple refused It argued that breaking encryption for one phone could not be done without undermining the security of encryption more generally It made a public appeal for ldquoeveryone to step back and consider the implicationsrdquo of having a ldquoback doorrdquo key to unlock any phonemdashwhich governments (and others) could deploy to track users or access their data The US government eventually withdrew its suit after the FBI hired an outside party to access the phone But the incident sparked a wide-ranging debate over the appropriate standards of behavior for companies like Apple and for their customers in constructing and using information and communication technologies (ICTs) That debate
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1518
in turn is part of a much larger conversation Essential as the Internet is ldquorules of the roadrdquo for cyberspace are often unclear and have become the focus of serious conflicts
Sizing up your cyberrisks Thomas J Parenty and Jack J Domet Harvard Business Review November-December 2019 Online access
When cybersecurity efforts address only technology the result is company leaders who are poorly informed and organizations that are poorly protected Discussions of cyberthreats end up being filled with specialized tech jargon and senior executives canrsquot participate meaningfully in them The responsibility for addressing risks then gets relegated entirely to cybersecurity and IT staff whose attention falls mainly on corporate computer systems The outcome tends to be a long ill-prioritized list of mitigation tasks Since no company has the resources to fix every cybersecurity problem important threats can go unaddressed A more fruitful approach is to adopt the view that cybersecurity should focus more on threatsrsquo potential impact on a businessrsquos activities That adjustment might seem minor but when leaders start with crucial activities they can better prioritize the development of cyberdefenses
What countries and companies can do when trade and cybersecurity overlap
Stuart Madnick Simon Johnson and Keman Huang Harvard Business Review January 4 2019 Online Access
Since it is not feasible to thoroughly examine the software firmware and hardware of every single product what should countries and companies do to prevent cyber intrusions Countries and companies need to consider their options At present there is no framework for understanding and categorizing the cybersecurity concerns involved in trade Without a clear understanding governments may implement policies that result in cyber conflicts while businesses will struggle to keep up with how cybersecurity concerns and restrictions are evolving We have developed a framework to systematically organize these cases basing it on our in-depth interviews with domain expe
The EU as a coherent (Cyber)security actor Helena Carrapico Andreacute Barrinha Journal of common market studies 2017-11 Vol55 (6) p1254-1272 Online Access
The last three decades have seen the development of the European Union (EU) as a security actor The transnational character of the security threats and the challenges identified by the EU have led to progressive integration between internal and external security concerns These concerns have often led to calls for greater coherence within EU security policies The literature however indicates that this need for coherence has so far not been systematically operationalized leading to a fragmented security field This article has two main aims To devise a framework for the analysis of the EUs coherence as a security actor and to apply it to the cybersecurity field By focusing on
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1618
EU cybersecurity policy this article will explore whether the EU can be considered a coherent actor in this field or whether this policy is being implemented according to different and unco‐ordinated rationales
Cyber security in the Internet of Things
Christopher J Rezendes and W David Stephenson Harvard Business Review June 21 2013 Online Access
Every enterprise will be affected by the Internet of Things (IoT) the growing phenomenon by which not only people but also ldquothingsrdquo mdash vehicles commercial and industrial equipment medical devices remote sensors in natural environments mdash are linked to networks that are connected to the internet Expect the impact on your business to be profound In particular expect it to challenge your conception of cybersecurity and your ability to deliver it in IoT-enabled digital networks your commercial operations and your partner ecosystems Paradoxically the very principle that makes the IoT so powerful mdash the potential to share data instantly with everyone and everything (every authorized entity that is) mdash creates a huge cybersecurity threat
TED TALKS
The humanity behind cybersecurity attacks
Mark Burnette
TEDX Nashvile 2019
Online access Companies spend millions of dollars every year to
protect their private data from cyberattack However
ordinary people can undermine all their hard work with
one mistake - and we often do Most successful security
breaches happen not because of sophisticated attacks
but due to human failures In this engaging talk one of
Americarsquos foremost cybersecurity experts will explore the
three human characteristics that hackers abuse to
conduct cyberattacks
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1718
Your human firewall ndash the answer to the cyber security problem Rob May TEDxWoking 2017 Online access Personal data is a precious commodity but sometimes
we can share too much Rob thinks we need to develop
our human firewall in an age where some much of our
lives is online
I cyber security Tom Hofmann TEDxZuriberg July 2018 Online access Tom talks about why (cyber) security doesnt become
more efficient and effective as technology progresses
and how human-centered innovation can be leveraged to
achieve a joint optimization of complex social and
technical systems
PODCASTS
Security Now Steve Gibson Leo Laporte Online access Security Now is a weekly podcast featuring Steve
Gibson and Leo Laporte who spend nearly two
hours discussing vital security concerns ranging
from news to long-standing issues concerns and
solutions Security Now focuses on personal
security offering valuable insights to help their
audience overcome common challenges and ramp
up their personal security
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1818
Cybersecurity Kerckhoffs principle amp why attack is the best form of defence Kerckhoffs Principle amp Why Attack Is the Best Form of Defence Euromoney 2018
Online access Cybersecurity is of paramount importance for
corporations as cybercriminals continue to become
more and more sophisticated Villains hack their way
into business computer systems including customer
records This lively podcast from Euromoneyrsquos
series Treasury and Turbulence informs executives
about the security practice of ldquoradical
transparencyrdquo
Security Weekly Paul Asadoorian Online access Security Weekly covers IT security news
vulnerabilities hacking research and related topics
of interest for the IT community by serving as a
security podcast network Their goal is to reach a
wide global audience to share insights and
information that help them learn grow and become
savvy IT professionals
This selection of resources was compiled by the Library of the General Secretariat
of the Council of the European Union for information only The contents are the sole
responsibility of their authors Books linked from this review do not represent the
positions policies or opinions of the Council of the European Union or the
European Council Reuse of the covers is prohibited they belong to the respective
copyright holders
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 918
Cybersecurity and cyberwar what everyone needs to know PW Singer Allan Friedman New York Oxford University Press 2014
Available at Legal Library Main Collection (SJUR INF 100591)
A generation ago cyberspace was just a term from
science fiction used to describe the nascent network of
computers linking a few university labs Today our
entire modern way of life from communication to
commerce to conflict fundamentally depends on the
Internet We face new questions in everything from our
rights and responsibilities as citizens of both the online
and real world to simply how to protect ourselves and
our families from a new type of danger The book is
structured around the key question areas of cyberspace
and its security how it all works why it all matters and
what can we do
Cybersecurity expert
Daniel R Faust New York NY PowerKids Press 2018
Request via Eureka
With our use of technology increasing every day its not
surprising that our need for cybersecurity experts is also
growing In this informative text readers will learn about
why we need cybersecurity and what these security
experts do to keep sensitive digital information safe
Students are introduced to the concept of computational
thinking as well as STEM concepts addressed in the
Next Generation Science Standards Informational
diagrams and full-color photographs help students make
connections with the text
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1018
What is cybersecurity Haq Kamar New York Britannica Educational Publishing in association with Rosen Educational Services 2017
Request via Eureka
Inexperienced users of computers often jump at the
chance to click colorful flashing ads on the sidebar and
are also tempted to download files from sites not worthy
of trust In short people need to learn how to stay safe
online This book will introduce readers to different types
of online threats including viruses and malware They
will learn how different dangers spread and some basic
steps to stop or prevent them Additionally this book will
illuminate the scary consequences of falling prey to
those threats such as having personal information
stolen or deleted and cyberstalking
Cyber security power and technology Martti Lehto P Neittaanmaki (Pekka) Cham Springer 2018
Request Council Library Loan 105252
Addressing open problems in the cyber world the book
consists of two parts Part I focuses on cyber operations
as a new tool in global security policy while Part II
focuses on new cyber security technologies when
building cyber power capabilities The topics discussed
include strategic perspectives on cyber security and
systems security and network security among others
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1118
Cybersecurity in the European digital single market
European Commission Directorate-General for
Research and Innovation Brussels European Commission 2017
Available Council Library Main Collection 104480
The internet has revolutionised our social and
economic lives However online transactions and our
trust in them are threatened by cybercrime
Cybersecurity protects us and our data from these
threats This scientific opinion provides guidance on how
to enhance cybersecurity in the context of the European
Digital Single Market Its recommendations informed the
EU cybersecurity act
ABSTRACTS
Cybersecurity and cyberwar what everyone needs to know PW Singer and Allan Friedman Oxford UP 2014 Online access
PW Singer and Allan Friedman of the Brookings Institution reveal the mysteries of botnets and shed light on the murky areas of cyberwar and clandestine military operations
Dark territory the secret history of cyber war Fred Kaplan Simon amp Schuster 2016 Online access
Much of the work of national security agencies and private or hired-gun hackers occurs in secret and some of it involves cyberwarfare a realm of constantly changing esoteric technology When events come to light they provoke considerable denial and conflicting narratives This makes Pulitzer Prize-winning reporter Fred Kaplanrsquos lucid history of US involvement in cyberwarfare all the more impressive In this useful look at a complicated subject he explains cyberwarrsquos main participants and events and he clarifies the politics and technologies involved getAbstract recommends his welcome precision and strong moral sense to anyone interested in global politics civil liberties in cyberspace history or the intersection of technology and society
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1218
ARTICLES
The COVID-19 Hackers Mind-set White Paper of the ECHO Network of cybersecurity centres European Network of Cybersecurity Centres (ECHO) White Paper 1 April 8 2020 Online access
Monitoring the cybersecurity landscape and the increase of COVID-19 related cybercrimes reporting by cyber experts and law enforcement agencies worldwide the ECHO network of cybersecurity centres (ECHO) has joined forces to establish its COVID-19 Cyber Defence Alliance Its aim is to support all initiatives that aim at protecting the EU Member States key services and critical infrastructure from cyber attacks
How organisations can ramp up their cybersecurity efforts right now Brenda R Sharton Harvard Business Review May 01 2020 Online access
Prior to Covid-19 most companies perceived their worst-case cybersecurity scenario as a computer virus that would shut down company computer systems In fact just the opposite happened a human virus has forced virtually entire workforces online making companies more reliant than ever on their systems The stakes of protecting those systems from a cyberattack could not be higher In the words of the old American Express commercial ldquoWhat will you do What will you dordquoOnce a cyberattack occurs companies largely are on their own They have to scramble to counteract the attack and ensure that the threat actor is out of the system They then may have to navigate industry regulators while also trying to steer clear of the dreaded post-breach class action suit What is a company to do
Will Coronavirus lead to more cyber attacks by Brenda R Sharton Harvard Business Review March 16 2020 Online access
While the world is focused on the systemic threat posed by Covid-19 cybercriminals around the world undoubtedly are poised to capitalize on the crisis by launching a different kind of ldquovirusrdquo More and more employees are working remotely by the day and companies may eventually face the prospect of functioning with little to no personnel on-site or skeleton crews in IT and other important support functionsAgainst this backdrop both employers and employees need to take the utmost care to protect themselves as well as confidential company information Here are some things for employers and employees to keep in mind to minimize the risk
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1318
How to think about cybersecurity in the era of COVID-19 Sara Brown MIT Management August 20 2020 Online access
Cyber incidents are consistently ranked at the top of business concerns and itrsquos easy to see why According to one estimate the global cost of cybercrime will rise to $6 trillion a year by the end of 2021 And this was before the COVID-19 pandemic disrupted businesses worldwide and offered new opportunities for hackers and bad actors Working from home may change a lot of employee behavior but relaxed security standards shouldnrsquot be one of them Here is the expertsrsquo top advice for cybersecurity leaders during the pandemic and beyond
Espionnage attaques subversives et cyber seacutecuriteacute de lrsquoimpact des actions de laquo social engineering raquo et des vulneacuterabiliteacutes humaines sur la seacutecuriteacute globale des entreprises DeCloquement Franck Club des Directeurs de Seacutecuriteacute des Entreprises Seacutecuriteacute et strateacutegie 2016 Vol22 (2) p21-29 Online access
La manipulation apparue en mecircme temps que lecirctre humain comme son corollaire naturel est devenue un outil priseacute des acteurs de la cybercriminaliteacute Les techniques dingeacutenierie sociale mises au service de la captation des donneacutees informatiques frappent deacutesormais lensemble des entreprises autant que les particuliers Dans cet article Franck DeCloquement enseignant agrave lIRIS et speacutecialiste en intelligence strateacutegique pour le groupe KER-MEUR livre des eacuteleacutements de compreacutehension et dintelligence agrave ce sujet en mettant laccent sur la centraliteacute de la dimension humaine beaucoup plus que sur les failles techniques permettant aux cybercriminels de commettre leurs forfaits LHomme doit ecirctre placeacute au centre de toute politique de protection des donneacutees rappelle lauteur suivant un des principes fondateurs du philosophe chinois Sun Tzu dans son ceacutelegravebre Art de la guerre laquo Connais ton ennemi et connais-toi toi-mecircme eussiez-vous cent guerres agrave soutenir cent fois vous serez victorieux
There is a growing recognition that technical cyber security measures do not exist in a vacuum and need to operate in harmony with people This has led to a plethora of academic research that seeks to address the role of the human in cybersecurity It is against this backdrop that ENISA has conducted four evidence-based reviews of human aspects of cybersecurity two based on the use (and effectiveness) of models from social science one on qualitative studies and one on current practise within organisations These reviews are published online as a technical annex Across all four reviews ENISA
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1418
found a relatively small number of models none of which were a particularly good fit for understanding predicting or changing cyber-security behaviour Many ignored the context in which much cybersecurity behaviour occurs (ie the workplace) and the constraints and other demands on peoplersquos time and resources that it causes
8 non-technical ways to improve your companyrsquos cybersecurity Sara Brown MIT Management January 29 2020 Online access
Cyberattacks are a growing threat facing businesses major cities and political campaigns Cyber risk ranked as the top business concern for 2020 according to a recent survey of more than 2700 global business leaders and security experts Cybersecurity solutions arenrsquot always complicated From planning ahead to simple fixes herersquos what you should be doing right now
Does your board really understand your cyber risks Daniel Dobrygowski and Derek Vadala Harvard Business Review 01 September 2020 Online access
Over the past decade business leaders have had to face an uncomfortable truth Itrsquos become impossible to sit at the head of a company and not address the threat of cyber risk Cyber attacks are increasingly pervasive and can present near existential threats to companies and boards of directors and CEOs need ways to evaluate them even if they canrsquot grasp the technical details This has led to an explosion in the demand for cyber-risk measurements both inside companies and among external stakeholders Becoming literate in cyber risk doesnrsquot mean that all executives need to become technical experts What it does mean is that they need to be able to establish their companyrsquos tolerance for cyber risk define the outcomes that are most important in guiding cybersecurity investment and be able to foster a culture of cybersecurity and resilience
Constructing norms for global cybersecurity Martha Finnemore Duncan B Hollis New York USA Cambridge University Press The American journal of international law 2016-07 Vol110 (3) p425-479 Online access
On February 16 2016 a US court ordered Apple to circumvent the security features of an iPhone 5C used by one of the terrorists who committed the San Bernardino shootings Apple refused It argued that breaking encryption for one phone could not be done without undermining the security of encryption more generally It made a public appeal for ldquoeveryone to step back and consider the implicationsrdquo of having a ldquoback doorrdquo key to unlock any phonemdashwhich governments (and others) could deploy to track users or access their data The US government eventually withdrew its suit after the FBI hired an outside party to access the phone But the incident sparked a wide-ranging debate over the appropriate standards of behavior for companies like Apple and for their customers in constructing and using information and communication technologies (ICTs) That debate
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1518
in turn is part of a much larger conversation Essential as the Internet is ldquorules of the roadrdquo for cyberspace are often unclear and have become the focus of serious conflicts
Sizing up your cyberrisks Thomas J Parenty and Jack J Domet Harvard Business Review November-December 2019 Online access
When cybersecurity efforts address only technology the result is company leaders who are poorly informed and organizations that are poorly protected Discussions of cyberthreats end up being filled with specialized tech jargon and senior executives canrsquot participate meaningfully in them The responsibility for addressing risks then gets relegated entirely to cybersecurity and IT staff whose attention falls mainly on corporate computer systems The outcome tends to be a long ill-prioritized list of mitigation tasks Since no company has the resources to fix every cybersecurity problem important threats can go unaddressed A more fruitful approach is to adopt the view that cybersecurity should focus more on threatsrsquo potential impact on a businessrsquos activities That adjustment might seem minor but when leaders start with crucial activities they can better prioritize the development of cyberdefenses
What countries and companies can do when trade and cybersecurity overlap
Stuart Madnick Simon Johnson and Keman Huang Harvard Business Review January 4 2019 Online Access
Since it is not feasible to thoroughly examine the software firmware and hardware of every single product what should countries and companies do to prevent cyber intrusions Countries and companies need to consider their options At present there is no framework for understanding and categorizing the cybersecurity concerns involved in trade Without a clear understanding governments may implement policies that result in cyber conflicts while businesses will struggle to keep up with how cybersecurity concerns and restrictions are evolving We have developed a framework to systematically organize these cases basing it on our in-depth interviews with domain expe
The EU as a coherent (Cyber)security actor Helena Carrapico Andreacute Barrinha Journal of common market studies 2017-11 Vol55 (6) p1254-1272 Online Access
The last three decades have seen the development of the European Union (EU) as a security actor The transnational character of the security threats and the challenges identified by the EU have led to progressive integration between internal and external security concerns These concerns have often led to calls for greater coherence within EU security policies The literature however indicates that this need for coherence has so far not been systematically operationalized leading to a fragmented security field This article has two main aims To devise a framework for the analysis of the EUs coherence as a security actor and to apply it to the cybersecurity field By focusing on
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1618
EU cybersecurity policy this article will explore whether the EU can be considered a coherent actor in this field or whether this policy is being implemented according to different and unco‐ordinated rationales
Cyber security in the Internet of Things
Christopher J Rezendes and W David Stephenson Harvard Business Review June 21 2013 Online Access
Every enterprise will be affected by the Internet of Things (IoT) the growing phenomenon by which not only people but also ldquothingsrdquo mdash vehicles commercial and industrial equipment medical devices remote sensors in natural environments mdash are linked to networks that are connected to the internet Expect the impact on your business to be profound In particular expect it to challenge your conception of cybersecurity and your ability to deliver it in IoT-enabled digital networks your commercial operations and your partner ecosystems Paradoxically the very principle that makes the IoT so powerful mdash the potential to share data instantly with everyone and everything (every authorized entity that is) mdash creates a huge cybersecurity threat
TED TALKS
The humanity behind cybersecurity attacks
Mark Burnette
TEDX Nashvile 2019
Online access Companies spend millions of dollars every year to
protect their private data from cyberattack However
ordinary people can undermine all their hard work with
one mistake - and we often do Most successful security
breaches happen not because of sophisticated attacks
but due to human failures In this engaging talk one of
Americarsquos foremost cybersecurity experts will explore the
three human characteristics that hackers abuse to
conduct cyberattacks
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1718
Your human firewall ndash the answer to the cyber security problem Rob May TEDxWoking 2017 Online access Personal data is a precious commodity but sometimes
we can share too much Rob thinks we need to develop
our human firewall in an age where some much of our
lives is online
I cyber security Tom Hofmann TEDxZuriberg July 2018 Online access Tom talks about why (cyber) security doesnt become
more efficient and effective as technology progresses
and how human-centered innovation can be leveraged to
achieve a joint optimization of complex social and
technical systems
PODCASTS
Security Now Steve Gibson Leo Laporte Online access Security Now is a weekly podcast featuring Steve
Gibson and Leo Laporte who spend nearly two
hours discussing vital security concerns ranging
from news to long-standing issues concerns and
solutions Security Now focuses on personal
security offering valuable insights to help their
audience overcome common challenges and ramp
up their personal security
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1818
Cybersecurity Kerckhoffs principle amp why attack is the best form of defence Kerckhoffs Principle amp Why Attack Is the Best Form of Defence Euromoney 2018
Online access Cybersecurity is of paramount importance for
corporations as cybercriminals continue to become
more and more sophisticated Villains hack their way
into business computer systems including customer
records This lively podcast from Euromoneyrsquos
series Treasury and Turbulence informs executives
about the security practice of ldquoradical
transparencyrdquo
Security Weekly Paul Asadoorian Online access Security Weekly covers IT security news
vulnerabilities hacking research and related topics
of interest for the IT community by serving as a
security podcast network Their goal is to reach a
wide global audience to share insights and
information that help them learn grow and become
savvy IT professionals
This selection of resources was compiled by the Library of the General Secretariat
of the Council of the European Union for information only The contents are the sole
responsibility of their authors Books linked from this review do not represent the
positions policies or opinions of the Council of the European Union or the
European Council Reuse of the covers is prohibited they belong to the respective
copyright holders
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1018
What is cybersecurity Haq Kamar New York Britannica Educational Publishing in association with Rosen Educational Services 2017
Request via Eureka
Inexperienced users of computers often jump at the
chance to click colorful flashing ads on the sidebar and
are also tempted to download files from sites not worthy
of trust In short people need to learn how to stay safe
online This book will introduce readers to different types
of online threats including viruses and malware They
will learn how different dangers spread and some basic
steps to stop or prevent them Additionally this book will
illuminate the scary consequences of falling prey to
those threats such as having personal information
stolen or deleted and cyberstalking
Cyber security power and technology Martti Lehto P Neittaanmaki (Pekka) Cham Springer 2018
Request Council Library Loan 105252
Addressing open problems in the cyber world the book
consists of two parts Part I focuses on cyber operations
as a new tool in global security policy while Part II
focuses on new cyber security technologies when
building cyber power capabilities The topics discussed
include strategic perspectives on cyber security and
systems security and network security among others
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1118
Cybersecurity in the European digital single market
European Commission Directorate-General for
Research and Innovation Brussels European Commission 2017
Available Council Library Main Collection 104480
The internet has revolutionised our social and
economic lives However online transactions and our
trust in them are threatened by cybercrime
Cybersecurity protects us and our data from these
threats This scientific opinion provides guidance on how
to enhance cybersecurity in the context of the European
Digital Single Market Its recommendations informed the
EU cybersecurity act
ABSTRACTS
Cybersecurity and cyberwar what everyone needs to know PW Singer and Allan Friedman Oxford UP 2014 Online access
PW Singer and Allan Friedman of the Brookings Institution reveal the mysteries of botnets and shed light on the murky areas of cyberwar and clandestine military operations
Dark territory the secret history of cyber war Fred Kaplan Simon amp Schuster 2016 Online access
Much of the work of national security agencies and private or hired-gun hackers occurs in secret and some of it involves cyberwarfare a realm of constantly changing esoteric technology When events come to light they provoke considerable denial and conflicting narratives This makes Pulitzer Prize-winning reporter Fred Kaplanrsquos lucid history of US involvement in cyberwarfare all the more impressive In this useful look at a complicated subject he explains cyberwarrsquos main participants and events and he clarifies the politics and technologies involved getAbstract recommends his welcome precision and strong moral sense to anyone interested in global politics civil liberties in cyberspace history or the intersection of technology and society
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1218
ARTICLES
The COVID-19 Hackers Mind-set White Paper of the ECHO Network of cybersecurity centres European Network of Cybersecurity Centres (ECHO) White Paper 1 April 8 2020 Online access
Monitoring the cybersecurity landscape and the increase of COVID-19 related cybercrimes reporting by cyber experts and law enforcement agencies worldwide the ECHO network of cybersecurity centres (ECHO) has joined forces to establish its COVID-19 Cyber Defence Alliance Its aim is to support all initiatives that aim at protecting the EU Member States key services and critical infrastructure from cyber attacks
How organisations can ramp up their cybersecurity efforts right now Brenda R Sharton Harvard Business Review May 01 2020 Online access
Prior to Covid-19 most companies perceived their worst-case cybersecurity scenario as a computer virus that would shut down company computer systems In fact just the opposite happened a human virus has forced virtually entire workforces online making companies more reliant than ever on their systems The stakes of protecting those systems from a cyberattack could not be higher In the words of the old American Express commercial ldquoWhat will you do What will you dordquoOnce a cyberattack occurs companies largely are on their own They have to scramble to counteract the attack and ensure that the threat actor is out of the system They then may have to navigate industry regulators while also trying to steer clear of the dreaded post-breach class action suit What is a company to do
Will Coronavirus lead to more cyber attacks by Brenda R Sharton Harvard Business Review March 16 2020 Online access
While the world is focused on the systemic threat posed by Covid-19 cybercriminals around the world undoubtedly are poised to capitalize on the crisis by launching a different kind of ldquovirusrdquo More and more employees are working remotely by the day and companies may eventually face the prospect of functioning with little to no personnel on-site or skeleton crews in IT and other important support functionsAgainst this backdrop both employers and employees need to take the utmost care to protect themselves as well as confidential company information Here are some things for employers and employees to keep in mind to minimize the risk
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1318
How to think about cybersecurity in the era of COVID-19 Sara Brown MIT Management August 20 2020 Online access
Cyber incidents are consistently ranked at the top of business concerns and itrsquos easy to see why According to one estimate the global cost of cybercrime will rise to $6 trillion a year by the end of 2021 And this was before the COVID-19 pandemic disrupted businesses worldwide and offered new opportunities for hackers and bad actors Working from home may change a lot of employee behavior but relaxed security standards shouldnrsquot be one of them Here is the expertsrsquo top advice for cybersecurity leaders during the pandemic and beyond
Espionnage attaques subversives et cyber seacutecuriteacute de lrsquoimpact des actions de laquo social engineering raquo et des vulneacuterabiliteacutes humaines sur la seacutecuriteacute globale des entreprises DeCloquement Franck Club des Directeurs de Seacutecuriteacute des Entreprises Seacutecuriteacute et strateacutegie 2016 Vol22 (2) p21-29 Online access
La manipulation apparue en mecircme temps que lecirctre humain comme son corollaire naturel est devenue un outil priseacute des acteurs de la cybercriminaliteacute Les techniques dingeacutenierie sociale mises au service de la captation des donneacutees informatiques frappent deacutesormais lensemble des entreprises autant que les particuliers Dans cet article Franck DeCloquement enseignant agrave lIRIS et speacutecialiste en intelligence strateacutegique pour le groupe KER-MEUR livre des eacuteleacutements de compreacutehension et dintelligence agrave ce sujet en mettant laccent sur la centraliteacute de la dimension humaine beaucoup plus que sur les failles techniques permettant aux cybercriminels de commettre leurs forfaits LHomme doit ecirctre placeacute au centre de toute politique de protection des donneacutees rappelle lauteur suivant un des principes fondateurs du philosophe chinois Sun Tzu dans son ceacutelegravebre Art de la guerre laquo Connais ton ennemi et connais-toi toi-mecircme eussiez-vous cent guerres agrave soutenir cent fois vous serez victorieux
There is a growing recognition that technical cyber security measures do not exist in a vacuum and need to operate in harmony with people This has led to a plethora of academic research that seeks to address the role of the human in cybersecurity It is against this backdrop that ENISA has conducted four evidence-based reviews of human aspects of cybersecurity two based on the use (and effectiveness) of models from social science one on qualitative studies and one on current practise within organisations These reviews are published online as a technical annex Across all four reviews ENISA
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1418
found a relatively small number of models none of which were a particularly good fit for understanding predicting or changing cyber-security behaviour Many ignored the context in which much cybersecurity behaviour occurs (ie the workplace) and the constraints and other demands on peoplersquos time and resources that it causes
8 non-technical ways to improve your companyrsquos cybersecurity Sara Brown MIT Management January 29 2020 Online access
Cyberattacks are a growing threat facing businesses major cities and political campaigns Cyber risk ranked as the top business concern for 2020 according to a recent survey of more than 2700 global business leaders and security experts Cybersecurity solutions arenrsquot always complicated From planning ahead to simple fixes herersquos what you should be doing right now
Does your board really understand your cyber risks Daniel Dobrygowski and Derek Vadala Harvard Business Review 01 September 2020 Online access
Over the past decade business leaders have had to face an uncomfortable truth Itrsquos become impossible to sit at the head of a company and not address the threat of cyber risk Cyber attacks are increasingly pervasive and can present near existential threats to companies and boards of directors and CEOs need ways to evaluate them even if they canrsquot grasp the technical details This has led to an explosion in the demand for cyber-risk measurements both inside companies and among external stakeholders Becoming literate in cyber risk doesnrsquot mean that all executives need to become technical experts What it does mean is that they need to be able to establish their companyrsquos tolerance for cyber risk define the outcomes that are most important in guiding cybersecurity investment and be able to foster a culture of cybersecurity and resilience
Constructing norms for global cybersecurity Martha Finnemore Duncan B Hollis New York USA Cambridge University Press The American journal of international law 2016-07 Vol110 (3) p425-479 Online access
On February 16 2016 a US court ordered Apple to circumvent the security features of an iPhone 5C used by one of the terrorists who committed the San Bernardino shootings Apple refused It argued that breaking encryption for one phone could not be done without undermining the security of encryption more generally It made a public appeal for ldquoeveryone to step back and consider the implicationsrdquo of having a ldquoback doorrdquo key to unlock any phonemdashwhich governments (and others) could deploy to track users or access their data The US government eventually withdrew its suit after the FBI hired an outside party to access the phone But the incident sparked a wide-ranging debate over the appropriate standards of behavior for companies like Apple and for their customers in constructing and using information and communication technologies (ICTs) That debate
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1518
in turn is part of a much larger conversation Essential as the Internet is ldquorules of the roadrdquo for cyberspace are often unclear and have become the focus of serious conflicts
Sizing up your cyberrisks Thomas J Parenty and Jack J Domet Harvard Business Review November-December 2019 Online access
When cybersecurity efforts address only technology the result is company leaders who are poorly informed and organizations that are poorly protected Discussions of cyberthreats end up being filled with specialized tech jargon and senior executives canrsquot participate meaningfully in them The responsibility for addressing risks then gets relegated entirely to cybersecurity and IT staff whose attention falls mainly on corporate computer systems The outcome tends to be a long ill-prioritized list of mitigation tasks Since no company has the resources to fix every cybersecurity problem important threats can go unaddressed A more fruitful approach is to adopt the view that cybersecurity should focus more on threatsrsquo potential impact on a businessrsquos activities That adjustment might seem minor but when leaders start with crucial activities they can better prioritize the development of cyberdefenses
What countries and companies can do when trade and cybersecurity overlap
Stuart Madnick Simon Johnson and Keman Huang Harvard Business Review January 4 2019 Online Access
Since it is not feasible to thoroughly examine the software firmware and hardware of every single product what should countries and companies do to prevent cyber intrusions Countries and companies need to consider their options At present there is no framework for understanding and categorizing the cybersecurity concerns involved in trade Without a clear understanding governments may implement policies that result in cyber conflicts while businesses will struggle to keep up with how cybersecurity concerns and restrictions are evolving We have developed a framework to systematically organize these cases basing it on our in-depth interviews with domain expe
The EU as a coherent (Cyber)security actor Helena Carrapico Andreacute Barrinha Journal of common market studies 2017-11 Vol55 (6) p1254-1272 Online Access
The last three decades have seen the development of the European Union (EU) as a security actor The transnational character of the security threats and the challenges identified by the EU have led to progressive integration between internal and external security concerns These concerns have often led to calls for greater coherence within EU security policies The literature however indicates that this need for coherence has so far not been systematically operationalized leading to a fragmented security field This article has two main aims To devise a framework for the analysis of the EUs coherence as a security actor and to apply it to the cybersecurity field By focusing on
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1618
EU cybersecurity policy this article will explore whether the EU can be considered a coherent actor in this field or whether this policy is being implemented according to different and unco‐ordinated rationales
Cyber security in the Internet of Things
Christopher J Rezendes and W David Stephenson Harvard Business Review June 21 2013 Online Access
Every enterprise will be affected by the Internet of Things (IoT) the growing phenomenon by which not only people but also ldquothingsrdquo mdash vehicles commercial and industrial equipment medical devices remote sensors in natural environments mdash are linked to networks that are connected to the internet Expect the impact on your business to be profound In particular expect it to challenge your conception of cybersecurity and your ability to deliver it in IoT-enabled digital networks your commercial operations and your partner ecosystems Paradoxically the very principle that makes the IoT so powerful mdash the potential to share data instantly with everyone and everything (every authorized entity that is) mdash creates a huge cybersecurity threat
TED TALKS
The humanity behind cybersecurity attacks
Mark Burnette
TEDX Nashvile 2019
Online access Companies spend millions of dollars every year to
protect their private data from cyberattack However
ordinary people can undermine all their hard work with
one mistake - and we often do Most successful security
breaches happen not because of sophisticated attacks
but due to human failures In this engaging talk one of
Americarsquos foremost cybersecurity experts will explore the
three human characteristics that hackers abuse to
conduct cyberattacks
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1718
Your human firewall ndash the answer to the cyber security problem Rob May TEDxWoking 2017 Online access Personal data is a precious commodity but sometimes
we can share too much Rob thinks we need to develop
our human firewall in an age where some much of our
lives is online
I cyber security Tom Hofmann TEDxZuriberg July 2018 Online access Tom talks about why (cyber) security doesnt become
more efficient and effective as technology progresses
and how human-centered innovation can be leveraged to
achieve a joint optimization of complex social and
technical systems
PODCASTS
Security Now Steve Gibson Leo Laporte Online access Security Now is a weekly podcast featuring Steve
Gibson and Leo Laporte who spend nearly two
hours discussing vital security concerns ranging
from news to long-standing issues concerns and
solutions Security Now focuses on personal
security offering valuable insights to help their
audience overcome common challenges and ramp
up their personal security
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1818
Cybersecurity Kerckhoffs principle amp why attack is the best form of defence Kerckhoffs Principle amp Why Attack Is the Best Form of Defence Euromoney 2018
Online access Cybersecurity is of paramount importance for
corporations as cybercriminals continue to become
more and more sophisticated Villains hack their way
into business computer systems including customer
records This lively podcast from Euromoneyrsquos
series Treasury and Turbulence informs executives
about the security practice of ldquoradical
transparencyrdquo
Security Weekly Paul Asadoorian Online access Security Weekly covers IT security news
vulnerabilities hacking research and related topics
of interest for the IT community by serving as a
security podcast network Their goal is to reach a
wide global audience to share insights and
information that help them learn grow and become
savvy IT professionals
This selection of resources was compiled by the Library of the General Secretariat
of the Council of the European Union for information only The contents are the sole
responsibility of their authors Books linked from this review do not represent the
positions policies or opinions of the Council of the European Union or the
European Council Reuse of the covers is prohibited they belong to the respective
copyright holders
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1118
Cybersecurity in the European digital single market
European Commission Directorate-General for
Research and Innovation Brussels European Commission 2017
Available Council Library Main Collection 104480
The internet has revolutionised our social and
economic lives However online transactions and our
trust in them are threatened by cybercrime
Cybersecurity protects us and our data from these
threats This scientific opinion provides guidance on how
to enhance cybersecurity in the context of the European
Digital Single Market Its recommendations informed the
EU cybersecurity act
ABSTRACTS
Cybersecurity and cyberwar what everyone needs to know PW Singer and Allan Friedman Oxford UP 2014 Online access
PW Singer and Allan Friedman of the Brookings Institution reveal the mysteries of botnets and shed light on the murky areas of cyberwar and clandestine military operations
Dark territory the secret history of cyber war Fred Kaplan Simon amp Schuster 2016 Online access
Much of the work of national security agencies and private or hired-gun hackers occurs in secret and some of it involves cyberwarfare a realm of constantly changing esoteric technology When events come to light they provoke considerable denial and conflicting narratives This makes Pulitzer Prize-winning reporter Fred Kaplanrsquos lucid history of US involvement in cyberwarfare all the more impressive In this useful look at a complicated subject he explains cyberwarrsquos main participants and events and he clarifies the politics and technologies involved getAbstract recommends his welcome precision and strong moral sense to anyone interested in global politics civil liberties in cyberspace history or the intersection of technology and society
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1218
ARTICLES
The COVID-19 Hackers Mind-set White Paper of the ECHO Network of cybersecurity centres European Network of Cybersecurity Centres (ECHO) White Paper 1 April 8 2020 Online access
Monitoring the cybersecurity landscape and the increase of COVID-19 related cybercrimes reporting by cyber experts and law enforcement agencies worldwide the ECHO network of cybersecurity centres (ECHO) has joined forces to establish its COVID-19 Cyber Defence Alliance Its aim is to support all initiatives that aim at protecting the EU Member States key services and critical infrastructure from cyber attacks
How organisations can ramp up their cybersecurity efforts right now Brenda R Sharton Harvard Business Review May 01 2020 Online access
Prior to Covid-19 most companies perceived their worst-case cybersecurity scenario as a computer virus that would shut down company computer systems In fact just the opposite happened a human virus has forced virtually entire workforces online making companies more reliant than ever on their systems The stakes of protecting those systems from a cyberattack could not be higher In the words of the old American Express commercial ldquoWhat will you do What will you dordquoOnce a cyberattack occurs companies largely are on their own They have to scramble to counteract the attack and ensure that the threat actor is out of the system They then may have to navigate industry regulators while also trying to steer clear of the dreaded post-breach class action suit What is a company to do
Will Coronavirus lead to more cyber attacks by Brenda R Sharton Harvard Business Review March 16 2020 Online access
While the world is focused on the systemic threat posed by Covid-19 cybercriminals around the world undoubtedly are poised to capitalize on the crisis by launching a different kind of ldquovirusrdquo More and more employees are working remotely by the day and companies may eventually face the prospect of functioning with little to no personnel on-site or skeleton crews in IT and other important support functionsAgainst this backdrop both employers and employees need to take the utmost care to protect themselves as well as confidential company information Here are some things for employers and employees to keep in mind to minimize the risk
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1318
How to think about cybersecurity in the era of COVID-19 Sara Brown MIT Management August 20 2020 Online access
Cyber incidents are consistently ranked at the top of business concerns and itrsquos easy to see why According to one estimate the global cost of cybercrime will rise to $6 trillion a year by the end of 2021 And this was before the COVID-19 pandemic disrupted businesses worldwide and offered new opportunities for hackers and bad actors Working from home may change a lot of employee behavior but relaxed security standards shouldnrsquot be one of them Here is the expertsrsquo top advice for cybersecurity leaders during the pandemic and beyond
Espionnage attaques subversives et cyber seacutecuriteacute de lrsquoimpact des actions de laquo social engineering raquo et des vulneacuterabiliteacutes humaines sur la seacutecuriteacute globale des entreprises DeCloquement Franck Club des Directeurs de Seacutecuriteacute des Entreprises Seacutecuriteacute et strateacutegie 2016 Vol22 (2) p21-29 Online access
La manipulation apparue en mecircme temps que lecirctre humain comme son corollaire naturel est devenue un outil priseacute des acteurs de la cybercriminaliteacute Les techniques dingeacutenierie sociale mises au service de la captation des donneacutees informatiques frappent deacutesormais lensemble des entreprises autant que les particuliers Dans cet article Franck DeCloquement enseignant agrave lIRIS et speacutecialiste en intelligence strateacutegique pour le groupe KER-MEUR livre des eacuteleacutements de compreacutehension et dintelligence agrave ce sujet en mettant laccent sur la centraliteacute de la dimension humaine beaucoup plus que sur les failles techniques permettant aux cybercriminels de commettre leurs forfaits LHomme doit ecirctre placeacute au centre de toute politique de protection des donneacutees rappelle lauteur suivant un des principes fondateurs du philosophe chinois Sun Tzu dans son ceacutelegravebre Art de la guerre laquo Connais ton ennemi et connais-toi toi-mecircme eussiez-vous cent guerres agrave soutenir cent fois vous serez victorieux
There is a growing recognition that technical cyber security measures do not exist in a vacuum and need to operate in harmony with people This has led to a plethora of academic research that seeks to address the role of the human in cybersecurity It is against this backdrop that ENISA has conducted four evidence-based reviews of human aspects of cybersecurity two based on the use (and effectiveness) of models from social science one on qualitative studies and one on current practise within organisations These reviews are published online as a technical annex Across all four reviews ENISA
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1418
found a relatively small number of models none of which were a particularly good fit for understanding predicting or changing cyber-security behaviour Many ignored the context in which much cybersecurity behaviour occurs (ie the workplace) and the constraints and other demands on peoplersquos time and resources that it causes
8 non-technical ways to improve your companyrsquos cybersecurity Sara Brown MIT Management January 29 2020 Online access
Cyberattacks are a growing threat facing businesses major cities and political campaigns Cyber risk ranked as the top business concern for 2020 according to a recent survey of more than 2700 global business leaders and security experts Cybersecurity solutions arenrsquot always complicated From planning ahead to simple fixes herersquos what you should be doing right now
Does your board really understand your cyber risks Daniel Dobrygowski and Derek Vadala Harvard Business Review 01 September 2020 Online access
Over the past decade business leaders have had to face an uncomfortable truth Itrsquos become impossible to sit at the head of a company and not address the threat of cyber risk Cyber attacks are increasingly pervasive and can present near existential threats to companies and boards of directors and CEOs need ways to evaluate them even if they canrsquot grasp the technical details This has led to an explosion in the demand for cyber-risk measurements both inside companies and among external stakeholders Becoming literate in cyber risk doesnrsquot mean that all executives need to become technical experts What it does mean is that they need to be able to establish their companyrsquos tolerance for cyber risk define the outcomes that are most important in guiding cybersecurity investment and be able to foster a culture of cybersecurity and resilience
Constructing norms for global cybersecurity Martha Finnemore Duncan B Hollis New York USA Cambridge University Press The American journal of international law 2016-07 Vol110 (3) p425-479 Online access
On February 16 2016 a US court ordered Apple to circumvent the security features of an iPhone 5C used by one of the terrorists who committed the San Bernardino shootings Apple refused It argued that breaking encryption for one phone could not be done without undermining the security of encryption more generally It made a public appeal for ldquoeveryone to step back and consider the implicationsrdquo of having a ldquoback doorrdquo key to unlock any phonemdashwhich governments (and others) could deploy to track users or access their data The US government eventually withdrew its suit after the FBI hired an outside party to access the phone But the incident sparked a wide-ranging debate over the appropriate standards of behavior for companies like Apple and for their customers in constructing and using information and communication technologies (ICTs) That debate
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1518
in turn is part of a much larger conversation Essential as the Internet is ldquorules of the roadrdquo for cyberspace are often unclear and have become the focus of serious conflicts
Sizing up your cyberrisks Thomas J Parenty and Jack J Domet Harvard Business Review November-December 2019 Online access
When cybersecurity efforts address only technology the result is company leaders who are poorly informed and organizations that are poorly protected Discussions of cyberthreats end up being filled with specialized tech jargon and senior executives canrsquot participate meaningfully in them The responsibility for addressing risks then gets relegated entirely to cybersecurity and IT staff whose attention falls mainly on corporate computer systems The outcome tends to be a long ill-prioritized list of mitigation tasks Since no company has the resources to fix every cybersecurity problem important threats can go unaddressed A more fruitful approach is to adopt the view that cybersecurity should focus more on threatsrsquo potential impact on a businessrsquos activities That adjustment might seem minor but when leaders start with crucial activities they can better prioritize the development of cyberdefenses
What countries and companies can do when trade and cybersecurity overlap
Stuart Madnick Simon Johnson and Keman Huang Harvard Business Review January 4 2019 Online Access
Since it is not feasible to thoroughly examine the software firmware and hardware of every single product what should countries and companies do to prevent cyber intrusions Countries and companies need to consider their options At present there is no framework for understanding and categorizing the cybersecurity concerns involved in trade Without a clear understanding governments may implement policies that result in cyber conflicts while businesses will struggle to keep up with how cybersecurity concerns and restrictions are evolving We have developed a framework to systematically organize these cases basing it on our in-depth interviews with domain expe
The EU as a coherent (Cyber)security actor Helena Carrapico Andreacute Barrinha Journal of common market studies 2017-11 Vol55 (6) p1254-1272 Online Access
The last three decades have seen the development of the European Union (EU) as a security actor The transnational character of the security threats and the challenges identified by the EU have led to progressive integration between internal and external security concerns These concerns have often led to calls for greater coherence within EU security policies The literature however indicates that this need for coherence has so far not been systematically operationalized leading to a fragmented security field This article has two main aims To devise a framework for the analysis of the EUs coherence as a security actor and to apply it to the cybersecurity field By focusing on
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1618
EU cybersecurity policy this article will explore whether the EU can be considered a coherent actor in this field or whether this policy is being implemented according to different and unco‐ordinated rationales
Cyber security in the Internet of Things
Christopher J Rezendes and W David Stephenson Harvard Business Review June 21 2013 Online Access
Every enterprise will be affected by the Internet of Things (IoT) the growing phenomenon by which not only people but also ldquothingsrdquo mdash vehicles commercial and industrial equipment medical devices remote sensors in natural environments mdash are linked to networks that are connected to the internet Expect the impact on your business to be profound In particular expect it to challenge your conception of cybersecurity and your ability to deliver it in IoT-enabled digital networks your commercial operations and your partner ecosystems Paradoxically the very principle that makes the IoT so powerful mdash the potential to share data instantly with everyone and everything (every authorized entity that is) mdash creates a huge cybersecurity threat
TED TALKS
The humanity behind cybersecurity attacks
Mark Burnette
TEDX Nashvile 2019
Online access Companies spend millions of dollars every year to
protect their private data from cyberattack However
ordinary people can undermine all their hard work with
one mistake - and we often do Most successful security
breaches happen not because of sophisticated attacks
but due to human failures In this engaging talk one of
Americarsquos foremost cybersecurity experts will explore the
three human characteristics that hackers abuse to
conduct cyberattacks
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1718
Your human firewall ndash the answer to the cyber security problem Rob May TEDxWoking 2017 Online access Personal data is a precious commodity but sometimes
we can share too much Rob thinks we need to develop
our human firewall in an age where some much of our
lives is online
I cyber security Tom Hofmann TEDxZuriberg July 2018 Online access Tom talks about why (cyber) security doesnt become
more efficient and effective as technology progresses
and how human-centered innovation can be leveraged to
achieve a joint optimization of complex social and
technical systems
PODCASTS
Security Now Steve Gibson Leo Laporte Online access Security Now is a weekly podcast featuring Steve
Gibson and Leo Laporte who spend nearly two
hours discussing vital security concerns ranging
from news to long-standing issues concerns and
solutions Security Now focuses on personal
security offering valuable insights to help their
audience overcome common challenges and ramp
up their personal security
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1818
Cybersecurity Kerckhoffs principle amp why attack is the best form of defence Kerckhoffs Principle amp Why Attack Is the Best Form of Defence Euromoney 2018
Online access Cybersecurity is of paramount importance for
corporations as cybercriminals continue to become
more and more sophisticated Villains hack their way
into business computer systems including customer
records This lively podcast from Euromoneyrsquos
series Treasury and Turbulence informs executives
about the security practice of ldquoradical
transparencyrdquo
Security Weekly Paul Asadoorian Online access Security Weekly covers IT security news
vulnerabilities hacking research and related topics
of interest for the IT community by serving as a
security podcast network Their goal is to reach a
wide global audience to share insights and
information that help them learn grow and become
savvy IT professionals
This selection of resources was compiled by the Library of the General Secretariat
of the Council of the European Union for information only The contents are the sole
responsibility of their authors Books linked from this review do not represent the
positions policies or opinions of the Council of the European Union or the
European Council Reuse of the covers is prohibited they belong to the respective
copyright holders
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1218
ARTICLES
The COVID-19 Hackers Mind-set White Paper of the ECHO Network of cybersecurity centres European Network of Cybersecurity Centres (ECHO) White Paper 1 April 8 2020 Online access
Monitoring the cybersecurity landscape and the increase of COVID-19 related cybercrimes reporting by cyber experts and law enforcement agencies worldwide the ECHO network of cybersecurity centres (ECHO) has joined forces to establish its COVID-19 Cyber Defence Alliance Its aim is to support all initiatives that aim at protecting the EU Member States key services and critical infrastructure from cyber attacks
How organisations can ramp up their cybersecurity efforts right now Brenda R Sharton Harvard Business Review May 01 2020 Online access
Prior to Covid-19 most companies perceived their worst-case cybersecurity scenario as a computer virus that would shut down company computer systems In fact just the opposite happened a human virus has forced virtually entire workforces online making companies more reliant than ever on their systems The stakes of protecting those systems from a cyberattack could not be higher In the words of the old American Express commercial ldquoWhat will you do What will you dordquoOnce a cyberattack occurs companies largely are on their own They have to scramble to counteract the attack and ensure that the threat actor is out of the system They then may have to navigate industry regulators while also trying to steer clear of the dreaded post-breach class action suit What is a company to do
Will Coronavirus lead to more cyber attacks by Brenda R Sharton Harvard Business Review March 16 2020 Online access
While the world is focused on the systemic threat posed by Covid-19 cybercriminals around the world undoubtedly are poised to capitalize on the crisis by launching a different kind of ldquovirusrdquo More and more employees are working remotely by the day and companies may eventually face the prospect of functioning with little to no personnel on-site or skeleton crews in IT and other important support functionsAgainst this backdrop both employers and employees need to take the utmost care to protect themselves as well as confidential company information Here are some things for employers and employees to keep in mind to minimize the risk
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1318
How to think about cybersecurity in the era of COVID-19 Sara Brown MIT Management August 20 2020 Online access
Cyber incidents are consistently ranked at the top of business concerns and itrsquos easy to see why According to one estimate the global cost of cybercrime will rise to $6 trillion a year by the end of 2021 And this was before the COVID-19 pandemic disrupted businesses worldwide and offered new opportunities for hackers and bad actors Working from home may change a lot of employee behavior but relaxed security standards shouldnrsquot be one of them Here is the expertsrsquo top advice for cybersecurity leaders during the pandemic and beyond
Espionnage attaques subversives et cyber seacutecuriteacute de lrsquoimpact des actions de laquo social engineering raquo et des vulneacuterabiliteacutes humaines sur la seacutecuriteacute globale des entreprises DeCloquement Franck Club des Directeurs de Seacutecuriteacute des Entreprises Seacutecuriteacute et strateacutegie 2016 Vol22 (2) p21-29 Online access
La manipulation apparue en mecircme temps que lecirctre humain comme son corollaire naturel est devenue un outil priseacute des acteurs de la cybercriminaliteacute Les techniques dingeacutenierie sociale mises au service de la captation des donneacutees informatiques frappent deacutesormais lensemble des entreprises autant que les particuliers Dans cet article Franck DeCloquement enseignant agrave lIRIS et speacutecialiste en intelligence strateacutegique pour le groupe KER-MEUR livre des eacuteleacutements de compreacutehension et dintelligence agrave ce sujet en mettant laccent sur la centraliteacute de la dimension humaine beaucoup plus que sur les failles techniques permettant aux cybercriminels de commettre leurs forfaits LHomme doit ecirctre placeacute au centre de toute politique de protection des donneacutees rappelle lauteur suivant un des principes fondateurs du philosophe chinois Sun Tzu dans son ceacutelegravebre Art de la guerre laquo Connais ton ennemi et connais-toi toi-mecircme eussiez-vous cent guerres agrave soutenir cent fois vous serez victorieux
There is a growing recognition that technical cyber security measures do not exist in a vacuum and need to operate in harmony with people This has led to a plethora of academic research that seeks to address the role of the human in cybersecurity It is against this backdrop that ENISA has conducted four evidence-based reviews of human aspects of cybersecurity two based on the use (and effectiveness) of models from social science one on qualitative studies and one on current practise within organisations These reviews are published online as a technical annex Across all four reviews ENISA
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1418
found a relatively small number of models none of which were a particularly good fit for understanding predicting or changing cyber-security behaviour Many ignored the context in which much cybersecurity behaviour occurs (ie the workplace) and the constraints and other demands on peoplersquos time and resources that it causes
8 non-technical ways to improve your companyrsquos cybersecurity Sara Brown MIT Management January 29 2020 Online access
Cyberattacks are a growing threat facing businesses major cities and political campaigns Cyber risk ranked as the top business concern for 2020 according to a recent survey of more than 2700 global business leaders and security experts Cybersecurity solutions arenrsquot always complicated From planning ahead to simple fixes herersquos what you should be doing right now
Does your board really understand your cyber risks Daniel Dobrygowski and Derek Vadala Harvard Business Review 01 September 2020 Online access
Over the past decade business leaders have had to face an uncomfortable truth Itrsquos become impossible to sit at the head of a company and not address the threat of cyber risk Cyber attacks are increasingly pervasive and can present near existential threats to companies and boards of directors and CEOs need ways to evaluate them even if they canrsquot grasp the technical details This has led to an explosion in the demand for cyber-risk measurements both inside companies and among external stakeholders Becoming literate in cyber risk doesnrsquot mean that all executives need to become technical experts What it does mean is that they need to be able to establish their companyrsquos tolerance for cyber risk define the outcomes that are most important in guiding cybersecurity investment and be able to foster a culture of cybersecurity and resilience
Constructing norms for global cybersecurity Martha Finnemore Duncan B Hollis New York USA Cambridge University Press The American journal of international law 2016-07 Vol110 (3) p425-479 Online access
On February 16 2016 a US court ordered Apple to circumvent the security features of an iPhone 5C used by one of the terrorists who committed the San Bernardino shootings Apple refused It argued that breaking encryption for one phone could not be done without undermining the security of encryption more generally It made a public appeal for ldquoeveryone to step back and consider the implicationsrdquo of having a ldquoback doorrdquo key to unlock any phonemdashwhich governments (and others) could deploy to track users or access their data The US government eventually withdrew its suit after the FBI hired an outside party to access the phone But the incident sparked a wide-ranging debate over the appropriate standards of behavior for companies like Apple and for their customers in constructing and using information and communication technologies (ICTs) That debate
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1518
in turn is part of a much larger conversation Essential as the Internet is ldquorules of the roadrdquo for cyberspace are often unclear and have become the focus of serious conflicts
Sizing up your cyberrisks Thomas J Parenty and Jack J Domet Harvard Business Review November-December 2019 Online access
When cybersecurity efforts address only technology the result is company leaders who are poorly informed and organizations that are poorly protected Discussions of cyberthreats end up being filled with specialized tech jargon and senior executives canrsquot participate meaningfully in them The responsibility for addressing risks then gets relegated entirely to cybersecurity and IT staff whose attention falls mainly on corporate computer systems The outcome tends to be a long ill-prioritized list of mitigation tasks Since no company has the resources to fix every cybersecurity problem important threats can go unaddressed A more fruitful approach is to adopt the view that cybersecurity should focus more on threatsrsquo potential impact on a businessrsquos activities That adjustment might seem minor but when leaders start with crucial activities they can better prioritize the development of cyberdefenses
What countries and companies can do when trade and cybersecurity overlap
Stuart Madnick Simon Johnson and Keman Huang Harvard Business Review January 4 2019 Online Access
Since it is not feasible to thoroughly examine the software firmware and hardware of every single product what should countries and companies do to prevent cyber intrusions Countries and companies need to consider their options At present there is no framework for understanding and categorizing the cybersecurity concerns involved in trade Without a clear understanding governments may implement policies that result in cyber conflicts while businesses will struggle to keep up with how cybersecurity concerns and restrictions are evolving We have developed a framework to systematically organize these cases basing it on our in-depth interviews with domain expe
The EU as a coherent (Cyber)security actor Helena Carrapico Andreacute Barrinha Journal of common market studies 2017-11 Vol55 (6) p1254-1272 Online Access
The last three decades have seen the development of the European Union (EU) as a security actor The transnational character of the security threats and the challenges identified by the EU have led to progressive integration between internal and external security concerns These concerns have often led to calls for greater coherence within EU security policies The literature however indicates that this need for coherence has so far not been systematically operationalized leading to a fragmented security field This article has two main aims To devise a framework for the analysis of the EUs coherence as a security actor and to apply it to the cybersecurity field By focusing on
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1618
EU cybersecurity policy this article will explore whether the EU can be considered a coherent actor in this field or whether this policy is being implemented according to different and unco‐ordinated rationales
Cyber security in the Internet of Things
Christopher J Rezendes and W David Stephenson Harvard Business Review June 21 2013 Online Access
Every enterprise will be affected by the Internet of Things (IoT) the growing phenomenon by which not only people but also ldquothingsrdquo mdash vehicles commercial and industrial equipment medical devices remote sensors in natural environments mdash are linked to networks that are connected to the internet Expect the impact on your business to be profound In particular expect it to challenge your conception of cybersecurity and your ability to deliver it in IoT-enabled digital networks your commercial operations and your partner ecosystems Paradoxically the very principle that makes the IoT so powerful mdash the potential to share data instantly with everyone and everything (every authorized entity that is) mdash creates a huge cybersecurity threat
TED TALKS
The humanity behind cybersecurity attacks
Mark Burnette
TEDX Nashvile 2019
Online access Companies spend millions of dollars every year to
protect their private data from cyberattack However
ordinary people can undermine all their hard work with
one mistake - and we often do Most successful security
breaches happen not because of sophisticated attacks
but due to human failures In this engaging talk one of
Americarsquos foremost cybersecurity experts will explore the
three human characteristics that hackers abuse to
conduct cyberattacks
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1718
Your human firewall ndash the answer to the cyber security problem Rob May TEDxWoking 2017 Online access Personal data is a precious commodity but sometimes
we can share too much Rob thinks we need to develop
our human firewall in an age where some much of our
lives is online
I cyber security Tom Hofmann TEDxZuriberg July 2018 Online access Tom talks about why (cyber) security doesnt become
more efficient and effective as technology progresses
and how human-centered innovation can be leveraged to
achieve a joint optimization of complex social and
technical systems
PODCASTS
Security Now Steve Gibson Leo Laporte Online access Security Now is a weekly podcast featuring Steve
Gibson and Leo Laporte who spend nearly two
hours discussing vital security concerns ranging
from news to long-standing issues concerns and
solutions Security Now focuses on personal
security offering valuable insights to help their
audience overcome common challenges and ramp
up their personal security
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1818
Cybersecurity Kerckhoffs principle amp why attack is the best form of defence Kerckhoffs Principle amp Why Attack Is the Best Form of Defence Euromoney 2018
Online access Cybersecurity is of paramount importance for
corporations as cybercriminals continue to become
more and more sophisticated Villains hack their way
into business computer systems including customer
records This lively podcast from Euromoneyrsquos
series Treasury and Turbulence informs executives
about the security practice of ldquoradical
transparencyrdquo
Security Weekly Paul Asadoorian Online access Security Weekly covers IT security news
vulnerabilities hacking research and related topics
of interest for the IT community by serving as a
security podcast network Their goal is to reach a
wide global audience to share insights and
information that help them learn grow and become
savvy IT professionals
This selection of resources was compiled by the Library of the General Secretariat
of the Council of the European Union for information only The contents are the sole
responsibility of their authors Books linked from this review do not represent the
positions policies or opinions of the Council of the European Union or the
European Council Reuse of the covers is prohibited they belong to the respective
copyright holders
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1318
How to think about cybersecurity in the era of COVID-19 Sara Brown MIT Management August 20 2020 Online access
Cyber incidents are consistently ranked at the top of business concerns and itrsquos easy to see why According to one estimate the global cost of cybercrime will rise to $6 trillion a year by the end of 2021 And this was before the COVID-19 pandemic disrupted businesses worldwide and offered new opportunities for hackers and bad actors Working from home may change a lot of employee behavior but relaxed security standards shouldnrsquot be one of them Here is the expertsrsquo top advice for cybersecurity leaders during the pandemic and beyond
Espionnage attaques subversives et cyber seacutecuriteacute de lrsquoimpact des actions de laquo social engineering raquo et des vulneacuterabiliteacutes humaines sur la seacutecuriteacute globale des entreprises DeCloquement Franck Club des Directeurs de Seacutecuriteacute des Entreprises Seacutecuriteacute et strateacutegie 2016 Vol22 (2) p21-29 Online access
La manipulation apparue en mecircme temps que lecirctre humain comme son corollaire naturel est devenue un outil priseacute des acteurs de la cybercriminaliteacute Les techniques dingeacutenierie sociale mises au service de la captation des donneacutees informatiques frappent deacutesormais lensemble des entreprises autant que les particuliers Dans cet article Franck DeCloquement enseignant agrave lIRIS et speacutecialiste en intelligence strateacutegique pour le groupe KER-MEUR livre des eacuteleacutements de compreacutehension et dintelligence agrave ce sujet en mettant laccent sur la centraliteacute de la dimension humaine beaucoup plus que sur les failles techniques permettant aux cybercriminels de commettre leurs forfaits LHomme doit ecirctre placeacute au centre de toute politique de protection des donneacutees rappelle lauteur suivant un des principes fondateurs du philosophe chinois Sun Tzu dans son ceacutelegravebre Art de la guerre laquo Connais ton ennemi et connais-toi toi-mecircme eussiez-vous cent guerres agrave soutenir cent fois vous serez victorieux
There is a growing recognition that technical cyber security measures do not exist in a vacuum and need to operate in harmony with people This has led to a plethora of academic research that seeks to address the role of the human in cybersecurity It is against this backdrop that ENISA has conducted four evidence-based reviews of human aspects of cybersecurity two based on the use (and effectiveness) of models from social science one on qualitative studies and one on current practise within organisations These reviews are published online as a technical annex Across all four reviews ENISA
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1418
found a relatively small number of models none of which were a particularly good fit for understanding predicting or changing cyber-security behaviour Many ignored the context in which much cybersecurity behaviour occurs (ie the workplace) and the constraints and other demands on peoplersquos time and resources that it causes
8 non-technical ways to improve your companyrsquos cybersecurity Sara Brown MIT Management January 29 2020 Online access
Cyberattacks are a growing threat facing businesses major cities and political campaigns Cyber risk ranked as the top business concern for 2020 according to a recent survey of more than 2700 global business leaders and security experts Cybersecurity solutions arenrsquot always complicated From planning ahead to simple fixes herersquos what you should be doing right now
Does your board really understand your cyber risks Daniel Dobrygowski and Derek Vadala Harvard Business Review 01 September 2020 Online access
Over the past decade business leaders have had to face an uncomfortable truth Itrsquos become impossible to sit at the head of a company and not address the threat of cyber risk Cyber attacks are increasingly pervasive and can present near existential threats to companies and boards of directors and CEOs need ways to evaluate them even if they canrsquot grasp the technical details This has led to an explosion in the demand for cyber-risk measurements both inside companies and among external stakeholders Becoming literate in cyber risk doesnrsquot mean that all executives need to become technical experts What it does mean is that they need to be able to establish their companyrsquos tolerance for cyber risk define the outcomes that are most important in guiding cybersecurity investment and be able to foster a culture of cybersecurity and resilience
Constructing norms for global cybersecurity Martha Finnemore Duncan B Hollis New York USA Cambridge University Press The American journal of international law 2016-07 Vol110 (3) p425-479 Online access
On February 16 2016 a US court ordered Apple to circumvent the security features of an iPhone 5C used by one of the terrorists who committed the San Bernardino shootings Apple refused It argued that breaking encryption for one phone could not be done without undermining the security of encryption more generally It made a public appeal for ldquoeveryone to step back and consider the implicationsrdquo of having a ldquoback doorrdquo key to unlock any phonemdashwhich governments (and others) could deploy to track users or access their data The US government eventually withdrew its suit after the FBI hired an outside party to access the phone But the incident sparked a wide-ranging debate over the appropriate standards of behavior for companies like Apple and for their customers in constructing and using information and communication technologies (ICTs) That debate
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1518
in turn is part of a much larger conversation Essential as the Internet is ldquorules of the roadrdquo for cyberspace are often unclear and have become the focus of serious conflicts
Sizing up your cyberrisks Thomas J Parenty and Jack J Domet Harvard Business Review November-December 2019 Online access
When cybersecurity efforts address only technology the result is company leaders who are poorly informed and organizations that are poorly protected Discussions of cyberthreats end up being filled with specialized tech jargon and senior executives canrsquot participate meaningfully in them The responsibility for addressing risks then gets relegated entirely to cybersecurity and IT staff whose attention falls mainly on corporate computer systems The outcome tends to be a long ill-prioritized list of mitigation tasks Since no company has the resources to fix every cybersecurity problem important threats can go unaddressed A more fruitful approach is to adopt the view that cybersecurity should focus more on threatsrsquo potential impact on a businessrsquos activities That adjustment might seem minor but when leaders start with crucial activities they can better prioritize the development of cyberdefenses
What countries and companies can do when trade and cybersecurity overlap
Stuart Madnick Simon Johnson and Keman Huang Harvard Business Review January 4 2019 Online Access
Since it is not feasible to thoroughly examine the software firmware and hardware of every single product what should countries and companies do to prevent cyber intrusions Countries and companies need to consider their options At present there is no framework for understanding and categorizing the cybersecurity concerns involved in trade Without a clear understanding governments may implement policies that result in cyber conflicts while businesses will struggle to keep up with how cybersecurity concerns and restrictions are evolving We have developed a framework to systematically organize these cases basing it on our in-depth interviews with domain expe
The EU as a coherent (Cyber)security actor Helena Carrapico Andreacute Barrinha Journal of common market studies 2017-11 Vol55 (6) p1254-1272 Online Access
The last three decades have seen the development of the European Union (EU) as a security actor The transnational character of the security threats and the challenges identified by the EU have led to progressive integration between internal and external security concerns These concerns have often led to calls for greater coherence within EU security policies The literature however indicates that this need for coherence has so far not been systematically operationalized leading to a fragmented security field This article has two main aims To devise a framework for the analysis of the EUs coherence as a security actor and to apply it to the cybersecurity field By focusing on
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1618
EU cybersecurity policy this article will explore whether the EU can be considered a coherent actor in this field or whether this policy is being implemented according to different and unco‐ordinated rationales
Cyber security in the Internet of Things
Christopher J Rezendes and W David Stephenson Harvard Business Review June 21 2013 Online Access
Every enterprise will be affected by the Internet of Things (IoT) the growing phenomenon by which not only people but also ldquothingsrdquo mdash vehicles commercial and industrial equipment medical devices remote sensors in natural environments mdash are linked to networks that are connected to the internet Expect the impact on your business to be profound In particular expect it to challenge your conception of cybersecurity and your ability to deliver it in IoT-enabled digital networks your commercial operations and your partner ecosystems Paradoxically the very principle that makes the IoT so powerful mdash the potential to share data instantly with everyone and everything (every authorized entity that is) mdash creates a huge cybersecurity threat
TED TALKS
The humanity behind cybersecurity attacks
Mark Burnette
TEDX Nashvile 2019
Online access Companies spend millions of dollars every year to
protect their private data from cyberattack However
ordinary people can undermine all their hard work with
one mistake - and we often do Most successful security
breaches happen not because of sophisticated attacks
but due to human failures In this engaging talk one of
Americarsquos foremost cybersecurity experts will explore the
three human characteristics that hackers abuse to
conduct cyberattacks
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1718
Your human firewall ndash the answer to the cyber security problem Rob May TEDxWoking 2017 Online access Personal data is a precious commodity but sometimes
we can share too much Rob thinks we need to develop
our human firewall in an age where some much of our
lives is online
I cyber security Tom Hofmann TEDxZuriberg July 2018 Online access Tom talks about why (cyber) security doesnt become
more efficient and effective as technology progresses
and how human-centered innovation can be leveraged to
achieve a joint optimization of complex social and
technical systems
PODCASTS
Security Now Steve Gibson Leo Laporte Online access Security Now is a weekly podcast featuring Steve
Gibson and Leo Laporte who spend nearly two
hours discussing vital security concerns ranging
from news to long-standing issues concerns and
solutions Security Now focuses on personal
security offering valuable insights to help their
audience overcome common challenges and ramp
up their personal security
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1818
Cybersecurity Kerckhoffs principle amp why attack is the best form of defence Kerckhoffs Principle amp Why Attack Is the Best Form of Defence Euromoney 2018
Online access Cybersecurity is of paramount importance for
corporations as cybercriminals continue to become
more and more sophisticated Villains hack their way
into business computer systems including customer
records This lively podcast from Euromoneyrsquos
series Treasury and Turbulence informs executives
about the security practice of ldquoradical
transparencyrdquo
Security Weekly Paul Asadoorian Online access Security Weekly covers IT security news
vulnerabilities hacking research and related topics
of interest for the IT community by serving as a
security podcast network Their goal is to reach a
wide global audience to share insights and
information that help them learn grow and become
savvy IT professionals
This selection of resources was compiled by the Library of the General Secretariat
of the Council of the European Union for information only The contents are the sole
responsibility of their authors Books linked from this review do not represent the
positions policies or opinions of the Council of the European Union or the
European Council Reuse of the covers is prohibited they belong to the respective
copyright holders
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1418
found a relatively small number of models none of which were a particularly good fit for understanding predicting or changing cyber-security behaviour Many ignored the context in which much cybersecurity behaviour occurs (ie the workplace) and the constraints and other demands on peoplersquos time and resources that it causes
8 non-technical ways to improve your companyrsquos cybersecurity Sara Brown MIT Management January 29 2020 Online access
Cyberattacks are a growing threat facing businesses major cities and political campaigns Cyber risk ranked as the top business concern for 2020 according to a recent survey of more than 2700 global business leaders and security experts Cybersecurity solutions arenrsquot always complicated From planning ahead to simple fixes herersquos what you should be doing right now
Does your board really understand your cyber risks Daniel Dobrygowski and Derek Vadala Harvard Business Review 01 September 2020 Online access
Over the past decade business leaders have had to face an uncomfortable truth Itrsquos become impossible to sit at the head of a company and not address the threat of cyber risk Cyber attacks are increasingly pervasive and can present near existential threats to companies and boards of directors and CEOs need ways to evaluate them even if they canrsquot grasp the technical details This has led to an explosion in the demand for cyber-risk measurements both inside companies and among external stakeholders Becoming literate in cyber risk doesnrsquot mean that all executives need to become technical experts What it does mean is that they need to be able to establish their companyrsquos tolerance for cyber risk define the outcomes that are most important in guiding cybersecurity investment and be able to foster a culture of cybersecurity and resilience
Constructing norms for global cybersecurity Martha Finnemore Duncan B Hollis New York USA Cambridge University Press The American journal of international law 2016-07 Vol110 (3) p425-479 Online access
On February 16 2016 a US court ordered Apple to circumvent the security features of an iPhone 5C used by one of the terrorists who committed the San Bernardino shootings Apple refused It argued that breaking encryption for one phone could not be done without undermining the security of encryption more generally It made a public appeal for ldquoeveryone to step back and consider the implicationsrdquo of having a ldquoback doorrdquo key to unlock any phonemdashwhich governments (and others) could deploy to track users or access their data The US government eventually withdrew its suit after the FBI hired an outside party to access the phone But the incident sparked a wide-ranging debate over the appropriate standards of behavior for companies like Apple and for their customers in constructing and using information and communication technologies (ICTs) That debate
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1518
in turn is part of a much larger conversation Essential as the Internet is ldquorules of the roadrdquo for cyberspace are often unclear and have become the focus of serious conflicts
Sizing up your cyberrisks Thomas J Parenty and Jack J Domet Harvard Business Review November-December 2019 Online access
When cybersecurity efforts address only technology the result is company leaders who are poorly informed and organizations that are poorly protected Discussions of cyberthreats end up being filled with specialized tech jargon and senior executives canrsquot participate meaningfully in them The responsibility for addressing risks then gets relegated entirely to cybersecurity and IT staff whose attention falls mainly on corporate computer systems The outcome tends to be a long ill-prioritized list of mitigation tasks Since no company has the resources to fix every cybersecurity problem important threats can go unaddressed A more fruitful approach is to adopt the view that cybersecurity should focus more on threatsrsquo potential impact on a businessrsquos activities That adjustment might seem minor but when leaders start with crucial activities they can better prioritize the development of cyberdefenses
What countries and companies can do when trade and cybersecurity overlap
Stuart Madnick Simon Johnson and Keman Huang Harvard Business Review January 4 2019 Online Access
Since it is not feasible to thoroughly examine the software firmware and hardware of every single product what should countries and companies do to prevent cyber intrusions Countries and companies need to consider their options At present there is no framework for understanding and categorizing the cybersecurity concerns involved in trade Without a clear understanding governments may implement policies that result in cyber conflicts while businesses will struggle to keep up with how cybersecurity concerns and restrictions are evolving We have developed a framework to systematically organize these cases basing it on our in-depth interviews with domain expe
The EU as a coherent (Cyber)security actor Helena Carrapico Andreacute Barrinha Journal of common market studies 2017-11 Vol55 (6) p1254-1272 Online Access
The last three decades have seen the development of the European Union (EU) as a security actor The transnational character of the security threats and the challenges identified by the EU have led to progressive integration between internal and external security concerns These concerns have often led to calls for greater coherence within EU security policies The literature however indicates that this need for coherence has so far not been systematically operationalized leading to a fragmented security field This article has two main aims To devise a framework for the analysis of the EUs coherence as a security actor and to apply it to the cybersecurity field By focusing on
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1618
EU cybersecurity policy this article will explore whether the EU can be considered a coherent actor in this field or whether this policy is being implemented according to different and unco‐ordinated rationales
Cyber security in the Internet of Things
Christopher J Rezendes and W David Stephenson Harvard Business Review June 21 2013 Online Access
Every enterprise will be affected by the Internet of Things (IoT) the growing phenomenon by which not only people but also ldquothingsrdquo mdash vehicles commercial and industrial equipment medical devices remote sensors in natural environments mdash are linked to networks that are connected to the internet Expect the impact on your business to be profound In particular expect it to challenge your conception of cybersecurity and your ability to deliver it in IoT-enabled digital networks your commercial operations and your partner ecosystems Paradoxically the very principle that makes the IoT so powerful mdash the potential to share data instantly with everyone and everything (every authorized entity that is) mdash creates a huge cybersecurity threat
TED TALKS
The humanity behind cybersecurity attacks
Mark Burnette
TEDX Nashvile 2019
Online access Companies spend millions of dollars every year to
protect their private data from cyberattack However
ordinary people can undermine all their hard work with
one mistake - and we often do Most successful security
breaches happen not because of sophisticated attacks
but due to human failures In this engaging talk one of
Americarsquos foremost cybersecurity experts will explore the
three human characteristics that hackers abuse to
conduct cyberattacks
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1718
Your human firewall ndash the answer to the cyber security problem Rob May TEDxWoking 2017 Online access Personal data is a precious commodity but sometimes
we can share too much Rob thinks we need to develop
our human firewall in an age where some much of our
lives is online
I cyber security Tom Hofmann TEDxZuriberg July 2018 Online access Tom talks about why (cyber) security doesnt become
more efficient and effective as technology progresses
and how human-centered innovation can be leveraged to
achieve a joint optimization of complex social and
technical systems
PODCASTS
Security Now Steve Gibson Leo Laporte Online access Security Now is a weekly podcast featuring Steve
Gibson and Leo Laporte who spend nearly two
hours discussing vital security concerns ranging
from news to long-standing issues concerns and
solutions Security Now focuses on personal
security offering valuable insights to help their
audience overcome common challenges and ramp
up their personal security
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1818
Cybersecurity Kerckhoffs principle amp why attack is the best form of defence Kerckhoffs Principle amp Why Attack Is the Best Form of Defence Euromoney 2018
Online access Cybersecurity is of paramount importance for
corporations as cybercriminals continue to become
more and more sophisticated Villains hack their way
into business computer systems including customer
records This lively podcast from Euromoneyrsquos
series Treasury and Turbulence informs executives
about the security practice of ldquoradical
transparencyrdquo
Security Weekly Paul Asadoorian Online access Security Weekly covers IT security news
vulnerabilities hacking research and related topics
of interest for the IT community by serving as a
security podcast network Their goal is to reach a
wide global audience to share insights and
information that help them learn grow and become
savvy IT professionals
This selection of resources was compiled by the Library of the General Secretariat
of the Council of the European Union for information only The contents are the sole
responsibility of their authors Books linked from this review do not represent the
positions policies or opinions of the Council of the European Union or the
European Council Reuse of the covers is prohibited they belong to the respective
copyright holders
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1518
in turn is part of a much larger conversation Essential as the Internet is ldquorules of the roadrdquo for cyberspace are often unclear and have become the focus of serious conflicts
Sizing up your cyberrisks Thomas J Parenty and Jack J Domet Harvard Business Review November-December 2019 Online access
When cybersecurity efforts address only technology the result is company leaders who are poorly informed and organizations that are poorly protected Discussions of cyberthreats end up being filled with specialized tech jargon and senior executives canrsquot participate meaningfully in them The responsibility for addressing risks then gets relegated entirely to cybersecurity and IT staff whose attention falls mainly on corporate computer systems The outcome tends to be a long ill-prioritized list of mitigation tasks Since no company has the resources to fix every cybersecurity problem important threats can go unaddressed A more fruitful approach is to adopt the view that cybersecurity should focus more on threatsrsquo potential impact on a businessrsquos activities That adjustment might seem minor but when leaders start with crucial activities they can better prioritize the development of cyberdefenses
What countries and companies can do when trade and cybersecurity overlap
Stuart Madnick Simon Johnson and Keman Huang Harvard Business Review January 4 2019 Online Access
Since it is not feasible to thoroughly examine the software firmware and hardware of every single product what should countries and companies do to prevent cyber intrusions Countries and companies need to consider their options At present there is no framework for understanding and categorizing the cybersecurity concerns involved in trade Without a clear understanding governments may implement policies that result in cyber conflicts while businesses will struggle to keep up with how cybersecurity concerns and restrictions are evolving We have developed a framework to systematically organize these cases basing it on our in-depth interviews with domain expe
The EU as a coherent (Cyber)security actor Helena Carrapico Andreacute Barrinha Journal of common market studies 2017-11 Vol55 (6) p1254-1272 Online Access
The last three decades have seen the development of the European Union (EU) as a security actor The transnational character of the security threats and the challenges identified by the EU have led to progressive integration between internal and external security concerns These concerns have often led to calls for greater coherence within EU security policies The literature however indicates that this need for coherence has so far not been systematically operationalized leading to a fragmented security field This article has two main aims To devise a framework for the analysis of the EUs coherence as a security actor and to apply it to the cybersecurity field By focusing on
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1618
EU cybersecurity policy this article will explore whether the EU can be considered a coherent actor in this field or whether this policy is being implemented according to different and unco‐ordinated rationales
Cyber security in the Internet of Things
Christopher J Rezendes and W David Stephenson Harvard Business Review June 21 2013 Online Access
Every enterprise will be affected by the Internet of Things (IoT) the growing phenomenon by which not only people but also ldquothingsrdquo mdash vehicles commercial and industrial equipment medical devices remote sensors in natural environments mdash are linked to networks that are connected to the internet Expect the impact on your business to be profound In particular expect it to challenge your conception of cybersecurity and your ability to deliver it in IoT-enabled digital networks your commercial operations and your partner ecosystems Paradoxically the very principle that makes the IoT so powerful mdash the potential to share data instantly with everyone and everything (every authorized entity that is) mdash creates a huge cybersecurity threat
TED TALKS
The humanity behind cybersecurity attacks
Mark Burnette
TEDX Nashvile 2019
Online access Companies spend millions of dollars every year to
protect their private data from cyberattack However
ordinary people can undermine all their hard work with
one mistake - and we often do Most successful security
breaches happen not because of sophisticated attacks
but due to human failures In this engaging talk one of
Americarsquos foremost cybersecurity experts will explore the
three human characteristics that hackers abuse to
conduct cyberattacks
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1718
Your human firewall ndash the answer to the cyber security problem Rob May TEDxWoking 2017 Online access Personal data is a precious commodity but sometimes
we can share too much Rob thinks we need to develop
our human firewall in an age where some much of our
lives is online
I cyber security Tom Hofmann TEDxZuriberg July 2018 Online access Tom talks about why (cyber) security doesnt become
more efficient and effective as technology progresses
and how human-centered innovation can be leveraged to
achieve a joint optimization of complex social and
technical systems
PODCASTS
Security Now Steve Gibson Leo Laporte Online access Security Now is a weekly podcast featuring Steve
Gibson and Leo Laporte who spend nearly two
hours discussing vital security concerns ranging
from news to long-standing issues concerns and
solutions Security Now focuses on personal
security offering valuable insights to help their
audience overcome common challenges and ramp
up their personal security
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1818
Cybersecurity Kerckhoffs principle amp why attack is the best form of defence Kerckhoffs Principle amp Why Attack Is the Best Form of Defence Euromoney 2018
Online access Cybersecurity is of paramount importance for
corporations as cybercriminals continue to become
more and more sophisticated Villains hack their way
into business computer systems including customer
records This lively podcast from Euromoneyrsquos
series Treasury and Turbulence informs executives
about the security practice of ldquoradical
transparencyrdquo
Security Weekly Paul Asadoorian Online access Security Weekly covers IT security news
vulnerabilities hacking research and related topics
of interest for the IT community by serving as a
security podcast network Their goal is to reach a
wide global audience to share insights and
information that help them learn grow and become
savvy IT professionals
This selection of resources was compiled by the Library of the General Secretariat
of the Council of the European Union for information only The contents are the sole
responsibility of their authors Books linked from this review do not represent the
positions policies or opinions of the Council of the European Union or the
European Council Reuse of the covers is prohibited they belong to the respective
copyright holders
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1618
EU cybersecurity policy this article will explore whether the EU can be considered a coherent actor in this field or whether this policy is being implemented according to different and unco‐ordinated rationales
Cyber security in the Internet of Things
Christopher J Rezendes and W David Stephenson Harvard Business Review June 21 2013 Online Access
Every enterprise will be affected by the Internet of Things (IoT) the growing phenomenon by which not only people but also ldquothingsrdquo mdash vehicles commercial and industrial equipment medical devices remote sensors in natural environments mdash are linked to networks that are connected to the internet Expect the impact on your business to be profound In particular expect it to challenge your conception of cybersecurity and your ability to deliver it in IoT-enabled digital networks your commercial operations and your partner ecosystems Paradoxically the very principle that makes the IoT so powerful mdash the potential to share data instantly with everyone and everything (every authorized entity that is) mdash creates a huge cybersecurity threat
TED TALKS
The humanity behind cybersecurity attacks
Mark Burnette
TEDX Nashvile 2019
Online access Companies spend millions of dollars every year to
protect their private data from cyberattack However
ordinary people can undermine all their hard work with
one mistake - and we often do Most successful security
breaches happen not because of sophisticated attacks
but due to human failures In this engaging talk one of
Americarsquos foremost cybersecurity experts will explore the
three human characteristics that hackers abuse to
conduct cyberattacks
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1718
Your human firewall ndash the answer to the cyber security problem Rob May TEDxWoking 2017 Online access Personal data is a precious commodity but sometimes
we can share too much Rob thinks we need to develop
our human firewall in an age where some much of our
lives is online
I cyber security Tom Hofmann TEDxZuriberg July 2018 Online access Tom talks about why (cyber) security doesnt become
more efficient and effective as technology progresses
and how human-centered innovation can be leveraged to
achieve a joint optimization of complex social and
technical systems
PODCASTS
Security Now Steve Gibson Leo Laporte Online access Security Now is a weekly podcast featuring Steve
Gibson and Leo Laporte who spend nearly two
hours discussing vital security concerns ranging
from news to long-standing issues concerns and
solutions Security Now focuses on personal
security offering valuable insights to help their
audience overcome common challenges and ramp
up their personal security
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1818
Cybersecurity Kerckhoffs principle amp why attack is the best form of defence Kerckhoffs Principle amp Why Attack Is the Best Form of Defence Euromoney 2018
Online access Cybersecurity is of paramount importance for
corporations as cybercriminals continue to become
more and more sophisticated Villains hack their way
into business computer systems including customer
records This lively podcast from Euromoneyrsquos
series Treasury and Turbulence informs executives
about the security practice of ldquoradical
transparencyrdquo
Security Weekly Paul Asadoorian Online access Security Weekly covers IT security news
vulnerabilities hacking research and related topics
of interest for the IT community by serving as a
security podcast network Their goal is to reach a
wide global audience to share insights and
information that help them learn grow and become
savvy IT professionals
This selection of resources was compiled by the Library of the General Secretariat
of the Council of the European Union for information only The contents are the sole
responsibility of their authors Books linked from this review do not represent the
positions policies or opinions of the Council of the European Union or the
European Council Reuse of the covers is prohibited they belong to the respective
copyright holders
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1718
Your human firewall ndash the answer to the cyber security problem Rob May TEDxWoking 2017 Online access Personal data is a precious commodity but sometimes
we can share too much Rob thinks we need to develop
our human firewall in an age where some much of our
lives is online
I cyber security Tom Hofmann TEDxZuriberg July 2018 Online access Tom talks about why (cyber) security doesnt become
more efficient and effective as technology progresses
and how human-centered innovation can be leveraged to
achieve a joint optimization of complex social and
technical systems
PODCASTS
Security Now Steve Gibson Leo Laporte Online access Security Now is a weekly podcast featuring Steve
Gibson and Leo Laporte who spend nearly two
hours discussing vital security concerns ranging
from news to long-standing issues concerns and
solutions Security Now focuses on personal
security offering valuable insights to help their
audience overcome common challenges and ramp
up their personal security
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1818
Cybersecurity Kerckhoffs principle amp why attack is the best form of defence Kerckhoffs Principle amp Why Attack Is the Best Form of Defence Euromoney 2018
Online access Cybersecurity is of paramount importance for
corporations as cybercriminals continue to become
more and more sophisticated Villains hack their way
into business computer systems including customer
records This lively podcast from Euromoneyrsquos
series Treasury and Turbulence informs executives
about the security practice of ldquoradical
transparencyrdquo
Security Weekly Paul Asadoorian Online access Security Weekly covers IT security news
vulnerabilities hacking research and related topics
of interest for the IT community by serving as a
security podcast network Their goal is to reach a
wide global audience to share insights and
information that help them learn grow and become
savvy IT professionals
This selection of resources was compiled by the Library of the General Secretariat
of the Council of the European Union for information only The contents are the sole
responsibility of their authors Books linked from this review do not represent the
positions policies or opinions of the Council of the European Union or the
European Council Reuse of the covers is prohibited they belong to the respective
copyright holders
Council of the European Union
Rue de la LoiWetstraat 175 - B-1048 BruxellesBrussel - BelgiqueBelgieuml
Tel +32 (0)2 281 65 25
Follow us httpwwwconsiliumeuropaeuenlibrary-blog - EUCOlibrary 1818
Cybersecurity Kerckhoffs principle amp why attack is the best form of defence Kerckhoffs Principle amp Why Attack Is the Best Form of Defence Euromoney 2018
Online access Cybersecurity is of paramount importance for
corporations as cybercriminals continue to become
more and more sophisticated Villains hack their way
into business computer systems including customer
records This lively podcast from Euromoneyrsquos
series Treasury and Turbulence informs executives
about the security practice of ldquoradical
transparencyrdquo
Security Weekly Paul Asadoorian Online access Security Weekly covers IT security news
vulnerabilities hacking research and related topics
of interest for the IT community by serving as a
security podcast network Their goal is to reach a
wide global audience to share insights and
information that help them learn grow and become
savvy IT professionals
This selection of resources was compiled by the Library of the General Secretariat
of the Council of the European Union for information only The contents are the sole
responsibility of their authors Books linked from this review do not represent the
positions policies or opinions of the Council of the European Union or the
European Council Reuse of the covers is prohibited they belong to the respective