Skip to main content

Abstract

Cybersecurity has emerged as a global challenge and is becoming a tier one security threat for nation states. The modern-day cyber age will expose states to new challenges. Cyberspace and cyber attacks represent new ways of intruding on the sovereign prerogatives of states, and their citizens. It poses a threat to every area of society from government to the public and private sectors. Furthermore, it is undertaken by state actors, the private sector and individuals in the community. Cyber incursions are complex and difficult to detect. They are extremely subversive. These challenges are even enhanced by developing AI, which bring new tasks for cyber security specialists. It is the cyber attacks that pose the biggest challenge to states and their sovereignty, but also, and in our view, equally as pervasive is the challenge to personal data.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 149.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 199.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 199.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Singapore Cyber Landscape, Ministry of Communications and Information, 2018, https://www.csa.gov.sg/~/media/csa/documents/publications/csasingaporecyberlandscape2018.pdf?

  2. 2.

    Graham Greenleaf, Global data privacy in a networked world,</Emphasis> Chapter in Brown, I (ed) Research Handbook on Governance of the Internet Cheltenham: Edward Elgar, (2011), https://www.vatandoust.com.au/wp-content/uploads/2015/12/Global-Data-Privacy-in-a.pdf

  3. 3.

    Hao Yeli, A, Three-Perspective Theory of Cyber Sovereignty, https://cco.ndu.edu/Portals/96/Documents/prism/prism_7-2/10-3-Perspective%20Theory.pdf

  4. 4.

    Margulies, P, Sovereignty and Cyber Attacks: Technology’s Challenge to the Law of State, Melbourne Law Review, Vol 14 (2013).

  5. 5.

    Luke Orwin, List of data breaches and cyber attacks in May 2019 – 1.39 billion records leaked</Emphasis>, https://www.itgovernance.co.uk/blog/list-of-data-breaches-and-cyber-attacks-in-may-2019-1-39-billion-records-leaked

  6. 6.

    Ibid.

  7. 7.

    Singapore Cyber Landscape, Ministry of Communications and Information, 2018, https://www.csa.gov.sg/~/media/csa/documents/publications/csasingaporecyberlandscape2018.pdf

  8. 8.

    Ibid.

  9. 9.

    Ibid.

  10. 10.

    Ibid.

  11. 11.

    Ibid.

  12. 12.

    Fadilpši, S, Dixons hit with huge ICO fine over customer data failure,

    Company was fined in accordance to the data protection act from 1998, rather than GDPR. 2020–01-10 T12:30:08Z https://www.itproportal.com/news/dixons-hit-with-huge-ico-fine-over-customer-data-failure/

  13. 13.

    Ibid.

  14. 14.

    Ibid.

  15. 15.

    Ibid.

  16. 16.

    Ibid.

  17. 17.

    Baezner, M., Robin, P, Trend Analysis: Cyber Sovereignty and Data Sovereignty, Center for Security Studies, Zürich, 2018 https://css.ethz.ch/content/dam/ethz/special-interest/gess/cis/center-for-securities-studies/pdfs/20180907_MB_TA_Cyber%20sovereignty_V2_rev.pdf

  18. 18.

    Ibid.

  19. 19.

    Ibid.

  20. 20.

    Lotrionte, C, State Sovereignty and Self-Defense in Cyberspace: A Normative Framework for Balancing Legal Rights. Emory Int. Law Rev. 26, (2013) 825–919.

  21. 21.

    Ibid.

  22. 22.

    Barlow, JP, A Declaration of the Independence of Cyberspace, Electronic Frontier Found. 1996, https://www.eff.org/cyberspace-independence

  23. 23.

    Ibid.

  24. 24.

    Ibid.

  25. 25.

    Fisk, G., Ardi, C., Pickett, N., Heideman, J., Fisk, M., Papadopoulos, C, Privacy Principles for Sharing Cyber Security Data, 2015 https://www.isi.edu/~johnh/PAPERS/Fisk15a.pdf

  26. 26.

    Ibid.

  27. 27.

    Ibid.

  28. 28.

    Ibid.

  29. 29.

    Ibid.

  30. 30.

    Ibid.

  31. 31.

    Ibid, Organizations must also consider how their data is stored. Unlike end-to-end encryption, where the source and destination of data is explicitly known, and full- disk encryption, which is generally transparent to applications, a secure data archive must manage the challenges of long- term storage with multiple potential users of data. It must thus consider encryption of data-at-rest, but also key-rollover and aging (to be robust over the long term), and access control and access auditing.

  32. 32.

    Ibid, anonymization is frequently used to sanitize data before release in such a way that any personal information or data is obfuscated or removed.

  33. 33.

    Ibid, organizations must consider their risk tolerance in terms of long-term data storage. To meet our goals of both Least Disclosure and Forward Progress, tools for cyber security sharing must rate-limit queries and responses by assigning privacy allotments to each organization in order to mitigate the risk of privacy diffusion and secondary privacy damage, data query correlation.

  34. 34.

    Margulies, P, Sovereignty and Cyber Attacks: Technology’s Challenge to the Law of State, Melbourne Law Review, Vol 14 (2013).

  35. 35.

    Nicaragua [1986] ICJRep14, 64.

  36. 36.

    International Criminal Tribunal for the Former Yugoslavia, Appeals Chamber, Case No IT-94-1-A, (15 July 1999).

  37. 37.

    Responsibility of States for Internationally Wrongful Acts 2001, DRAFT Articles - Text adopted by the International Law Commission at its fifty-third session, in 2001, and submitted to the General Assembly as a part of the Commission’s report covering the work of that session (A/56/10). The report, which also contains commentaries on the draft articles, appears in the Yearbook of the International Law Commission, 2001, vol. II, Part Two, as corrected. http://legal.un.org/ilc/texts/instruments/english/commentaries/9_6_2001.pdf, http://legal.un.org/ilc/texts/instruments/english/draft_articles/9_6_2001.pdf

  38. 38.

    Ibid.

  39. 39.

    Ibid. Cyber reflects what I call ‘attribution asymmetry’: cyber threats from private groups assisted by states are both more difficult to trace than kinetic attacks for victims and easier to control for the state providing the assistance. Because of this asymmetry, the international law on state responsibility for kinetic attacks does not adequately address the issue of cyber attacks. A test of virtual control would be more effective, imposing responsibility on a state that has provided financial or other assistance to private groups. The virtual control test would deter states from using private groups to engineer plausible deniability. This heightened deterrence provides a more useful template for the development of international law in the cyber domain.

  40. 40.

    Ibid.

  41. 41.

    Ibid.

  42. 42.

    Ibid.

  43. 43.

    Greenleaf, G, Global data privacy in a networked world, Chapter in Brown, I (ed) Research Handbook on Governance of the Internet Cheltenham: Edward Elgar, (2011), https://www.vatandoust.com.au/wp-content/uploads/2015/12/Global-Data-Privacy-in-a.pdf

  44. 44.

    Ibid.

  45. 45.

    Ibid.

  46. 46.

    Balzacq, T., Cavelty, M D, A theory of actor-network for cyber-security , European Journal of International Security, (2016), 1.

  47. 47.

    Bingham, N,‘Objections: From technological determinism towards geographies of relations’, Environment and Planning D: Society and Space, 14:6 (1996), p. 32, in Thierry Balzacq, Myriam Dunn Cavelty, A theory of actor-network for cyber-security , European Journal of International Security, (2016).

  48. 48.

    Graham, S, ‘The end of geography or the explosion of place? Conceptualizing space, place and information technology’ , Progress in Human Geography, 22:2 (1998), p. 178, in Thierry Balzacq, Myriam Dunn Cavelty, A theory of actor-network for cyber-security , European Journal of International Security, (2016).

  49. 49.

    Ibid.

  50. 50.

    Do, C., Tran, N., Hong, C., Kamhoua, C., Blasch, E., Kwait, K., Blasch, E., Ren, S., Pissinou, N., Iyengar, S, Game Theory for Cyber Security and Privacy , ACM Journal Name, Vol. NA, No. NA, Article NA, (2015).

  51. 51.

    Ibid.

  52. 52.

    Ibid.

  53. 53.

    Kamhoua, C., Zhao, H., Rodriguez, M., Kwiat, K., 2016. A Game-Theoretic Approach for Testing for Hardware Trojans. IEEE Transactions on Multi-Scale Computing Systems, (2016), 200–209.

  54. 54.

    Do, C., Tran, N., Hong, C., Kamhoua, C., Blasch, E., Kwait, K., Blasch, E., Ren, S., Pissinou, N., Iyengar, S, Game Theory for Cyber Security and Privacy , ACM Journal Name, Vol. NA, No. NA, Article NA, (2015).

  55. 55.

    Ibid.

References

  • Balzacq, T., & Cavelty, M. D. (2016). A theory of actor-network for cyber-security. European Journal of International Security, 1, 176–198.

    Article  Google Scholar 

  • Bingham, N. (1996). Objections: From technological determinism towards geographies of relations. Environment and Planning D: Society and Space, 14, 6, 32, in Thierry Balzacq, Myriam Dunn Cavelty, A theory of actor-network for cyber-security, European Journal of International Security, (2016).

    Article  Google Scholar 

  • Do, C., Tran, N., Hong, C., Kamhoua, C., Blasch, E., Kwait, K., Blasch, E., Ren, S., Pissinou, N., & Iyengar, S. (2015). Game theory for cyber security and privacy. ACM Journal, Vol. NA, No. NA, Article NA.

    Google Scholar 

  • Graham, S. (1998). The end of geography or the explosion of place? Conceptualizing space, place and information technology. Progress in Human Geography, 22, 2, 178, in Thierry Balzacq, Myriam Dunn Cavelty, A theory of actor-network for cyber-security, European Journal of International Security, (2016).

    Article  Google Scholar 

  • Greenleaf, G. (2011). Global data privacy in a networked world. In I. Brown (Ed.), Research handbook on governance of the Internet. Cheltenham: Edward Elgar.

    Google Scholar 

  • Kamhoua, C., Zhao, H., Rodriguez, M., & Kwiat, K. (2016). A game-theoretic approach for testing for hardware Trojans. IEEE Transactions on Multi-Scale Computing Systems, 2, 200–209.

    Article  Google Scholar 

  • Lotrionte, C. (2013). State sovereignty and self-defense in cyberspace: A normative framework for balancing legal rights. Emory International Law Review, 26, 825–919.

    Google Scholar 

  • Margulies, P. (2013). Sovereignty and cyber attacks: Technology’s challenge to the Law of State. Melbourne Law Review, 14, 496–519.

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Singapore Pte Ltd.

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Walters, R., Novak, M. (2021). Cyber Security. In: Cyber Security, Artificial Intelligence, Data Protection & the Law . Springer, Singapore. https://doi.org/10.1007/978-981-16-1665-5_2

Download citation

  • DOI: https://doi.org/10.1007/978-981-16-1665-5_2

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-16-1664-8

  • Online ISBN: 978-981-16-1665-5

  • eBook Packages: Law and CriminologyLaw and Criminology (R0)

Publish with us

Policies and ethics