Home » EUROPE » The European Union’s Cyber security Governance: The Missing Link (Part 1/2)

The European Union’s Cyber security Governance: The Missing Link (Part 1/2)

On Janu­ary 11, 2013 the European Union (EU) estab­lished the European Cyber­crime Centre as part of the Euro­pol offices. This import­ant event raises the ques­tion of the instru­ments estab­lished by the EU to address cyber secur­ity issues. This art­icle argues that the mode of gov­ernance developed by the EU in order to address the issue of cyber secur­ity is coher­ent and com­pre­hens­ive of all aspects of cyber secur­ity. It how­ever notes that to com­plete this mode of gov­ernance, the EU is lack­ing a cru­cial link which is an inter­na­tional endorse­ment of the European vision.

In order to draw the map of the gov­ernance of the EU in the field of cyber secur­ity, one must first under­stand the nature and scope of the field ana­lyzed. The Inter­net as we know it appeared in 1983, when the Trans­mis­sion Con­trol Protocol/Internet Pro­tocol (TCP/IP) was ori­gin­ally ini­ti­ated, bridging Autonom­ous Sys­tems –i.e. indi­vidual networks- around the globe by provid­ing them a com­mon lan­guage and IP addresses to com­mu­nic­ate. In other words, the Inter­net is a series of town squares inter­con­nec­ted by digital bridges where bil­lions of devices com­mu­nic­ate (almost) freely with each other. Since then, the Inter­net has increas­ingly attrac­ted new users. In June 2012, the surged num­ber of new users lead to the launch of the IPver­sion 6 which expands the limit to 2^128 addresses—more than 340 tril­lion, tril­lion, trillion- because the stock of addresses avail­able under the IPv4 exhausted in Feb­ru­ary 2012. Stat­ist­ics show that since 2000, the amount of users has increased by 566.4%, count­ing today around one third of the world’s pop­u­la­tion. This tre­mend­ous increase of users makes the Inter­net the new play­ground for many com­pan­ies wish­ing to reach out a broader audi­ence and thus, cre­ates new oppor­tun­it­ies from social and eco­nomic aspects.

How­ever, this impress­ive increase of users has been sim­ul­tan­eously fol­lowed by grow­ing cyber threats and crimes. Those threats can be divided into two cat­egor­ies: Crimes and attacks on crit­ical infra­struc­tures. The first cat­egory rep­res­ents crim­inal beha­viour that affects indi­vidu­als or private com­pan­ies, and encom­passes child por­no­graphy on the Inter­net, online bank rob­bery, and ID or inform­a­tion theft. The recent con­tro­ver­sies over the activ­it­ies of the group WikiLeaks, as well as the claim that the “most closely guarded secrets” of the U.S. have already been stolen, under­pin the issue at stake. The second cat­egory of threats regards attacks that can dam­age or des­troy crit­ical infra­struc­tures, which could lead to net­work para­lysis or even the loss of inform­a­tion. The devel­op­ment of cyber vir­uses like the Flame and Stuxnet and their use to break down Ira­nian nuc­lear facil­it­ies, par­al­lel to the recent online dis­turb­ance of six banks in the U.S. since Septem­ber 2012 speak for them­selves. If these threats are not to be taken ser­i­ously, gov­ern­ment offi­cials and experts warn that the increase of attacks on crit­ical infra­struc­tures may lead to a “cyber Pearl Harbour”, so they focus their efforts on pre­vent­ive actions

To sum up, the digital envir­on­ment might have great poten­tial for “explor­a­tion”, but threats are lurk­ing by the corner. Nev­er­the­less gov­ern­ments saw the har­ves­ted fruits out­num­ber­ing by far the respect­ive threats and draw­backs of the new tech­no­lo­gies, although it was only in the late nineties did they start devel­op­ing cyber secur­ity sys­tems to pre­vent as many cyber incid­ents as possible.

Although the inter­na­tional com­munity is divided in this regard, cyber secur­ity can be defined as “the col­lec­tion of tools, policies, secur­ity con­cepts, secur­ity safe­guards, guidelines, risk man­age­ment approaches, actions, train­ing, best prac­tices, assur­ance and tech­no­lo­gies that can be used to pro­tect the cyber envir­on­ment and organ­iz­a­tion and user’s assets”. It entails the pre­ven­tion against both Cyber­war­fare, con­sidered a state-sponsored cyber offens­ive dir­ec­ted towards another state, its infra­struc­tures or its pop­u­la­tion, and cyber­crimes, under­stood as a non-state-sponsored cyber offens­ive dir­ec­ted towards another indi­vidual or com­pany. In other words, the aim of cyber secur­ity is to provide pro­tec­tion against unau­thor­ized access, manip­u­la­tion and destruc­tion of crit­ical resources, as well as against crim­inal beha­viour which threatens individuals.

 

– Jean-Baptiste Houdart

Dis­claimer: This art­icle was ori­gin­ally pub­lished as “  The European Union’s Cyber security Governance: The Missing Link (Part 1/2) ” on February 14, 2013 in The European Student Think Tank, a PB cooper­a­tion partner

 

(Featured photo: AttributionNoncommercialShare Alike  PNNL – Pacific Northwest National Laboratory, Creative Commons, Flickr)

About meagan.potier

Student of World Religions and Political Science at McGill University. Meagan joined The Political Bouillon last year in hopes of being able to keep writing and editing, as well as foster her interests in international politics. As Managing Editor. Through her position she helps the Bouillon evolve into stronger and more comprehensive publication that embodies the myriad of opinions and perspectives it represents.

Check Also

The Pariahs of the European Union

As the European Union (EU) struggles to dig itself out of an unimaginably large pit of ...

Leave a Reply

Your email address will not be published. Required fields are marked *