European Cybersecurity Certification Schemes and cybersecurity in the EU internal market

Logo poskytovatele

Varování

Publikace nespadá pod Filozofickou fakultu, ale pod Právnickou fakultu. Oficiální stránka publikace je na webu muni.cz.
Autoři

FERGUSON Donald

Rok publikování 2022
Druh Článek v odborném periodiku
Časopis / Zdroj International Cybersecurity Law Review
Fakulta / Pracoviště MU

Právnická fakulta

Citace
www Open access časopisu
Klíčová slova certification; cybersecurity; schemes
Popis The principal question addressed by this paper is: how adequate are the minimum security objectives of the European Union Cybersecurity Act (Regulation (EU) 2019/881) in assisting organisations in the European Union internal market with resisting and recovering from cyber threats? The question is answered by first identifying the scope of the minimum security objectives. Scope identification, performed through legislative interpretation, reveals an integrated system of security objectives with significant gaps. Second, the minimum security objectives are evaluated within a model of cyber attacks from attack reconnaissance to legal proceedings to reveal further significant gaps. Finally, the minimum security objectives are evaluated within five cyber attack scenarios, reflecting the highest ranking cyber threats to the internal market. The simulation analysis accentuates the findings of the model analysis and identifies further significant gaps. In conclusion, the minimum security objectives are found to be largely inadequate in assisting organisations in the European Union internal market with resisting and recovering from cyber threats. The analysis of the adequacy of the minimum security objectives is timely, as the first European cybersecurity certification schemes are currently being designed.
Související projekty:

Používáte starou verzi internetového prohlížeče. Doporučujeme aktualizovat Váš prohlížeč na nejnovější verzi.