This session will focus on the problem of defending critical infrastructure against extreme cyber attacks. Such attacks lead an adversary deep into the plant from where attacks can be launched directly on one or more plant components. While it is necessary to detect the anomalies resulting from such attacks, it is not sufficient to protect the compromised plant against damage and service disruption. We will describe how fusing AI and plant design can lead to a system highly resilient to extreme cyber-attacks.
Gold Sponsor Session: Fusing AI and Design for Cyber Defence
Virtualized Environment – The Available Complexity
The panel explores how digital twin technology, cyber ranges and cyber-physical systems can be used for research and education. The virtualization of hardware components, modelling and simulating the physical entities or complex systems reduces the investments and allows effective scaling even in Cyber-Physical Exercises.
Fair and Proportionate Data Processing in the Military Context
The increasing data-dependency of the militaries calls for a clear understanding of the type, quantity and origin of the relevant data, the laws regulating the processing of it and the limits of national security exceptionalism. The military environment and national security interests challenge the rules designed for peacetime civilian context. However, given the continuous merging of the civilian and military spheres and the lack of specific guidelines on data protection during military operations, human rights treaties and data protection laws remain the legal sources that address related problematics in the most specific and detailed manner. This panel will ask how the rules contained therein can be adapted to reflect the needs of the security sector. In search of common features and distinguishing lines, the speakers will discuss the privacy and data protection issues raised by multinational operations, autonomous systems and satellite reconnaissance.
NATO Cyberspace Exercises: Moving Ahead
A follow-on event to the CyCon 2021 NATO Cyberspace Exercises workshop which identified key challenges and opportunities for NATO cyber exercise coordination. In the spirit of “Keep Moving,” this workshop seeks to continue forward the valuable input, lessons identified, and recommendations captured from 2021. The goal for this workshop will be to agree on recommendations for NATO leadership on how to achieve effective exercising that goes further to educate training audiences on cyberspace operations. A limited number of seats available to CyCon participants in open registration.
Tallinn Manual 3.0: Achievements, Shortcomings, Prospects
With the Tallinn Manual 3.0 project now underway, this session will examine the influence of the first two editions on the development, interpretation and application of international law as applied in cyberspace. It will explore the appropriateness, benefits and risks of expert-driven processes like the Tallinn Manual project from the perspectives of the experts themselves, those involved in the international dialogue among States on the identification of cyber norms, and legal advisers of States and international organizations involved in cyber operations. The panelists will offer their prognosis for Tallinn Manual 3.0.
The concept of ‘cyber resilience’ has become a central one in cyber defence strategies and cyber regulation. But what does cyber resilience really entail and how can it be achieved? And are strategy, policy, and technology experts chasing the right goal? Once these complicated questions are answered, we are still left with the challenge of how to practice and build the necessary tolerance.
In this session our three authors explore two ways to build resilience, exercises and public-private partnerships, and also take a critical look at what the concept means and if there is really a difference between cyber resilience and cyber security.
New Technology and State Responsibility
Emerging technologies bring new phenomena where the existing legal framework is difficult to be applied and so it has yet to be figured out how to invoke responsibility in these situations. Opportunities and risks deriving from such emerging technologies, such as enhanced cyber capabilities and unintended consequences of State cyber activities, should be both considered in order to find a fair balance of all relevant interests involved, so that international law may prevent conflicts between different States. Thus, this panel will explore the different facets of responsibility for operations conducted by emerging technologies with a view to shaping who – and how – a State can be considered as responsible.