This paper presents the holistic view of the security landscape and highlights the security threats, challenges, and risks to the smart city environment.

Based in computational social science, this paper argues for cybersecurity to adopt more proactive social and cognitive (non-kinetic) approaches to cyber and information defense. This protects the cognitive, attitudinal, and behavioral capacities requiredfor a democracy to function by preventing psychological apparatuses, such as confirmation bias and affective polarization, that trigger selective exposure, echo chambers, in-group tribalization, and out-group threat labelling. First, such policies advocate cyber hygiene through rapid alert detection networks and counterdisinformation command centers. Second, they advocate information hygiene through codes of online behavior stressing identity- and self-affirmation, as well as media literacy training and education programs. This supplements the bridging of the STEM and social sciences to present a policy framework for confronting information threats based on a blended understanding of computer science and engineering, social and cognitive psychology, political and communication science, and security studies.

This report investigates the growing role of defence
software and AI/ML (machine learning) in military power
now and in the medium term. It focuses on three goals:to define software-defined defence, to assess ongoing practices and processes in the development of defence software and AI/ML, and identify recurring challenges,  to explore and assess the ongoing efforts towards
software-defined defence in five country case studies – China, France, Germany, the United Kingdom and the United States – and how SinoAmerican strategic competition is shaping them.

The results of successful hacking attacks against commercially available cybersecurity protection tools that had been touted as secure are distilled into a set of concepts that are applicable to many protection planning scenarios. The concepts, which explain why trust in those systems was misplaced, provides a framework for both analyzing known exploits and also evaluating proposed protection systems for predicting likely potential vulnerabilities. The concepts are: 1) differentiating security threats into distinct classes; 2) a five layer model of computing systems; 3) a payload versus protection paradigm; and 4) the nine Ds of cybersecurity, which present practical defensive tactics in an easily remembered scheme. An eavesdropping risk, inherent in many smartphones and notebook computers, is described to motivate improved practices and demonstrate real-world application of the concepts to predicting new vulnerabilities. Additionally, the use of the nine Ds is demonstrated as analysis tool that permits ranking of the expected effectiveness of some potential countermeasures.

Computer Security has become a major challenge in the present years due to the continuous global technological development and the different possibilities for the use of computer. Cyber threats are growing at an alarming rate and at the same pace with the online use of Personal Computers and mobile devices. This work surveys the state of Cyber Security emerging threats landscape, through the overview of related works reported between 2011 and 2013 in the literature by stakeholders and experts in Information Technology (IT) industry. Different type of Cyber emerging threats such as malicious attack, network attack and network abuse have been identiied with speciic interest on virus, Phishing, Spam and insider abuse to mention but a few. It has been established that these Cybercriminals tools are exhibiting common level of sophistication and advancement as the advances in Computer and mobile technologies.

The annual ISACA research also identifies key skills gaps in cybersecurity, how artificial intelligence is impacting the field, the role of risk assessments and cyber insurance in enterprises' security programs, and more.

This paper describes the three-phase evolution process that most countries have already gone through in structuring their cybersecurity activities. We then analyse the limitations of the current phase and outline the necessity in the next phase of evolution of governmental structures – the formation of a national Central Cyber Authority (CCA), a single civilian entity with concrete operational capabilities, responsible for defending the national cyberspace and leading national cybersecurity efforts. We present the logic behind this next phase of evolution as well as basic principles and components comprising the new CCA and its relations with current governmental organisations – regulators, law enforcement agencies and the intelligence community.

This paper will describe the ways that the systems architecture tools and practices, and technology transfer transactional mechanisms available to all DOD laboratories, can be utilized to increase knowledge sharing with small business and industry partners to shorten acquisition cycles.

Since cyberspace was identified as a domain of operations, defence practitioners started a race with academy, researchers, and industry and military organizations working together towards defining related lines of capability development (e.g., DOTMLPFI) and exploring the needs and opportunities they entail. An essential cornerstone of adapting to the convergence of the cyber domain with conventional theaters of operation is the need for producing tools for easing to acquire cyber situational awareness (CSA), from which human operators shall be able to perceive, reason and project situations and events observed in cyberspace that may vertically/horizontally propagate from technological to tactical, operational and strategic planes. Benefiting from the higher maturity level of civilian capabilities for cybersecurity, the military sector has embraced the challenge of creating related beyond state-of-the-art CSA enablers that comprise the existing technological background while adopting concepts such as operations, missions or courses of action (CoAs), properly aligning them with military doctrine. Beyond ongoing development efforts, there is a wide methodological gap in the lack of suitable CSA verification and validation (V&V) frameworks, which are expected to analyze if related capabilities meet the requirements to operate in the military context; at the same time supporting the thorough development life-cycle of brand new cyber defence technologies. With the motivation of closing the identified gap, this research introduces a novel V&V framework able to guide the evaluation of CSA-related tools, which makes converge purely military aspects with dual-use state-of-the-art V&V approaches. Three core CSA evaluation concepts are discussed in-depth: software, operational and application tests. They range from the daily application of new capabilities to their ability to enable the acquisition of a joint operational picture understandable by human decision makers. © 2022 by the authors.

the conduct of hostilities via cyberspace poses many issues regarding the application of international humanitarian law. Cyberspace should be considered as a sui generis battlefield when it comes to the study of the applicable law. The present contribution aims to identify some of the key issues arising from the application of the law of targeting to cyber operations in the context of an armed conflict, focusing exclusively on the application of the principle of distinction. The principle of distinction -the cornerstone on which humanitarian law stands - today is shrouded in uncertainty in the context of cyber operations.