Article
The Cybersecurity Obligations of States Perceived as Platforms: Are Current European National Cybersecurity Strategies enough?
ACIG journal
(2022)
Abstract
Cybersecurity is a relatively recent addition to the list of preoccupations for modern states. The forceful emergence of the internet and computer networks and their subsequent prevalence quickly brought this to the fore. By now, it is inconceivable that modern administrations, whether public or private, can exist entirely outside the digital realm. Nevertheless, with great opportunities also comes great risk. Attacks against com- puter systems quickly evolved from marginalised incidents to matters of state concern. The exponential increase in the importance of cybersecurity over the past few years has led to a multi-level response. New policies, followed by relevant laws and regulations, have been introduced at national and international levels. While modern states have therefore been compelled to devise concrete cybersecurity strategies in response to potential threats, the most notable aspect of these strategies is their resemblance to one another. Such uni- form thinking could develop into a risk per se: challenges may appear unexpectedly, given the dynamic nature of the internet and the multitude of actors and sources of risk, which could put common knowledge, or what may be called conventional wisdom, to the test at a stage where the scope for response is limited. This paper builds upon the idea of national states being perceived as platforms within the contemporary digital and regulatory environ- ment. Platforms are in this context information structures or systems, whereby the primary role of states acting as platforms is that of an information broker for its citizens or subjects. This role takes precedence even over the fundamental obligation of states to provide se- curity; it calls upon them first to co-create (basic) personal data, and then to safely store and further transmit such data. Once the key concept of states as platforms has been elaborated in section 2, this paper then presents the concrete consequences of this approach within the cybersecurity field. In section 3, former off-line practices for safely storing per- sonal information, undertaken by states within their role as platforms, are contrasted with the challenges posed by the digitisation of information. The focus is then turned in section 4 to the EU, and the NIS Directive’s obligation upon Member States to introduce and imple- ment national cybersecurity strategies, which are therefore examined under the lens intro- duced in section 2. Finally, specific points for improvement and relevant recommendations for these cybersecurity strategies are presented in section 5.
Keywords
- Cybersecurity,
- States as Platforms
Disciplines
Publication Date
December, 2022
DOI
10.5604/01.3001.0016.1237
Citation Information
Vagelis Papakonstantinou, The Cybersecurity Obligations of States Perceived as Platforms: Are Current European National Cybersecurity Strategies enough? in the ACIG journal, Vol. 1, Issue 1.2022, December 2022.
Creative Commons license
This work is licensed under a Creative Commons CC_BY International License.