This companion provides the most comprehensive and up-to-date comparative overview of the cyber-security strategies and doctrines of the major states and actors in Europe, North America, South America, Africa, and Asia.
The volume offers an introduction to each nation's cyber-security strategy and policy, along with a list of resources in English that may be consulted for those wishing to go into greater depth. Each chapter is written by a leading academic or policy specialist, and contains the following sections:
overview of national cyber-security strategy;
concepts and definitions;
exploration of cyber-security issues as they relate to international law and governance;
critical examinations of cyber partners at home and abroad;
legislative developments and processes;
dimensions of cybercrime and cyberterrorism;
implications of cyber-security policies and strategies.
This book will be of much interest to students and practitioners in the fields of cyber-security, national security, strategic studies, foreign policy, and international relations.
Trusted byĀ 375,005 students
Access to over 1.5 million titles for a fair monthly price.
Cybersecurity is an important element in Spanish National Security; Spain adopted a specific National Cybersecurity Strategy in 2013. The Spanish Security Strategy of 2011 included ā for the first time ā cyber threats and attacks among the main threats to national security (Cendoya, 2016) and the National Defence Directive of 2012 also anticipated the development of a National Cybersecurity Strategy.
Spainās 2017 National Security Strategy, defined by the National Security Council, identifies cyberspace as a global common space (together with maritime, airspace, and outer space) as a particular area of vulnerability, either because of the use of the cyber environment for illicit purposes (terrorism, organized crime, and disinformation campaigns), or because of cyber threats such as information theft, hacking of devices, DDoS attacks, and attacks against infrastructures considered critical, among others.
The Kingdom of Spain has a high level of commitment to cybersecurity according to the International Telecommunications Union (ITU) and is a member country of the Freedom Online Coalition. Spain is ranked in 7th position globally (with a CGI score of 0.896) and 5th regionally in the ITU Global Cybersecurity Index which aims to āmeasure the commitment of countries to cybersecurity in order to raise cybersecurity awarenessā (ITU, 2019). Analogously to the United Kingdom, the United States, France, and Lithuania, it scored highest in the legal (āexistence of legal institutions and frameworks dealing with cybersecurity and cybercrimeā) and organizational (āexistence of policy coordination institutions and strategies for cybersecurity development at the national levelā) pillars of the ITU framework (ITU, 2019: 8).
Spainās geographical setting and geostrategic position have implications in the domain of cyberspace. Its mainland national territory is located in Southwestern Europe, in the Iberian Peninsula; the Canary and Balearic Islands, as well other smaller islands and territories in North Africa, are also part of the Kingdom of Spain. As stated in the 2017 National Security Strategy:
Spainās identity is at once European, Mediterranean and Atlantic. Its singular geostrategic position and natural orientation towards different spaces requires it to have its own strategic and dynamic vision. Its central position in key areas ā between Europe and North Africa; between the Mediterranean and the Atlantic; and with peninsular territory, archipelagos, islands and the sovereign territories in North Africa ā makes Spain a bridge between countries and cultures, conferring upon it a specific security profile.
(Presidency of the Government, 2017: 22)
The āphysical segment of the cyberspaceā is associated with the physical infrastructure of submarine and land cables as well as satellites providing connectivity across lands and seas (Sheldon, 2014: 287). As early as at the end of nineteenth century, during the Spanish-American War, Spain experienced the disruptive effects of telegraph cable-cutting operations carried out by the US Navy targeting the communications between Spain and its colonial territories.
Moreover, with over 95 percent of international communications and data transmission occurring via the global subsea network, routine activities like sending emails overseas, searching the Internet, downloading music or video, and the like are most likely to involve underwater fibre-optic cables (Carter & Burnett, 2015: 349).
As Sheldon (2014: 288ā289) argues, āthe ubiquity of cyberspaceā should not obscure the role played by āgeography and geopolitics in its useā since:
the target itself is geographically located in that the computer network penetrated, the data pilfered or otherwise manipulated, and the political, economic, and military significance of the data are owned by and within the sovereign territory of some political entity.
The Spanish Maritime Security Strategy of 2013, highlights that āmaritime connectivity between the mainland and the islands and the Autonomous Cities of Ceuta and Melilla is one of the pillars of Spainās geopolitical structureā and points out threats from cyberspace as one the potential risks and threats against the multiple national interests in the maritime security dimension (Gobierno de EspaƱa, 2013).
National cybersecurity system
The National Cybersecurity Council (CNC) is the specialized committee and collegiate body for supporting the National Security Council (CNS) in the field of cybersecurity. The creation of the CNC was an initiative agreed at the CNS meeting of December 5, 2013. At that same meeting the first specific National Cybersecurity Strategy was adopted, this strategic document is the framework for reference regarding cybersecurity in Spain.2 The National Cybersecurity Strategy was updated on April 12, 2019 after of the meeting of the CNS and was publicly released as the National Cybersecurity Strategy by the Order PCI/487/2019 of April 26. The National Cybersecurity Strategy 2019 specifies the components that make up the structure of the Spanish cybersecurity apparatus in the framework of the National Security System: (1) National Security Council (Government Delegate Commission for National Security); (2) Situation Committee for Crisis Situations; (3) National Cybersecurity Council; (4) Permanent Commission on Cybersecurity; (5) National Forum of Cybersecurity; and (6) competent public authorities and national Computer Security Incident Response Teams (CSIRTs) of reference (Orden PCI/487/2019).3
The CNS, in its capacity as the Government Delegate Commission for National Security, is the body responsible for assisting the Prime Minister in the direction of the Spanish National Security Policy. As stated in the strategy, the CNS acts through the Department of National Security (DSN) ā which part of the Cabinet of the Presidency of the Government (Prime Minister) ā as single point of contact for liaison and for ensuring cross-border cooperation with other member countries of the EU. The Situation Committee is also supported by the DSN and follows the direction of the CSN in crisis situations.
The National Cybersecurity Council met on April 9, 2019 with three main points on the agenda: (1) evaluation and monitoring of the work carried out in the preparation of the National Cybersecurity Strategy of 2019; (2) actions carried out to counter disinformation and protection of electoral processes ā Spanish elections of April and European elections of May 2019; and (3) the security of 5G telecommunications networks (DSN, 2019b). On April 12, the National Security Council held its last meeting before the April 28 Elections and the Prime Minister, Pedro SĆ”nchez, highlighted the key role of cybersecurity in āthe preservation of the rights and liberties of citizens, the defence of Spain, as well as the transformation of our digital society necessary for progress, innovation and industrial developmentā (DSN, 2019c).
According to the ORDER PRA/33/2018 of January 22, the National Cybersecurity Council has, among others, the following functions: proposing guidelines on the planning and coordination of the National Security policy with regard to cybersecurity; supporting the CNS in its function of verifying the degree of compliance with the National Security Strategy in relation to cybersecurity; contributing to normative proposals for strengthening the National Security System in the field of cybersecurity; supporting CSN decision-making on cybersecurity matters, through analyses, studies and proposals; strengthening relationships with the relevant Public Administrations in the field of cybersecurity; the coordination, collaboration, and cooperation between public and private sectors; and assessing risk and threats as well as analysing likely crisis scenarios in support of the Situation Committee (ORDER PRA/33/2018). The presidency of the CNC is held by the Secretary of State Director of the National Intelligence Centre while the post of Vice-President is held by the Director of the DNS. The DNS is designated both as the permanent working body of the Cybersecurity Council as well as its technical secretariat (ORDER PRA/33/2018).
The National Cybersecurity Strategy 2019 establishes both the Permanent Commission on Cybersecurity and the publicāprivate National Cybersecurity Forum but these elements in the cybersecurity system require further development and implementation.
Relationships between relevant public cybersecurity organizations and private companies are solid as evidenced by different initiatives such as the establishment of the non-profit and independent association CSIRT.es, which integrates computer security incident response teams. According to official studies, the cybersecurity industry integrated over 530 active companies in Spain in 2014.6 The CSIRT.es Forumās website includes some of the relevant membership CSIRT/CERT teams from private companies.7
The Royal Decree 12/2018, of September 7, of Security of Network and Information Systems, incorporates the European Network and Information Systems Directive, to the national legal framework. Articles 9 and 11 designate the competent authorities and the Computer Security Incident Response Teams of reference (CSIRTs) as illustrated in Table 1.1. Accordingly, the CSIRT/CERT of reference are:
For the operators of essential services:
The CCN-CERT, of the National Cryptologic Center, which corresponds to the community of reference constituted by the public sector ā as described in the Article 2, Chapter 1, of the Law 40/2015 of October 2.8
The INCIBE-CERT, of the National Cybersecurity Institute of Spain, which corresponds to the reference community constituted by those entities not included in the subjective scope of application of Law 40/2015. The INCIBE-CERT is operated jointly by the INCIBE and the CNPIC (Ministry of Interior) in all that refers to the management of incidents that affect the critical operators.
The ESPDEF-CERT, of the Ministry of Defense, which will cooperate with the CCN-CERT and INCIBE-CERT in those situations that they require in support of the operators of essential services and, necessarily, in those operators that have an impact on National Defense and that are determined by regulation.
For digital service providers that are not included in the CCN-CERT community of reference, the INCIBE-CERT is the CSIRT of reference. INCIBE-CERT is also the incident response team of reference for citizens, private law entities and other entities not included in the section 1 above (Royal Decree 12/2018).
Table 1.1 Royal Decree-Law 12/2018, of September 7, on Network Security and Information Systems
Scope
CSIRT of Reference
Authority of Reference
Operator of Essential Services
Critical
Private Sector
ESPDEF-CERT (Joint Cyber Defence Command) Cooperation with the CCN-CERT and INCIBE-CERT in those situations that they require in support of the operators of essential services and, necessarily, in those operators that have an impact on National Defense and that are determined by regulation.
INCIBE-CERT
National Centre for Critical Infrastructure Protection and Cybersecurity (CNPIC) of the State Secretariat for Security (Ministry of Interior)
Public Sector
CCN-CERT
Non-Critical
Private Sector
INCIBE-CERT
Sectorial Authority
Public Sector
CCN-CERT
National Cryptologic Centre (CCN) (Ministry of Defence)
Provider of Digital Services
Critical
Private Sector
INCIBE-CERT
National Centre for Critical Infrastructure Protection and Cybersecurity (CNPIC) of the State Secretariat for Security (Ministry of Interior)
Public Sector
CCN-CERT
Non-Critical
Private Sector
INCIBE-CERT
Secretariat of State for Digital Advancement (SEAD) of the Ministry of Economy and Business
Public Sector
CCN-CERT
National Cryptologic Centre (CCN)
Source: CCN-CERT IA 13/19 and Royal Decree 12/2018.9
Regarding coordination betwe...
Table of contents
Cover
Half Title
Title Page
Copyright Page
Table of Contents
List of figures
List of tables
List of contributors
Foreword: Global cybersecurity in the 21st century
Introduction: cybersecurity strategy and policy in a comparative context
Part I: Europe
Part II: Asia and Australia
Part III: The Middle East
Part IV: The Americas
Part V: Africa
Index
Frequently asked questions
Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn how to download books offline
Perlego offers two plans: Essential and Complete
Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.5M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1.5 million books across 990+ topics, weāve got you covered! Learn about our mission
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more about Read Aloud
Yes! You can use the Perlego app on both iOS and Android devices to read anytime, anywhere ā even offline. Perfect for commutes or when youāre on the go. Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Yes, you can access Routledge Companion to Global Cyber-Security Strategy by Scott N. Romaniuk, Mary Manjikian, Scott N. Romaniuk,Mary Manjikian in PDF and/or ePUB format, as well as other popular books in Politics & International Relations & Computer Science General. We have over 1.5 million books available in our catalogue for you to explore.
