Bronisław Komorowski Institute Report: “Cyberspace – the 5th battlefield. Diagnosis and recommendations” by Krzysztof Liedel and Paulina Piasecka.
While analyzing various aspects of cyberspace impact on the understanding of contemporary security – not only in terms of its definition but also in terms of its practice – the role and influence of high technologies of communication and data processing on the contemporary battlefield shall not be omitted. This development resulted in the creation of the concept of network-centric warfare.
The report “Cyberspace – the 5th battlefield. Diagnosis and recommendations” by Krzysztof Liedel and Paulina Piasecka contains aspects such as:
- The security of the state in the era of threats in cyberspace
- Information security as the supreme category
- Key terms and operational areas: cyber security and security in cyberspace
- Categories of hostile actions and operations in cyberspace
- The use of offensive capabilities in cyberspace
- Network-centric warfare (warfare in the age of high information technology)
- Organizations of the information age: the need for (r)evolution
- Main recommentations for the long-term development of cybersecurity systems and capacities of operating in cyberspace.
The report is the result of expert meeting organized by Bronisław Komorowski Institute in cooperation with the Konrad Adenauer Stiftung.
Download (Full text Pdf): Report. Cyberspace – the 5th battlefield
Read a piece here:
“Key terms and operational areas: cyber security and security in cyberspace
The planning of actions aimed at ensuring cybersecurity of the state, its public and private sector as well as its citizens, requires specification of terms related to this field of security systems’ functioning. Referring to “the cyber security doctrine of the Republic of Poland”, it is possible to distinguish two distinct terms describing the security of a state in the context of its functioning in cyberspace.
The first one is the notion of cybersecurity – the security of the state in cyberspace. This term is defined as the process of securing the safe functioning of the state as a whole in cyberspace. The state is understood as its structures, natural and legal persons, including entrepreneurs and other entities without legal personality as well as information and communication technology networks and information resources in the global cyberspace, which the state has at its disposal.
Another term described in the Doctrine is the security in the cyberspace, hence a part of the cybersecurity of the state, which encompasses a set of actions: organisational and legal, technical, physical and educational, which need to be undertaken. They aim at ensuring the functioning of the national cyberspace without any disruption, providing the public and private critical information and communication technology networks as well as guaranteeing the security of the processed information resources.
Among the most important objectives of actions ensuring cyber security, it is possible to identify the following:
- the evaluation of cybersecurity conditions, including the recognition of threats, risk assessment and identification of changes,
- prevention (counteracting) of threats, reduction of risks and the use of opportunities,
- defense and protection of their own systems and gathered resources,
- combat with (de-organizing, disrupting and destroying) the sources of threats (active defense and offensive actions),
- after a potential attack – the reconstruction of the ability and functioning of the systems; creating cyberspace.
There are also several practical undertakings, which aim at ensuring the effectiveness of state’s actions in cyberspace, such as:
- guaranteeing the state’s capacity to defend itself and its own information and communication technology networks together with collected data as well as capability to actively defend and conduct offensive actions in cyberspace, integrated with other national military forces,
- creating and enhancing military structures designated for the execution of tasks in cyberspace, capable of identifying, preventing and combatting cyber threats,
- coordinating research and development initiatives for cyber security, also within the framework of civil-military cooperation,
- coordinating the cooperation of specialized (departmental) centers of cyber security in order to acquire complete information about the situation,
- monitoring and enhancing security of networks used to distribute and store information qualified as classified,
- developing counter-intelligence measures within cyberspace through the optimization of solutions on the level of software development together with physically securing the networks,
- implementing systems, which shall counter the plausible breaching of systems in real-time:
- placing its own passive sensors computer systems in cyber environment in order to detect potentially malicious codes in the data package received from the internet;
- reducing and consolidating external points of internet network access in order to minimalize risks for networks used for state’s security systems,
- enhancing educational efforts in the field of cyber security with a with particular focus on training programs in the field of defensive and offensive capabilities in cyberspace,
- promoting long-term partnerships and cooperation between public and private sector, especially with regards towards private providers of key elements of information and communication infrastructure of the state.
It is important to underline that the protection of its own interest in cyberspace as well as the protection of information in the security environment is directly linked to the development of cryptographic systems. Big potential in the field of cybersecurity lies in fields of science such as informatics and mathematics. They both give the opportunity to develop national systems for cybersecurity and cryptology, including cryptography, guaranteeing a sovereign control over the information and communication systems owned by the state. Encryption devices are the most important elements of information and communication systems. In order to achieve a certain level of efficiency of an encryption device, it is necessary to have a full control over this device and in particular over its algorithm and cryptographic key, which as a result leads to the preferential acquisition of such devices produced domestically. However, this technology is difficult and not easy to implement, hence the number of local producers is very limited.”