Војно дело (Jan 2017)
Strategic planning of cyber defense: Towards more adequate legal framework and new concept of risk, challenge and threat assessment
Abstract
The assessment of security risks, challenges and threats is the first step in developing strategic documents in the field of security and defense. The Republic of Serbia does not still have a defined cyber defense strategy and the adequate legal framework for its planning and implementation. When developing strategic and normative documents, it is important to take into account the specifics of cyber space and cyber weapons. The principles and legality that are applied in the physical world are generally different from those in the cyber world. This second, virtual world, is characterized by insecurity and coincidence as the important features. This results in difficulties related to the inability to reach an adequate level of certainty necessary for making strategic decisions in terms of behavior predictability and functioning of the entities in cyberspace including cyber weapons. The paper describes eight principles of cyber warfare, which were established in 2001 by Parks and Duggan. In addition, taking into account the results of research conducted by relevant authors on the importance of the exponential law for the analysis, approximation and prediction of events in the virtual world, we felt it was justified to promote this law in a separate, ninth cyber warfare principle. The guidelines for the development of strategic documents are also important when defining the adequate legal framework, which should take into account the specifics of cyber world and cyber weapons in order to enable efficient and economical implementation of strategic objectives in this area. This paper presents a proposal for the redefinition of certain legal solutions and points to the ambiguity, incompleteness, inaccuracy and contradiction of certain provisions of positive legislation, indicating the possibilities of de lege ferenda.
Keywords
