1. Cyber vs Legislation and Ethics Colonel John Doody Panel Chair

2. Cyber vs. Legislation and Ethics 1.IntroductionColonel John Doody 2.Legislation versus Ethics in National Security - Military Operations versus Intelligence Collection versus Law Enforcement Air Cdre Bruce Wynn 3.Cyber and the law of war Lt Col Jan Stinissen 3.The basic legal principles that are at stake with regards to the development of the cybersecurity legal regulatory framework. Dr Radim Polcak 5. Cyber; cross boundary pursuit Mr Michael Drury 6. Cyber threats; the presentational problem of a legal response for politicians and the press?Mr Peter Warren

3. What is cyber security? MARKET SEGMENTATION © 2011 Ultra Electronics NetworksDataDevicesPeople Availability Integrity Confidentiality © 2011 Ultra Electronics

4. What is cyber security? KEY MARKETS NetworksDataDevicesPeople Availability Integrity Confidentiality Traffic Encryption & Key Management Network Hardening & Boundary Protection Data at Rest Encryption & Key Management Transaction Protection Multi-factor Authentication Legal Intercept & Cloud Computing Reliability DDoS Protection Collaborative Working Penetration Testing & Vulnerability Scanning Attack Identification & Response Training © 2011 Ultra Electronics A model to analyse the cyber security market © 2011 Ultra Electronics

5. What is cyber security? Components subject to Legislation and Ethics? NetworksDataDevicesPeople Availability Integrity Confidentiality Cryptography Key Management Meta-Data Production Legal Intercept Keyless Decryption Disposal Obfuscation Storage Audited Actions Secure Software Authentication Non-Repudiation Attack Vector Unauthorised Duplication Malware Testing Audit Manipulation Risk Assessment Remote Retrieval Meta-Data Provision Flow Control Legal Intercept Local retrieval Compression Spoofing Access Key Management Authentication Recovery Testing Data Retention Link Cryptography Network Cryptography Obfuscation Access Key Management Multi-level Security Logical Separation Testing Authentication Access Knowledge Spoofing Testing Usage Restrictions Audited Actions Intrusion Detection Intrusion Response Secure Operation Attack Vector Operational Validation Testing Risk Assessment Damage Usage Restrictions Routing Attack Vector Authentication Monitoring Direction Control Audited Actions Spoofing Accuracy Risk Assessment Testing Risk Assessment Risk Appetite Procedures Practice Behaviour Situational Awareness Social Networks Business Continuity Business Recovery Access User Interface Prioritisation Legal Intercept Operation Continued Operation Spoofing Efficiency Restoration Safety Wired Access Wireless Access Prioritisation Flow Control Legal Intercept Shaping Attack Response Safety © 2011 Ultra Electronics …and drill down to identify the market niches that comprise the cyber security market © 2011 Ultra Electronics

7. Cyber and the law of war Lt Col Jan Stinissen

8. Law of War use of force is prohibited, unless …. – self defence, – UNSC Resolution, – humanitarian intervention (?) law of armed conflict – humanity, – distinction, – military necessity, – proportionality

9. Developments

10. Examples in Cyber neutrality despite the borderless character of cyber, also in a cyber conflict a State can be neutral indiscriminate attacks cyber attacks that are not directed at a lawful target, and are of a nature to strike lawful targets and civilian objects without distinction are prohibited