Current Articles
Fall 2019, No. 2, vol. 1 / Romanian Cyber Security Journal
Crisis Management for Cyber Issues: Going it Alone or in a Coalition?
Viorel BARBU
viorel_barbu_map@yahoo.com
Abstract:
Cyber attacks are executed by organized crime groups, sometimes on the orders
of state structures, on Information and Communication Technology (ICT) infrastructures of
strategic interest belonging to public institutions or to various companies. With this in
mind,
governments must adapt their critical infrastructures, both civilian and military, to
specific
risks and threats, so that they may avoid strategic surprises in the cyber environment. By
accessing pre-existing models for protection, as well as specific know-how and best
practices
in the field, states may allocate scarce resources towards acquisitions and training,
rather
than redeveloping what others have already mastered. This article argues that a purely
National approach to critical ICT infrastructure protection is lacking, since globalization
manifests as interconnections in all fields, partly mediated by the cyber environment.
Therefore, crisis management in the cyber domain must consider the interconnections of
National systems to those of the alliances to which the nation belongs. A medium sized
state like Romania, with the current geopolitical situation and a challenging security
environment featuring implicit risks to physical and virtual borders, finds it much more
difficult to generate and maintain its own cyber monitoring, prevention and protection
systems. In this regard, it becomes easier and more financially convenient for government
institutions to adhere to the doctrines, organization, training, technical endowment and
interoperability capacity of its particular alliance. In the medium and long term, offset
procedures are also a more profitable path to development of security capabilities that
also serve to reinforce ties with and diminish distances from highly developed states.
Keywords:
Cyber issues, risks and threats, coalition, critical infrastructures (CI), critical
informational infrastructures (CII), critical infrastructures protection (CIP), critical
informational infrastructures protection (CIIP).