Search

You searched for: Content Type Working Paper Remove constraint Content Type: Working Paper Publishing Institution Center for International and Security Studies at Maryland (CISSM) Remove constraint Publishing Institution: Center for International and Security Studies at Maryland (CISSM) Political Geography Global Focus Remove constraint Political Geography: Global Focus Publication Year within 5 Years Remove constraint Publication Year: within 5 Years
Number of results to display per page

Search Results

  • Author: Charles Harry, Nancy Gallagher
  • Publication Date: 03-2019
  • Content Type: Working Paper
  • Institution: Center for International and Security Studies at Maryland (CISSM)
  • Abstract: Faced with rapidly growing cyber threats, organizational leaders, and government officials cannot reliably secure all data and digital devices for which they are responsible. The best they can do is conduct strategic risk management. That requires a systematic way to categorize potential attacks and estimate consequences in order to set priorities, allocate resources, and mitigate losses. The 2018 U.S. National Cyber Strategy holds government officials accountable for doing cyber risk management based on the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework and recommendations from not-for-profit organizations such as the Center for Internet Security (CIS) and ISACA. Yet, none of these policy documents and best practice guides actually provide the necessary analytical tools. As a result, public agencies, private companies, and non-profit groups that try to do risk assessment often feel overwhelmed rather than empowered to make strategic cybersecurity decisions. The Center for International and Security Studies at Maryland (CISSM) has developed an analytical framework that provides four essential building blocks needed to satisfy the principles in the NIST Standard Framework and other best practice guides: 1. A standardized system for classifying cyber threats and events by their effects. 2. Tools to associate organizational functions with IT topologies. 3. Algorithms to assess the severity of disruptive and exploitative cyber events. 4. A method to understand the integrated nature of risk across different parts of a simple organization, major divisions of a complex organization, or interconnected organizations in a complex system. These building blocks can be combined in different ways to answer critical questions, such as: • What is the range of cyber risks to different types of organizations? • Which threats pose the greatest risk to a specific department or organization? • How could an attack on one part of an IT network affect other organizational functions? • What is the accumulated risk across a critical infrastructure sector or geography? Using a comprehensive, consistent, and repeatable method to categorize and measure risk can enhance communication and decision-making among executives who make strategic decisions for organizations and their IT staff with day-to-day responsibility for cybersecurity. It can facilitate cooperation between public officials and private industry who share responsibility for different components of national critical infrastructure. It can inform media coverage and public debate about important policy questions, such as which decisions about cybersecurity should be purely private decisions, whether government should incentivize or mandate certain cybersecurity choices, and when a cyber attack warrants some type of military response.
  • Topic: Science and Technology, Military Strategy, Cybersecurity, Media
  • Political Geography: Global Focus
  • Author: Poorti Sapatnekar
  • Publication Date: 06-2019
  • Content Type: Working Paper
  • Institution: Center for International and Security Studies at Maryland (CISSM)
  • Abstract: While nation-states remain primary protagonists in global governance processes, it is increasingly recognized that non-state actors (NSAs) are key players in areas ranging from human rights and civil conflict to infectious disease and nuclear non-proliferation. The area of climate change is an illustrative example. NSAs have been active participants in the margins of the Conference of Parties (COP), the annual meeting of Parties to the UN Framework Convention on Climate Change (UNFCCC), since its inception in 1995 by holding side-events and protests, raising awareness, lobbying, etc. NSAs have also contributed to the development of a “regime complex” in climate governance at the same time. Yet, the determinants and effects of that participation are not well understood. The COP offers a unique opportunity to examine one piece of this puzzle; namely, the factors that enable and motivate NSAs to participate in the design and implementation of international agreements. We use an original dataset of NSA participants at the COP from 1995 to 2016, to examine whether NSAs are well positioned to help states overcome key barriers to cooperation. As NSAs ramp up their participation in climate governance and elsewhere, this study offers insight into their motivations and potential impact on governance outcomes.
  • Topic: Climate Change, United Nations, Non State Actors, Governance
  • Political Geography: Global Focus
  • Author: Amy J. Nelson
  • Publication Date: 04-2018
  • Content Type: Working Paper
  • Institution: Center for International and Security Studies at Maryland (CISSM)
  • Abstract: For decades or longer, policy-makers have sought to use arms control to reduce the uncertainty endemic to the international security environment. Because uncertainty is pervasive in these situations, however, practitioners themselves are naturally vulnerable to its effects. This paper seeks to help policy-makers optimize arms control outcomes by providing improved theory and best practices for goal-setting and strategy selection using the judicious application of decision theoretic concepts. The paper first lays out a suitable role for decision theory in the study and analysis of arms control, arguing that “uncertainty” is a more appropriate concept for description and analysis here than is “risk.” Prior approaches that rely on “risk” have tended to drive the search for arms control best practices, but “risk” requires the use of probability estimates that are frequently not available or not a good indicator of potential outcomes. Second, the paper argues that decision-makers are vulnerable to the effects of missing information and the uncertainty it causes in the run-up to and during arms control negotiations. Consequently, they are subject to biases and resort to the use of security-specific heuristics, including worst-case scenario thinking, limited-theater-of-war thinking, and low-dimension (or non-complex) thinking when setting goals and employing strategies for negotiating arms control agreements. The paper discusses the origins of this uncertainty and the strategies that states could employ as a result of these security-specific heuristics, arguing that they can best be grouped into two types—risk reduction versus uncertainty management. Finally, the paper makes recommendations for optimizing outcomes—for getting efficient negotiations that result in robust, durable agreements, capable of managing uncertainty about security, despite the effects of missing information.
  • Topic: Arms Control and Proliferation, Diplomacy, Military Strategy
  • Political Geography: Global Focus
  • Author: Davin O'Regan
  • Publication Date: 12-2018
  • Content Type: Working Paper
  • Institution: Center for International and Security Studies at Maryland (CISSM)
  • Abstract: U.S. foreign policy increasingly embraces and seeks to empower civil society organizations in developing countries as a critical contributor to stability and security. This paper explores whether there are grounds for these claims, specifically whether variation in civil society can explain the onset of civil wars. It examines two common explanations for the conflict-preventative potential of civil society, namely its ability to increase social capital and citizens’ voice. Four hypotheses are tested by integrating new data on various attributes of civil society from the Varieties of Democracies Initiative into a common model of civil war onset. Little support is found for claims that civil society reduces the probability of civil war onset by improving social capital, but onset may be reduced when a strong advocacy and political orientation is present in civil society. In other words, there appears to be some grounds for U.S. policy claims that a stronger civil society can enhance citizens’ voice and reduce instability and conflict onset. This finding still raises many questions about the precise links between civil society and civil war onset, and introduces potential complications for how policymakers might address conflict onset through support for civil society.
  • Topic: Civil Society, Civil War, Democracy, Political stability
  • Political Geography: Global Focus
  • Author: Catherine Kelleher
  • Publication Date: 01-2017
  • Content Type: Working Paper
  • Institution: Center for International and Security Studies at Maryland (CISSM)
  • Abstract: The following papers were commissioned as part of the Missile Defense, Extended Deterrence, and Nonproliferation in the 21st Century project supported by the Project on Advanced Systems and Concepts for Countering Weapons of Mass Destruction (PASCC). The papers have two general purposes: 1) to create a body of work that provides an overview of the missile defense developments in major regions of the world; and 2) to provide emerging scholars the opportunity to conduct research, publish, and connect with each other. We believe we have succeeded on both counts. The papers written for this project will be valuable for academics and policymakers alike, and will be published and disseminated by the Center for International and Security Studies at Maryland. This element of the project has also been successful in further bringing together a new cadre of experts in the field and developing the next generation of academics and public servants who will benefit from their participation in this project.
  • Topic: Security, Nuclear Weapons, Missile Defense
  • Political Geography: United States, Europe, Global Focus
  • Author: Lance Kim
  • Publication Date: 07-2017
  • Content Type: Working Paper
  • Institution: Center for International and Security Studies at Maryland (CISSM)
  • Abstract: The emergence of an advanced nuclear industry has renewed the pursuit of small modular and advanced reactor technologies to supply low carbon energy. By the same token, these developments potentially expose gaps in current safeguards practices, particularly for reactor designs utilizing novel coolants and fuel forms–underscoring calls for the early application of Safeguards-by-Design to effectively and efficiently detect diversion and misuse. Other innovations may necessitate additional measures to credibly assure the absence of undeclared activities. This paper discusses three types of advanced nuclear and nuclear-related technologies as illustrations of these challenges: 1) micronuclear reactors, 2) molten salt reactors, and on the balance-of-plant side, 3) thermal energy storage and dry cooling. It then identifies high-level safeguards development needs associated with these on-the-horizon technologies so as to elevate safeguards considerations in the minds of reactor developers and investors.
  • Topic: Science and Technology, Nuclear Power
  • Political Geography: Global Focus
  • Author: Nilsu Gören, Theresa Hitchens
  • Publication Date: 10-2017
  • Content Type: Working Paper
  • Institution: Center for International and Security Studies at Maryland (CISSM)
  • Abstract: Cybersecurity transcends national boundaries in many ways: The internet’s technical infrastructure is global in scope; threat actors based in one country can disguise their identities by taking control of computers in other countries; global businesses sell software, hardware, and security services that may introduce or combat vulnerabilities; and the consequences from a disruptive attack can spread far beyond the initial victim. Even the most cyber-savvy country cannot protect itself completely unless it wants to disconnect from the global internet and strictly limit who can use information technology and for what purposes inside its own borders. And this course of action is infeasible because it would result in dire consequences for the national economy, military, and all other systems that depend on advanced information technology. International cooperation to improve cybersecurity is a much more realistic and viable path. Information sharing is the most commonly promoted type of international cooperation, but very little is known about what type of cybersecurity information is currently being shared with whom, for what purposes, and under what conditions. As a first step towards answering this larger question, the International Cybersecurity Information Sharing Project undertook to survey, catalog, and analyze publicly available government-to-government cybersecurity-related sharing agreements to determine what types of information various governments have committed to share, and to identify gaps in information sharing. The ultimate aim of the larger project is to assess how multilateral cybersecurity sharing practices can be encouraged and improved in order to strengthen global cybersecurity. The project team started from the assumption that formal cyber sharing agreements and memoranda of understanding (MoU) are an important part of the foundation for the development of norms on cyber cooperation. Over the past several years, various international fora have reiterated that sharing information about cyber threats and vulnerabilities, national approaches to cyber protection, best practices, incidents of concern, and response mechanisms could increase mutual cybersecurity while reducing risks of misunderstandings and conflict. Different types of information sharing can be used to improve cybersecurity in various ways. By sharing threat perceptions and national policies, states can better understand each other’s concerns and priorities. By conducting multilateral exercises and sharing best practices for protection of networks, critical infrastructure, and software/hardware, states can help each other ensure safe data transfer across borders. Cooperation to build capacity in states with weaker infrastructure for managing the use of information and communications technologies (ICTs) can help in identifying threats and responding to crises. This research found that cybersecurity information agreements are more numerous, but less specific than anticipated. The project documented and analyzed 196 agreements involving 116 different countries and 2,349 signatures. Extensive signature of agreements and associated commentary shows widespread accord on the principle that information sharing is necessary. However, it is unclear how much and what type of information sharing occurs in practice. Few agreement texts are public, and those that are often use vague language. And, despite the potential benefits of sharing more cyber-security information, many disincentives and logistical barriers remain. This project collected as much information as possible, not only about what states have agreed to do, but also what they actually do, and why they make those choices. After a brief summary of the approach taken and some limitations encountered, the study provides summary statistics about international cyber information sharing agreements. It then looks in more detail at sharing agreements and behaviors by some of the most active and/or important countries in regional organizations, and in multilateral fora that have focused on this topic. A summary of key findings, conclusions, and next steps is followed by annexes with more methodological information and texts for some of the most important agreements.
  • Topic: Science and Technology, Cybersecurity
  • Political Geography: Global Focus