Cybersecurity. Mission Possible.

Head of cyber-security research at the US Department of Homeland Security, Douglas Maughan concedes 'We've had too many computer scientists looking at cyber-security, and not enough psychologists, economists and human-factors people.' See here. I would acquiesce with him however with the addendum that in addition to economists we do need legal scholars and practitioners to focus on the issue.

At present, there are two major areas that are in need of the European & Asian governments attention. Firstly, they should focus on a development and adoption of comprehensive and clear policies on cyber-security. Secondly, they should develop and adopt relevant legislation supporting the policy that would enhance cyber-security. With regard to the former, the consideration of the policy should include long-term educational efforts on the matters of cyber-security. This would include primary, secondary and professional education.

Furthermore, the European & Asian governments should promote dialog among their countries on the issues related to cyber-security and ways of its governance on the international level which is of utmost importance. On the national level, however, the European & Asian governments would be required to evaluate and develop solid foundations for its domestic cyber-security strategy, authorities, and capabilities. This would require from those government to effectively coordinate the issues related to cyber-security on various levels, such as national, sub-national, private sector and civil society and forcing the European & Asian governments to consider the following questions:

1. What are the most effective legal instruments to promote coordination and cooperation at both the national and international level?

2. What types of incentives could lead to increased cooperation among players on the national (private and public sector) and international level?

3. How limited should be the European & Asian governments in regulating both the private and public sector in the name of justifiable protection of cyber-security?

4. Civil v criminal liability? Which one is the most appropriate when addressing cyber issues.

5. Least but not last, what are the new legal instruments and measures the European & Asian governments could re-employ to address cyber-vulnerabilities?

Instead of wondering the European & Asian governments and international bodies need to provide answers to the above questions:

NOW!