2014-2016: Cybersecurity through Regulation: A Comparative Approach - Lead researcher: Deborah Housen-Couriel, Adv., Researchers: Admit Ivgi, Adv., Aurelie Amidan, Shirah Meir
Research presentation, Dec-2015
Research presentation - Dec-2015-Hebrew
2016 (ongoing): The Regulation of Cybersecurity Professions: A Proposal for Five Regulatory Models - Lead researcher: Deborah Housen-Couriel, Adv., Researchers: Admit Ivgi, Adv. and Shirah Meir
Countries have similar challenges in meeting cybersecurity workforce challenges, and nearly all are cognizant in their national cybersecurity strategies of serious gaps in capacity at present and in the coming years regarding national and global cybersecurity needs and professional talent gaps in meeting these needs. Yet each country and organization has a different approach to resolution of this challenge, reflecting different national strategic interests, priorities and capabilities. The five models proposed in this study are based on comparative research of the commonalities and differences of the twelve countries and two organizations reviewed. The models form a conceptualization that could be described as progressive or “nested”, in the sense that each model also contains the elements that characterize its predecessor. The models and the countries and organizations which they characterize are as follows:declaratory (national policies note the importance of professional development in the context of capacity-building and may showcase professional training schemes, yet the training and accreditation is voluntary and left to the private sector); declaratory with some informal training schemes (in addition toinclusion of professional capacity-building as a national strategic goal, some professional training schemes are supported and recommended and may also be government-subsidized); government information sharing with the private sector (national workforce policies are ingrained, promoted and supported by formal and regular government feedback to the private sector and the public); recommended accreditation(accreditation of professionals is strongly supported, recommended and subsidized in the context of a national strategy); and “nearly-mandatory” accreditation (whereby accreditation schemesare recommended and sponsored and are either a de jure or de factorequirement for some professionals).The details regarding each of the national and organizational strategies are reviewed on a country-by-country basis. Special characteristics are noted, such as France’s inclusion of labor unions as a stakeholder in national capacity-building efforts, the UK’s agreement with insurance companies to reduce premiums for cybersecurity-compliant companies, and Australia’s use of nationally registered occupational training organizations (RTOs). Moreover, a basket of best practices from among the countries surveyed is included at the conclusion of the study – probably better identified as “probable best practices”, as the overall assessment of the degree of success of each in achieving a higher level of cybersecurity, as well as the metrics of such an assessment, remain as future topics for research.
2016 (ongoing): Property Rights in Cyberspace: A Comparative Study of Digital Property - Lead researcher: Deborah Housen-Couriel, Adv.
The burgeoning quantity of computerized data over the past decades, and its corollary exposure to cybercrime and other forms of hostile activity in cyberspace indicate an urgent need to regulate rights in digital property. Yet the development of regulation regarding such property on the part of the countries and organization analyzed here has been slow. In three of the four countries in which it has progressed, a central impetus has been the concern over transferability of rights in the event of death or disability. In one of the four, the US, the legislative initiative of the Revised Uniform Fiduciary Access to Digital Assets Act has moved ahead significantly since 2015, with nearly half of the 50 states having adopted the Act or currently considering it. In the UK and Germany, pro-active professional organizations, the UK Law Society and the German Bar Association, have formulated public positions and policies on the inclusion of digital rights in legacies. Finally, in France, the current efforts to encompass a broad range of issues in the context of the Digital Republic Bill may bring about a more explicit digital rights regime. Further research will be necessary to follow the inevitable regulatory developments in this context, including the developments regarding the terms and conditions of website utilization by private persons, and to evaluate their degree of success in ensuring property rights in the present digital era.
2016 (ongoing): Virtual Profiling - Lead researcher: Deborah Housen-Couriel, Adv.