Skip to main content

DSI Publications

Journal Article
Forthcoming

Identification and demarcation—A general definition and method to address information technology in European IT security law

Computer Law & Security Review 52 (April): 105927
Nils Brinker
Subject(s)
Information technology and systems; Technology, R&D management
Keyword(s)
information technology, IT security law, cybersecurity, European regulation
Volume
52
Journal Pages
105927
ISSN (Online)
1873-6734
ISSN (Print)
0267-3649
Journal Article

Challenges for cyber arms control: A qualitative expert interview study

Zeitschrift für Außen- und Sicherheitspolitik 16 (3): 289–310
Thomas Reinhold, Helene Pleil, Christian Reuter (2023)
Subject(s)
Information technology and systems; Technology, R&D management; Unspecified
Keyword(s)
cyberspace, cyberwar, arms control
Volume
16
Journal Pages
289–310
ISSN (Online)
1866-2196
ISSN (Print)
1866-2188
Journal Article

When shutdown is no option: Identifying the notion of the digital government continuity paradox in Estonia's eID crisis

Government Information Quarterly 40 (1): 101781
Subject(s)
Economics, politics and business environment; Information technology and systems
Keyword(s)
digital government, cyber risk, cyber crisis management, network governance, resilience, electronic identity, estonia
Volume
40
Journal Pages
101781
Journal Article

Stadt, Land, K-Fall, ...?! [City, Country, Disaster Case…?!]

kes – Die Zeitschrift für Informations-Sicherheit 38 (1)
Lola Attenberger (2022)
Subject(s)
Information technology and systems
Keyword(s)
cybersecurity, urban crisis management, digital policy, civil protection, disaster management
Critical infrastructure protection is a joint task of the state and the economy. Nevertheless, there does not yet exist any standardized approach for a common risk management approach. This article proposes such a methodology, leaning on ISO 27000-series and implying three perspectives: the technical, micro perspective, the organizational macro perspective besides the country-wide meta perspective.
Volume
38
Journal Article

On the politics and ideologies of the sovereignty discourse in cyberspace

Duke Journal of Comparative and International Law 32 (1): 61–107
Henning Christian Lahmann (2021)
Subject(s)
Information technology and systems
Keyword(s)
Sovereignty, cyberspace, cyber operations, Tallinn Manual, cyber sovereignty, digital sovereignty, defend forward, persistent engagement
The article critically examines the current discourse on the legal status and substance of “sovereignty” in the context of the application of international law to cyberspace against the backdrop of conflicting political-ideological attitudes. After tracing the origins of the interpretation of “respect for sovereignty” as a primary rule of international law, two approaches to cyberspace are surveyed that challenge the emerging consensus: “cyber imperialism,” embodied by the US and the other Five Eyes members on the one hand, and “cyber Westphalia,” represented by China, Russia, and Iran on the other. Both conceive cyberspace in ways fundamentally irreconcilable with prevailing legal views. A third group of states endorses the “sovereignty-as-rule” understanding but leaves this legal position vulnerable to both authoritarian co-optation and imperialist dismissal. In light of this, the paper offers an alternative interpretation of state practice and international jurisprudence that constructs sovereignty as a principle with derivative primary rules. It is shown that despite not by itself having the status of a rule, the principle of sovereignty allows for the identification of rules that protect the territorial integrity and political independence of states beyond the traditional notions of the prohibition of intervention and the use of force. Following a careful analysis of evidence in existing practice in support of this novel, doctrinally more precise understanding of sovereignty, the policies of “persistent engagement” and “cyber sovereignty” are assessed in light of the argument’s legal implications.
Volume
32
Journal Pages
61–107
ISSN (Online)
2328-9708
ISSN (Print)
1053-6736
Journal Article

Das IT-Sicherheitsgesetz 2.0 – neue Regeln für Unternehmen und IT-Produkte [The IT Security Act 2.0 - new regulations for companies and IT products]

Computer und Recht 7: 450–458
Martin Schallbruch (2021)
Subject(s)
Economics, politics and business environment; Information technology and systems; Technology, R&D management
Keyword(s)
Cybersecurity, information security, information law, critical infrastructures, cyber regulation
Two articles explain the genesis and contents of the German IT Security Act 2.0, which was enacted in May 2021. This first article focuses on the origins of the law, the obligations of companies as operators of information technology, and the new regulations on the security of IT products.
Journal Pages
450–458
ISSN (Online)
2194-4172
Journal Article

EU-Regulierung der Künstlichen Intelligenz [EU regulation of artificial intelligence]

Datenschutz und Datensicherheit 45 (7): 438–443
Martin Schallbruch (2021)
Subject(s)
Economics, politics and business environment; Information technology and systems; Technology, R&D management
Keyword(s)
AI, artificial intelligence, privay, data protection, information law
The European Commission has presented proposals for the horizontal regulation of artificial intelligence. It is thus foreseeable that the regulatory systems of data protection and IT security will be supplemented by a further cross-sectoral approach to the regulation of information technology. This article explains the proposals and describes their advantages and disadvantages.

[Die Europäische Kommission hat Vorschläge vorgelegt, wie eine horizontale Regulierung künstlicher Intelligenz erfolgen soll. Damit ist absehbar, dass neben die Regulierungssysteme des Datenschutzes und der IT-Sicherheit ein weiterer sektorübergreifender Ansatz zur Regulierung von Informationstechnik treten wird.]
Volume
45
Journal Pages
438–443
ISSN (Online)
1862-2607
ISSN (Print)
1614-0702
Journal Article

Cybersecurity and the risk governance triangle

International Cybersecurity Law Review 2 (1): 77–92
Andrew J. Grotto, Martin Schallbruch (2021)
Subject(s)
Economics, politics and business environment; Information technology and systems; Technology, R&D management
Keyword(s)
Transatlantic, data protection, internet of things, artificial intelligence, industrial control systems (ICS)
Volume
2
Journal Pages
77–92
ISSN (Online)
2662-9739
ISSN (Print)
2662-9720
Journal Article

Mehr Unabhängigkeit für das BSI? [More independence for the Federal Office for information security?]

Datenschutz und Datensicherheit 45 (4): 229–233
Martin Schallbruch (2021)
Subject(s)
Economics, politics and business environment; Information technology and systems; Technology, R&D management
Keyword(s)
Cybersecurity, information security, government, Germany
Since its foundation 30 years ago, the Federal Office for Information Security (BSI) has developed into an internationally and nationally recognized center of competence for IT security. With a steady increase in tasks, the discussion about the governance of the office has become stronger - many voices are calling for greater independence of the BSI. The article examines the reasons for and options for greater independence of the agency. As a result, it argues for a further development of the agency's governance that represents a balance between independence and political responsibility.

[Seit seiner Gründung vor 30 Jahren hat sich das BSI zu einem international und national anerkannten Kompetenzträger für IT-Sicherheit entwickelt. Mit stetigem Aufgabenzuwachs ist die Diskussion über die Steuerung des Amtes stärker geworden – viele Stimmen fordern eine größere Unabhängigkeit des BSI.]
Volume
45
Journal Pages
229–233
ISSN (Online)
1862-2607
ISSN (Print)
1614-0702
Journal Article

Zur operativen Zusammenarbeit zwischen Staat und Wirtschaft in der Cybersicherheit in Deutschland [On the operative cybersecurity cooperation of public and private entities]

Datenschutz und Datensicherheit 45: 239–243
Henning Christian Lahmann (2021)
Subject(s)
Information technology and systems; Strategy and general management
Keyword(s)
public-private partnerships, cybersecurity governance, germany, united states, united kingdom, israel, trust
The article survey the current situation concerning the operative cybersecurity cooperation of public and private-sector entities in Germany and compares it with solutions implemented in the United States, Israel, and the United Kingdom. Subsequent to the analysis, the establishment of trust between the different involved actors is identified as the principal challenge for efficient cooperation in this subject area.

[Der vorliegende Artikel stellt die bisherige Situation der operativen Zusammenarbeit zwischen Staat und Wirtschaft in der Cybersicherheit in Deutschland dar und vergleicht sie mit den Lösungen, die in den USA, Israel und Großbritannien für das gleichlautende Problem gefunden worden sind. Im Anschluss wird die Herstellung von Vertrauen zwischen den beteiligten Akteuren als größte Herausforderung für eine effiziente Zusammenarbeit näher beleuchtet.]
Volume
45
Journal Pages
239–243
ISSN (Online)
1862-2607
ISSN (Print)
1614-0702