(CYBER)SECURITY IN AN INTERCONNECTED INTERNATIONAL COMMUNITY
As early as 1758, Emer de Vattel, one of the most prominent international lawyers, crafted an eloquent definition of what the right to security entails. In his treatise on the law of nations, he argued that “[e]very nation, as well as every man, has (…) a right to prevent other nations from obstructing her preservation, her perfection, and happiness, – that is, to preserve herself from all injuries”. Almost three centuries later this definition still holds true in a world shaped by globalisation, growing uncertainty and emergence of new risks rocking the foundations of the international community.
While the main tenets of what constitutes ‘security’ have remained largely the same since Vattel's treatise, the complexity of global governance, scientific and technological developments have engendered new dimensions in the notion of security. A recent example is the growing importance of (cyber)security. The International Telecommunication Union (‘ITU’) defines cybersecurity as the “collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user's assets”. Cybersecurity aims to “ensure the attainment and maintenance of the security properties of the organization and user's assets against relevant security risks in the cyber environment”.
As the off spring of information and communication technologies (‘ICTs’), cybersecurity has been recognised as a tangible issue by the international community. This has occurred against the background of globally interconnected users, devices and systems of systems, particularly in the realm of critical infrastructures, such as systems used for generation, distribution and transmission of energy, banking and financial services, public health and food, and transport. Their interconnectedness through the cyber environment has led to the emergence of cyber-physical systems. These systems could be described as “hybrid systems of interacting digital, analogue, physical, and human components in systems engineered for function through integrated physics and logic.” These cyber-physical systems are no longer based on isolated but rather on open and interconnected technical architectures. This creates new attack vectors for unlawful interference, a problem which is particularly manifest in safety-critical domains, such as international civil aviation.