Proposing new EU legislation to bridge the existing gap between current European cybersecurity legislation and enterprise cybersecurity

Show simple item record

dc.contributor Helsingin yliopisto, Oikeustieteellinen tiedekunta fi
dc.contributor University of Helsinki, Faculty of Law en
dc.contributor Helsingfors universitet, Juridiska fakulteten sv
dc.contributor.author Nuorti, Viivi
dc.date.issued 2016
dc.identifier.uri URN:NBN:fi:hulib-202110123878
dc.identifier.uri http://hdl.handle.net/10138/335240
dc.description.abstract This thesis proposes new EU legislation to bridge the gap between current European cybersecurity regulation and enterprise operational technologies. Considering the fast development and expansion of technologies within our society, our legal thinking and the adoption of protective measures in the form of new EU legislation is paramount, if not critical, in order to sufficiently protect the operations and undisrupted contingency of critical infrastructure’s enterprises, our digital service providers, and the services provided by our essential operators. The EU Cybersecurity Act, Network and Information Security Directive, the proposed revised NIS2 Directive, and the European Union Agency for Cybersecurity (ENISA) are the foundation of tomorrow’s digitized and secure Europe. However, they exclude the technologies closest to the core manufacturing and service-production of an enterprise: the operational technologies solutions. The main questions of this thesis were whether a sufficient layer of mandated cybersecurity protection for connected enterprises and digital infrastructure exists, how small operational technologies solution vendors and digital service providers could be required to take responsibility for the cybersecurity of their solutions, and why does the proposed legally required framework for operational technologies matter. The legal and technical analysis concludes that the principle of security by design is not widely adopted within modern digitized enterprises, which sets a poor basis for the Single Digital Market. Currently, the burden of executing a well-managed enterprise security office lies on the shoulders of the enterprise’s CIO and CISO officers. IT leaders lack a steering certification framework that sufficiently covers the complete IT environment with security principles and actionable requirements. This thesis proposes that operational technologies are included in the next scope of the next revision of EU cybersecurity legislation. The elements of the proposed framework would help in protecting European connected enterprises, and to support EU in achieving high-level cybersecurity cooperation and protection within the European Digital Market. This thesis could be utilized in the drafting of the candidate cybersecurity certification scheme EUCC. The aimed readership includes EU’s legislators, and executives that work with enterprise technologies, digital infrastructure, and cloud-native technologies. en
dc.language.iso eng
dc.publisher Helsingin yliopisto fi
dc.publisher University of Helsinki en
dc.publisher Helsingfors universitet sv
dc.subject cybersecurity legislation
dc.subject operational technologies
dc.subject enterprise technologies
dc.subject digital infrastructure
dc.title Proposing new EU legislation to bridge the existing gap between current European cybersecurity legislation and enterprise cybersecurity en
dc.title.alternative Uuden EU-lainsäädännön ehdottaminen nykyisen EU kyberturvallisuuslainsäädännön ja yritysten turvallisuuden välisen kuilun umpeen kuromiseksi fi
dc.type.ontasot pro gradu -tutkielmat fi
dc.type.ontasot master's thesis en
dc.type.ontasot pro gradu-avhandlingar sv
dct.identifier.urn URN:NBN:fi:hulib-202110123878
dc.subject.specialization Oikeustaloustiede fi
dc.subject.specialization Law and Economics en
dc.subject.specialization Rättsekonomi sv
dc.subject.degreeprogram Kansainvälisen liikejuridiikan maisteriohjelma (International Business Law) fi
dc.subject.degreeprogram Master's Programme in International Business Law en
dc.subject.degreeprogram Magisterprogrammet i internationell affärsjuridik sv

Files in this item

Total number of downloads: Loading...

Files Size Format View
Nuorti_Viivi_Pr ... se cyber security_2021.pdf 628.0Kb PDF View/Open

This item appears in the following Collection(s)

Show simple item record