Cyber-attacks are among the most serious threats to the UK’s future security, a review of defence strategy has warned. The 2010 National Security Strategy (NSS) can be viewed as a statement that sets out the threats Britain will face in the next 5 to 20 years. The Strategic Defence and Security Review (SDSR) will line up how Britain achieves those ends, and the resources it will devote in doing so. Cyber attacks are classified as being a greater risk than organised crime, energy security and attacks on the UK by an overseas territory. A defensive Cyber Security Program will be set up to counter these types of threats perhaps mirroring the Comprehensive National Cybersecurity Initiative (CNCI) in the US. It is likely that cyber law will play a part in the re-invigorated approach to this area.
The cyberlaw competition project joins teams from different departments to enable academic and practical issues to be combined alongside looking at how students interact with other teams with different backgrounds and priorities. The teams with a background in cyber security are set up in “safe environment” created through virtualisation using Microsoft’s Virtual PC (alternatives can be used such as VMWare). This safe environment holds a number of tasks and once logged in anything is fair game to achieve the goals that have been set. The second group with the legal background outline the legal issues that arise and draft real life responses.
The legal side of the project uses situations taken from case law and sets up a number of scenarios incrementally increasing in complexity and difficulty. This simple to difficult transition allows the materials to be used in a number of contexts. This type of scenario based interdisciplinary competition is a way to foster innovation and educate students in a realistic setting. The project has been heavily influenced by the NetWars competitions hosted by the SANS institute where contenders show their skills in penetrating computer systems and defending them. The cyberlaw competition project adds an extra dimension by looking at the wide ranging legal aspects that are involved.
By exploring the crossover between cyber hacking and cyber law lawyers and cyber security professionals can hone their skills in a practical environment. It is extremely valuable to enable a lawyer to understand which types of litigation are infeasible due to extraterritorial complications alongside knowing what types of protocols can be put in place to prevent it occurring again or a cyber professional understanding that there are employment law issues when dealing with employee based cyber crime.