Ambiguous Definitions in the Cyber Domain: Costs, Risks and the Way Forward
The modern-day importance of the cyber/Information and Communication Technology (ICT) sector rests upon various considerations: it is at the basis of most of the critical infrastructures of modern societies, and can be both the direct object of attacks or incidents on Critical Information Infrastructures (CIIs) and the means of striking indirectly at the critical infrastructures whose own operations are based on it (i.e., transport networks, energy and water distribution networks, nuclear plants and banking and financial systems). This paper aims at showing that the existence of problems of definitions, and above all of their harmonisation, brings inefficiencies to various aspects of the management of the cyber sector, in particular normative production, countermeasures and law enforcement. As a way forward, it suggests some proposals for improvement at the European, transatlantic and international levels.
1. Terminological variety and semantic ambiguity: European and US strategies compared
2. Risks and criticality of semantic ambiguities
3. A way forward