Publication database

The chapter summarises the current state of the application of international law to cyberspace and reviews attempts to find consensus among the community of states. While virtually all states agree that international law applies to state conduct in cyberspace, the 'how' remains a hotly contested issue. The chapter focuses on the prohibition of the use of force, the prohibition of intervention, and the principle of sovereignty and assesses their legal status vis-à-vis cyber operations. It follows a brief treatment of further international efforts to increase transnational cybersecurity, such as internet governance and arms control treaties.

Dieses Kapitels im Praxishandbuch "IT-Sicherheitsrecht" analysiert Verfahren zur Messung, Prüfung und dem Nachweis von IT-Sicherheit zur Erfüllung von rechtlichen Anforderungen. Zunächst gibt das Kapitel einen Überblick über Prüf-, Bewertungs- und Nachweisverfahren, sowie rechtliche Grundlagen und Zuständigkeiten im IT-Sicherheitsrecht. Anschließend unterscheidet es systematisch zwischen unterschiedlichen Prüf- und Bewertungsebenen bzw. -gegenständen im Sinne der Sicherheit von IT-Systemen in Institutionen und der IT-Sicherheit von Software und Hardware. Im zweiten Abschnitt erläutert es die Messung, Prüfung und den Nachweis von IT-Sicherheit in Institutionen, fasst die einschlägigen Standards für Systeme zum Management von Informationssicherheit zusammen, benennt Methoden zur Messung von IT-Sicherheit innerhalb von Risikoanalysen und erläutert Audits und Zertifizierungen und zeigt anschließend, in welchen Bereichen des IT-Sicherheitsrechts diese Methoden verlangt werden. Der dritte Teil widmet sich der Messung, Prüfung und dem Nachweis von IT-Sicherheit von Software und Hardware, einschließlich IT-Produkten, -Diensten und -Prozessen. Er bietet eine Übersicht über Kriterien zur Messung, Evaluation und Prüfung von Software und Hardware und über Zertifizierungsverfahren. Darauf aufbauend erläutert der Abschnitt, wie diese Verfahren bei der Prüfung und Zertifizierung von IT-Produkten, -Diensten und -Prozessen im allgemeinen und fachspezifischen IT-Sicherheitsrecht zum Einsatz kommen. Ein kurzer abschließender Abschnitt zeigt die Grenzen der bestehenden Ansätze und zukünftige Herausforderungen auf.

How are team dynamics affected by our evermore global and virtualized business context? An innovative game created at ESMT Berlin pits business leaders against fictional hackers to find out.

We examine how groups fall prey to the sequence effect when they make choices based on informed assessments of complex situations; for example, when evaluating research and development (R&D) projects. The core argument is that the temporal sequence of selection matters because projects that appear in a sequence following a funded project are themselves less likely to receive funding. Building on the idea that selecting R&D projects is a demanding process that drains participants’ mental and emotional resources, we further theorize the moderating effect of the influence of the timing of the panel meeting on the sequence effect. We test these conjectures using a randomization in sequence order from several rounds of R&D project selection at a leading professional service firm. We find robust support for the existence of a sequence effect in R&D as well as for the moderating effect. We further explore different explanations for the sequence effect and how it passes from the individual to the panel. These findings have broader implications for the literatures on innovation and search in general and on group decision-making for R&D, specifically, as they suggest that a previously overlooked dimension affects selection outcomes.

We explore how gamification can be used to help leaders to lead global virtual teams.

Scholarly work seeking to understand academics’ commercial activities often draws on abstract notions of the academic reward system and of the representative scientist. Few scholars have examined whether and how scientists’ motives to engage in commercial activities differ across fields. Similarly, efforts to understand academics’ choices have focused on three self-interested motives – recognition, challenge, and money – ignoring the potential role of the desire to have an impact on others. Using panel data for a national sample of over 2,000 academics employed at U.S. institutions, we examine how the four motives are related to commercial activity, measured by patenting. We find that all four motives are correlated with patenting, but these relationships differ systematically between the life sciences, physical sciences, and engineering. These field differences are consistent with differences across fields in the rewards from commercial activities, as well as in the degree of overlap between traditional and commercializable research, which affects the opportunity costs of time spent away from “traditional” work. We discuss potential implications for policy makers, administrators, and managers as well as for future research on the scientific enterprise.

© 2020, INFORMS

Recent work argued that researchers conceptualize ‘social ties’ in four fundamentally different ways –as socially constructed role relations such as friendship or co-authorship; sentiments such as liking or hatred; interactions such as communication or sex; and access to resources or opportunities. We consider where ties (and non-ties) are likely to correspond across these four concepts, and thus assess where we may apply theories based on one network concept (e.g., sentiment ties of liking and disliking) to data representing another (e.g., interaction as logs of phone calls). Then we discuss empirical lenses emerging from computational social science, such as location-aware devices, electronic calendars, wearable sensors, records of electronic messages, phone calls, or online transactions. We ask how these time-stamped event series correspond to the conventional network concepts above and call for a new analytical approach: Directly theorizing and analyzing the structural-temporal interdependencies of interaction events redirects our attention from structural patterns to social processes.

The article deals with necessity as one of the circumstances precluding wrongfulness under customary international law and how it will likely gain relevance in view of the difficulty to quickly attribute malicious cyber operations that threaten important assets of a state. While the necessity doctrine seems fit for purpose, it lacks granularity and is problematic from an international rule-of-law point of view. Taking these pitfalls into account, the article proposes some general principles for a possible special emergency regime for cyberspace.