Periodic Reporting for period 2 - CANVAS (Constructing an Alliance for Value-driven Cybersecurity)
Reporting period: 2018-03-01 to 2019-10-31
CANVAS is the first European project that provides an integrative view on the ethical and regulatory issues of cybersecurity. CANVAS unified technology developers and service providers with legal and ethical scholars and social scientists to approach the challenge of aligning cybersecurity with European values and fundamental rights. Running from September 2016 to October 2019, the project brought together stakeholders from key areas of the European Digital Agenda – the health system, business/finance, and law enforcement/national security – for discussing challenges and solutions at the junction of cybersecurity and ethics. A special focus of CANVAS was on raising awareness of the ethics of cybersecurity through teaching and training in academia and industry.
Using a three-step process, the Coordination and Support Action CANVAS aims to:
1. Structured existing knowledge in ethics, law, empirical and technological research related to cybersecurity with a particular focus on three reference domains of application (health, business, police/national security) and by involving insights gained in previous EU projects.
2. Designed a network for exchanging knowledge and generating insights across domains using several procedures, among others 10 workshops and a summarizing conference.
3. Disseminate the insights gained in three main output deliverables: briefing packages for policy stakeholders, a reference curriculum for value-driven cybersecurity and a Massive Open Online Course (MOOC).
Using a three-step process, the Coordination and Support Action CANVAS aims to:
1. Structured existing knowledge in ethics, law, empirical and technological research related to cybersecurity with a particular focus on three reference domains of application (health, business, police/national security) and by involving insights gained in previous EU projects.
2. Designed a network for exchanging knowledge and generating insights across domains using several procedures, among others 10 workshops and a summarizing conference.
3. Disseminate the insights gained in three main output deliverables: briefing packages for policy stakeholders, a reference curriculum for value-driven cybersecurity and a Massive Open Online Course (MOOC).
The results of CANVAS target primarily three groups critical for promoting a secure and innovative ecosystem fostering the production of cybersecurity technologies and services aligned with European values. For each group, a Deliverable has been prepared. For policy makers, briefing packages have been produced, which summarize the main findings of CANVAS. For academic teachers and industry experts, a reference curriculum has been generated that outlines how ethical and legal issues related to cybersecurity can be implemented in the training of cybersecurity experts. Students in ICT or related fields can learn about these issues in a Massive Open Online Course.
An important outcome from the White Paper is the open access book “The Ethics of Cybersecurity” (edited by Markus Christen, Bert Gordijn and Michele Loi) that will appear early 2020 at Springer in the International Library of Ethics, Law and Technology. The book discusses the full plethora of ethical aspects of cybersecurity and has a strong practical focus, including case studies that outline ethical dilemmas in cybersecurity and guidelines and other measures to tackle those dilemmas. The book is freely available for everybody (also on the CANVAS website). It forms an integrative part of the CANVAS reference curriculum.
The impact of alliance building can be estimated by referring to the number of experts and size of audience of the CANVAS events as follows:
- In total, the 10 workshops organized as well as the final conference gathered together around 150 speakers (some were present at more than one event) and had an audience of 670 persons. Based on the speakers, we created a publicly available expert pool on our CANVAS website that includes 87 contacts. We believe that this expert pool is a valuable resource for follow-up activities, as there does not exist yet a comprehensive list of non-technical cybersecurity experts.
- All mentioned above, all four EU Pilot Projects for the European Cybersecurity Competence Network have been approached for presenting the CANVAS results. Several personal contacts have been established that ensure that the knowledge gained in CANVAS will be re-used in those networks. CANVAS members also have been involved in teaching activities of the competence networks (e.g. for the 2019 IFIP Summer School Privacy and Identity Management in August 19-23).
- In the final dissemination month, CANVAS consortium members organized eight events ranging from a very small audience (e.g. workshop in Lausanne with the newly founded Cyber Defence Campus of the Swiss Armed Forces to explore future teaching activities) to a very large audience (talk at UBAM with an audience of >800).
An important outcome from the White Paper is the open access book “The Ethics of Cybersecurity” (edited by Markus Christen, Bert Gordijn and Michele Loi) that will appear early 2020 at Springer in the International Library of Ethics, Law and Technology. The book discusses the full plethora of ethical aspects of cybersecurity and has a strong practical focus, including case studies that outline ethical dilemmas in cybersecurity and guidelines and other measures to tackle those dilemmas. The book is freely available for everybody (also on the CANVAS website). It forms an integrative part of the CANVAS reference curriculum.
The impact of alliance building can be estimated by referring to the number of experts and size of audience of the CANVAS events as follows:
- In total, the 10 workshops organized as well as the final conference gathered together around 150 speakers (some were present at more than one event) and had an audience of 670 persons. Based on the speakers, we created a publicly available expert pool on our CANVAS website that includes 87 contacts. We believe that this expert pool is a valuable resource for follow-up activities, as there does not exist yet a comprehensive list of non-technical cybersecurity experts.
- All mentioned above, all four EU Pilot Projects for the European Cybersecurity Competence Network have been approached for presenting the CANVAS results. Several personal contacts have been established that ensure that the knowledge gained in CANVAS will be re-used in those networks. CANVAS members also have been involved in teaching activities of the competence networks (e.g. for the 2019 IFIP Summer School Privacy and Identity Management in August 19-23).
- In the final dissemination month, CANVAS consortium members organized eight events ranging from a very small audience (e.g. workshop in Lausanne with the newly founded Cyber Defence Campus of the Swiss Armed Forces to explore future teaching activities) to a very large audience (talk at UBAM with an audience of >800).
The project has identified several gaps with respect to ethical research and European cybersecurity regulation that need to be addressed by future research and innovation. In 14 workshops, CANVAS has brought together several dozens of cybersecurity experts with a particular focus on non-technical aspects. This pool of experts provides a foundation for future projects that want to focus on responsible research and innovation in cybersecurity. Through its teaching material, CANVAS equips the future generations of cybersecurity experts with basic insights and knowledge on ways to tackle ethical and legal dilemmas in cybersecurity.