Research Portfolio Post #2: Mentor Meeting
On September 6th I met with my mentor, Eric Novotny, for 45 minutes to discuss my research interests and further expand my knowledge of the cyber field. I previously met with my mentor on August 22nd to introduce myself and to discuss the fields of research within the field of cyber security. During this first discussion, Professor Novotny explained how the issue of attribution is one aspect that is being discussed, explained and challenged within scholarly debates. Following our meeting he sent me some articles and research relating to this topic. This was the catalyst for my last post regarding my interest in cyber attribution.
In our second meeting, I explained to him some of the developing questions I am beginning to ask about this topic. In particular, I mentioned my queries about the proposals for International Institutions to regulate attribution. My mentor mentioned how some institutions such as the UN Human Rights Council are attempting to establish norms within cyber space but are largely not successful. I aim to understand what sort of methodologies scholars have utilized to frame their argument in regards to International Institutions. Professor Novotny also directed me to look into the Tallinn Manual 2.0 which codifies all of the international laws regarding cyber operations1. This manual will likely be an important point of reference for my research.
I also posed the question: “What is the most cutting-edge research happening in the cyber field?” Professor Novotny explained to me that the private sector has been very involved in cultivating cyber security measures. He mentioned that big service providers have recently gotten together to establish a code of conduct. We also talked about the Cyber Threat Alliance’s efforts to collect data on cyber hacks which they then turned over to the FBI. Based off our conversation, I think that the private sectors efforts to defend themselves offers another interesting path for further research. I would like to look into whether there has been discussion on the private sector’s involvement in cyber foreign affairs.
Lastly, we conversed about the recent General Data Protection Regulation law enacted in the European Union. I asked about how this regulation is blurring the lines of state sovereignty. Professor Novotny mentioned that because the GDPR is a still relatively new, the intricacies are still being ironed out, but I believe the GDPR and similar laws (potentially taken from the Tallinn Manual) offer an interesting puzzle to this field in that the laws can sometimes reach beyond the sovereign constituents.
Overall, Professor Novotny has helped me to identify paths for further research that will help me expand my foundation and lead me to uncover the puzzles that have not been researched. My next steps are to continue to gather articles on the various topics we discussed so that I can start thinking about different methods I will use to execute the research on the various puzzles I am beginning to see.
1Schmitt, Michael N. Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations. 2nd ed. Cambridge: Cambridge University Press, 2017.
It sounds like you had an informative and productive meeting, Hannah. Overall it sounds like you are on the right track, so just keep thinking about the suggestions from Prof. Novotny as you work on developing and refining your research puzzle, and keep reading and researching! I look forward to seeing how the project develops.