Browsing by study line "Oikeustaloustiede"
Now showing items 1-2 of 2
-
(2016)This thesis proposes new EU legislation to bridge the gap between current European cybersecurity regulation and enterprise operational technologies. Considering the fast development and expansion of technologies within our society, our legal thinking and the adoption of protective measures in the form of new EU legislation is paramount, if not critical, in order to sufficiently protect the operations and undisrupted contingency of critical infrastructure’s enterprises, our digital service providers, and the services provided by our essential operators. The EU Cybersecurity Act, Network and Information Security Directive, the proposed revised NIS2 Directive, and the European Union Agency for Cybersecurity (ENISA) are the foundation of tomorrow’s digitized and secure Europe. However, they exclude the technologies closest to the core manufacturing and service-production of an enterprise: the operational technologies solutions. The main questions of this thesis were whether a sufficient layer of mandated cybersecurity protection for connected enterprises and digital infrastructure exists, how small operational technologies solution vendors and digital service providers could be required to take responsibility for the cybersecurity of their solutions, and why does the proposed legally required framework for operational technologies matter. The legal and technical analysis concludes that the principle of security by design is not widely adopted within modern digitized enterprises, which sets a poor basis for the Single Digital Market. Currently, the burden of executing a well-managed enterprise security office lies on the shoulders of the enterprise’s CIO and CISO officers. IT leaders lack a steering certification framework that sufficiently covers the complete IT environment with security principles and actionable requirements. This thesis proposes that operational technologies are included in the next scope of the next revision of EU cybersecurity legislation. The elements of the proposed framework would help in protecting European connected enterprises, and to support EU in achieving high-level cybersecurity cooperation and protection within the European Digital Market. This thesis could be utilized in the drafting of the candidate cybersecurity certification scheme EUCC. The aimed readership includes EU’s legislators, and executives that work with enterprise technologies, digital infrastructure, and cloud-native technologies.
-
(2021)The African start-up scene has been rapidly developing in recent years and respected Silicon Valley VC firms and large tech companies are moving in on the market which could be regarded as a signal of opportunity. Yet a single investment is to be made by a Finnish VC firm into an African start-up. The democratizing effect of technology and internet accessibility has led to the growth of innovation and disruption on the continent with the three selected jurisdictions for the thesis South Africa, Nigeria and Kenya leading the charge. Focusing on the three countries enables more a pragmatic analysis and thus applicable solutions. Analysing three different ecosystems also showcases the heterogeneity of the continent’s opportunities for VC firms. The objective of the thesis is to establish the main blockers for Finnish VC firms when weighing the option of investing in Africa and then provide solutions to overcome the obstacles whilst taking a form of a roadmap to also show the process of investing in Africa and its peculiarities. Because of the specificity and novelty of the subject matter, there is very little research specific to the objective to build on. To paint a picture of the different ecosystems’ comparative legal analysis and market analysis was utilized. The obstacles were identified through thematically analysed qualitative interviews with Finnish VC firms. The solutions to these obstacles were built on qualitative interviews with individuals that have experience from the African start-up scene. Four obstacles rose above the rest in prevalence: mandates, being geographically far from founders, local expertise & networks and corporate governance & unknown risks. Based on the four obstacles a prescription of four actions that enable a Finnish VC firm to invest in Africa was developed: 1. Cannot be focused on early stage start-ups. 2. Needs to find a local co-investor. 3. Cannot have a mandate blocking Africa as an investment option. 4. Is a specialized fund. By adhering to these four “rules” a Finnish VC firm can venture to Africa with confidence.
Now showing items 1-2 of 2