Connections

Though Ukraine was among the first successor states of the Soviet Union to create a legal framework for the activities of its intelligence and security community, said framework addressed inherited and unreformed structures. Subsequent reform plans have not led to the success desired by Ukraine’s international partners and, we must assume, a majority of the Ukrainian voters and taxpayers. Among the reform demands is also the credible subordination to parliamentary oversight, which, though stipulated by law, has effectively been neutralized by reference to subordination to the President in the same law. Who would want to be controlled by an ever-undecided parliament if a personalized oversight by the President and the expert committee of the National Security and Defence Council is the possible alternative? As a consequence, the Security Service of Ukraine (SSU) remains subject to much criticism – for the corruption of some of its representatives, for overlapping mandates with other security institutions, and for lack of control other than by itself and the changing presidents and their administrations.

The classic types of national security services are external and internal intelligence services, as well as integrated, internal, and external intelligence organizations. From a professional perspective, external and internal intelligence cannot be interpreted as entirely independent. Some theoretical schools consider internal intelligence (counterintelligence) part of intelligence; others attribute a significant distinction between internal and external intelligence. Regarding the number of national security services, two trends are observed in countries comparable to Hungary in the last decade. One is the increase in the number of services reflecting the increasing number and complexity of tasks and threats; the other is the decrease in the number of services through the integration of existing organizations, usually due to financial reasons.

In Hungary, military internal and external intelligence were merged in 2012, establishing an integrated organization, the Military National Security Service (MNSS). Although an impact assessment did not precede the merger, the official evaluation of the Court of Auditors in January 2014 stated that the creation of NMSS resulted in savings in public money and this new organizational form ensured the better implementation of unchanged tasks.

This article briefly presents the current political situation in Hungary, the Hungarian secret services, the development of the Hungarian Defence Forces in the past decade, the reasons for reforming the special military services, the periods, the aims, and the results of the integration process. It provides general and specific conclusions and lessons learned from military intelligence services reform in Hungary.

Since 1989, the Polish intelligence sector has been undergoing a democratic transformation which has turned into a continuous institutional change. In the process, the old communist services were abolished and new ones established in parallel with setting up executive and legislative oversight structures. But while the intelligence institutions and the oversight structures, on the whole, meet democratic standards and do not appear to threaten the constitutional system or citizens’ rights in any systemic way, the more recent developments in the sector demonstrate that democracy in Poland has not in fact been consolidated. The state proved incapable of forming any dependable and effective model of control over the security sector in the sense of exercising both political guidance and democratic oversight. The intelligence services and some security institutions continue to enhance their prerogatives in the realm of covert operations, democratic control mechanisms are not sufficiently effective, and the issues of the communist past continue to be a disruptive factor. Under the circumstances, it is hard to single out good practices; rather, one should speak of lessons learned.

In its Global Strategy for foreign and security policy, the EU applies resilience as a comprehensive concept of internal and external security. In parallel, at the 2016 Summit in Warsaw, Allied leaders decided to boost NATO’s resilience to the full spectrum of threats. Each NATO member needs to be resilient to a major shock caused by a natural disaster, failure of critical infrastructure, a hybrid or an armed attack. Hybrid warfare, including cyberattacks, is recognized as a significant security challenge.

The National Security Strategy of Hungary, adopted in 2020, confirms that the primary international framework of Hungary's security and defense policy is NATO and EU membership and highlights the need to enhance the country’s resilience against hybrid attacks. This article provides analysis of the application of the concept of resilience in the Hungarian defense sector and introduces the resilience development of the Hungarian Defence Forces against hybrid threats, including their cyber component, while generating options for the decision-makers regarding the military and information instruments of national power. The author identifies potential hybrid threats against Hungary, a possible cyberattack scenario, and lines of effort to achieve a feasible level of resilience to such threats. He takes account of the political and military environment, as well as wider national issues in view of hybrid threats and main features and dilemmas of cyber warfare, thus aiming to facilitate the application of the concept of resilience in Hungary.

This article provides an overview of maturity levels and assessment methodologies for the evaluation of cybersecurity and resilience in relation to their applicability and usefulness at sectoral and national levels. Reference maturity models and assessment frameworks, such as CERT Resilience Management Model, Cybersecurity Capacity Maturity Model for Nations, C2M2 (Cybersecurity Capability Maturity Model) are compared and analyzed for their applicability in designing and implementing national cybersecurity strategies and programs to achieve cyber resilience. Cyber readiness indexes are also outlined in view of their use to indicate possible improvements. The author explores the development of national cybersecurity strategies with focus on cyber maturity and provides examples. A maturity-based approach for the Bulgarian cyber resilience roadmap is also described within the context of the evolving cyber-empowered hybrid threats and the need for an institutionalized collaborative public-private resilience.

The concept of resilience has roots in many disciplines, making the pursuit of a unified theory very attractive but also very difficult. Yet this has not stopped scholars and politicians from attempting to claim resilience as their flagship concept and build a canon for the 21st century around it. This tendency to reduce or totalize resilience has spawned a host of taxonomies, each seeking to offer the final word on the definitional debate. I argue that this desire to create a unified theory of resilience misapplies the concept, ignores the dynamics of its emergence and the polysemic nature of its use in theory, policy and practice. This malleability makes resilience at once both a very attractive logic for dealing with uncertainty and a dangerous pathway towards embedding untempered algorithmic systems of coercive prediction into the governance of everyday life. In understanding the emergence of the resilience concept, one must appreciate both the positive and negative potential of this flexible and adaptive notion. I close by suggesting that resilience has gained such traction in recent years in no small part because it represents a shift in the onto-politics of our time, but that we must be careful about which type of resilience gets enacted.