Hybrid warfare, a complex strategy blending conventional military tactics with cyber, political, and economic pressures, poses a significant challenge to global security. Private entities, particularly those overseeing critical infrastructure (CI) and critical information infrastructure (CII), such as energy and telecommunications, have become both prime targets and essential defenders against such threats. Adversaries increasingly aim to exploit vulnerabilities within private sectors …
A Calm Before the Storm?
The eighth session of the United Nations Open-Ended Working Group on security of and in the use of information and communications technologies (OEWG) started with a promise to move the needle on key areas. Although the third annual progress report was agreed upon with relative ease, the Group remains soul-searching for the future format and focus of the regular institutional …
United Nations OEWG on ICT Security
The United Nations Open-Ended Working Group on the security of and in the use of information and communications technologies (OEWG) concluded its seventh substantive session in early March. Delegations gathered in New York to discuss proposals to advance the framework of responsible behaviour in light of present and emerging cyber threats and the needed capacity-building efforts. With the group’s mandate expiring …
Striking a balance: A review of Australia’s Cyber Security Strategy 2023-30
Over the past several years, Australia has undergone a cyber security reckoning. Several high-profile breaches impacting millions of citizens has propelled cyber security into the public consciousness, with regional tensions heightening government fears in relation to state-based attacks on critical infrastructure. In response to these threats, in November 2023, the Australian Government released the 2023-30 Australian Cyber Security Strategy, which …
Ahead of the Threat(s)?
With the new Dutch International Cybersecurity Strategy for 2023-2028, the government of the Netherlands demonstrates responsibility and agency in the face of continuous cyber threats posed by states and criminals. It aspires to keep democratic and human rights and norms top of mind and seeks to preserve a globally open, free and secure internet. The strategy makes clear the government’s …
Africa’s Cybersecurity Treaty Enters into Force
The Malabo Convention has now entered into force. But with ratifications from only 15 of 55 AU member states – and none yet from any of Africa’s power countries, such as Egypt, Algeria, Nigeria, South Africa, Kenya, Morocco or Ethiopia – will the Convention be accorded the regional and international validation needed to become a viable instrument for regulating cybersecurity …
Upping the Ante on EU Cyber Defence: What Should we Expect from our Capitals?
The obvious importance of cyber defence – often the poor cousin of all things cyber – is becoming clearer and more entrenched, with growing high-level EU ambitions. The recent release of the EU cyber defence policy in late 2022 marks a milestone for the EU’s cyber defence policy framework insofar as its ambitions indicate the aspirational direction of travel for …
A Cybersecurity Strategy for the 21st Century
The Biden Administration’s ambitious new National Cybersecurity Strategy will significantly improve cyber defence. Written for cyberspace as it exists and operates now, it abandons the previous emphasis on deterrence, which has not worked, and focuses on resilience and regulation. It also shifts important security responsibilities to developers and providers of IT services and products, and creates new opportunities for close …
Striking the Right Balance: A Commentary on the Fourth Substantive Session of the OEWG on ICTs
The recent meeting of the OEWG on ICTs in New York was held amidst a climate of significant global cyber threats and geopolitical tensions. The meeting was successful in terms of attracting a high number of new proposals and broad participation from member states, which is particularly valuable in the current climate of multilateral uncertainty. However, the OEWG faces the …
Disrupting Ransomware
Governments around the world are making significant progress in disrupting and deterring cyber criminals from launching ransomware schemes, but far more is needed to properly address this evolving problem. It’s been nearly a decade since the United States Department of Justice indicted notorious Russian cyber criminal Evgeniy Bogachev for masterminding the notorious GameOverZeus malware scheme. By conservative estimates, Bogachev’s Business …