View Post

United Nations OEWG on ICT Security

Pavlina Pavlova Commentary

The United Nations Open-Ended Working Group on the security of and in the use of information and communications technologies (OEWG) concluded its seventh substantive session in early March. Delegations gathered in New York to discuss proposals to advance the framework of responsible behaviour in light of present and emerging cyber threats and the needed capacity-building efforts. With the group’s mandate expiring …

View Post

Striking a balance: A review of Australia’s Cyber Security Strategy 2023-30

Anne-Louise Brown Commentary

Over the past several years, Australia has undergone a cyber security reckoning. Several high-profile breaches impacting millions of citizens has propelled cyber security into the public consciousness, with regional tensions heightening government fears in relation to state-based attacks on critical infrastructure. In response to these threats, in November 2023, the Australian Government released the 2023-30 Australian Cyber Security Strategy, which …

View Post

Ahead of the Threat(s)?

Parto Mirzaei Commentary

With the new Dutch International Cybersecurity Strategy for 2023-2028, the government of the Netherlands demonstrates responsibility and agency in the face of continuous cyber threats posed by states and criminals. It aspires to keep democratic and human rights and norms top of mind and seeks to preserve a globally open, free and secure internet. The strategy makes clear the government’s …

View Post

Africa’s Cybersecurity Treaty Enters into Force

Nnenna Ifeanyi-Ajufo Commentary

The Malabo Convention has now entered into force. But with ratifications from only 15 of 55 AU member states – and none yet from any of Africa’s power countries, such as Egypt, Algeria, Nigeria, South Africa, Kenya, Morocco or Ethiopia – will the Convention be accorded the regional and international validation needed to become a viable instrument for regulating cybersecurity …

View Post

Upping the Ante on EU Cyber Defence: What Should we Expect from our Capitals?

Caitriona Heinl Commentary

The obvious importance of cyber defence – often the poor cousin of all things cyber – is becoming clearer and more entrenched, with growing high-level EU ambitions. The recent release of the EU cyber defence policy in late 2022 marks a milestone for the EU’s cyber defence policy framework insofar as its ambitions indicate the aspirational direction of travel for …

View Post

A Cybersecurity Strategy for the 21st Century

James A. Lewis Commentary

The Biden Administration’s ambitious new National Cybersecurity Strategy will significantly improve cyber defence. Written for cyberspace as it exists and operates now, it abandons the previous emphasis on deterrence, which has not worked, and focuses on resilience and regulation. It also shifts important security responsibilities to developers and providers of IT services and products, and creates new opportunities for close …

View Post

Striking the Right Balance: A Commentary on the Fourth Substantive Session of the OEWG on ICTs

Allison Pytlak & Andrea Salvi Commentary

The recent meeting of the OEWG on ICTs in New York was held amidst a climate of significant global cyber threats and geopolitical tensions. The meeting was successful in terms of attracting a high number of new proposals and broad participation from member states, which is particularly valuable in the current climate of multilateral uncertainty. However, the OEWG faces the …

View Post

Disrupting Ransomware

David Hickton Commentary

Governments around the world are making significant progress in disrupting and deterring cyber criminals from launching ransomware schemes, but far more is needed to properly address this evolving problem. It’s been nearly a decade since the United States Department of Justice indicted notorious Russian cyber criminal Evgeniy Bogachev for masterminding the notorious GameOverZeus malware scheme. By conservative estimates, Bogachev’s Business …

View Post

Governance of Disruptive Technologies for International Peace and Security: Maturing Yet Nascent Military AI-cyber Policy Has Far to Go

Caitriona Heinl Commentary

There is not yet a comprehensive understanding of the future implications of Emerging and Disruptive Technologies (EDTs) like AI in civilian, military and intelligence applications. The precise nature of opportunities and risks relating to EDTs continues to be unpacked, and relevant national and international policies for international peace and security are still maturing. Like the first cyber strategies introduced globally …

View Post

Ukraine Cyber War One Year On: An International Law Case Study

Joanna Kulesza Commentary

Russia committed a grave violation of international law when it invaded Ukraine one year ago. Russia and Ukraine are at war, but are they also at cyber war? We have seamlessly passed the much-debated Article 51 UNC threshold and moved into a cyber warzone, where shelling of Ukrainian towns and villages is accompanied by cyberattacks on its allies’ critical infrastructure. …