View Post

Cybersecurity Cooperation in the Indian Ocean

Asela Waidyalankara Commentary

Formal and informal regional organisations play an increasing role in shaping global debates about cybersecurity. Although countries in the Indo-Pacific region have varied levels of cyber maturity, they share similar cybersecurity challenges and needs. It is not surprising, therefore, that existing cooperation platforms – like the Colombo Security Conclave – increasingly also include a cybersecurity dimension. India’s role in this …

View Post

A Path to Progress at the UN Cybersecurity Forum

Alexandra Paulus Opinions

Cybersecurity is a matter of international security. Recent incidents with implications for international security include ransomware operations conducted by groups with ties to a foreign government military intelligence service against Costa Rican government services and operations against the communication services used by the Ukrainian military conducted by Russian cyber threat actors. These developments make cyber diplomacy more relevant, but also …

View Post

The EU and Responsible Active Cyber Defence

Andreas Kuehn Opinions

A growing number of states are looking into active cyber defence operations to diversify their available responses to cyber incidents. In order to not only create guidelines for its member states but also to serve as a norm setter for this controversial policy issue, the EU must act now. Starting by defining active cyber defence for itself, the EU should …

View Post

The Political Economy of European Cybersecurity

Antonio Calcara Commentary

Public-private cooperation is often suggested as one response to an increasingly volatile digital security environment. But there has been little attention paid to how outcomes at the EU level are influenced by how such cooperation is organised in practice, what its drivers are and specific models of organising relations between the public and private sector. By making a distinction between …

View Post

Securing Critical Gas Infrastructure

Clemente Fuggini Commentary

Europe relies heavily on imported natural gas, and the Gas Critical Infrastructure (GCI) involved in transporting, storing and distributing it must be made secure and resilient to both physical and cyber threats. However, the complexity of the gas network – including its diversity of transportation lines, geographies crossed, and production and storage facilities – make it a challenging environment to …

View Post

Charting of National Attribution Policies

Mika Kerttunen Opinions

States’ drafting of explicit national attribution policies is anchored in the law of state responsibility in cyberspace. Such policies do not necessarily promote frequent (or any) attribution. Rather, they draw attention to the multifaceted aspects of attribution and the need for careful political consideration in making affirmative, deferring or negative attribution decisions. While actual content direction remains the prerogative of …

View Post

Net Politics in Africa

Nnenna Ifeanyi-Ajufo Commentary

African governments’ views on cybersecurity are not homogenous and actions that indicate ideals of “net nationalism” continue to emerge in parts of Africa. A politics of net nationalism utterly focused on individual governmental interests will imperil international cooperation, mutual legal assistance and the cross-border flow of information, and may derail international cybersecurity efforts, especially harmful to a region like Africa …

View Post

The EU’s Fragmented Cybersecurity Market

Clara Jammot Opinions

While the EU recognises the importance of cybersecurity policies, it continues to lag behind certain international counterparts in terms of creating a unified ecosystem and providing investment opportunities. One of the central problems hindering the EU is the fragmentation of its cybersecurity market, which impedes European cybersecurity companies from scaling up and forces them to look for alternative markets to …

View Post

German Cybersecurity Policy 2021-2025

Alexandra Paulus Commentary

The new German government will mean a shift for the country’s cybersecurity policy. The joint coalition agreement of the three ruling parties lays out their plans for the next four years and signals changes of course in areas like encryption policy and “hackbacks”. In other fields – particularly cyber diplomacy – the devil will be in the details. The country’s …

View Post

Rule of Law in Cyberspace

Mika Kerttunen Opinions

As Montesquieu advocated, the rule of law and separation of powers are necessary to protect citizens and individuals from arbitrary rule by the state. Intensified measures to secure cyberspace risk leading to expert and political decisionmaking being kept outside of public and political debate and scrutiny. Deliberate separation of state cyber agencies and functions strengthens the rule of law, transparency …