With the new Dutch International Cybersecurity Strategy for 2023-2028, the government of the Netherlands demonstrates responsibility and agency in the face of continuous cyber threats posed by states and criminals. It aspires to keep democratic and human rights and norms top of mind and seeks to preserve a globally open, free and secure internet. The strategy makes clear the government’s …
Countering Cyber Mercenaries
The EU and its member states face a human rights and security crisis due to the use of cyber mercenaries, private entities that sell offensive cyber capabilities to governments. The Paris Peace Forum, the Paris Call for Trust and Security in Cyberspace, and a Franco-British initiative are some of the platforms that have proposed concrete actions and guidance for industry, …
Africa’s Cybersecurity Treaty Enters into Force
The Malabo Convention has now entered into force. But with ratifications from only 15 of 55 AU member states – and none yet from any of Africa’s power countries, such as Egypt, Algeria, Nigeria, South Africa, Kenya, Morocco or Ethiopia – will the Convention be accorded the regional and international validation needed to become a viable instrument for regulating cybersecurity …
Why EU Cyber Policy Should Become Feminist
The EU’s cyber policy and strategy has developed essential relevance to the EU’s security environment. This was highlighted in 2022’s Strategic Compass, which emphasises the importance of cybersecurity. In the grey zone between peace and armed conflict, state and non-state actors use cyber operations for espionage, ransom or sabotage. The 2022 ENISA Threat Landscape found a massive increase in cyberattacks …
Coordinated Vulnerability Disclosure: A Quick Win for Cyber Norms and Software Security
In 2015, UN member states committed themselves to fostering software supply chain security. But the issue has since been neglected in international forums, even as software supply chain compromises have severely impacted individuals, companies and societies. To begin to close this implementation gap, diplomatic action should focus on global promotion of processes of coordinated vulnerability disclosure (CVD). This would both …
South Korea’s Indo-Pacific Strategy Promotes Cyber Cooperation
The South Korean government announced the Indo-Pacific Strategy of Freedom, Peace and Prosperity in December last year. This strategy pursues economic cooperation and prosperity in infrastructure, trade and supply chains, and focuses on cooperation and solidarity based on openness and inclusion, not competition. It’s encouraging that the strategy directly refers to supporting cyber capabilities, expanding official development assistance (ODA) and …
A Cybersecurity Strategy for the 21st Century
The Biden Administration’s ambitious new National Cybersecurity Strategy will significantly improve cyber defence. Written for cyberspace as it exists and operates now, it abandons the previous emphasis on deterrence, which has not worked, and focuses on resilience and regulation. It also shifts important security responsibilities to developers and providers of IT services and products, and creates new opportunities for close …
Striking the Right Balance: A Commentary on the Fourth Substantive Session of the OEWG on ICTs
The recent meeting of the OEWG on ICTs in New York was held amidst a climate of significant global cyber threats and geopolitical tensions. The meeting was successful in terms of attracting a high number of new proposals and broad participation from member states, which is particularly valuable in the current climate of multilateral uncertainty. However, the OEWG faces the …
Disrupting Ransomware
Governments around the world are making significant progress in disrupting and deterring cyber criminals from launching ransomware schemes, but far more is needed to properly address this evolving problem. It’s been nearly a decade since the United States Department of Justice indicted notorious Russian cyber criminal Evgeniy Bogachev for masterminding the notorious GameOverZeus malware scheme. By conservative estimates, Bogachev’s Business …
International Cooperation and Cybersecurity in Africa
International cooperation efforts have increasingly focused on cybersecurity in Africa. Despite the diversity of these initiatives, Africa has yet to prioritise cybersecurity. Without coordination and accountability, divergent cybersecurity visions and models may instead derail Africa’s cybersecurity development. Africa, cooperation and cybersecurity In March 2022, the First African Cybersecurity Summit was held in Lomé, Togo. A core purpose of the Summit …