The South Korean government announced the Indo-Pacific Strategy of Freedom, Peace and Prosperity in December last year. This strategy pursues economic cooperation and prosperity in infrastructure, trade and supply chains, and focuses on cooperation and solidarity based on openness and inclusion, not competition. It’s encouraging that the strategy directly refers to supporting cyber capabilities, expanding official development assistance (ODA) and …
A Cybersecurity Strategy for the 21st Century
The Biden Administration’s ambitious new National Cybersecurity Strategy will significantly improve cyber defence. Written for cyberspace as it exists and operates now, it abandons the previous emphasis on deterrence, which has not worked, and focuses on resilience and regulation. It also shifts important security responsibilities to developers and providers of IT services and products, and creates new opportunities for close …
Striking the Right Balance: A Commentary on the Fourth Substantive Session of the OEWG on ICTs
The recent meeting of the OEWG on ICTs in New York was held amidst a climate of significant global cyber threats and geopolitical tensions. The meeting was successful in terms of attracting a high number of new proposals and broad participation from member states, which is particularly valuable in the current climate of multilateral uncertainty. However, the OEWG faces the …
Disrupting Ransomware
Governments around the world are making significant progress in disrupting and deterring cyber criminals from launching ransomware schemes, but far more is needed to properly address this evolving problem. It’s been nearly a decade since the United States Department of Justice indicted notorious Russian cyber criminal Evgeniy Bogachev for masterminding the notorious GameOverZeus malware scheme. By conservative estimates, Bogachev’s Business …
International Cooperation and Cybersecurity in Africa
International cooperation efforts have increasingly focused on cybersecurity in Africa. Despite the diversity of these initiatives, Africa has yet to prioritise cybersecurity. Without coordination and accountability, divergent cybersecurity visions and models may instead derail Africa’s cybersecurity development. Africa, cooperation and cybersecurity In March 2022, the First African Cybersecurity Summit was held in Lomé, Togo. A core purpose of the Summit …
Cybersecurity Cooperation in the Indian Ocean
Formal and informal regional organisations play an increasing role in shaping global debates about cybersecurity. Although countries in the Indo-Pacific region have varied levels of cyber maturity, they share similar cybersecurity challenges and needs. It is not surprising, therefore, that existing cooperation platforms – like the Colombo Security Conclave – increasingly also include a cybersecurity dimension. India’s role in this …
A Path to Progress at the UN Cybersecurity Forum
Cybersecurity is a matter of international security. Recent incidents with implications for international security include ransomware operations conducted by groups with ties to a foreign government military intelligence service against Costa Rican government services and operations against the communication services used by the Ukrainian military conducted by Russian cyber threat actors. These developments make cyber diplomacy more relevant, but also …
The EU and Responsible Active Cyber Defence
A growing number of states are looking into active cyber defence operations to diversify their available responses to cyber incidents. In order to not only create guidelines for its member states but also to serve as a norm setter for this controversial policy issue, the EU must act now. Starting by defining active cyber defence for itself, the EU should …
The Political Economy of European Cybersecurity
Public-private cooperation is often suggested as one response to an increasingly volatile digital security environment. But there has been little attention paid to how outcomes at the EU level are influenced by how such cooperation is organised in practice, what its drivers are and specific models of organising relations between the public and private sector. By making a distinction between …
Securing Critical Gas Infrastructure
Europe relies heavily on imported natural gas, and the Gas Critical Infrastructure (GCI) involved in transporting, storing and distributing it must be made secure and resilient to both physical and cyber threats. However, the complexity of the gas network – including its diversity of transportation lines, geographies crossed, and production and storage facilities – make it a challenging environment to …