View Post

Striking the Right Balance: A Commentary on the Fourth Substantive Session of the OEWG on ICTs

Allison Pytlak & Andrea Salvi Commentary

The recent meeting of the OEWG on ICTs in New York was held amidst a climate of significant global cyber threats and geopolitical tensions. The meeting was successful in terms of attracting a high number of new proposals and broad participation from member states, which is particularly valuable in the current climate of multilateral uncertainty. However, the OEWG faces the …

View Post

Disrupting Ransomware

David Hickton Commentary

Governments around the world are making significant progress in disrupting and deterring cyber criminals from launching ransomware schemes, but far more is needed to properly address this evolving problem. It’s been nearly a decade since the United States Department of Justice indicted notorious Russian cyber criminal Evgeniy Bogachev for masterminding the notorious GameOverZeus malware scheme. By conservative estimates, Bogachev’s Business …

View Post

International Cooperation and Cybersecurity in Africa

Nnenna Ifeanyi-Ajufo Commentary

International cooperation efforts have increasingly focused on cybersecurity in Africa. Despite the diversity of these initiatives, Africa has yet to prioritise cybersecurity. Without coordination and accountability, divergent cybersecurity visions and models may instead derail Africa’s cybersecurity development. Africa, cooperation and cybersecurity In March 2022, the First African Cybersecurity Summit was held in Lomé, Togo. A core purpose of the Summit …

View Post

Cybersecurity Cooperation in the Indian Ocean

Asela Waidyalankara Commentary

Formal and informal regional organisations play an increasing role in shaping global debates about cybersecurity. Although countries in the Indo-Pacific region have varied levels of cyber maturity, they share similar cybersecurity challenges and needs. It is not surprising, therefore, that existing cooperation platforms – like the Colombo Security Conclave – increasingly also include a cybersecurity dimension. India’s role in this …

View Post

A Path to Progress at the UN Cybersecurity Forum

Alexandra Paulus Opinions

Cybersecurity is a matter of international security. Recent incidents with implications for international security include ransomware operations conducted by groups with ties to a foreign government military intelligence service against Costa Rican government services and operations against the communication services used by the Ukrainian military conducted by Russian cyber threat actors. These developments make cyber diplomacy more relevant, but also …

View Post

The EU and Responsible Active Cyber Defence

Andreas Kuehn Opinions

A growing number of states are looking into active cyber defence operations to diversify their available responses to cyber incidents. In order to not only create guidelines for its member states but also to serve as a norm setter for this controversial policy issue, the EU must act now. Starting by defining active cyber defence for itself, the EU should …

View Post

The Political Economy of European Cybersecurity

Antonio Calcara Commentary

Public-private cooperation is often suggested as one response to an increasingly volatile digital security environment. But there has been little attention paid to how outcomes at the EU level are influenced by how such cooperation is organised in practice, what its drivers are and specific models of organising relations between the public and private sector. By making a distinction between …

View Post

Securing Critical Gas Infrastructure

Clemente Fuggini Commentary

Europe relies heavily on imported natural gas, and the Gas Critical Infrastructure (GCI) involved in transporting, storing and distributing it must be made secure and resilient to both physical and cyber threats. However, the complexity of the gas network – including its diversity of transportation lines, geographies crossed, and production and storage facilities – make it a challenging environment to …

View Post

Charting of National Attribution Policies

Mika Kerttunen Opinions

States’ drafting of explicit national attribution policies is anchored in the law of state responsibility in cyberspace. Such policies do not necessarily promote frequent (or any) attribution. Rather, they draw attention to the multifaceted aspects of attribution and the need for careful political consideration in making affirmative, deferring or negative attribution decisions. While actual content direction remains the prerogative of …

View Post

Net Politics in Africa

Nnenna Ifeanyi-Ajufo Commentary

African governments’ views on cybersecurity are not homogenous and actions that indicate ideals of “net nationalism” continue to emerge in parts of Africa. A politics of net nationalism utterly focused on individual governmental interests will imperil international cooperation, mutual legal assistance and the cross-border flow of information, and may derail international cybersecurity efforts, especially harmful to a region like Africa …