Light, Person, Security

Cybersecurity

Today’s headlines often feature the word ‘cyber’, reporting on threats related to the virtual world: online child abuse, stolen credit cards and virtual identities, malware and viruses, botnets and denial-of-service attacks on corporate or government servers, cyber-espionage, and cyber-attacks on critical infrastructure.

Cybersecurity came into sharper focus with the rapid expansion of the Internet’s user base. One side effect of the rapid integration of the Internet in almost all aspects of human activity is the increased vulnerability of modern society. Core services of modern society, such as communications, electric grids, transport systems, health services, and “smart cities”, are increasingly dependent on the Internet. They are frequent targets of cyber-attacks.
What are the real cybersecurity challenges? What is the role of diplomacy, international legal instruments, and regional and national policies in addressing these threats, and how efficient are they? How does international cooperation in cybersecurity work, and what are the roles of the various stakeholders?

Diplo focuses on these and other related questions through online and in situ courses, awareness-raising sessions and events, evidence-based analysis, policy research, illustrations, videos and other visuals. At the same time, the GIP Digital Watch observatory, operated by DiploFoundation, maintains regular updates on cybersecurity issues, actors, processes and mechanisms.

Featured: Comic “The secret life of a cyber vulnerability”
This new comic brings a worrying, yet realistic and educative story that follows a life of a digital vulnerability, from its inception to its deployment for an actual cyberattack. Vulnerabilities are one of the main components of cyber-weapons, used equally for warfare, crime, terrorist or other attacks. Instead of being mitigated, they are often traded, stockpiled and used for attacks. In essence, the comic book discusses responsibility of various stakeholders – governments, private sector, end users – for global cyber(in)security. Read more in our research and publications section.

Stay up to date!

Subscribe to DiploNews and stay up-to-date with upcoming events, new publications and research, and courses and training.

Holistic approach to cybersecurity

Current situation and challenges

Cybersecurity has come to the forefront of the international diplomatic and political agenda in United Nations committees, the North Atlantic Treaty Organization (NATO), the International Telecommunication Union (ITU), the Council of Europe (CoE), the Organisation for Economic Co-operation and Development (OECD), the Organization for Security and Co-operation in Europe (OSCE), the Commonwealth, the Group of Eight (G8), and the Group of Twenty (G20), to name just a few of the most important fora. In the meantime, attention to the possibility of cyber-war swings from hype to lack of attention, due to wide ignorance.

Collective responsibility

 

Cybercrime, which is often part of our real life experience, is dealt with through a number of international processes, as the judicial and law enforcement authorities cooperate across borders. Many countries have adopted national cybersecurity strategies and related legislation. A growing number of countries have set up national mechanisms for response to cyber-incidents (mainly in form of CERT or CSIRT), involving government as well as the corporate, academic, and NGO sectors. Some have declared ‘cyber’ as the fifth military domain, and have set up defensive and offensive cyber-commands within their armies.

Nevertheless, the risks are increasingly sophisticated, while the groups interested in exploiting cyberspace vulnerabilities have extended from underground communities of ‘black-hat’ hackers to global and well-organised criminal and terrorist groups, government security services, and defence forces. To make things more complicated, most of the Internet infrastructure and services are privately owned, with operators scattered around different global jurisdictions.

Multidisciplinary and multistakeholder response

A meaningful systematic response to cybersecurity risks depends on a deep understanding of the multidisciplinary aspects of cyberspace: the nexus of technology, law, psychology, sociology, economy, political science, and diplomacy. Cybersecurity framework includes policy principles, instruments, and institutions dealing with cybersecurity. Thematically, it is an umbrella concept covering:

  • Network security (including technical measures, organisational policies, standards and incident response)
  • Cybercrime (including emerging challenges and frameworks to combating cybercrime)
  • Internet safety (including user safety challenges and particularly child online protection)
  • Critical infrastructure and resources  (including security of the critical infrastructure, and critical Internet resources)
  • Cyber-conflicts and cyber-norms (including challenges, application of international law to cyberspace, and main processes)
  • Terrorist use of the Internet (including tools, targets and frameworks for combating terrorism)

Setting up national and international cybersecurity policies and mechanisms, however, requires looking at a broader context, primarily the links of security with economic development (including innovations, e-commerce and intellectual property rights), human rights (including privacy, online freedoms and trust), and Internet governance in general.

The efficiency of the response further depends on partnerships among stakeholders that can contribute to reducing the risks:

  • government and regulatory authorities with their ability to create a legal, regulatory, and policy environment for cybersecurity;
  • judicial institutions and law enforcement authorities with their competences and responsibility for criminal prosecution and cross-border cooperation mechanisms;
  • the private sector and technical communities with their expertise and de-facto control over the majority of infrastructure, services, and standards;
  • non-governmental organisations and academia with their knowledge, networks, and capacity to reach out to end-users and alert them about the misuse of cyberspace.

Capacity building

Comprehensive approach to capacity building

DiploFoundation plans, prepares and implements capacity building programmes in cybersecurity policy. The sustainability of capacity building requires moving beyond using the term as a political buzzword and employing disconnected sets of simple training sessions, short workshops, or events, to include building institutional, organisational, system, and networking capacities to deal with cybersecurity and the digital environment.

Our capacity building approach addresses both hard and soft capacities – from specialised knowledge and know-how to operational and adaptive capacities. It combines professional and academic online courses and in-situ training, coaching and support, policy immersion and research, webinars and remote participation at events, as well as community facilitation. In these activities, Diplo involves number of experts and lecturers from its own Faculty, as well as from its Partners. Diplo’s online community gathers over 1600 alumni and associates from all over the world.

Capacity building portfolio

Online activities

Highly interactive online course bringing a group of 15-25 professionals together, with facilitation of certified online tutors and contributions from renown experts in field, as well as short webinars:

In-situ activities

Customised in-situ activities involving thematic lectures and discussions, skills building, process simulations, and technical show-cases:

Research and mapping work

Policy research and mapping developments, processes, actors and instruments:

  • Mapping cybersecurity trends and developments, processes, actors and instruments, reports and sources within Digital Watch of the Geneva Internet Platform pages (general pages on cybersecurity, as well as dedicated pages such as for the UN GGE process)
  • Policy research work upon demand (see below)
  • Visualisation of key cybersecurity challenges for awareness-raising and educational purposes (see below)

Awareness raising

Illustrations and animated videos

Dark webImages and animations are powerful tool to communicate digital challenges.

Diplo has prepared number of illustrations depicting cybersecurity challenges. Browse the gallery and pick any that can help you explain cybersecurity better.

How does DNSSec work? What is Deep Packet Inspection? Why do we need IPv6? What should we know about cloud computing? Watch the short animated movies of  Diplo’s Internet Governance Lite series.

Watch the short videos on introduction to cybersecurity, cybercrime and spam from our Internet governance series

Send a postcard from cyberspace!

Postcard on cyberwarfareDiplo’s illustrated cybersecurity postcards from cyberspace aim at raising awareness about main challenges and issues related to cybersecurity, while allowing us to send our own message to others.

Pick your favorite poscard, add your personal message – and share via Twitter, Facebook or Instagram, or print and give out to friends and colleagues!

You can find all the postcards available for sharing or download here.

 

Comic book on child safety online

Child safetyThe challenges of child safety online presented in form of a comic book. Read online in English and in French.

 

From our blog

What’s new with cybersecurity negotiations? The informal OEWG consultations on capacity building

DiploFoundation

In May 2023, delegations met in New York for an informal meeting on capacity building and discussions on all topics under the Open-Ended Working Group’s (OEWG) mandate. Lines drawn long ago don...

AI and international peace: A new kid on the UN Security Council block

Vladimir Radunović

The UN Security Council had its first meeting on AI and international peace and security. Having in mind that diplomacy typically moves at a glacial pace (which is understandable due to many fact...

Governments vs ChatGPT: Investigations around the world

Stephanie Borg Psaila

ChatGPT, the AI-powered tool that allows you to chat and get answers to almost any question, has taken the world by storm. Now, governments around the world are starting to take notice of these t...

Can sharks eat the Internet?

Jovan Kurbalija

Were you aware of the fact that sharks chew through undersea cables that are an integral part of the internet’s physical infrastructure? Scientists are unsure why they do it, though they suspec...

Events

Cyber Diplomacy training in Kenya

27 Feb 24 - 01 Mar 24

Kenya

Policy Meets Tech: Cryptography

24 Jan 24 - 24 Jan 24

2023 Global Cybersecurity Forum

01 Nov 23 - 02 Nov 23

Saudi Arabia

Digital Security and Economic Recovery

26 Nov 20 - 26 Nov 20

Online

October 2017 Online Courses

07 Oct 19 -

Online

7th EAPTC: Technology and peacekeeping

16 Apr 19 - 18 Apr 19

Serbia, Southeast Europe

Business-Policy Roundtable

02 Apr 19 25 Mar 19 -

Public International Law Day 2018

27 Nov 18 -

Switzerland

Ministerial Conference on High-Tech Crime and Information Security

20 Sep 18 - 21 Sep 18

Serbia, Southeast Europe

Invest in Cybersecurity workshop

05 Jun 18 -

Switzerland

Half-day course: Cybersecurity in Practice 2017

01 Dec 17 - 07 Dec 17

Switzerland

Diplo at Cyber Week 2017

25 Jun 17 - 29 Jun 17

Israel

Diplo & GIP at WSIS Forum 2017

12 Jun 17 - 16 Jun 17

Switzerland

Partnership for a secure cyberspace

12 Jun 17 -

Serbia, Southeast Europe

Diplo at third South Eastern Europe Dialogue on Internet Governance (SEEDIG)

24 May 17 - 25 May 17

North Macedonia, Southeast Europe

Creating favourable cybersecurity posture in Serbia

20 Dec 16 - 22 Dec 16

Serbia, Southeast Europe

Global Conference on Cyberspace 2015

16 Apr 15 - 17 Apr 15

Netherlands

Cybersecurity: a Strategic View

15 Jan 15 - 15 Jan 15

Switzerland

Cybersecurity 2014 Winter School

01 Dec 14 - 05 Dec 14

Serbia, Southeast Europe

PRAU Roundtable on Cyber Security

23 Sep 14 -

South Africa, Africa

Serbian Internet Dialogue this week

19 Apr 12 -

Serbia, Southeast Europe

Resources

2021

Improving the practice of cyber diplomacy: Training, tools, and other resources – Final study

This study analyses the capacity development of cyber diplomacy, including training opportunities, tools, and other resources, and looks at their reach, take-up, and what should come next. Why? Because although cyber diplomacy, the conduct of diplomacy with respect to ... Read more...

Page, Text, Advertisement, Poster, Water, Animal, Fish, Sea Life, Shark

2021

Improving the practice of cyber diplomacy: Training, tools, and other resources – Phase I

Cyber diplomacy, the conduct of diplomacy with respect to a state’s interests in cyberspace, is too important to ignore. Yet, the participation of countries is far from ideal.... Read more...

Page, Text, Advertisement, Poster

2018

Searching for Meaningful Human Control. The April 2018 Meeting on Lethal Autonomous Weapons Systems (Briefing Paper #10)

In this briefing paper, Ms Barbara Rosen Jacobson analyses the debate of the April 2018 meeting of the Group of Governmental Experts (GGE) of the Convention on Certain Conventional Weapons (CCW). The group was established to discuss emerging technologies in the area of... Read more...

Advertisement, Poster, Page, Text

2017

Towards a secure cyberspace via regional co-operation

The study Towards a secure cyberspace via regional co-operation provides an overview of the international dialogue on establishing norms of state behaviour and confidence-building measures in cyberspace. ... Read more...

Advertisement, Poster

2016

Cybersecurity in the Western Balkans: Policy gaps and cooperation opportunities

Report on cybersecurity cooperation in the Western Balkans.... Read more...

Advertisement, Poster, Page, Text

2016

Cybersecurity competence building trends

Report on cybersecurity competence building trends in OECD countries.... Read more...

Advertisement, Poster, Smoke Pipe