Today’s headlines often feature the word ‘cyber’, reporting on threats related to the virtual world: online child abuse, stolen credit cards and virtual identities, malware and viruses, botnets and denial-of-service attacks on corporate or government servers, cyber-espionage, and cyber-attacks on critical infrastructure.
Cybersecurity came into sharper focus with the rapid expansion of the Internet’s user base. One side effect of the rapid integration of the Internet in almost all aspects of human activity is the increased vulnerability of modern society. Core services of modern society, such as communications, electric grids, transport systems, health services, and “smart cities”, are increasingly dependent on the Internet. They are frequent targets of cyber-attacks.
What are the real cybersecurity challenges? What is the role of diplomacy, international legal instruments, and regional and national policies in addressing these threats, and how efficient are they? How does international cooperation in cybersecurity work, and what are the roles of the various stakeholders?
Diplo focuses on these and other related questions through online and in situ courses, awareness-raising sessions and events, evidence-based analysis, policy research, illustrations, videos and other visuals. At the same time, the GIP Digital Watch observatory, operated by DiploFoundation, maintains regular updates on cybersecurity issues, actors, processes and mechanisms.
Featured: Comic “The secret life of a cyber vulnerability”
This new comic brings a worrying, yet realistic and educative story that follows a life of a digital vulnerability, from its inception to its deployment for an actual cyberattack. Vulnerabilities are one of the main components of cyber-weapons, used equally for warfare, crime, terrorist or other attacks. Instead of being mitigated, they are often traded, stockpiled and used for attacks. In essence, the comic book discusses responsibility of various stakeholders – governments, private sector, end users – for global cyber(in)security. Read more in our research and publications section.
Holistic approach to cybersecurity
Current situation and challenges
Cybersecurity has come to the forefront of the international diplomatic and political agenda in United Nations committees, the North Atlantic Treaty Organization (NATO), the International Telecommunication Union (ITU), the Council of Europe (CoE), the Organisation for Economic Co-operation and Development (OECD), the Organization for Security and Co-operation in Europe (OSCE), the Commonwealth, the Group of Eight (G8), and the Group of Twenty (G20), to name just a few of the most important fora. In the meantime, attention to the possibility of cyber-war swings from hype to lack of attention, due to wide ignorance.
Cybercrime, which is often part of our real life experience, is dealt with through a number of international processes, as the judicial and law enforcement authorities cooperate across borders. Many countries have adopted national cybersecurity strategies and related legislation. A growing number of countries have set up national mechanisms for response to cyber-incidents (mainly in form of CERT or CSIRT), involving government as well as the corporate, academic, and NGO sectors. Some have declared ‘cyber’ as the fifth military domain, and have set up defensive and offensive cyber-commands within their armies.
Nevertheless, the risks are increasingly sophisticated, while the groups interested in exploiting cyberspace vulnerabilities have extended from underground communities of ‘black-hat’ hackers to global and well-organised criminal and terrorist groups, government security services, and defence forces. To make things more complicated, most of the Internet infrastructure and services are privately owned, with operators scattered around different global jurisdictions.
Multidisciplinary and multistakeholder response
A meaningful systematic response to cybersecurity risks depends on a deep understanding of the multidisciplinary aspects of cyberspace: the nexus of technology, law, psychology, sociology, economy, political science, and diplomacy. Cybersecurity framework includes policy principles, instruments, and institutions dealing with cybersecurity. Thematically, it is an umbrella concept covering:
- Network security (including technical measures, organisational policies, standards and incident response)
- Cybercrime (including emerging challenges and frameworks to combating cybercrime)
- Internet safety (including user safety challenges and particularly child online protection)
- Critical infrastructure and resources (including security of the critical infrastructure, and critical Internet resources)
- Cyber-conflicts and cyber-norms (including challenges, application of international law to cyberspace, and main processes)
- Terrorist use of the Internet (including tools, targets and frameworks for combating terrorism)
Setting up national and international cybersecurity policies and mechanisms, however, requires looking at a broader context, primarily the links of security with economic development (including innovations, e-commerce and intellectual property rights), human rights (including privacy, online freedoms and trust), and Internet governance in general.
The efficiency of the response further depends on partnerships among stakeholders that can contribute to reducing the risks:
- government and regulatory authorities with their ability to create a legal, regulatory, and policy environment for cybersecurity;
- judicial institutions and law enforcement authorities with their competences and responsibility for criminal prosecution and cross-border cooperation mechanisms;
- the private sector and technical communities with their expertise and de-facto control over the majority of infrastructure, services, and standards;
- non-governmental organisations and academia with their knowledge, networks, and capacity to reach out to end-users and alert them about the misuse of cyberspace.
Comprehensive approach to capacity building
DiploFoundation plans, prepares and implements capacity building programmes in cybersecurity policy. The sustainability of capacity building requires moving beyond using the term as a political buzzword and employing disconnected sets of simple training sessions, short workshops, or events, to include building institutional, organisational, system, and networking capacities to deal with cybersecurity and the digital environment.
Our capacity building approach addresses both hard and soft capacities – from specialised knowledge and know-how to operational and adaptive capacities. It combines professional and academic online courses and in-situ training, coaching and support, policy immersion and research, webinars and remote participation at events, as well as community facilitation. In these activities, Diplo involves number of experts and lecturers from its own Faculty, as well as from its Partners. Diplo’s online community gathers over 1600 alumni and associates from all over the world.
Capacity building portfolio
Highly interactive online course bringing a group of 15-25 professionals together, with facilitation of certified online tutors and contributions from renown experts in field, as well as short webinars:
- Annual professional online course in cybersecurity
- Annual academic online course in cybersecurity (as a single course or within the post-graduate programme in contemporary diplomacy), accredited by the University of Malta
- Customised online courses in cybersecurity in cooperation and with support of partner institutions (such as for South-Eastern Europe)
- Dedicated thematic webinars (such as for diplomats, on cyber-norms or on policy trends in building cybersecurity competences)
Customised in-situ activities involving thematic lectures and discussions, skills building, process simulations, and technical show-cases:
- Training for youth professionals (such as for Western Balkans)
- Training for diplomats (such as Asia Cyber Diplomacy Workshop “Diplomacy: Between Tradition and Innovation”, or course on “Internet Governance” for Geneva permanent missions)
- Awareness-raising and training events for diplomats (dedicated cybersecurity days such as “Fighting Cybercrime through closer International Cooperation” and “Cybersecurity: a Strategic View“; Scenario simulation exercise organised during the OSCE Chairmanship Event on Effective Strategies to Cyber/ICT Security Threat; a luncheon event “Towards a secure cyberspace via regional cooperation” organised on the occasion of the second meeting of the 2016-2017 UN GGE)
- Practical exercises in form of CyberLab, with simulations of cyber-attacks, visits to Dark Web, trying the BitCoin market and exploring the potentials and risks of 3D printing and Intenet of Things (such as that organised during the 22nd OSCE Ministerial Council and Vienna Cyber Diplomacy Day)
Research and mapping work
Policy research and mapping developments, processes, actors and instruments:
- Mapping cybersecurity trends and developments, processes, actors and instruments, reports and sources within Digital Watch of the Geneva Internet Platform pages (general pages on cybersecurity, as well as dedicated pages such as for the UN GGE process)
- Policy research work upon demand (see below)
- Visualisation of key cybersecurity challenges for awareness-raising and educational purposes (see below)
Illustrations and animated videos
Images and animations are powerful tool to communicate digital challenges.
Diplo has prepared number of illustrations depicting cybersecurity challenges. Browse the gallery and pick any that can help you explain cybersecurity better.
How does DNSSec work? What is Deep Packet Inspection? Why do we need IPv6? What should we know about cloud computing? Watch the short animated movies of Diplo’s Internet Governance Lite series.
Watch the short videos on introduction to cybersecurity, cybercrime and spam from our Internet governance series
Send a postcard from cyberspace!
Diplo’s illustrated cybersecurity postcards from cyberspace aim at raising awareness about main challenges and issues related to cybersecurity, while allowing us to send our own message to others.
Pick your favorite poscard, add your personal message – and share via Twitter, Facebook or Instagram, or print and give out to friends and colleagues!
You can find all the postcards available for sharing or download here.
Comic book on child safety online
The challenges of child safety online presented in form of a comic book. Read online in English and in French.
From our blog
Governments vs ChatGPT: Investigations around the world
20 April 2023
Child safety online, Consumer protection, Content policy, Data governance, Internet governance and digital policy, Liability of intermediaries, Privacy and data protection
ChatGPT, the AI-powered tool that allows you to chat and get answers to almost any question, has taken the world by storm. Now, governments around the world are starting to take notice of these t...
What’s new with cybersecurity negotiations? OEWG 2021-2025 fourth substantive session
23 March 2023
Who should have a say – and of what sort – in global negotiations about cyber stability? The old song and dance about accrediting stakeholders without ECOSOC consultative status to participat...
EU Cyber Resilience Act: Enforcing cyber norms far beyond Europe
28 February 2023
Cybersecurity, Infrastructure, Internet governance and digital policy
The EU is drafting new cybersecurity rules, titled the Cyber Resilience Act (CRA), which have the potential to significantly change the IT sector, namely the development and distribution of softw...
What’s new with cybersecurity negotiations? The informal OEWG consultations on CBMs
26 December 2022
The UN Open-Ended Working Group (OEWG) on Developments in the Field of Information and Telecommunications in the Context of International Security held informal intersessional consultations on c...
Training and courses
Online Meetings and Conferences
Children and Mobile Technology
Internet Technology and Policy
Starting 24 Jul 23
Advanced Diploma in Internet Governance
Starting 24 Jul 23
Starting 09 Oct 23
Master in Contemporary Diplomacy
Starting 29 Jan 24
Diplomatic Theory and Practice
Starting 19 Feb 24
Intro to Internet Governance
Starting 19 Feb 24
Bridging the Cybersecurity Skills Gap
16 Feb 23 - 16 Feb 23
Security Tour – 12 Tours to Navigate Digital Geneva
29 Nov 21 - 29 Nov 21
AU-GFCE Cybersecurity Knowledge Modules
01 Sep 21 - 01 Oct 22
[Briefing #76] Internet governance in June 2021
29 Jun 21 - 29 Jun 21
Discussion: Cyber detente after the Biden–Putin summit in Geneva
25 Jun 21 - 25 Jun 21
Digital Security and Economic Recovery
26 Nov 20 - 26 Nov 20
Start of Cybersecurity 10-week course
05 Oct 20 -
The bell has rung, classes are in session! October online courses
01 Oct 20 - 01 Oct 20
October 2020 Online Courses
Online discussion: Navigating Geneva’s digital policy landscape
23 Jun 20 - 23 Jun 20
Security in Cyberspace: Dynamics, limits, and opportunities
14 May 20 - 14 May 20
(Cyber)Security and the shift to online
09 Apr 20 -
Cybersecurity training programme for Uzbekistan
05 Nov 19 - 07 Nov 19
October 2017 Online Courses
07 Oct 19 -
October 2019 Online Courses
7th EAPTC: Technology and peacekeeping
16 Apr 19 - 18 Apr 19
02 Apr 19 25 Mar 19 -
Plenipot 2018 debrief: The role and impact of civil society
14 Dec 18 -
Public International Law Day 2018
27 Nov 18 -
[Webinar] What is responsible behaviour in cyberspace?
25 Oct 18 -
Introduction to Digital Policy and Diplomacy 2018 (just-in-time Geneva-based course)
08 Oct 18 - 17 Dec 18
Information session: Geneva Dialogue on Responsible Behaviour in Cyberspace
01 Oct 18 - 02 Oct 18
Ministerial Conference on High-Tech Crime and Information Security
20 Sep 18 - 21 Sep 18
October 2018 Online Courses
Diplo & GIP at Geneva Cybersecurity Law & Policy Conference
21 Jun 18 -
Invest in Cybersecurity workshop
05 Jun 18 -
Lunch dialogue: Digitalisation and international law
16 Apr 18 -
Diplo at the ‘Cyber security and cybercrime policies for African diplomats’ workshop
12 Apr 18 - 13 Apr 18
Cybersecurity Challenges Conference
26 Mar 18 -
Diplo director addresses New America roundtable in Washington
30 Jan 18 -
Diplo & the GIP at the 12th Internet Governance Forum
18 Dec 17 - 21 Dec 17
Diplo at Geneva, new cybersecurity hub?
15 Dec 17 -
Half-day course: Cybersecurity in Practice 2017
01 Dec 17 - 07 Dec 17
Preventing cyber conflicts: Do we need a cyber treaty?
09 Nov 17 -
How can technological solutions advance cybersecurity?
03 Nov 17 -
Cybersecurity lecture for students
20 Oct 17 -
Crisis code: Humanitarian protection in the digital age
27 Sep 17 - 28 Sep 17
Digital policy in global governance: Issues and challenges discussed in Geneva
22 Sep 17 -
Diplo at Cyber Week 2017
25 Jun 17 - 29 Jun 17
Diplo & GIP at WSIS Forum 2017
12 Jun 17 - 16 Jun 17
Partnership for a secure cyberspace
12 Jun 17 -
Diplo at third South Eastern Europe Dialogue on Internet Governance (SEEDIG)
24 May 17 - 25 May 17
Diplo at OSCE inter-regional cybersecurity conference
04 Apr 17 - 05 Apr 17
Creating favourable cybersecurity posture in Serbia
20 Dec 16 - 22 Dec 16
Towards a secure cyberspace via regional cooperation
30 Nov 16 -
Preventing Terrorists from Exploiting ICT (Special Meeting)
30 Nov 16 - 01 Dec 16
Young Faces Conference: Strategic cybersecurity policy development in Southeast Europe
29 Nov 16 - 01 Dec 16
[Webinar] Cyber norms: Towards an inclusive dialogue
23 Nov 16 -
Diplo at Asian Forum on Global Governance
16 Oct 16 - 25 Oct 16
Cybersecurity Competence Building Trends: Presentation of study and follow-up discussion
08 Apr 16 -
Cybersecurity and Digital Challenges for Europe – The Role of International Geneva
23 Feb 16 -
CyberLab at 22nd OSCE Ministerial Council Preparations
01 Dec 15 - 02 Dec 15
DiploFoundation and Geneva Internet Platform at 10th IGF in Brazil
10 Nov 15 - 13 Nov 15
Simulation exercise during OSCE Chairmanship Event in Belgrade
30 Oct 15 -
Introduction to Digital Politics 2015: online course for Geneva-based diplomats
27 Apr 15 - 22 Jun 15
Global Conference on Cyberspace 2015
16 Apr 15 - 17 Apr 15
Fighting cybercrime through closer international cooperation
30 Mar 15 -
Cybersecurity: a Strategic View
15 Jan 15 - 15 Jan 15
[Webinar] Internet governance in November 2014: a bubbling cauldron
02 Dec 14 -
Cybersecurity 2014 Winter School
01 Dec 14 - 05 Dec 14
Transparency and Human Rights in the Digital Age
Panel on Cybersecurity at the Belgrade Security Forum 2014
30 Sep 14 -
New Trends in Diplomatic Practice – Cyber Security as a New Area of Peace and Security
24 Sep 14 -
South Africa, Africa
PRAU Roundtable on Cyber Security
23 Sep 14 -
South Africa, Africa
Book Presentation: Peacetime Regime for State Activities in Cyberspace
14 May 14 -
[Webinar] Cybersecurity for e-diplomats: hype and reality
12 Jul 13 -
[Webinar] The threat of cyber-attacks
30 Apr 13 -
Cyber War and Cyber Crime: Session at the Belgrade Security Forum
20 Sep 12 -
Advanced courses in Internet governance 2012
11 Jun 12 - 03 Aug 12
Joint Australian-Egyptian Missions informal roundtable on information and cyber security issues
01 Jun 12 -
Serbian Internet Dialogue this week
19 Apr 12 -
Internet governance in 2012: What can we expect?
12 Jan 12 -
Panel on Fraud and other abuse of Emblems (Red Cross/Red Crescent) on the Internet
30 Nov 11 -
Ten Years of Cybercrime Convention in Geneva
24 Nov 11 -
Internet governance and ICT policy 2011 online courses
14 Jun 11 - 24 Aug 11
Improving the practice of cyber diplomacy: Training, tools, and other resources – Final study
This study analyses the capacity development of cyber diplomacy, including training opportunities, tools, and other resources, and looks at their reach, take-up, and what should come next. Why? Because although cyber diplomacy, the conduct of diplomacy with respect to ... Read more...
Improving the practice of cyber diplomacy: Training, tools, and other resources – Phase I
Cyber diplomacy, the conduct of diplomacy with respect to a state’s interests in cyberspace, is too important to ignore. Yet, the participation of countries is far from ideal.... Read more...
Searching for Meaningful Human Control. The April 2018 Meeting on Lethal Autonomous Weapons Systems (Briefing Paper #10)
In this briefing paper, Ms Barbara Rosen Jacobson analyses the debate of the April 2018 meeting of the Group of Governmental Experts (GGE) of the Convention on Certain Conventional Weapons (CCW). The group was established to discuss emerging technologies in the area of... Read more...
Towards a secure cyberspace via regional co-operation
The study Towards a secure cyberspace via regional co-operation provides an overview of the international dialogue on establishing norms of state behaviour and confidence-building measures in cyberspace. ... Read more...
Cybersecurity in the Western Balkans: Policy gaps and cooperation opportunities
Report on cybersecurity cooperation in the Western Balkans.... Read more...
Cybersecurity competence building trends
Report on cybersecurity competence building trends in OECD countries.... Read more...