International Co-Operation: Challenges & Potential For Engaging In Cyberspace

Uploaded on 2016-05-18 in FREE TO VIEW

Opinion By Jamie Collier

Until now, the majority of international state discussions, and subsequent academic attention, has focused on promoting or developing norms. This may include, for example, states agreeing to work together to build cyber security capacity or refrain from conducting economic espionage on one another. Although a worthy endeavor, the focus on cultivating new norms has left the understanding of existing norms neglected.

Toni Erskine and Madeline Carr recently published a paper titled Beyond ‘Quasi-Norms’: The Challenges and Potential of Engaging with Norms in Cyberspace. The paper offers a refreshing perspective.

Norms, as studied in international relations scholarship, are principles that embody established codes of what actors should do in given circumstances. For cyber security, their importance should not be underestimated. Consider for example cyber security strategy.

The US and China have radically different cyber strategies: both states differ markedly in in how they use offensive cyber weapons or regard the acceptability of economic espionage. Crucially, these differences cannot be explained by material factors alone (such as access to resources, wealth, capability, etc.).

At least to some degree, differences in cyber security strategy can be explained by moral decisions. Some states wholly disagree with the concept of economic espionage due to their belief in a competitive and fair marketplace for example. Therefore, appreciating what norms are and how they affect cyber security strategy and policy is crucial for future progress.

Cyber security is still a nascent topic for policymakers and strategists. Does this mean that existing cyber norms have emerged in only the last few years? Well perhaps yes and no. In some regards, cyber norms are something new. New technologies such as the Internet of Things or botnets (i.e. a herd of captured computers) are hard to compare to technologies that have existed in the past. Logically therefore, cyber norms are at least somewhat new.

Yet, cyber norms also have a historical element. It is highly likely that pre-existing norms outside of cyber security are also influential in the formation of cyber norms. For example, the Russian government has historically worked with organised crime groups.  This strategy has long been regarded as morally acceptable, or at least permissible. Such a view has transferred into the cyber domain: the Kremlin frequently works alongside hacker groups and organised crime cells that possess sophisticated technical capabilities.

The study of norms in cyber security is likely to be particularly interesting over the next few years given that cyber norms are headed for turbulent times. Policymakers are still waking up to the challenge of cyber security; even existing norms are likely to continue to develop and change as states mature at the strategic level.

Within international relations and security studies, cyber security will continue to establish itself as a topic worthy of academic analysis.  A number of exciting research agendas have begun to emerge. Out of all of them, perhaps further study of existing cyber norms will prove most fruitful.

Jamie Collier is completing a Doctrate in Cyber Security at The University of Oxford.

Jamie Collier

« Syrian Government Hacked
Think You Know Your Customers? Try Authenticating Them »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Montash

Montash

Montash is an award winning, global technology recruitment business, specialising in the acquisitions of high-performing talent across a number of core disciplines including Information Security.

Baker McKenzie

Baker McKenzie

Baker & McKenzie is an international law firm. Practice areas include Data & Technology.

CyberTrap

CyberTrap

CyberTrap is an advanced highly-interactive deception technology allowing real-time analysis and control of security breaches.

Saviynt

Saviynt

Saviynt is a leading provider of Cloud Security and Identity Governance solutions.

Romanian Association for Information Security Assurance (RAISA)

Romanian Association for Information Security Assurance (RAISA)

RAISA promotes and supports information security activities and creates a community for the exchange of knowledge between specialists, academic and corporate environment in Romania.

Exire Technologies

Exire Technologies

Exire Technologies is comprised of a team of professionals who are specialised in cybersecurity and a value added reseller and integrator of ICT security systems.

CYDES

CYDES

CYDES is the first event in Malaysia to showcase advanced solutions and technologies to address cyber defence and cyber security challenges for the public and private sectors.

Gorodissky IP Security

Gorodissky IP Security

Gorodissky IP Security is a comprehensive approach to protecting your intellectual property on the Internet and beyond.

DataDog

DataDog

DataDog provides Cloud-native Security Monitoring. Real-time threat detection across your applications, network, and infrastructure.

Satori Cyber

Satori Cyber

The Satori Cyber Secure Data Access Cloud is the first solution on the market to offer continuous visibility and granular control for data flows across all cloud and hybrid data stores.

KnectIQ

KnectIQ

Building Trust Environments in a Zero-Trust World. KnectIQ offers KIQAssure, an Ultra High Security Solution for Data in Flight.

Hunton Andrews Kurth

Hunton Andrews Kurth

Hunton Andrews Kurth LLP serves clients across a broad range of complex transactional, litigation and regulatory matters. Practice areas include Privacy and Cybersecurity.

Zuul IoT

Zuul IoT

Zuul take an asset-centric approach to OT security, enabling security teams to protect the critical IIoT/IoT devices that are at the foundation of critical business functions.

Security Discovery

Security Discovery

Stay ahead of cyber threats with Security Discovery. We offer expert consulting, comprehensive services, and a powerful vulnerability monitoring SaaS platform.

Vernetzen

Vernetzen

Vernetzen is an industrial network and cybersecurity innovator focused on delivering practical solutions to connect and secure industry across the globe.

Cytex

Cytex

Cytex is the All-in-One solution for SMB data protection & compliance needs.