International Co-Operation: Challenges & Potential For Engaging In Cyberspace

Uploaded on 2016-05-18 in FREE TO VIEW

Opinion By Jamie Collier

Until now, the majority of international state discussions, and subsequent academic attention, has focused on promoting or developing norms. This may include, for example, states agreeing to work together to build cyber security capacity or refrain from conducting economic espionage on one another. Although a worthy endeavor, the focus on cultivating new norms has left the understanding of existing norms neglected.

Toni Erskine and Madeline Carr recently published a paper titled Beyond ‘Quasi-Norms’: The Challenges and Potential of Engaging with Norms in Cyberspace. The paper offers a refreshing perspective.

Norms, as studied in international relations scholarship, are principles that embody established codes of what actors should do in given circumstances. For cyber security, their importance should not be underestimated. Consider for example cyber security strategy.

The US and China have radically different cyber strategies: both states differ markedly in in how they use offensive cyber weapons or regard the acceptability of economic espionage. Crucially, these differences cannot be explained by material factors alone (such as access to resources, wealth, capability, etc.).

At least to some degree, differences in cyber security strategy can be explained by moral decisions. Some states wholly disagree with the concept of economic espionage due to their belief in a competitive and fair marketplace for example. Therefore, appreciating what norms are and how they affect cyber security strategy and policy is crucial for future progress.

Cyber security is still a nascent topic for policymakers and strategists. Does this mean that existing cyber norms have emerged in only the last few years? Well perhaps yes and no. In some regards, cyber norms are something new. New technologies such as the Internet of Things or botnets (i.e. a herd of captured computers) are hard to compare to technologies that have existed in the past. Logically therefore, cyber norms are at least somewhat new.

Yet, cyber norms also have a historical element. It is highly likely that pre-existing norms outside of cyber security are also influential in the formation of cyber norms. For example, the Russian government has historically worked with organised crime groups.  This strategy has long been regarded as morally acceptable, or at least permissible. Such a view has transferred into the cyber domain: the Kremlin frequently works alongside hacker groups and organised crime cells that possess sophisticated technical capabilities.

The study of norms in cyber security is likely to be particularly interesting over the next few years given that cyber norms are headed for turbulent times. Policymakers are still waking up to the challenge of cyber security; even existing norms are likely to continue to develop and change as states mature at the strategic level.

Within international relations and security studies, cyber security will continue to establish itself as a topic worthy of academic analysis.  A number of exciting research agendas have begun to emerge. Out of all of them, perhaps further study of existing cyber norms will prove most fruitful.

Jamie Collier is completing a Doctrate in Cyber Security at The University of Oxford.

Jamie Collier

« Syrian Government Hacked
Think You Know Your Customers? Try Authenticating Them »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

HireVergence

HireVergence

HireVergence is a full service IT staffing and recruiting firm with a focus on cyber and information security.

Brainwave GRC

Brainwave GRC

Brainwave GRC is a leading European software provider focused on Identity Analytics and intelligence to strengthen IT security and compliance.

AuthenTrend

AuthenTrend

AuthenTrend provide biometric authentication products to achieve high security with extreme ease-of-use for the user.

Cipher Tooth

Cipher Tooth

CipherTooth is a superior system for delivering secure content over the Internet.

Panorays

Panorays

Panorays automates third-party security lifecycle management. It is a SaaS-based platform, with no installation needed.

Cryptika

Cryptika

Cryptika is a fully integrated IT security and managed services provider, specialized in Next-Generation Cyber Security Technologies.

Phy-Cy.X Security Group

Phy-Cy.X Security Group

Phy-Cy.X specialize in the “Physics” of Information Security through both physical and cyber domains. We are not an IT company, we ARE an Information Security company.

UTMStack

UTMStack

UTMStack is a Unified Security Management system that includes SIEM, Vulnerability Management, Network and Host IDS/IPS, Asset Discovery, Endpoint Protection and Incident Response.

CWSI

CWSI

CWSI provide a full suite of enterprise mobility, security and productivity solutions to many of Ireland and the UK’s most respected organisations across a wide range of industry and public sectors.

SYN Ventures

SYN Ventures

SYN Ventures invests in disruptive, transformational solutions that reduce technology risk.

RSK Cyber Security

RSK Cyber Security

RSK Cyber Security are a leading cyber security services company that uses services, consulting, and product knowledge to lower security risk across the board.

Eqlipse Technologies

Eqlipse Technologies

Eqlipse Technologies provides products and high-end engineering solutions to customers in the Department of Defense and Intelligence Community.

Ultima

Ultima

Ultima are on a mission to help businesses unlock their true potential by using the right IT to protect your company’s revenue and reputation – 24/7.

RunReveal

RunReveal

RunReveal's mission is to make sure no breach goes undetected. That means having a product that is accessible and effective for companies of all sizes.

Vortacity Cyber

Vortacity Cyber

Vortacity is a boutique cybersecurity provider specializing in associations, nonprofits, and mission-based organizations.

Freeze

Freeze

Freeze prevents attacks before they can start by finding, removing, and stopping the spread of information about your organization and employees.