Digital dark age fears stoked by Davos elite doing little to address cybersecurity

NATO’s Cooperative Cyber Defense Centre of Excellence based in Tallinn, Estonia, is another such effort. It has played a major role in help producing the Tallinn Manual, which is the most comprehensive of international treaties for cyberspace law. Its impact is severely limited, however, because it is strictly an academic study and legally non-binding.

Geopolitics and cybersecurity collide
The quality of a state’s capacity to respond to such a complex problem is rapidly being recognized as an important element of global competitiveness. What, then, could global coordination achieve for effective cybersecurity?

A key aim of the proposed GCC is to work towards an appropriate and agile regulatory framework on cybersecurity. Regulatory alignment needs significant teamwork on global policy at all levels, sometimes from officials with little relevant expertise. They are required – often in time-critical scenarios – to assess evidence from a mix of sources including official threat intelligence, academic sources and industry threat reports.

All of which present policy challenges. How effective is the threat assessment? How good is the risk perception associated with a potential cyberattack? How are consequences judged, particularly in terms of critical and national assets? How does one account for a proportionate response, especially when it is nearly impossible to pin down perpetrators? And, most importantly, how do we shape future policy to address these questions?

The Geneva Centre for Security Policy (GCSP), a leading security thinktank, plays host to an annual student competition to address these questions. Competing teams from all over the world enter the competition and attempt to present a set of viable policy options for each round of the game.

A panel of judges choose winners for each round based on the most appropriate response to a set of cybersecurity threats identified. As rounds proceed, the scenarios escalate becoming more complex. The winning team is the one that demonstrates excellence in deep technical knowledge and international relations skill. It’s an example of a truly global competitive effort. Could such games pave the way for a globally-coordinated capacity building initiative which seeks to allow all members – including the poorest and most disadvantaged – to develop skills and competencies?

Perhaps, but capacity building is only one challenge. How would a global effort serve to resolve national concerns over an overt declarative policy, effective deterrence, guarantee of civil liberty, democratic oversight and use of public-private cooperation for cyberspace? How would age-old political fault lines be resolved in the Middle East and East Asia, which persist across cyberspace? And how would new global cyber conflicts be prevented?

The GCC undoubtedly offers a reasonable proposition to nation states, by urging them to collaborate on overcoming cyber threats in a coordinated way. But for such a noble goal to work, it requires deeper resolve to deliver and a level of national commitment unprecedented over previous efforts. Given the increased global uncertainty, we are yet to have faith.

Siraj Ahmed Shaikh is Professor of Systems Security, Coventry University. This article is published courtesy of The Conversation(under Creative Commons-Attribution / No derivative)