Author: Stephanie Borg Psaila
Improving the practice of cyber diplomacy: Training, tools, and other resources – Final study
2021
Cyber diplomacy, the conduct of diplomacy with respect to a state’s interests in cyberspace, is too important to ignore. Yet, the participation of countries is far from ideal.
For some countries, diplomacy has adapted quickly, and cyber issues are now firmly on their diplomatic agendas. For other countries, especially developing countries and small states, there are several challenges linked to limited human and financial resources, which limit their participation and render them largely inactive in the cyber diplomacy policy space. Naturally, countries with limited resources are more likely to invest the few resources they have in what the country sees as more essential areas – and most often, cyber is not on that list.
Yet, many cyber issues transcend borders, and often prey on the weakest actors. Measures to protect against vulnerabilities need to be implementable – and implemented – everywhere. And no country should rise above the applicability of norms of state behaviour.
This study, which was prepared in two phases, analyses aspects of capacity development to increase the engagement of every country, that is, the availability of training opportunities, tools, and other resources and their reach and take-up.
While we appreciate that technical training (such as how to set up a Computer Emergency Response Team ) is extremely important, this study focuses mainly on the need for diplomats to engage in cyber diplomacy. By that, we mean the need to understand the cyber security aspects countries and organisations face, the laws that can address them, and how cross-border investigations work; how some countries engage in dubious activities to try to cripple each other’s critical infrastructures, and how laws can be interpreted to justify this behaviour; the policy measures a country needs to undertake to bring its hospitals back online if they are attacked, and how other countries can assist; the foreign policy a country’s ministry of foreign affairs (MFA) needs to develop for its diplomats to be guided by. The list goes on.
The survey we conducted as part of this study confirmed that training and tools are indeed available (whether there are thematic gaps is a slightly different story), but they are certainly not reaching everyone. The findings also uncovered the reasons why practitioners are often not taking any, or further, training, and why they were not making use of the whole range of tools available to help them in their cyber diplomacy work.
There are three main reasons. The first is simple: If they aren’t aware of training and tools in the first place, they can’t make use of them. The second is that even if practitioners know about existing training, they often do not have the financial means to enrol. The third is that practitioners are often too busy to spend time training or exploring tools and possibly not encouraged to do so.
We then used five case studies to look at good practices, identify gaps, and determine solutions. We based our recommendations on the findings, and on our own experience of training diplomats for close to 20 years.
When it comes to the recommendations, we’ve steered clear from one-size-fits-all suggestions, in the knowledge that practitioners, practitioners, providers, and funders all have different aims and needs.
For instance, a practitioner who has received a scholarship to undertake training should follow up with the training provider on how the training has impacted their work, or their institution’s work, even in cases where there’s no obligation for them to give feedback.
Providers should help instill a culture of institutional capacity development by incorporating this message in training programmes, such as during the feedback stage.
Funders should support practitioners in analysing what they really need, and involve providers in the process, as it can be more cost-effective in the long run. When analysing needs, the main goal of capacity development should be kept in mind: it’s not only about what people learn, but how practitioners apply the knowledge in practice.
This report, which we’re referring to as the ‘Full study’, is the culmination of two phases:
• Phase I, completed in September 2021, concerning the availability of training opportunities and other types of support and their take-up.
• Phase II, completed in December 2021, which includes the identified gaps, and makes recommendations on how to close them.
You may also be interested in
New threats: the cyber-dimension
The text discusses emerging cyber threats and the need for increased cybersecurity measures to address these new challenges.
Cybersecurity in the Western Balkans: Policy gaps and cooperation opportunities
Report on cybersecurity cooperation in the Western Balkans.
Introducing child safety in Romanian schools: Does the existing primary and secondary curriculum address online safety?
This paper examines the idea of an online child safety policy for Romania, which would provide an initiative to encourage smart online behavior in young children, prepare them to surf the Internet, and educate them to avoid its dangers. As technology develops and more and more children spend time online, they are exposed to numerous threats, dangers and potential abuse. Children need to learn how to behave online, how to critically assess their activities online and act accordingly.
Improving the practice of cyber diplomacy: Training, tools, and other resources – Final study
This study analyses the capacity development of cyber diplomacy, including training opportunities, tools, and other resources, and looks at their reach, take-up, and what should come next. Why? Because although cyber diplomacy, the conduct of diplomacy with respect to a state’s interests in cyberspace, is too important to ignore, the participation of countries is far from ideal.
From a Safer Internet to a Better Internet for Kids
The text is about transitioning from a safer internet to a better internet for kids.
Cybersecurity competence building trends
Report on cybersecurity competence building trends in OECD countries.
Searching for Meaningful Human Control. The April 2018 Meeting on Lethal Autonomous Weapons Systems (Briefing Paper #10)
In this briefing paper, Ms Barbara Rosen Jacobson analyses the debate of the April 2018 meeting of the Group of Governmental Experts (GGE) of the Convention on Certain Conventional Weapons (CCW). The group was established to discuss emerging technologies in the area of lethal autonomous weapons systems (LAWS).
Dealing with cybersecurity challenges
'Various governments have come up with different interventions to address these challenges, like cybersecurity which is on the rise. The development of human resource and capacity building has been identified as one of the stumbling blocks.' - Godfrey Ahuma from Ghana
Cybersecurity in the Republic of Fiji
This paper discusses cybersecurity in Fiji and offers recommendations to challenges such as the vulnerability of systems due to lack of a cybersecurity framework. The poorly framed laws and lack of appropriate policies.
The waning of the state and the waxing of cyberworld
This paper discusses whether IT is functioning mainly as an instrument of states in their quest for power and wealth or is principally operating as a transformative agent by market forces and various sectors of civil society.
Towards a secure cyberspace via regional co-operation
The study Towards a secure cyberspace via regional co-operation provides an overview of the international dialogue on establishing norms of state behaviour and confidence-building measures in cyberspace.
Improving the practice of cyber diplomacy: Training, tools, and other resources – Phase I
Cyber diplomacy, the conduct of diplomacy with respect to a state’s interests in cyberspace, is too important to ignore. Yet, the participation of countries is far from ideal.
DDoS – Available Weapon of Mass Disruption
The increasing militarisation of cyber-space comes in response to fears of critical damage caused by digital weapons like Distributed Denial-of-Service (DDoS). Understanding that the botnets are the key platform behind DDoS, we compared the costs of running a large-scale attack with the approximate downtime loss in a country-scale attack in case of Serbia, showing that DDoS are readily available weapons of possible mass disruption. Taken as a whole, this paper suggests responding to risks by combating cybercrime as the DDoS enabler, rather than by militarisation.
Lethal Autonomous Weapons Systems: Mapping the GGE Debate (Briefing Paper #8)
The paper discusses the ongoing debate in the Group of Governmental Experts (GGE) on Lethal Autonomous Weapons Systems (LAWS) and the varying perspectives on the need for regulation and control of these weapons.
Peacetime Regime for State Activities in Cyberspace
The publication covers in a multi-disciplinary approach the technical, legal, policy and diplomacy aspects of State activities in cyberspace during peacetime. It consists of 23 chapters of academic nature, elaborated by 24 authors specialised in the respective areas of expertise. Diplo's Dr Jovan Kurbalija contributed the chapter on E-diplomacy and Diplomatic Law in the Internet Era.
