NUPIs project Cybersecurity and Developing Countries aims to systematically explore cyber security risks and assess cyber capacity building in developing countries. The global implications, and the risks and opportunities for donors - such as Norway - to assist developing countries with cyber security capacity building, is the focus of this study. The aim is to provide a critical analysis of how to actually accomplish cyber capacity building in practice.
The rapid growth of connectedness in the developing world brings potential benefits as well as risks, as increased dependency leads to greater systemic vulnerabilities. The private sector’s expansion of networks and technological platforms may be faster than the public sector’s capacity to follow up with regulation and safety-standards. Developing countries have been described as “wonderlands” for cybercriminals, and as the internet is expected to double in size every five years a “cybercrime avalanche” is expected to follow. Technological and regulatory loopholes may be exploited by criminals as well as politically motivated actors to conduct Cyber Network Operations (CNO), Cyber Network Exploitation (CNE), or even Cyber Network Attacks (CNA).
Because of the networked and borderless nature of cyberspace dangers are not confined to the countries and regions in question. It is often held that cyber security is only as strong as the weakest link. This means that weak cyber security in one country negatively affects global cyber security. Following this logic, enhancing cyber security in one place will benefit the larger system and the international community at large. Regardless of the validity of this theory, the nature of cyberspace makes makes cyber risks a global problem that is likely to increase as more and more people get connected.
This raises a number of questions:
Are there any security benefits for Western countries in assisting emerging economies in building cyber security capacities? If so, what are these benefits? Furthermore, what aspects of cyber security capacities are most crucial for a country to develop? Is it legislation, Computer Emergency Response Teams (CERTs), law enforcement and/or something else? Should we instead of working with state institutions target our future work primarily towards the private sector and network providers.
The aim of this project is to map out the concrete risks and challenges, the best tools to deal with them and how to implement these tools most effectively.
Digitale sårbarheter – Internasjonale løsninger
Security and Liberty in Cyberspace. Countermeasures and dilemmas in securing a global free cyberspace.
Theory Seminar: Theorizing cybersecurity
Alexander Klimburg, Senior research fellow at the Hague Center for Strategic Studies and Harvard Kennedy School affiliate