The geopolitics of cybersecurity

Cybersecurity has evolved beyond being solely a technical concern; it now plays a significant role in geopolitics as we navigate the information age. In today’s digital environment, data and valuable resources are primarily stored on networked computer systems. The potential sources of threats have expanded beyond local actors and neighboring countries, as the digital realm has redefined our perception of geographical boundaries.

Table of Contents

• Understanding of the geopolitical dimension of the Internet and its impact on cybersecurity
• Cybersovereignty
• Cybersecurity beyond its technical dimension
• Conclusion

Our increasing dependence on digital tools and online environments heightens our vulnerability to harmful cyber activities, escalating our exposure to cybercrime and cybersecurity threats.

Essential technologies, including fundamental communication systems and emerging advancements like 5G, cloud computing, AI, and quantum computing, introduce new cybersecurity challenges that substantially impact national security, economic growth, and societal advancement for individual nations or even entire regions.

Cyberspace has become a battlefield where countries compete to dominate crucial technologies and assert digital supremacy over global technical standards. State actors progressively employ digital technologies and cyber capabilities against their rivals. At the same time, non-state actors have also cultivated these skills, targeting vital infrastructure such as healthcare services, COVID vaccine research, and strategic assets, potentially causing significant reputational damage to businesses and governments.

Geopolitics helps us understand, elucidate, and forecast the actions of global players. Furthermore, considering geopolitical factors in cybersecurity enables institutions to foresee and brace for significant cyber threats. Over the past ten years, a review of cyber activities highlights a clear link between geopolitical motives and state-backed cyber operations. As a result, merging geopolitical intelligence with conventional cyber threat intelligence collection methods can assist organizations in identifying when, where, and how they are most vulnerable to attacks.

Understanding of the geopolitical dimension of the Internet and its impact on cybersecurity

Geopolitics, in general terms, is the study of how geographical factors affect state power and international relations. Cybersecurity and geopolitics can be viewed as interconnected concepts. The emergence of Artificial Intelligence has introduced new dimensions of inequality, vulnerability, and potential human distress in geopolitics, along with the appearance of combined risks.

The concept of “geopolitical” is relevant in the context of cyber policies and power dynamics. The competitive nature of cyberspace among nations emphasizes its geopolitical importance. Moreover, the influence of Artificial Intelligence (AI) on sectors like agriculture, transportation, and more, accentuates its geopolitical significance. The exchange of AI technology reflects the convergence of essential interests, the management or lack of conflict, and the existence of trust, positioning AI as a powerful tool with geopolitical consequences.

Attempts have been made to adapt traditional geopolitical analysis to cyberspace by focusing on physical components like internet exchange points (IXPs). Controlling these centers is thought to ensure control over information flows. It has been proposed that the party governing communication flows will dominate the “Cybernetic Heartland” and consequently the world. However, such adaptations may be subjective and lack the required analytical rigor.

Cybersovereignty

The concept of “cybersovereignty” often suffers from a lack of analytical rigor. It arises from applying territorial notions to the virtual realm, extending cybersecurity measures to encompass the content of information in cyberspace. Advocates argue that this is essential for responsible internet use and mitigating cyber risks. However, critics point out that in authoritarian countries with weak rule of law, information itself may be perceived as a threat. Freedom House suggests that cybersovereignty involves governments imposing their own internet regulations, limiting the flow of information across national borders.

Cybersecurity beyond its technical dimension

Cybersecurity issues are significant in critical geopolitical strategies and can be examined and understood through International Relations theories, particularly within International Security. The two primary theoretical schools, realism and liberalism, provide distinct viewpoints on these matters.

Realism highlights the anarchic nature of cyberspace, asserting that this trait inevitably transforms it into a new battleground. This anarchy also enables traditional geopolitical rivalries from the physical world to extend into cyberspace. Consequently, cyberspace conflicts are often regarded as symptoms rather than independent events.

The chaotic nature of cyberspace is mainly due to the absence of a comprehensive and efficient Cybersecurity Convention, which would ideally achieve the following objectives:

1. Create a wide-ranging legal framework to tackle cybersecurity issues;
2. Implement this framework globally, ensuring adherence and compliance by all parties involved; and
3. Enforce penalties on those who fail to comply.

Addressing these aspects can establish a more effective approach to cybersecurity, minimizing the likelihood of conflict and fostering global collaboration.

Realists argue that states are the main players in cyberspace, with power being a crucial factor in this domain. “Cyberpower” denotes the ability to achieve desired outcomes by leveraging interconnected information resources within the cybernetic domain. It is generally more effective when used offensively than defensively, due to the difficulty of attributing attacks, low costs, and high potential for damage.

Following this realist perspective, the emergence of cyber arms races can be explained as a response to the existing anarchy by powerful states in the cybernetic realm. This view indirectly acknowledges the presence of cyber weapons, which can be described as “computer codes intended to threaten or cause physical, functional, or mental harm to structures, systems, or living beings.” The concept of cyber weapons and arms races in the cyber domain supports the realist rationale.

Various actors have prioritized the development of cyber norms, collaborating to establish governance mechanisms specifically for cybersecurity. Without a central authority, global governance is handled by diverse actors, including states, multilateral organizations, civil society entities, and private companies. These mechanisms can effectively manage and even prevent threats and risks in cyberspace on both global and regional scales.

One such approach involves developing national cybersecurity strategies, a subject where the International Telecommunication Union (ITU) holds a central position. These strategies are crucial for formulating and implementing measures that improve cybersecurity within nations. In each instance, the participants responsible for executing the strategies and their roles and duties are identified.

The ITU’s guide includes cooperation among multilateral organizations from diverse geographic regions, intergovernmental agencies, educational institutions, information technology firms, and risk consultants. This joint effort aids in tackling the intricate issues of cybersecurity and fostering a more secure digital landscape for everyone.

Conclusion

From an analytical standpoint, geopolitics and International Relations’ theoretical and conceptual tools are valuable when conducting descriptive and explanatory cybersecurity analyses. Regarding the first concept, it is important to avoid the common mistake of loosely classifying numerous topics and questions as “geopolitical.” In this context, critical geopolitics approaches offer a fresh perspective. These approaches, distinct from traditional perspectives, provide a new “territoriality” to cyberspace, enhancing our understanding.

Simultaneously, the realist and liberal theoretical schools of International Relations aid in interpreting the nature and dynamics of the relationships in this virtual space. Realism emphasizes its anarchic nature, the dominance of state actors, and the relevance of power politics. At the same time, liberal perspectives highlight the presence of various non-state actors and assert that anarchy diminishes due to the spread of cyber-norms, multilateral agreements, and governance mechanisms. It is beneficial to address cybersecurity issues from a multidisciplinary angle, utilizing concepts, techniques, and tools from other fields of knowledge.