Security in Cyberspace: Workshop Insights

At the same time that cyberspace has created some opportunities, such as higher efficiency of critical infrastructures and a lower barrier cost venue for non-state actors to project their ideas and voices, the securitisation of the digital domain happens. Society’s collective imaginary has already created some catastrophic scenario projections directed to states and military manoeuvres. Besides, recent geopolitical movements related to emerging technologies, have rekindled ideas towards power in cyberspace. These developments increase concerns about instability in cyberspace and deserve some consideration and more in-depth debate. 

Thus, aiming to promote an in-depth debate about security in cyberspace, the online workshop “Security in Cyberspace: dynamics, limits, and opportunities” – held by the Alexander von Humboldt Institute for Internet and Society (HIIG), Getulio Vargas Foundation (FGV Direito SP) and the Federal Universities of Santa Catarina (UFSC) and Rio Grande do Sul (UFRGS),  –   encompassed four main topics: (1) cyberspace as a war domain, (2) liberty vs security in cyberspace, (3) the cyber institutional and organisational apparatus of European and Brazilian states and (4) the changes, or the lack thereof, as a consequence of the international balance of power entrenched in the digital sphere. Seeking also to demystify, with the presentations of Brazilian and European scholars, the perception that cyber problems are constrained to a very few “great powers” like China, Russia, and the USA.

The workshop: dynamic and ideas

The workshop assembled a total of twelve panellists with different backgrounds and strong cybersecurity and cyber defence expertise; four similarly diverse mediators; and an audience of more than 170 attendees, participating in eight polls throughout the event. This dynamic allowed the development of a detailed report, providing valuable insights for the field, which will be summarised here.

Cyberspace as a war domain

The first panel approached the idea of cyberspace as a war domain. The topic was chosen to open the event because even though cyberwar and cyberwarfare are still contested concepts, the idea of a possible warlike conflict in cyberspace has been very much present since the 1980s. Indeed, the three panellists made it clear that the concept of cyberwarfare is mutable, has evolved, and has been shaped by other concepts such as power and domination. 

Interestingly, despite cyberwar being a loose concept, the majority of the attendees agreed that cyberspace should be considered a war domain. Moreover, they agreed that to reach stability in cyberspace, a solution could be a normative take, since the majority agreed that states need to develop a cyber-weapon nonproliferation treaty. 

Liberty vs. Security in Cyberspace

The second panel sought to debate the dichotomy between security and liberty online, a topic more focused on data management. Each cyber actor – states, companies and civil society – seeks to push the security discourse to either increase surveillance or information control or to diminish it. Thus, the panellists exposed that placing the concepts of privacy and security on opposite sides is a fallacy. And as such, it should be disregarded when seeking solutions to the challenges in cyberspace interactions. Moreover, they pointed out that the debate and solutions for determining adjustable parameters must be done both at the individual (privacy protection) and global level (data regulators), which resonated with the attendees’ answers. 

According to the attendees, to better develop balanced security and fundamental rights and freedoms, mixed (public-private) arrangements would be the best way to go, and those should be based on transparency, as the lack thereof could undermine confidence-building measures.

Brazil and European Union Cybersecurity

The third panel delved into a detailed discussion on Brazilian and European institutional frameworks and particularities, bringing the importance of contextual and regional cybersecurity frameworks to the debate in order to understand the broader international picture of cyber interactions. From the panellists’ presentations, it was clear that bringing together like-minded states could potentially strengthen strategic partnerships, and provide overlapping benefits to areas such as cyber norms development and competitive advantage, especially when thinking about improvements of public-private partnerships (PPPs). Concerning a more cooperative and plural environment to reach stability in cyberspace, the majority of attendees pointed that states should pursue multilateral approaches and that the world does not need a  “cyber hegemon” to maintain order in the digital domain.

Interstate dynamics in Cyberspace and their consequences for International Relations 

From the regional to the systemic arena, the fourth panel focused on power. The topic at stake were the interstate dynamics in cyberspace and its consequences for International Relations balance of power. The panellists made the case that the world is suffering a new transition phase where the power that technologies – and thus cyberspace – provide is diffused. The transitional time shifts reasoning and strategies; the digital environment allows the participation of non-state actors in power interactions, and ultimately, the measurement of cyber power is still a new task. 

In this regard, the attendees pointed out that infrastructure development and access to critical information infrastructure, cyber military force/cyber command, the number of cyber awareness and cyber specialists of a population, and a national cyber strategy should be elements of consideration when talking about cyber power. Moreover, they agreed that non-state actors benefited from power relations in cyberspace, which can be interpreted as a reinforcement of the idea of plurality and a degree of horizontality that cyberspace has in proportion to power dynamics. 

Takeaways: continuing strive for stability

In sum, the debates were very fruitful, and there are three main insights I want to highlight. 

1. Security in cyberspace is essential but must be balanced. 
2. Both top-down and bottom-up dialogue on actions and limits among the cyber actors can bring the balance if they are based on multilateral, transparent bases. 
3. Ideas of dominance and hegemony could potentially trigger conflict escalation to the degree of war-like scenarios. 

Although these insights may not be new in the cyber interactions discussion, it is necessary to recall them. Thus, we can continue to strive for stability in the digital realm, especially when the world becomes more digital, not only through the digital economy but also the rapid and increasing pace that is inherent in the physical and digital domain.