1. Introduction: Digital interdependence and geostrategic challenges

Cyberspace is an essential component of modern society. Governmental services, the financial sector, and critical societal infrastructure including schools and hospitals are increasingly and irreversibly dependent on interconnectivity and the global network. Individuals also depend on the internet: the number of internet users worldwide exceeded 5.1 billion in June 2021, i.e., more than 65% of the total population. The COVID-19 pandemic has further accelerated the transition to online life – most likely irreversibly – making our connected devices and online services our ever-closer companions.

This once science-fiction scenario brings numerous benefits to all–from simple convenience to ubiquitous access to information and knowledge and from the automatisation of processes to highly efficient systems. These benefits are accompanied by security risks that are becoming equally sophisticated and far-reaching –  from a possible failure of, or attacks on the internet infrastructure (and the subsequent inaccessibility of services), to breaches of personal data and misuse and manipulation of information, and hackable self-driving cars or autonomous lethal weapons. 

Such risks need to be approached comprehensively and systematically. As we will see later in the course, many countries have adopted national cybersecurity strategies and related legislation (sometimes taking into account both security and freedoms). A growing number of countries have set up national mechanisms for response to cyber incidents, involving the government as well as the corporate, academic, and civil society sectors. Some have declared ‘cyber’ to constitute the fifth military domain (after land, sea, air, and space), and have set up defensive and offensive cyber commands within their military forces. 

Cybersecurity has come to the forefront of the international diplomatic and political agenda in United Nations (UN) committees, the North Atlantic Treaty Organization (NATO), the International Telecommunication Union (ITU), the World Trade Organisation (WTO), the Council of Europe (CoE), the Organisation for Economic Co-operation and Development (OECD), the Organization for Security and Co-operation in Europe (OSCE), the ASEAN Regional Forum (ARF), the Organisation of American States (OAS), the Commonwealth, the Group of Seven (G7), and the Group of Twenty (G20), to name just a few of the most important forums. In the meantime, the attention to the possibility of cyberconflict swings from being ignored to generating excessive hype due to wide ignorance and the often narrow security focus of current policy discussions. Debates about how to protect the increasingly (inter)connected critical infrastructure and industry from cyberattacks continue. Cybercrime, which is often part of our real-life experience, is dealt with in a number of international processes. The judicial and law enforcement authorities of many countries cooperate across borders on an operational level to combat cybercrime (within the limits of current bilateral and multilateral instruments).

The risks are increasingly sophisticated, and the groups interested in exploiting the vulnerabilities of cyberspace have extended from underground communities of ‘black hat’ hackers to global and well-organised criminal groups, government security services, and national defence forces. To make things more complicated, most of the targets – internet infrastructure and services – are privately owned, with operators scattered around different global jurisdictions.

The following section will provide a more detailed overview of the concept of cybersecurity and address the main risks and challenges, particularly in the context of Africa.