GFCE Cybersecurity Knowledge Modules

KM3 - Cyber diplomacy and international cooperation
Module objectives
1. Risks for international peace and cyber-stability
3 Topics
1.1 Cyber-attacks and geopolitics
1.2 Cyber as part of hybrid warfare
1.3 Cyber-armament
2. Towards an international agreement
4 Topics
2.1. Framework for responsible state behaviour in cyberspace
2.2. Applicability of international law
2.3. Norms, confidence building measures, and capacity building
2.4 Broader context
3. International cooperation
4 Topics
3.1. The United Nations
3.2. Other multilateral forums
3.3. Regional efforts
3.4. Multistakeholder efforts
4. Cyber diplomacy
5. Main takeaways
6. Assignment
1 Quiz
KM3 Quiz
KM4 - Cyber Incident Management
Module objectives
1. Introduction
2. Types of Cyber Incident Response Teams
5 Topics
2.1. National Computer Security Incident Response Team
2.2. Product Security Incident Response Team
2.3. Sector CSIRTs
2.4. Security Operation Centre
2.5. Commercial CSIRT
3. What needs to be considered when establishing a National CSIRT?
2 Topics
3.1. CIRT framework
3.2. How to set up CSIRT and SOC
4. How to assess cyber incident readiness
3 Topics
4.1. Security Incident Management Maturity Model (SIM3)
4.2. Security Operation Centre Capability and Maturity Model (SOC-CMM)
4.3. CSIRT Maturity – Self-assessment Tool
5. Which services do the CSIRTs offer?
2 Topics
5.1. FIRST CSIRT services framework
5.2. ITU-T Recommendation X.1060 service categories
6. Who does the CSIRT serve?
7. Which Tools does a CSIRT need?
8. Policies, frameworks, and guidelines
9. Resourcing and funding a CSIRT
1 Topic
9.1. What does a CSIRT Budget look like?
10. CSIRT capabilities
3 Topics
10.1. Training and certification
10.2. Auditing
10.3. Cyber drills
13. Main takeaways
14. Assignment
1 Quiz
KM4 Quiz
2 of 5
Previous Topic
Next Topic

2.2. Applicability of international law

GFCE Cybersecurity Knowledge Modules 2. Towards an international agreement 2.2. Applicability of international law

🎯(How) Does international law apply to cyberspace?

According to the Framework, states agree that existing international law and the UN Charter apply to cyberspace. Established international law regulates the conduct of armed conflict and seeks to limit its effects. 

It is, however, less clear how it applies in practice and in particular circumstances. The UN Charter, as the foundation of the body of international law that provides grounds to justify entry into a conflict, grants (Article 51) the right of individual or collective self-defence if an armed attack occurs against a member state. Yet, what exactly is an armed attack and use of force in cyberspace – and what is its threshold? Is it limited to attacks that cause physical damage and injury, or would other effects (e.g. financial, environmental, economic, or political) of a cyberattack fall under it as well? When (and if) does a cyberattack violate another state’s sovereignty? Should the attacked state be allowed to respond by any and all means, including all out military options with traditional warfare methods?

It is equally hard to understand how the international humanitarian law (IHL) governing the use of force in armed conflicts, such as protecting civilian populations and infrastructure, will apply. For years, states failed to reach an agreement about whether the IHL applies at all or whether its application would actually militarise cyberspace. It was only in 2021 that the GGE confirmed that the IHL applies only in situations of armed conflict, thus, not in peacetime. The GGE also says that applying the core IHL principles to the use of ICTs needs further study.

One of the main challenges is how to hold states accountable for their operations, from reliably attributing the attack, to responding without risking the escalation of political tensions. Invoking international law provisions, and using elements of the Framework, is of relevance when raising the responsibility of certain states for a cyberattack, and holding states accountable for their cyber operations. The 2021 GGE report, in particular, provides space for progress since it prescribes elements for the attribution of cyberattacks, i.e. ‘the incident’s technical attributes; its scope, scale, and impact; the wider context, including the incident’s bearing on international peace and security; and the results of consultations between the States concerned’ (UN GGE, 2021, Par. 24). The most authoritative and comprehensive research that discusses the applicability of international law to cyberspace and the related challenges is the Tallinn Manual on the International Law Applicable to Cyber Warfare, developed in 2013 by an independent international group of experts who were invited by the NATO CCDCOE. It was updated in 2017 – dubbed the Tallinn Manual 2.0.

Contribute and engage

The CCDCOE invites experts to contribute to the development of the Tallinn Manual 3.0. Your country experts may seek options to engage and contribute.

The UN GA resolutions of 2021 related to the reports of the GGE and the OEWG invite states to share their own positions on how international law applies to cyberspace. Indeed, an increasing number of states are developing and publishing their national positions. A good overview of open issues and general positions of states on the applicability of international law is available at the Digital Watch Observatory.

Resources

The Cyber Law Toolkit is a dynamic interactive web-based resource for legal professionals who work with matters at the intersection of international law and cyber operations. The Toolkit may be explored and utilised in a number of different ways. At its core, it presently consists of 25 hypothetical scenarios. Each scenario contains a description of cyber incidents inspired by real-world examples, accompanied by detailed legal analysis. The aim of the analysis is to examine the applicability of international law to the scenarios and the issues they raise.

Reflection point

Is there awareness about the existing framework and the related processes in your Ministry of Foreign Affairs, and in your government more generally? Are there already discussions about a national position related to the applicability of international law to cyberspace, as invited by the UN GA? 

Previous Topic
Back to Lesson
Next Topic

New post

Your email address will not be published. Required fields are marked *

Post a comment
Skip to content