GFCE Cybersecurity Knowledge Modules

KM3 - Cyber diplomacy and international cooperation
Module objectives
1. Risks for international peace and cyber-stability
3 Topics
1.1 Cyber-attacks and geopolitics
1.2 Cyber as part of hybrid warfare
1.3 Cyber-armament
2. Towards an international agreement
4 Topics
2.1. Framework for responsible state behaviour in cyberspace
2.2. Applicability of international law
2.3. Norms, confidence building measures, and capacity building
2.4 Broader context
3. International cooperation
4 Topics
3.1. The United Nations
3.2. Other multilateral forums
3.3. Regional efforts
3.4. Multistakeholder efforts
4. Cyber diplomacy
5. Main takeaways
6. Assignment
1 Quiz
KM3 Quiz
KM4 - Cyber Incident Management
Module objectives
1. Introduction
2. Types of Cyber Incident Response Teams
5 Topics
2.1. National Computer Security Incident Response Team
2.2. Product Security Incident Response Team
2.3. Sector CSIRTs
2.4. Security Operation Centre
2.5. Commercial CSIRT
3. What needs to be considered when establishing a National CSIRT?
2 Topics
3.1. CIRT framework
3.2. How to set up CSIRT and SOC
4. How to assess cyber incident readiness
3 Topics
4.1. Security Incident Management Maturity Model (SIM3)
4.2. Security Operation Centre Capability and Maturity Model (SOC-CMM)
4.3. CSIRT Maturity – Self-assessment Tool
5. Which services do the CSIRTs offer?
2 Topics
5.1. FIRST CSIRT services framework
5.2. ITU-T Recommendation X.1060 service categories
6. Who does the CSIRT serve?
7. Which Tools does a CSIRT need?
8. Policies, frameworks, and guidelines
9. Resourcing and funding a CSIRT
1 Topic
9.1. What does a CSIRT Budget look like?
10. CSIRT capabilities
3 Topics
10.1. Training and certification
10.2. Auditing
10.3. Cyber drills
13. Main takeaways
14. Assignment
1 Quiz
KM4 Quiz
2 of 5
Previous Topic
Next Topic

2.3. Norms, confidence building measures, and capacity building

GFCE Cybersecurity Knowledge Modules 2. Towards an international agreement 2.3. Norms, confidence building measures, and capacity building

2.3.2. Confidence building measures

🎯What are the confidence building measures (CBMs)?

🎯What is the significance of regional CBMs?

CBMs aim to prevent hostility, reduce tension, avert conflict escalation, and build mutual trust between states. The UN Framework outlines a number of voluntary CBMs to increase cooperation and predictability, and reduce misunderstanding. CBMs call for, among other:

  • Exchange of information on national strategies and policies, decision-making processes, and relevant national organizations, and national terminology; on national and transnational threats, identified cyber-incidents, product vulnerabilities and hidden functions, best practices in dealing with cyber-incidents, and national classifications of incidents; 
  • Appointment of national points of contact on policy and technical levels, as well as creation of related directory of contacts;
  • Establishment of national CERT/CSIRTs, including for critical infrastructure, and cooperation among national CERT/CSIRTs;
  • Protection of infrastructure that states consider critical, including industrial systems, through exchange of information and a repository of laws and policies related to critical infrastructure (CI), and developing technical, diplomatic and legal mechanisms to protect CI, and public-private partnership and multistakeholder cooperation for that;
  • Cooperating in investigating cyber-crime and terrorism, through cooperation of law enforcement authorities, and appointing focal points for the exchange of information on incidents and assistance in investigations; 
  • Developing mechanisms and processes for bilateral, regional, subregional and multilateral consultation to avoid misperception and escalation;
  • Developing workshops, seminars and exercises to prevent and manage cyber-incidents.

Since regional organisations like the OSCE, ASEAN and the OAS have developed their own CBMs and principles, some of which fed into the UN Framework, it encourages further sharing of information about CBMs developed in regional and multilateral forums. We will discuss the work of regional organisations later in this module.

Resources

The GFCE paper Overview Of Existing Confidence Building Measures As Applied To Cyberspace provides an overview of the CBMs developed by the UN and the regional organisations by 2020.

Reflection point

One of the main elements of building confidence is enhanced information sharing among states and other actors, and establishing trust relations. In this regard, what are the good examples across Africa which follow the UN CBMs?

What are other CBMs that could be of particular relevance for African cooperation?

Leave your comment below.

(page 2/3)

Previous Topic
Back to Lesson
Next Topic
Pages: 1 2 3

New post

Your email address will not be published. Required fields are marked *

Post a comment
Skip to content