{
"authors": [
"Tim Maurer",
"Wyatt Hoffman"
],
"type": "other",
"centerAffiliationAll": "dc",
"centers": [
"Carnegie Endowment for International Peace"
],
"collections": [
"Cyber and Digital Policy"
],
"englishNewsletterAll": "",
"nonEnglishNewsletterAll": "",
"primaryCenter": "Carnegie Endowment for International Peace",
"programAffiliation": "TIA",
"programs": [
"Technology and International Affairs"
],
"projects": [],
"regions": [
"Iran"
],
"topics": [
"Security",
"Technology"
]
}
Source: Getty
A look at the emerging and expanding gaps in the governance of private cybersecurity companies and activities and the ways forward and policy options for governments.
Source: Geneva Centre for Security Sector Governance
This paper seeks to identify the emerging and expanding gaps in the governance of private cybersecurity companies and activities and to explore ways forward and policy options for governments. First, it explores the characteristics of typical cyber operations and challenges related to their conduct by private actors. Thereafter, it addresses the governance challenges around cybersecurity and three main departure points for regulation: the fact that geographic scope does not limit cybersecurity companies, that cyber operations can slide from defensive to offensive very quickly; and that cybersecurity services are often exported for the purpose of (or with the knowledge they will be) violating human rights. This section will also integrate perspectives of international law. Finally, the paper lays out suggestions for policy options in relation to international law and existing international normative frameworks. In conclusion, the paper offers a framework and way forward as food for thought in order to address cybersecurity operations in relation to PMSCs.
This analysis was originally published by the Geneva Centre for Security Sector Governance.
Tim Maurer
Former Senior Fellow, Technology and International Affairs Program
Dr. Tim Maurer was a senior fellow in Carnegie’s Technology and International Affairs program.
Wyatt Hoffman
Former Senior Research Analyst, Cyber Policy Initiative
Wyatt Hoffman was a senior research analyst with the Nuclear Policy Program and the Cyber Policy Initiative at the Carnegie Endowment for International Peace.
Carnegie India does not take institutional positions on public policy issues; the views represented herein are those of the author(s) and do not necessarily reflect the views of Carnegie, its staff, or its trustees.
On January 12, 2026, India's "workhorse," the Polar Satellite Launch Vehicle, experienced a consecutive mission failure for the first time in its history. This commentary explores the implications of this incident on India’s space sector and how India can effectively address issues stemming from the incident.
Tejas Bharadwaj
Connecting real-world AI use cases across sectors such as health, education, agriculture, and livelihoods can help policymakers, innovators, and institutions align around a shared goal. This article looks at a framework ensuring that AI works for everyone.
Shalini Kapoor, Tanvi Lall
This piece examines India’s response to U.S. sanctions and tariffs, specifically assessing the immediate market consequences, such as alterations in import costs, and the broader strategic implications for India’s energy security and foreign policy orientation.
Vrinda Sahai
Pacific Island Countries are at a pivotal moment in their digital journeys. Across the region, there is growing recognition of digital transformation as a key driver of economic growth, resilience, and global connectivity.
Shruti Mittal, Adarsh Ranjan
This article looks at the progress of the Semiconductor Laboratory fab modernization plan based on publicly available documents, and potential learnings for future upgrades to government-owned fabs and India’s larger semiconductor ecosystem, especially regarding the use of refurbished equipment.
Shruti Mittal, Konark Bhandari