Source: Getty
commentary

The Privatization of Security and the Market for Cyber Tools and Services

A look at the emerging and expanding gaps in the governance of private cybersecurity companies and activities and the ways forward and policy options for governments.

published by
Geneva Centre for Security Sector Governance
 on August 23, 2019

Source: Geneva Centre for Security Sector Governance

Abstract

This paper seeks to identify the emerging and expanding gaps in the governance of private cybersecurity companies and activities and to explore ways forward and policy options for governments. First, it explores the characteristics of typical cyber operations and challenges related to their conduct by private actors. Thereafter, it addresses the governance challenges around cybersecurity and three main departure points for regulation: the fact that geographic scope does not limit cybersecurity companies, that cyber operations can slide from defensive to offensive very quickly; and that cybersecurity services are often exported for the purpose of (or with the knowledge they will be) violating human rights. This section will also integrate perspectives of international law. Finally, the paper lays out suggestions for policy options in relation to international law and existing international normative frameworks. In conclusion, the paper offers a framework and way forward as food for thought in order to address cybersecurity operations in relation to PMSCs.

Read Full Text

This analysis was originally published by the Geneva Centre for Security Sector Governance.

Carnegie does not take institutional positions on public policy issues; the views represented herein are those of the author(s) and do not necessarily reflect the views of Carnegie, its staff, or its trustees.