Cyberspace has changed drastically, and so have cyber policies. These policies often change when a state gets hit by a cyberattack. However, there is an existing debate on what causes cyber...Show moreCyberspace has changed drastically, and so have cyber policies. These policies often change when a state gets hit by a cyberattack. However, there is an existing debate on what causes cyber policies to change. This paper uses the research question “To what extent did the 2007 cyber-attack in Estonia cause a shift in Estonia’s cyber policies” to study how cyber policies get influenced by cyber-attacks. This paper argues that both the cyber-attack and the geopolitical situation of a country influence the amount of change in cyber policies. In the case of Estonia, this means that Estonia reacted more heavily to the cyber-attack because Russia, a rivalling country, perpetrated it.Show less
States are increasingly using cyberspace for malicious cyberattacks against other state adversaries. With a lack of binding rules and contestation regarding the use of international law, some...Show moreStates are increasingly using cyberspace for malicious cyberattacks against other state adversaries. With a lack of binding rules and contestation regarding the use of international law, some states strive to create the rules of the road. This research goes deeper into the response measures of states towards states and specifically focuses on public attribution. The aim is to see to which extent public attribution of the United States is an instrument for creating an international rules-based order in cyberspace. To test the hypothesis, public attribution statements and cyber-related policy publications are analyzed with a document analysis. The analysis shows that the United States uses public attribution as an extension of wanting to create norms regarding responsible state behavior. By calling out malicious states, they hope to demarcate the red lines of what responsible behavior entails and, in that way, hope to create standards. Furthermore, there is an increase in cooperated public attribution statements by coalitions of states. This could also be connected to creating a rules-based order, as like-minded states cooperate or second each other's statements to create a certain framework of what is allowed and not allowed in cyberspace. Summarizing, public attribution by the United States is done to create international norms in cyberspace.Show less
This thesis aims at exploring the relationship between the EU’s formulated ambition to be more active at the international level and the EU’s external cybersecurity strategy. In order to do that,...Show moreThis thesis aims at exploring the relationship between the EU’s formulated ambition to be more active at the international level and the EU’s external cybersecurity strategy. In order to do that, the thesis will answer the following research question: “How coherent is the European Union’s external cybersecurity strategy with the EU’s willingness to become more active at the international level ?” More precisely, the thesis will assess whether the EU’s external cybersecurity strategy corresponds to the key principles and helps fulfill the objectives set out by the 2016's European Union Global Strategy (EUGS) for the EU to become more active externally. The thesis is based on content analysis of the documents on cybersecurity published by the EU from 2013, the year of the first EU cybersecurity strategy's publication, to december 2020, when the second EU cybersecurity strategy was released.Show less
