A chance for Italian leadership on improving the stability and security in cyberspace

Hardly a day goes by without the latest destructive malware, data breach or e-mail hack making headlines around the world. Over the last few years, these developments which began as isolated incidents have now become an everyday reality. The development of cyber operations by nation states have quickly followed suit which has led NATO to recognize cyberspace as a new domain of warfare after land, air, and sea. It is no hyperbole to say that a cyber arms race is well underway.

In a time of rapid technological change, slow policy discussions, and deep geopolitical divisions, there is uncertainty as to how we can collectively harness the benefits of technology while preventing destructive cyber conflict. Difficult to trace and shrouded in anonymity, how can the world address the potential risks of cyber weapons proliferation? What kind of agreement could be reached to prevent cyber conflict with these new capabilities?

A non-proliferation regime for cyberspace

This month we launched a new study on a non-proliferation regime for cyberspace in order to answer some of these difficult questions. This report provides an analysis on the cyber weapons proliferation debate, leveraging the lessons learned from past international agreements, and offering a potential way forward to ensure that an open, stable, and secure cyberspace remains.

From our research and extensive interviews with global experts, we found that while necessary, any kind of international agreement to limit the use and proliferation of cyberweapons may be in the distant future. But progress on a shared vision must start somewhere and there is a lot that we in Europe can do in making short term, tangible steps to improve the safety and stability of cyberspace.

Learning from the past

For starters, we must learn from and not repeat the mistakes of the past. Headquartered in Rome, we at the Istituto Affari Internazionali are reminded of the importance of history on a daily basis. From the ashes of World War II, that led to the Geneva Conventions, to the nuclear arms race of the Cold War that paved the way for the Treaty on the Non-Proliferation of Nuclear Weapons – there are important lessons to draw from on processes, actors and timelines.

Any way forward must start through creative leadership. Microsoft’s leadership, for example, has been pivotal in spurring a truly multistakeholder debate around the role of the tech industry, the necessity of an attribution organization and the aspirational goal of a binding government agreement. However, industry and civil society alone cannot achieve meaningful progress towards a non-proliferation regime for cyberspace. With the retreat of the U.S. in its cyber diplomacy approach, a government-leadership gap must be filled.

All roads lead to Rome

Last year as the G7 Presidency, Italy facilitated the publication of the Lucca Declaration, which recognized the urgent need to establish international norms for responsible nation-state behavior in cyberspace. This declaration was an encouraging development but the focus on voluntary measures didn’t go far enough in codifying the rules of the road in cyberspace. The new government can build off this existing foundation and prioritize improving cyber stability, for example, through the Italian chairmanship of the Organization for Security and Cooperation in Europe (OSCE).

We recognize that any regime for cyberspace will take years to negotiate due to deep political divisions that must be overcome, but ultimately, we must start somewhere. This year, Italy has the unique opportunity to take the helm of leadership in cybersecurity across Europe.

The report was also co-authored by Christian Barbieri and Carolina Polito.

Jean Pierre Darnis
Scientific Counselor and Head of the TECH-IR Programme at Istituto Affari Internazionali, Rome

Jean-Pierre Darnis is scientific advisor at IAI. He is associate professor at the University of Nice Sophia-Antipolis and coordinates their masters degree programme in “Languages and International Affairs - France-Italy relations”. He is head of IAI's new “Tech-Rel” programme (Technology & International Relations) which explores the policy challenges of new technologies and how they are changing and impacting global society. He has also developed specific research projects at IAI on Italy-France relations. Previously head of the IAI “Security, Defence, Space” programme at IAI, he has held teaching positions at the École Militaire Supérieure, the University of Saint Etiennne, LUISS University in Rome, Sciences Po and the Nato Defence College. He was the recipient of a fellowship from ISPI in Milan and won a post doctoral Lavoisier fellowship from the French Ministry of Foreign Affairs. He earned his degree from the University of Toulouse and spent a period abroad at Milan’s Università Cattolica. In 1997 he completed a PhD in Humanities at the University of Paris X Nanterre and in 2012 earned the “habilitation à diriger des recherches” (HDR) at the University of Grenoble-Stendhal. He is a contributor to the Italian newspaper Il Foglio, member of the editorial committee of the journal Cahiers de la Méditerranée and member of the Centre de la Méditerranée Moderne et Contemporaine (CMMC) research unit. Twitter: @jpdarnis