Rethinking cyber policy in Europe Image by Gordon Johnson from Pixabay

Rethinking cyber policy in Europe

The second edition of the Big Cyber Ideas Festival (BCIF) is an online event taking place September 21-23, 2021, with the purpose of exploring key questions for cybersecurity and digital policy in Europe.

During the global pandemic, societies have moved online in an unprecedented way. Cyber threats and risks are exacerbated by this deepening digitalization. From the new vulnerabilities of working-from-home, to increasingly frequent attempts by cyber criminals to ransom critical infrastructure companies, cybersecurity issues are among some of the most high-profile policy challenges of our times.

Cybersecurity issues are not merely policy challenges though: they speak to fundamental concepts that structure our world, such as privacy, sovereignty, peace, and conflict. We need dedicated cyber professionals, responsible and empowered citizens, as well as diligent and creative policymakers. But we also need big cyber ideas to underpin these efforts: that rare combination of vision and precision, with an appreciation for both the long view and the devilish details that often derail grand plans.

This event will have the atmosphere of a festival, where both speakers and audiences feel the freedom to improvise and step outside their comfort zones.

The second annual edition of the Big Cyber Ideas Festival (BCIF) will take place September 21-23, 2021. It’s organized by the European Cyber Conflict Research Initiative, a non-profit charitable organization that promotes the interdisciplinary study of cyber conflict and statecraft in Europe and beyond. ECCRI exists to make rigorous, objective research on cyber conflict and statecraft accessible to policy-makers and the general public, and the BCIF is its flagship yearly event.

The BCIF brings together academic, government, and private sector experts on its panels to catalyze wide-reaching conversations on key policy developments. The intended audience is a mix of practitioners, researchers, and the interested public - so although we discuss substantive issues, we do so in an accessible and engaging way.

It will tackle key questions, such as: why are cyber operations attributed to states by commercial companies, states, and international organizations such as the EU? How are these attributions reported and discussed in national and international media? And how do other states – including those at whom such accusations are directed – view European actions?

It is a critical time to support the next generation of thinkers and practitioners in cyber policy

The Big Cyber Ideas Festival has three panels on consecutive days, each at 4pm CEST.

The first panel focuses on public attribution of cyber operations by the private sector. The private sector is by far the largest contributor to public knowledge on cyber operations, and the nature and quality of public reporting has also undergone significant change in the last decade. This panel addresses the main critiques on private sector reporting, such as marketing interests or skewed visibility. It then moves the debate forward to address other issues that have received less attention, such as the relationship between claims by companies and states on the same incident or actor, and the balancing of different customer equities in reporting. The panel offers a space for a conversation regarding the (sometimes elaborate) considerations by the private sector when going public and for reflection on how such considerations have changed over time.

The second panel explores investigative journalism on cyber operations. Investigative journalism has been crucial in informing the public and policymakers about key activities in the field of cyber conflict and competition. Yet, we rarely talk about the challenges associated with researching and reporting on cyber activities for journalists. This session asks renowned journalists about their experiences of collecting and verifying data as well as the ethics of reporting on cyber operations and decision-making. The panel also addresses whether there is sufficient independence, fairness and professionalism among news agencies reporting on cyber operations. Finally, this session offers a few words of advice for junior journalists in the field.

We rarely talk about the challenges associated with researching and reporting on cyber activities for journalists.

The third panel brings in global perspectives on European cyber policy. A distinctly European approach to cyber policy is emerging, defined largely against relative deregulation in the US and a tightrope walk between security and economic concerns for what many in the EU see as their chief cyber threats, Russia and China. But how is European cyber policy viewed by those outside Europe?

This session asks expert panelists from influential countries outside the EU, other than the “Five Eyes” alliance, to give their perspective on European cyber policy: its strengths, weaknesses, and future direction, as well as its internal tensions and contradictions. Panelists will also address the relationship of European cyber policy to other foreign policy issues, including whether a “Brussels” effect exists for cyber regulation, the role of sanctions in responding to cyber threats, and whether the concept of a European “neighbourhood” is apt for supply chain and critical infrastructure concerns that stretch around the world.

The BCIF promises to be exciting, fun, and informative – register here!