Cybersecurity

Course details
Today’s headlines often feature the word ‘cyber’, reporting on threats related to
the virtual world: online child abuse, stolen credit cards and virtual identities,
malware and viruses, botnets and denial-of-service attacks on corporate or
government servers, cyber-espionage, and cyber-attacks on critical
infrastructure including nuclear facilities and power supply networks.
What are the real cybersecurity challenges? What is the role of diplomacy,
international legal instruments, and regional and national policies in
addressing these threats, and how efficient are they? How does international
cooperation in cybersecurity work, and what are the roles of the various
stakeholders?
The 10-week advanced thematic course in Cybersecurity covers policy
challenges, actors, and initiatives related to cybersecurity, and specifically to
cybercrime, security of the core infrastructure, cyberwarfare and
cyberterrorism, and Internet safety.
By the end of the course, participants should be able to:
 Identify the defining features of cybersecurity, and the factors which
shape the international issues.
 Identify principal threats to cybersecurity; describe and analyse the key
cybersecurity issues for users, and states.
 Understand and analyse the Internet security issues for e-commerce
including online banking and identity.
 Explain the issues involved in cybercrime, its impact and investigation.
 Understand the threats to the core Internet infrastructure.
 Explain the concepts of cyberwarfare and cyberterrorism, and their role
in international Internet policy.
 Understand and assess the challenges involved in social aspects of
cybersecurity.
 Explain and analyse the international frameworks for cybersecurity
policies and strategies.

Excerpt from course materials

‘...One side-effect of the rapid integration of the Internet in almost all aspects
of human activity is the increased vulnerability of modern society. The Internet
is part of the global critical infrastructure. Other core services of modern
society, such as electric grids, transport systems, and health services are

1
increasingly dependent on the Internet. As attacks on these systems may
cause severe disruption and have huge financial consequences, they are
frequent targets.’ (Lexture text 4.3)

Course outline
1. Introduction to security discusses the historical development of
cybersecurity, and global and geo-strategic challenges. The module
distinguishes between the common, narrow, understanding of
cybersecurity related to cyber-threats, and broader views which include
information security and ‘friendly’ cyber conquest through technological
standardisation dominance. It also looks at the mapping of targets, and
motives behind cyberattacks, such as hactivism, crime, espionage,
terrorism, and warfare.
2. Cybersecurity threats focuses on vulnerabilities of the Internet. The
module reviews key vulnerabilities of cyberspace and common cyber-
security threats to individuals and institutions, such as malware
(including spyware, Trojans, viruses), botnets, 'Distributed Denial of
Service' (DDoS), phishing, e-scams, and identity theft.
3. Cybercrime defines and classifies cybercrime, and analyses its economic
and social impact. The module then focuses on combatting cybercrime:
existing legal frameworks at the global and regional levels, international
cooperation frameworks and various law enforcement approaches,
computer investigation, and e-forensics.
4. Internet safety defines Internet safety, and reviews the challenges of the
Web 2.0 era where users are contributors and the Internet is ubiquitous.
It then looks at child safety, including cyber-bullying, abuse, and sexual
exploitation, and discusses ways to address these challenges through
policy, education, and technology.
5. Critical infrastructure and resources explains how the critical
components of the Internet work, and discusses the political dimension
of global security - the (unilateral) control over the Domain Name System
(DNS) - and technical vulnerabilities of the DNS. It then looks at the
security and protection of the critical infrastructure: the Internet
infrastructure and also water supply facilities, transport, industrial
facilities, and power plants. It concludes with expected challenges of
future networks: Internet of Things/Next Generation Networks and
‘smart networks’.
6. Cyber-conflict and cyberterrorism discusses cyberterrorism, recent
threats, and possible counteracts. It then looks at cyber-conflicts,
including the main risks for triggering warfare by cyber-means, and
reviews attempts to codify international humanitarian law with regards

2
 to cyberspace and draft confidence-building measures and norms
related to state behaviour in cyberspace.
7. Cyber-security policies and mechanisms analyses national
cybersecurity mechanisms, starting with examples of national
cybersecurity strategies, followed by a close look at the importance, role,
and structure of national Computer Emergency Response Teams
(CERTs) / Computer Security Incident Response Teams (CSIRTs). The
module then looks at existing international cybersecurity initiatives and
frameworks for cooperation, including those by the private sector and
technical community, and discusses the importance and risks of public-
private partnerships.
8. Broader context of cybersecurity correlates cybersecurity and other
social and political issues related to digital policies and Internet
governance. The module looks at the connection between privacy and
security, with particular reflection on social media challenges, issues of
openness and online freedoms, and objectionable and harmful content.
It then briefly covers ethics and gender issues, and concludes with
discussing economic aspects and building trust in e-commerce.

Methodology
This course is conducted online over a period of ten weeks, including one week
of classroom orientation, eight weeks of dynamic class content and activities,
and one week for the final assignment. Reading materials and tools for online
interaction are provided through an online classroom. Each week, participants
read the provided lecture texts, adding comments, references, and questions
in the form of hypertext entries. The tutor and other participants read and
respond to these entries, creating interaction based on the lecture text. During
the week, participants complete additional online activities (e.g. further
discussion via blogs or forums or quizzes). At the end of the week, participants
and tutors meet online in a chat room to discuss the week’s topic.
Courses are based on a collaborative approach to learning, involving a high
level of interaction.
Participants are invited to join Diplo’s global Internet governance online
community of over 1,400 members, and to attend monthly webinars and other
IG-related events and activities.
The course materials, the e-learning platform, and the working language of the
course is English. Applicants should consider whether their reading and writing
skills in English are sufficient to follow postgraduate level materials and
discussion.

3
Course lecturers
Dr Stephanie Borg Psaila
Interim Director, DiploFoundation
Dr Stephanie Borg Psaila is the Interim Director of DiploFoundation and the
Geneva Internet Platform, and the Editor of the GIP Digital Watch observatory.
She holds a Doctorate in Law (LL.D.), a Master's in Contemporary Diplomacy,
and two law-related diplomas from the University of Malta, and her areas of
interest include legal issues in Internet governance, human rights, and e-
diplomacy. She holds a warrant to practice as a Notary Public in Malta, and is a
former journalist with The Sunday Times of Malta.

Mr Aapo Cederberg
Associate Fellow, Geneva Centre for Security Policy
Mr Aapo Cederberg is currently Associate Fellow at the Geneva Centre for
Security Policy (GCSP). He was Senior Programme Adviser in the Emerging
Security Challenges Programme at GCSP from 2013 to 2015, focussing on
cybersecurity matters, especially training courses and security dialogue.
Mr Cederberg has served as a Secretary General for the Security Committee of
Finland for six years. The Security Committee provides support, advice and
expertise for the government in comprehensive security matters and serves as
a collaborative platform for the on-going national efforts related to national
crisis preparedness. The security committee also works on various initiatives
and issues statements and guidelines, such as Security Strategy for the Society
and Cyber Security Strategy, to facilitate work towards the common goals.
These strategies are government resolutions and were created for the first time
during Mr Cederberg´s time as well as the mechanisms to implement them in
the whole society. The committee also organises crisis exercises for the
government and other stakeholders in society.
Mr Cederberg’s earlier assignments include working as the Head of Strategic
Planning and Foresight at the Ministry of Defence (2005 – 2007). During his
time a first public long-term strategy for the MoD was created (Securely into
the Future - Ministry of Defence Strategy 2025). Before this he has had a long
career in the service of Finnish Armed Forces, where his latest assignments
include holding the position of Commander at the Häme GBAD Battalion (2003
– 05) and serving as a Senior Military Adviser at the Permanent Mission of
Finland to the OSCE (1999- 2003).

4
Dr Stefanie Frey
Managing Director at Deutor Cyber Security Solutions Switzerland GmbH
Dr Stefanie Frey, Managing Director at Deutor Cyber Security Solutions
Switzerland GmbH, is specialised in developing strategies and solutions against
criminal acts in the digital space for states, international organisations, and
companies in close cooperation with law enforcement and other relevant
bodies. She worked several years for the Swiss government as coordinator for
the implementation of the National Cyber Strategy of Switzerland. She made
contributions to ENISA's Cyber Security Working Group and the OECD Working
Party on Security and Privacy in the Digital Economy (SPDE), and has
influenced the outcome of the Digital Security Risk Recommendation. She is
actively engaged in shaping the regional and global cybersecurity agenda with
international and regional organisations. Dr. Frey holds a PhD from the
Department of War Studies from King`s College London and a MBA from the
International School of Management (ISM) in Dortmund and has several
publication on cyber security, the Cold War and World War II.

Mr Tracy Hackshaw
ICT and Digital Economy Strategist; Director, Trinidad and Tobago
Multistakeholder Advisory Group
Mr Tracy Hackshaw is an ICT and Digital Economy Strategist possessing close
to twenty-five (25) years' experience spanning work in the public and private
sectors both locally and internationally, including representing Trinidad &
Tobago in various international forums. Included in his portfolio are
engagements on the Executive Management Committee of the
Commonwealth Cybercrime Initiative, a two-year term as Vice Chair of ICANN’s
Governmental Advisory Committee, Small Island Developing States annual
workshop coordination at the United Nations Internet Governance Forum,
Academic Teaching and Research work at the DiploFoundation/University of
Malta and at The University of the West Indies, as well as professional
leadership roles in the Ministries of Science & Technology, Public
Administration and Planning & Development, iGovTT, ttconnect, and Star.tt
among several other entities and organisations.
He is a Director of the Trinidad & Tobago Multistakeholder Advisory Group,
which convened the inaugural Trinidad & Tobago Internet Governance
Forum in January 2017. Tracy is the founding Vice Chair of the Internet Society
Trinidad & Tobago Chapter and was elected its Chair in 2017.

5
Ms Virginia Paque
Internet Governance and E-diplomacy Programmes
Born (and currently residing) in the United States, Ms Virginia (Ginger) Paque
lived in Venezuela for more than 35 years. An educator and administrator by
profession, she has 25 years’ experience in business and manufacturing
systems consulting. As a board member of the United Nations Association of
Venezuela, her work as the Venezuelan member of the World Federation of
United Nations Associations Task Force on WSIS marked her entry to the world
of Internet governance (IG) during the Geneva PrepComs. Active in Civil Society
discussions on IG, Ginger served as IG Caucus co-coordinator for two years. She
was a member of the UN Internet Governance Forum (IGF) Multistakeholder
Advisory Group (MAG) from 2015 to 2017. Having completed a Master in
Contemporary Diplomacy with a thesis focusing on the importance of IG as a
new diplomatic priority, Ginger currently lectures on IG for Diplo and curates
human rights topics for the GIP Digital Watch observatory.

Mr Vladimir Radunović
Cybersecurity and E-diplomacy Programmes Director
Serbian-born Mr Vladimir (Vlada) Radunović is a lecturer in cybersecurity policy,
Internet governance, and e-diplomacy on postgraduate and professional
courses. He also serves as a member of the Advisory Board of the Global Forum
on Cyber Expertise (GFCE) and as an expert with the Geneva Internet Platform.
He served as a member of the Multistakeholder Advisory Group of the UN
Internet Governance Forum (IGF) from 2012 to 2014. Vlada has been a lecturer,
speaker, and resource person on a number of educational and training
programmes and events worldwide, including within the WSIS and IGF
processes. His professional and research focus is on Internet governance,
broadband policy and net neutrality, cybersecurity and cyber-diplomacy, e-
diplomacy, and capacity development. He holds an MSc in Electrical
Engineering from the University of Belgrade and a Master’s in Contemporary
Diplomacy from the University of Malta. He is currently working on his PhD in
cybersecurity. Vlada is currently member of the Board of Directors of Diplo US.

Dr Tatiana Tropina
Senior Researcher, Max Planck Institute for Foreign and International
Criminal Law
Dr Tatiana Tropina is a senior researcher at the Max Planck Institute for Foreign
and International Criminal Law. She has been conducting cybercrime research
for 15 years, starting in Russia in 2002, where she became the first Russian
researcher to defend a PhD thesis on cybercrime (2005). From 2003 to 2008,

6
she worked full-time as a lawyer and then as head of the legal departments of
a number of telecommunication companies. In 2008, she won the British
Chevening Scholarship to study telecommunications management at the
Business School of Strathclyde University, Glasgow. In 2009, she was awarded
a German Chancellor Fellowship (Alexander von Humboldt Foundation) and
moved to Germany to pursue her research on legal frameworks for cybercrime.
Since 2009, Tatiana Tropina has been involved in both legal research and
various applied cybercrime projects at the international level. This activity
includes such projects as carrying out a cybercrime study for the Global
Symposium of Regulators (ITU, 2010), and serving as a consultant to the UNODC
Comprehensive Cybercrime Study (2012-2013) and to the World Bank's World
Development Report 2016 (2015).