Stepping out of the comfort zone: Scenario Analysis in IR

Today’s international order is changing into a multi-order one and is characterized by a high degree of complexity and uncertainty. In a new article, Monika Sus and Marcel Hadeed argue that scenario analysis can be used as a complementary method to traditional IR methods.

To grapple with the “epochal shift” and “to develop strategies to deal with uncertainty, to be prepared for the unexpected”, an increasing number of actors in the realm of IR conduct foresight exercises. NATO’s Strategic Foresight Analysis, for example, forms a fundamental pillar for its defense planning process; the new European Commission features a portfolio for Inter-Institutional Relations and Foresight. Yet, the methodology has so far gained little traction among the academic community. Scenario analysis can nonetheless be used as a complementary method to traditional IR methods. It allows scholars to simultaneously remain rigorous and to provide policy-relevant input.

For IR scholars, complexity and uncertainty constitute formidable challenges. Traditional IR methods examine present- and past patterns and cannot account for sudden changes or grasp potential future developments. They rarely question the assumptions underlying a particular line of reasoning and engage in interdisciplinary discourse only after the research phase. We suggest scenario analysis, as a systematic analytical process to create visions of alternative futures, can be a valuable additional tool in IR scholars’ toolkit to detect early signs of change and identify possible shifts in trajectories. 

In our article we introduce the Multiple Scenario Generation (MSG) as a robust foresight method.  It is multi-step process, centered around a structured exchange between experts, that produces a set of scenarios elucidating a plausible interplay of trends deemed likely to shape the future. The process can be summarized in three phases.

  1. In the preparatory phase, a common understanding of the world around us is established. A research question is defined, key assumptions tested (including against empirical data) the most important drivers of change identified and defined.
  2. In the developmental phase, these drivers are combined into sets and checked for internal consistency. Those combinations considered plausible are chosen as the kernels of the scenarios. Narratives are constructed around them, detailing the path from now to the timeframe in question. Once a scenario is completed, it is fed into a review process, where it is validated – commonly based on the criteria of plausibility, coherence, and innovation. Scenarios can also produce early indicators, allowing academics and practitioners to monitor the extent to which a scenario manifests itself and what indications of such a possible manifestation might occur.
  3. In the use phase, the scenarios serve as bases for innovative and relevant policy recommendations. They can also help draw attention to neglected, but potentially impactful trends. By elucidating blind spots in our thinking, scenario can increase policy-makers capacity for anticipatory governance.

But a crucial question for its admissibility into academic’s toolbox remains: Are scenario approaches academic enough? We argue that, if executed systematically, scenario analysis can satisfy the criteria of a social science methodology. In our paper, we tested scenario analysis against eleven criteria established by John Gerring. We found that it satisfies most of them as it can be considered a cumulative, evidence-based (empirical), generalizing, rigorous, skeptical, systematic, transparent and grounded in rational argument. 

Of course, since foresight deals with the future, its results are inherently not falsifiable. Moreover, its results are neither nonsubjective, nor replicable. As interactive group exercise, they are reliant on participants’ perspectives, interpretation of data, as well as the interaction between them. This disqualifies the method for ardent positivists. However, falsifiability is not always a prerequisite for acceptance of the IR community. Some of the discipline’s most fundamental theories, such as Weberianism, Marxism, or rational-choice theory are hard to falsify. Moreover, while we readily concede the approaches inability to test knowledge, to appraise other findings, it excels in the generation of new knowledge.

Furthermore, scenario analysis can enrich the IR discipline. Making the case here for the proliferation of this approach among IR scholarship, we found a fourfold added value it can bring to the discipline. 

  1. Confronting enduring assumptions: scenario analysis starts with participants revealing and challenging their own and others’ assumptions. This process uncovers and corrects enduring preconceptions and cognitive biases. The use of empirical data to justify assumptions ensures the eradication of false truths. 
  2. Bringing forward new research questions: scenario analysis challenges its participants to break out of linear thinking, challenge their deeply held beliefs and consider the possibility of sudden shifts in trajectories. This explorative process focuses on detecting weak signals of change and overlooked trends. Discovering them and their potential consequences can drive researchers into new fields. 
  3. Dealing with complexity and interdisciplinarity: scenario analysis allows for multicausal reasoning and nonlinear interaction between variables. The analysis is the result of an interdisciplinary exchange between participants. As opposed to more traditional academic exchange, this conversation takes place early in the research phase, and not ex post. Such multifaceted and dynamic analysis is suitable for the complex and changing nature of world affairs.
  4. Stepping out of the ivory tower: scenario analysis exercises are often centered around a workshop, at which practitioners and academics of different disciplines come together. The interactive exercise creates shared knowledge and understanding, and functions as a platform of exchange between the two worlds. Policy-makers get the opportunity to contemplate long-term trends, and scholars learn what issues drive politics. This enables them to check and ultimately enhance the relevance of their work.

The world of international relations is a complicated and messy one. The shift towards a multi-order world is accompanied by sudden shifts in trajectories and strategic surprises. We believe scenario analysis is a useful tool for IR scholars to confront the complexity of today´s world and – in the best-case scenario – inspire the policy world to be prepared to the unexpected.

Monika Sus is an assistant professor at the Polish Academy of Sciences and a fellow at the Center for International Security at the Hertie School. Marcel Hadeed was a research associate at the Dahrendorf Forum between 2017 and 2019. They are the author of “Theory-infused and policy-relevant: On the usefulness of scenario analysis for international relations”, Contemporary Security Policy, which is available here.

 

Is this the end of the liberal international order?

Today, the liberal international order is in crisis with urgent attention needed if the order is to continue to be of relevance. Yet so far little action has been taken to repair or reform the order and the value of the liberal international order is increasingly questioned even from within its own ranks. The possible end of the liberal order is therefore a prospect to be taken seriously. 

The current malaise in the liberal international order is puzzling because although the order always has encountered a fair share of adversity and crisis, the order was thought to be resilient because on the one hand, it had a remarkable ability to adapt in response to crisis and change and, on the other hand, it was able to maintain stable institutional practices, which provided certainty and predictability for those living within its realm and working on its behalf. However, in the current situation, it is no longer clear exactly what the liberal order is, or should be, and those working within its institutions and on its behalf seem paralyzed and unable to undertake the necessary repair and reform.  

My recent article uses insights from the resilience-thinking literature supplemented with insights from the literature on social theory and ontological security, to understand why the necessary repair and reform of the liberal international order is not taking place.

The article develops a conceptual framework which links resilience and ontological security in order to better understand what makes an entity resilient and why agents only sometimes undertake the necessary action for maintaining its resilience. The framework may help us to better understand the very complex issues that face us today and can make us better prepared to meet the risks and challenges that clearly are facing the liberal international order. 

The conceptual framework allows me to trace the finer nuances in the present crisis, revealing that the liberal international order is currently being pummeled by three separate crises located in each of its constitutive elements–a crisis of leadership is challenging its traditional power patterns; a crisis of democracy is challenging its traditional principles and a crisis of multilateralism is challenging its traditional institutional patterns.

The three crises each go to the very essence of what we understand the liberal international order to be and they make it near impossible to maintain a stable identity, a strong narrative and reinforcing practices with detrimental effects on the ontological security of those we would normally expect to undertake the necessary reform and repair of the order. The three crises interact with each other in ways that further deepen liberal order’s crisis. As a result, the resilience of the liberal international order is in a bad–and currently–deteriorating condition. 

It is noteworthy that where previous crises primarily have been caused by externally generated pressure and contestation–which certainly is still a factor–the current three crises seem to be internally generated. Especially, the arrival of Donald Trump in the White House and the emergence of populist politics, which have broken the post-war cross-party consensus on the value of the liberal international order, has added to the intensity of all three crises with significant implications for the liberal order’s ability to remain fit for its traditional purpose.

Although each of the three crises are well-documented in the expanding literature on the crisis in the liberal order, they have not so far been brought together within one analytical framework. The article brings all three crises to the forefront and demonstrates how each of the crises affect the liberal international order in detrimental ways. 

The article has both a theoretical and an empirical contribution. Theoretically, the article adds to resilience-thinking by adding an agent-level theoretical perspective as well as an ideal-type conceptualization of the social structure of entities within which resilience is forged. The article shows a plausible link between the resilience of the entity and the ontological security of the agents acting on its behalf.

Empirically, the article adds to our understanding of the current crisis of the liberal international order by identifying the three separate crises and placing them with each of the three constitutive elements of the liberal order and by demonstrating how each of the  crises affect both the resilience of liberal order as an entity and the ontological security of those “real people” who act on its behalf and are subject to its policies.

Unfortunately, the link between resilience and ontological security shows that although the liberal international order is in desperate need of repair and reform–those who should undertake necessary repairs and reforms lack ontological security and are not therefore able to invoke their agency to do so. As a result there is a significant danger that the liberal international order is indeed coming to an end. 

Trine Flockhart is Professor of International Relations at the University of Southern Denmark. She is the author of “Is this the end? Resilience, ontological security, and the crisis of the liberal international order”, Contemporary Security Policy, which is available here.

Resilience and EU refugee policy: A smokescreen for political agendas?

“Resilience” enjoys widespread uptake across many and diverse domains – including security and crisis response. Shrouded in ambiguity and uncertainty, however, it may be just a buzzword as we know little about the implications of resilience as a strategy to insecurity and crisis. Exploring resilience in EU humanitarian and development policy and how it translates into practice in Jordan and Lebanon, we argue in a recent article that resilience-building may function as a smokescreen for buttressing “Fort Europe” against migrants and refugees. 

 “Resilience” enjoys widespread uptake across many and diverse domains, from technology to business management, to urban planning and counselling. The word stems from the Latin “resilire” – to leap or jump back. It gained traction in the 1970s, when the Canadian ecologist Holling defined resilience as the ability of ecological systems to absorb change and disturbance. Borrowing from Holling, risk scholars like Wildavsky viewed resilience as “the capacity to cope with unanticipated dangers after they have become manifest, learning to bounce back”. Wildavsky argued that resilience was a more effective and cheaper strategy to deal with risks than anticipation and prevention. From the 1990s onwards, resilience became an integral component of disaster risk reduction (DRR) programmes, aimed at minimising the impact of natural disasters and enhancing recovery.

Policymakers have recently started to use resilience in the context of man-made disasters and crisis. For example, resilience has been identified as a major leitmotif in the 2016 European Union (EU) Global Strategy for Foreign and Security Policy. Prior to the Global Strategy, resilience was already an important component of EU humanitarian and development policies, especially in the context of migration and forced displacement. The EU was not the first to use this buzzword: the UK placed resilience at the centre of its humanitarian and development aid in 2011. Shortly thereafter, USAID published policy and programme guidelines for “building resilience to recurrent crisis”. United Nations (UN) agencies and large international non-governmental organizations (NGOs) currently all have policies, guidelines and programmes aimed at building resilience. 

Despite its widespread uptake, uncertainty remains about what resilience is, how it translates into practice, and the implications of resilience-building as a response to insecurity and crisis, qualifying resilience as a buzzword. The ambiguity surrounding buzzwords often lead scholars and practitioners to dismiss them as empty and meaningless. Yet buzzwords generally espouse strong (normative) ideas about what they are supposed to bring about. The assumptions and rationales underlying buzzwords, moreover, frequently remain unquestioned, making them interesting to study. In our recent article, we examine the EU turn to resilience by analysing key EU humanitarian and development policies. Subsequently, we delve into an empirical example of resilience-building in Jordan and Lebanon to explore how this buzzword translates into practice.  

Our policy analysis yields two aspects that are key in EU resilience thinking. First, resilience-building requires humanitarian and development actors to be simultaneously involved in crisis response and to work closely together. The so-called “humanitarian-development nexus” resonates with older concepts aimed at bridging the ideological and institutional divide between humanitarian and development actors, such as Linking Relief, Rehabilitation and Development (LRRD). 

Second, resilience assigns significant importance to ‘the local’. This means, firstly, that the EU recognizes the importance of understanding context-specific vulnerabilities and their (root) causes, as well as what local capacities exist that humanitarian and development interventions could tap into, build upon, and strengthen. Next, resilience is strongly framed as the responsibility of national governments and local authorities. Finally, the EU constructs refugees in particular as an asset to host-country economies, their resilience dependent on access to host-countries’ formal labour markets. Refugees are turned into a development opportunity for refugee-hosting states – but at the same time constitute a threat to Europe.

How do these different aspects of resilience translate into practice in Jordan and Lebanon? Jordan and Lebanon host the largest number of Syrian refugees in respect to the size of their population. Government estimates indicate Jordan hosts up to 1.3 million refugees and Lebanon 1.5 million – respectively 13 and 25% of their population. In response to the challenges of Syria’s neighbouring countries, the multi-agency response framework – the Regional Refugee and Resilience Plan (3RP) – was established in 2015. 

In line with EU thinking, the 3RP combines a humanitarian response to protect Syrian refugees with a development response to build the resilience of national government and affected host communities. Although the 3RP structure simultaneously engages humanitarian and development actors in the response, evidence shows that different funding modalities and tensions between (leading) UN agencies weaken rather than strengthen the humanitarian-development nexus in practice. 

Second, whereas the 3RP country chapters are officially under the leadership of the Jordanian and Lebanese government, significant challenges arise in practice. Especially the involvement of Lebanese authorities was limited at the start of the crisis, its later statements and measures straining its relationship with the international community. Evidence indicating that Lebanon may strategically maintain the precariousness of Syrian refugees’ lives, moreover, points at the need for caution in insisting on national governments’ responsibility. 

Finally, the same framing of refugees as a development opportunity underlies initiatives like the EU-Jordan Trade Agreement, which promises access to EU markets in exchange for refugee work permits. The nature of the Jordanian and Lebanese labour market – in combination with structural political, social and economic problems – makes refugees’ employment as a pathway to resilience an unlikely reality. It also constructs refugees as a commodity, to be exchanged for aid. 

In conclusion, the way in which resilience is understood and the challenges it generates when translating resilience into practice, make us wonder whether this buzzword is not just a smokescreen for ulterior political motives. Building the resilience of “countries of origin and transit” may conveniently prevent migration, meanwhile externalizing the control of migration and forced displacement to crisis-affected states. As Jordan and Lebanon continue to struggle with the impact of the crisis, the EU’s strategy of refugee containment may instead increase their vulnerability, ultimately threatening rather than safeguarding the security of Europe.

Rosanne Anholt and Giulia Sinatti work at the Vrije Universiteit Amsterdam. They are the authors of “Under the guise of resilience: The EU approach to migration and forced displacement in Jordan and Lebanon”, Contemporary Security Policy, which is available here.

Changes to the editorial board

Contemporary Security Policy has an active Editorial Board, which reflects its aims and scope and its worldwide audience. The membership of Editorial Board is updated on an annual basis to capture emerging research agendas and to give new colleagues the opportunity to contribute to the development of the journal. I have made a number of changes to the Editorial Board.

First of all, Terry Terriff has decided to step down from the Editorial Board. He was the co-editor of the journal from 1991 to 2004 and has served on the Editorial Board since. When he took the reins, the journal was still known by its original name as the Journal of Arms Control and Disarmament. Together with Stuart Croft, he transformed it into Contemporary Security Policy as we know it today. I want to thank Terry Terriff for his exceptional service of nearly three decades. Second, several other long-standing members of the Editorial Board have also decided to step down. They include Lawrence Freedman, Keith Krause, Andrew Mack, Derek McDougall, Patrick Morgan, and David Sorenson. They have all served on the Editorial Board for more than a decade and have made valuable contributions to the journal. I equally want to thank them for their service. Their expertise and experience as leading scholars will be missed.

It is also time to welcome new colleagues. To reflect the development of the journal, I have invited four new colleagues to join the Editorial Board. These are highly qualified scholars, from a variety of countries, who bring along exciting new expertise. Many of them are from the new generation. All of them share a commitment to high quality publishing in peer-reviewed journals. They are also dedicated in terms of policy impact and outreach.

The new colleagues on the Editorial Board are:

  • Mely Caballero-Anthony (Nanyang Technological University, Singapore)
  • Myriam Dunn Cavelty (ETH Zürich, Switzerland)
  • Jeffrey A. Friedman (Dartmouth College, USA)
  • Courtney J. Fung (The University of Hong Kong, China)

The Editorial Board will continue to be updated in the future.

Hylke Dijkstra, Editor-in-Chief

Resilience and local ownership in the EU’s Eastern Partnership policy

The EU Global Strategy (2016) and the Review of the European Neighbourhood Policy (2015) initiated a new approach in the EU’s neighbourhood policy, with resilience and local ownership being hallmarked as the guiding principles. In a new article, Irina Petrova and Laure Delcour explore what meaning the EU attaches to these concepts and whether the recent narrative shift also brought about changes in the EU’s practices in the neighbourhood.

In the face of increasing instability and multiple crises, the European Union has recently embraced the concept of resilience as a governance strategy. As argued by Nathalie Tocci, “the EU acknowledged the need to build risk and uncertainty into its policies: The fact that developments in our surrounding regions (and beyond) are not simply beyond our full comprehension, but also and above all beyond our control.” Resilience therefore implies a greater reliance on the partners’ domestic structures. This puts local ownership at the heart of the EU’s foreign policy approach.

Although resilience and local ownership have been, for over a decade, studied in the context of peacebuilding and development, the extension of these concepts to other EU policies has yet to be scrutinized. We seek to enrich the understanding of the interplay between these two concepts by exploring how they are used in the neighbourhood policy (more specifically, its eastern dimension), a key foreign policy priority of the EU.

Our analysis of the EU’s foreign policy documents highlights a narrative shift. While the EU’s Eastern Partnership (EaP) policy was previously built on the modernization theory (according to which external actors provide ready-made policy templates to be applied by domestic actors), after the 2015/2016 policy revision it increasingly refers to tailor-made cooperation templates and broad societal involvement. This signals a shift to a hybrid perspective on resilience-building, whereby resilience envisages the adaptation of domestic structures based on external templates, but only under the condition that they fit well with the local context.

Yet to what extent has this narrative turn also brought about actual change in the EU’s practices in its eastern neighbourhood? To answer this question, we traced the EU’s objectives, instruments and mechanisms in three pivotal areas of cooperation with eastern neighbours: trade, mobility, and good governance. Our findings reveal similar patterns across all three sectors. 

First, in contrast to broad conceptualization of resilience and local ownership in the EU’s rhetoric, the toolbox used in the EaP reflects a narrow operationalization of these concepts. For instance, policy instruments used as part of the visa liberalisation process or the Deep and Comprehensive Free Trade Agreements indicate the EU’s framing that resilience of the EaP states can only be enhanced via the adoption of Western/European (or EU-promoted) standards. Despite the promise of a tailor-made approach, the cases of Azerbaijan and Belarus are particularly illustrative of the fact that approximation with European standards is still expected (albeit on the smaller scale) even from those partners who insisted on building a truly common bilateral agenda.  

Second, all three sectors show that the EU has left little scope (if any) to accommodate the preferences of those countries seeking closer ties with the EU, when these preferences diverged from its own vision. This continued reliance on the modernization paradigm in resilience-building reduced the space for the local ownership. 

Third, limited local ownership implies a logic of subordination between domestic and  external actors. This is despite the emphasis placed on partnership, ownership and dialogue in the EU’s narrative. Hence, our article confirms that the vision of the EU’s resilience-building in the neighbourhood aims at an effective governance of the EaP countries, rather than the genuine empowerment of local actors [hyperlink to the Introduction to the SI]. Therefore, if the EU is serious about adopting resilience as a way to navigate in an increasingly unstable and uncertain world, a substantial overhaul of policy practices is still required to match the narrative turn.

Irina Petrova is a doctoral researcher at the Leuven International and European Studies (LINES) Institute at KU Leuven. Laure Delcour is an Associate Professor in European Studies and International Relations, Université Paris 3-Sorbonne nouvelle (Paris). The are the authors of “From principle to practice? The resilience–local ownership nexus in the EU Eastern Partnership policy”, Contemporary Security Policy, which is available here

Deconstructing Scholarship on Al-Shabaab in Somalia and Boko Haram in Nigeria

08/09/11- Mogadishu, Somalia – AMISOM Troops stand in Mogadishu stadium, the former al-Shabaab headquarters.

Mohamed Haji Ingiriis argues that scholars should develop a better understanding of insurgency groups in Africa, such as Al-Shabaab, Boko Haram, and Jama’a Nusrat ul-Islam wa al-Muslimin, including their origins and the state functions they provide.

Insurgent groups in Africa are to a greater extent attracting the attention of a new generation of scholars who are bent on deconstructing the previous misunderstandings of the activities of the insurgent movements. As they increase their local and regional operations, African insurgent groups remain resistant and resilient and frustrated in all military attempts to defeat them.

Al-Shabaab in Somalia and Boko Haram in Nigeria are the two most crucial and critical insurgent groups in Africa. Because they do not constrain and confine them to insurgent activities, it is important to reconsider their other activities to move beyond the preoccupation of only exploring the aspect of their terror attacks.

Al-Shabaab and Boko Haram undertake more than insurgent activities. As a result, there is no serious scholar who can confidently call them as “terrorist organisations,” because for them terrorism is not an end, but a means to an end. They use terror attacks as a strategy (albeit evil) in a tactic toolbox than an essence of an organisational ultimate policy (see, for example: https://www.hurstpublishers.com/book/horn-sahel-and-rift/).

When examining Al-Shabaab and Boko Haram, a new generation of Africanist scholars began to use the terms such as “extremist movements” or “extremist organisations”; “insurgent movements” or “insurgent organisations”; “Islamist movements” or “Islamist organisations”; “militant movements” or “militant organisations”; “radical movements” or “radical organisations” rather than making sentimental descriptions such as “terrorists.”

The new reconsideration and reconceptualisation of Al-Shabaab and Boko Haram has been obliged by the very fact that, in opposition to the Western-supported secular governments of Somalia and Nigeria, Al-Shabaab and Boko Haram have adopted state systems and structures on the basis of parallel Islamic governments (obviously with their own strict scriptural interpretation) in the areas under their control. 

The state-like rules of Al-Shabaab and Boko Haram provide more than social and security services that the governments of Somalia and Nigeria have failed to provide to the local population. Al-Shabaab and Boko Haram have achieved to capture and continue to rule peripheral societies where the failed state of Somalia and the fragile state of Nigeria cannot reach and as such where the provision of security is non-exist.

Despite their position as parallel governments, the ways in which Al-Shabaab and Boko Haram are often emotionally vilified is something that blinds and blocks us (as scholars studying those insurgencies in Africa) to present the everyday reality exist in the areas under their control. With the label of ‘terrorist organisations’, observers can hardly adventure into the other aspects of Al-Shabaab and Boko Haram.

However, it is thus quite difficult to overlook the fact that both Al-Shabaab and Boko Haram began as popular movements providing alternative governments to local populations, even though their approach and engagement had fundamental differences, because Boko Haram started as a social movement offering social services to marginalised communities in northern Nigeria, while Al-Shabaab started as a jihadist network right from the beginning.

Al-Shabaab was born out of the brutal Ethiopian invasion of southern Somalia in the winter of 2006, an invasion approved by the United States and allowed by the United Kingdom and the rest of the West. In the beginning, Al-Shabaab was not separate from the Union of Islamic Courts (UIC) which emerged in the summer of 2006, but its founders behaved and pretended they were ruling a separate entity. Yet, Al-Shabaab could not exist without the legitimacy it had enjoyed under the shadow of the UIC.

In Somalia, scholars studying Al-Shabaab do not squabble about their research findings of Al-Shabaab. Whilst they backbite each other behind the backdoor privately, scholars tend to avoid disputing each other publicly. In contrast to Nigeria, scholars studying Boko Haram are arguing over the emergence and existence of Boko Haram to the extent that ideological positions in the form of left wing and right wing exist in the scholarship on Boko Haram, also including personal insults in the discussion.

Overall, nonetheless, there is a burgeoning scholarship on Al-Shabaab and Boko Haram, but most of this scholarship is concerned more with Boko Haram than with Al-Shabaab. Academic and non-academic books have been published about these insurgent movements, even though more on Boko Haram than Al-Shabaab. Astonishingly, the third largest African insurgent movement Jama’a Nusrat ul-Islam wa al-Muslimin (JNIM) has not been attracted a book of its own.

Arguably, Nigeria is the most populated country in Africa and the highest oil-producing state in Africa and as such is much more important than Somalia, the most failed state in the whole world, but is not Al-Shabaab, the only insurgent movement in the world currently controlling a large swathes of territory, more important than Boko Haram, which is only concentrated in small parts of northern Nigeria?

Mohamed Haji Ingiriis is a Somali academic specialising in Somali history and politics at the University of Oxford. He is a research fellow at the CRP, London School of Economics and Political Science (LSE). He is the author of “Building peace from the margins in Somalia: The case for political settlement with Al-Shabaab“, Contemporary Security Policy, 39(4), pp. 512-536.

Contested public attributions of cyber incidents and the role of academia

In a recent article in Contemporary Security Policy, Florian J. Egloff reflects on the contested nature of public attributions of cyber incidents and what role academia could take up.

In the last five years, public attribution of cyber incidents has gone from an incredibly rare event to a more regular occurrence. For example, in October 2018 the UK’s National Cyber Security Centre publicized its assessment of cyber activities conducted by the Russian military intelligence service (also known by its old acronym, the GRU). Clearly, publicizing activities that other political actors like to keep secret is a political act – but what kind of political act is it and what happens when a government publicly attributes? 

For research on governmental public attribution, one can split the public attribution process into two phases: mechanisms that lead to public attribution and what happens after an incident is publicly attributed. Little research exists on either phase with regard to attribution of cyber incidents. This is problematic, as our understanding of contemporary security policy rests on understanding what drives threat narratives, how and why those particular ones are introduced publicly, and how contestation of threat narratives takes place in the public sphere. 

In a recent article for Contemporary Security Policy, I focus on this second phase of public attribution, namely, what happens after a government goes public about a cyber incident. Understanding this phase is important, as public attributions of cyber incidents are one of the main sources from which the public learns about who is attacking whom in cyberspace, thereby shaping the threat perception of the general public. Most attribution judgements are published by governments, the private sector, and a small number of civil society actors. To situate the knowledge space, in which attribution claims are introduced to, I reflect on this source of knowledge about cyber conflict by identifying how it structurally shapes our understanding of cyber conflict, in particular due to operational and (political, commercial, and legal) structural factors. In short, due to the commercial incentives on the private sector side and the political bias on the government side, the public data about cyber conflict structurally induces distrust into the representativeness of the public attribution statements.

I then focus on the contestation of public attribution claims in democracies and the consequences such contestation brings. Contestation is fundamental to democratic politics. The open debate, the ability of everyone to freely voice opinions, and the emergence of truth trough democratic discourse is foundational to the public sphere of democratic polities. Thus, the ability to contest is a sign of healthy democratic politics. However, as I show in the article, this openness to contestation, coupled with the information poor environment, creates particular problems in the area of cybersecurity. 

Attribution claims are introduced, contested, and even the possibility to do attribution is put into question. Disinformation tactics are used to muddy specific attribution claims, leaving an electorate exposed to the coexistence of multiple “truths” and a fractured narrative of the past. Due to the secrecy attached surrounding the attribution processes by governments, particularly due to concerns of intelligence agencies about sources and methods, governments are often reluctant to reveal the evidence underlying the attribution judgments. These are ideal enabling conditions for other actors to contest governmental claims. 

In a series of empirical examples (Sony, DNC, NotPetya), I reflect on the drivers of contestation after an incident is publicly attributed and show how attackers and other constituencies with various political and economic motivations purport particular narratives. The Sony incident highlights the difficulty a government can have in convincing an electorate of its claims, when there is no record of accomplishment in making attribution claims in public. The DNC intrusion shows how the attacker can take part in the meaning-making activities, actively trying to dispel the notion that the government knows who is behind a cyber incident. Finally, the NotPetya incident illustrates how actors seemed to have learned from the contested cases. In particular, the coordination of attribution claims across different countries and entities was specifically designed to bolster the legitimacy and credibility of the attribution claims at the international level.

Finally, I reflect on how academia could be a partial remedy to this situation. Academia, so far, has not been a strong participant in the discursive space around particular attributions. This is despite its commitment to transparency and independence theoretically making it a well-placed actor to contribute an independent interdisciplinary contribution on the state of cyber conflict. Thus, I argue for an increasing need for academic interventions in the area of attribution. This includes interdisciplinary research on all aspects of attribution (not just in cybersecurity), and conducting independent research on the state of cyber conflict historically and contemporarily. One of the main implications of this research on contestation of attribution claims for democracies are to be more transparent about how attribution is performed, to enable other civilian actors to study cyber conflict, and to thereby broaden the discourse on what is one of the main national security challenges of today. 

Florian J. Egloff is a Senior Researcher in Cybersecurity at the Center for Security Studies at ETH Zürich. He is the author of “Contested public attributions of cyber incidents and the role of academia”, Contemporary Security Policy, Advance Online Publication, available here. A shorter policy analysis on the subject can be found here.

Resentful Reliance: Why Myanmar and North Korea pursue different strategies to limit Chinese influence

In a recent article in Contemporary Security Policy, Jonathan T. Chow and Leif-Eric Easley explain why, despite comparable international pariah status and heavy dependence on China, Myanmar sought diplomatic diversification through reform and opening while North Korea doubled down on pariahdom by further developing nuclear weapons and missiles.

Myanmar and North Korea were long known as Asia’s “pariah states,” internationally sanctioned and ostracized for human rights violations, authoritarian repression and, in the case of North Korea, persistent efforts to develop nuclear weapons. In 2011, however, Myanmar’s repressive ruling junta surprised many observers by making a strategic decision to reform and open, stepping aside from power and ushering in a quasi-civilian government. Meanwhile, North Korea has pressed ahead with its nuclear weapons program, hardening its pariah status.

With relatively few international partners willing to cooperate with them, Myanmar and North Korea relied heavily on China for trade, investment, diplomatic support, and military assistance. However, citizens in both countries objected to China’s growing economic and political influence. In Myanmar, concerns centered on China’s ties to ethnic armed groups fighting against the central government and the environmental and social effects of Chinese-led infrastructure projects like the Myitsone Dam. Consequently, Myanmar used liberalizing reforms to signal its willingness to adhere to international norms and attract new diplomatic partners.

North Korea relies even more heavily on China than Myanmar did, and resents Beijing’s willingness to endorse United Nations sanctions regarding its nuclear weapons and missile programs. Yet, North Korea eschewed reform and opening and instead doubled down on its pariah status by racing to advance its nuclear and missile programs before pursuing diplomatic engagement. Our research identifies three factors behind Myanmar and North Korea’s different approaches to mitigating pariahdom and reliance on China.

Not All Authoritarians are Alike

First, North Korea and junta-era Myanmar differed in how well their leaders could protect themselves from retaliation after giving up control. Myanmar’s military junta could allow liberalizing reforms and relinquish day-to-day governing responsibilities while retaining its arms and the ability to usurp power. Myanmar’s new constitution grants the military broad autonomy from the civilian government and sweeping emergency powers, as well as immunity from prosecution for actions committed under the junta.

In contrast, North Korea’s ruling Kim family exercises control through a pervasive political ideology centered on “Supreme Leader” Kim Jong-un. The leader employs brutal repression and the dispensing of luxury items and social privileges to co-opt North Korean elites. There is little room for the Kims to pursue liberalization if reforms would undermine the regime’s legitimizing mythology, reduce the Kims’ monopoly on favors, and allow the emergence of rival factions that might seek to replace the regime.

Reducing Risks of Partnership with a Pariah State

Second, Myanmar and North Korea differed in their ability to credibly signal to potential diplomatic partners that liberalizing reforms are genuine and not merely tactical. Such signals are important in mitigating the reputational risks that new partners might incur in engaging a pariah state.    

In Myanmar, Nobel Peace Laureate, long-time political prisoner and pro-democracy activist Aung San Suu Kyi served as a credible signaler of the junta’s reformist intentions. Before her image was tarnished by Myanmar’s human rights violations during her current tenure in government under a power-sharing arrangement with the military, Aung San Suu Kyi’s endorsement of the junta’s reforms was vital to persuading Washington to reduce sanctions. Her endorsement reduced the political risks that US leaders faced in pursuing engagement with a pariah state. Myanmar’s military leaders understood Aung San Suu Kyi’s crucial signaling role, giving them confidence that their reforms would yield a positive response from Washington.

North Korea, by contrast, lacks credible signalers. The regime so thoroughly suppresses political opposition that virtually none exists. Defectors typically keep a low profile to avoid retaliation against their families still living in North Korea, while those who are vocal tend to be very critical of the regime. This would make it more difficult for North Korea to demonstrate to other countries that any political reforms it adopts are genuine. Meanwhile, Pyongyang’s propaganda maintains that its efforts at engagement are not recognized by the international community.

Weighing the Security Implications of Engagement

Third, Myanmar and North Korea differ in how diplomatic engagement with new partners relates to their security. Myanmar’s leaders perceived their chief security threat to emanate from the numerous ethnic armed groups around the country. Before pursuing reforms, the junta established a series of ceasefires with the majority of these groups, allowing it to concentrate force on the remaining holdouts. By the time reforms were underway, diplomatic engagement did not entail a significant security risk to Myanmar’s ruling regime.

On the other hand, North Korea faces a dilemma wherein diplomatic diversification requires putting its claimed nuclear deterrent on the negotiating table. The Kim regime has long pursued nuclear weapons to protect against invasion and overthrow. While such capabilities somewhat reduce Pyongyang’s reliance on Beijing in terms of security, they are a major source of North Korea’s pariah status and hence increase economic dependence on China. Potential economic partners like the United States, South Korea and Japan demand that North Korea take steps toward denuclearization to earn sanctions relief, but the Kim regime believes that doing so would put its security at risk. Hence, unlike Myanmar, North Korea is caught between its security priorities and its desire to reduce reliance on China.

Escaping the Pariahdom Trap    

Our research demonstrates that overreliance on another country is not sufficient to trigger reform in pariah states. Regime type, the presence of credible signalers, and the relationship between security and diplomatic diversification all shape the costs and incentives that pariah state regimes face in determining whether or not to liberalize and open up.

Pariah states want to pursue reforms from a position of strength, whether that means ensuring protections for regime leaders after they step down, creating mechanisms to seize back power, or building a nuclear deterrent. Myanmar was able to attain a position from which to launch reforms and begin to reduce reliance on China. For the Kim regime, however, the price of shedding pariah status and attracting new diplomatic partners appears too high to risk. Hence, for the foreseeable future, North Korea will continue to depend heavily on China.

Jonathan T. Chow is an Assistant Professor of Political Science at Wheaton College, Massachusetts, USA; Leif-Eric Easley is an Associate Professor in the Division of International Studies at Ewha University in Seoul, Korea. They recently published “Renegotiating pariah state partnerships: Why Myanmar and North Korea respond differently to Chinese influence,” Contemporary Security Policy, 40:4, 502-525, available here

Cyber-noir: Popular cultural influences on cybersecurity experts

In a recent article in Contemporary Security Policy, James Shires draws on film noir to discuss portrayals of cyber in popular culture.

In his testimony to the House of Representatives sub-committee on cybersecurity in 2013, Kevin Mandia, a cybersecurity CEO and former U.S. government official, emphasized that “cyber remains the one area where if there is a dead body on the ground, there is no police you call who will run to you and do the forensics and all that”. This was of course a metaphor, as there was no literal dead body in the Chinese cyber-espionage cases his company were known for. Nonetheless, he portrayed his role exactly like the start of a film noir: an absent police presence, a violent act and a dead body, and a self-reliant private investigator. Was this just a figure of speech? Or is there something else going on–something more fundamental to cybersecurity itself? 

A foundational problem in cybersecurity is drawing a clear dividing line between legitimate and malicious activity. This is difficult because cybersecurity is an environment swamped with data, where identical tools and tactics are used for different ends, and where social and economic structures linking offensive and defensive action compound technical similarities. These obstacles to distinguishing between legitimate and malicious cyber activity are well recognized by both practitioners and scholars.

In a recent article for Contemporary Security Policy, I highlight another factor that is rarely discussed but no less important: popular cultural influences on cybersecurity experts. Cybersecurity expert practices are infused with visual and textual influences from broader discourses of noir in popular culture, including dystopian science fiction, fantasy, and cyber-punk: a phenomenon I call “cyber-noir”. These influences produce cybersecurity identities that are liminal and transgressive, moving fluidly between legitimate and malicious activity. To paraphrase a neat description of film noir leads, cybersecurity experts see themselves as “seeming black and then seeming white, and being both all along”.

In the article, I examine two forms of popular cultural influences on expert practices: visual styles and naming conventions. I suggest that these influences create a morally ambiguous expert identity, which in turn perpetuates practices that blur the legitimate/malicious boundary.

First, due to its relative novelty and digital basis, many concepts and objects in cybersecurity have no obvious visual association. This gap means that, as Hall, Heath, and Coles-Kemp suggest, many techniques of cybersecurity visualization deserve further critical scrutiny. Through code images signifying illegibility and technical sophistication, and pseudo-geographic “attack maps” emphasizing constant threat, cybersecurity is portrayed as a dark and uncertain world where simulation slips easily into reality and reality into simulation. A range of threatening identities using images of noir characters, various coloured hats, and hooded hackers add to this atmosphere. These images and visual styles use noir aesthetics and palettes to convey transgression, danger and moral ambiguity. Although light and dark shades are classically associated with good and evil, in cybersecurity–as in noir–both “good” and “bad” entities occupy the same place in the visual spectrum.

Second, naming conventions are infused with popular culture, through direct references and quotations and in their style, sound and visual aspect.  Many company names and analysis tools in cybersecurity evoke a popular culture crossover between noir, science fiction, fantasy and cyber punk. Vulnerabilities receive names that could be straight from dystopian fiction, like “Heartbleed,” “Spectre,” “Meltdown,” and “Rowhammer”, while others highlight a darker aesthetic, such as “Black Lambert” and “Eternal Blue”. Although these are clearly strategic decisions, they also shape the identity of the individuals who work in these organizations and the organizations themselves. Consequently, names with popular cultural influences and associations not only enliven the working day for cybersecurity experts, but constitute the moral orientation of their world.

In 2017, British youth Marcus Hutchins became well-known among cybersecurity experts, following his portrayal as the person who singlehandedly stopped the devastating WannaCry virus that affected the UK’s National Health Service. However, Hutchins’ fame enabled other cybersecurity experts and U.S. law enforcement to follow a trail of domain names, malware names, and handles on hacker forums, including “ghosthosting,” “hackblack,” “blackshades,” and “blackhole,” to the creation of an illegal banking virus named Kronos. Hutchins was arrested months after his public appearance and sentenced to time served in July 2019 for his role in distributing this virus. Hutchins’ case is an extreme example of the relationship between noir aesthetics and transgressive practices. As his story illustrates starkly, many cybersecurity expert identities are constituted in such a way that practices like hacking back, undercover intelligence collection and participation in “grey” or “black” hacking forums seem to be a normal, even necessary, set of activities.

The article concludes that the fragile distinction between legitimate and malicious activity in cybersecurity expert discourses is not merely a question of technological similarities, exacerbated by particular economic and institutional structures. Instead, experts themselves perpetuate uncertainty over what is legitimate and malicious in cybersecurity. Their adoption of popular culture adds to the explicit obstacles confronting cybersecurity experts, suggesting that the task of separating legitimate and malicious is much more challenging than commonly thought. Consequently, the deepest difficulty in maintaining the legitimate/malicious binary–and therefore constructing a stable foundation for cybersecurity itself–is not the range of technological, social, and economic pressures explicitly recognized by cybersecurity experts, but their implicit embrace of cyber-noir.

James Shires is an Assistant Professor at the Institute for Security and Global Affairs, University of Leiden. He is the author of “Cyber-noir: Cybersecurity and popular culture”, Contemporary Security Policy, Advance Online Publication,  available here.

Call for the 2021 Special Issue

CSP CoverContemporary Security Policy is seeking proposals for a special issue to be published in 2021 (volume 42). The special issue should address a topic within the aims and scope of the journal. CSP has an impact factor of 1.574, which ranks the journal #33 out of 91 in the category International Relations.

One of the oldest peer reviewed journals in international conflict and security, CSP promotes theoretically-based research on policy problems of armed conflict, intervention and conflict resolution. Since it first appeared in 1980, CSP has established its unique place as a meeting ground for research at the nexus of theory and policy. Major fields of concern include:

  • War and armed conflict
  • Peacekeeping
  • Conflict resolution
  • Arms control and disarmament
  • Defense policy
  • Strategic culture
  • International institutions

CSP is committed to a broad range of intellectual perspectives. Articles promote new analytical approaches, iconoclastic interpretations and previously overlooked perspectives. Its pages encourage novel contributions and outlooks, not particular methodologies or policy goals. Its geographical scope is worldwide and includes security challenges in Europe, Africa, the Middle-East and Asia. Authors are encouraged to examine established priorities in innovative ways and to apply traditional methods to new problems.

Special Issue Information

Special issue proposals should contain (in one PDF document):

  • A short discussion of the rationale and contribution of the special issue (3 pages max). Please also state why the topic falls within the aims and scope of the journal and why the proposal would be of interest to a large audience.
  • Contact details, institutional affiliation, one paragraph biography of the special issue co-editors, and three recent publications of each of the co-editors. Feel free to include a link to the personal website of the co-editors. Do not submit full CVs.
  • A list of confirmed articles and authors. Please include for each article (a) the title; (b) 150 word abstract; (c) a very short statement how the article contributes to the special issue and why it needs to be included; (d) a one paragraph author biography; and (e) three recent publications of the author(s).
  • The current state of the special issue. Please describe the background (e.g. previous workshops and conferences) and the timeframe towards the submission deadline.

The special issue will consist of a substantive introduction and 6-7 articles. The introduction should stand on itself. It should serve as a state-of-the-art article and be a reference point for all the other articles in the special issue. It is recommended that special issue proposals include 9-10 articles. All articles will be sent by the journal for peer-review on an individual basis. It is unlikely that all articles will eventually make the cut.

Most articles in CSP are around 8,000-9,000 words (including notes and references). However, manuscripts up to 11,000 words are accepted, for example when they include multiple case studies or use mixed methods. Total word limits will be discussed in case of acceptance.

Please submit your application (one PDF file) to csp@nullmaastrichtuniversity.nl. The deadline for the special issue proposal is 15 November 2019. The decision will be announced soon afterwards. The decision by the editor is final. All articles, including the introduction, will have to be submitted by 15 March 2020.