Skip to main content


Cyberspace and capacity building – how to get everyone involved?

Posted on    by CREATe Team

Cyberspace and capacity building – how to get everyone involved?

By 22 March 2024No Comments

Joséphine Sangaré, doctoral researcher with CREATe, reflects on three conferences she attended between November 2023 and January 2024.

I had the great honour to present my PhD research on ‘Public-private partnerships for cyber capacity building and accountability mechanisms for private actors’ at three amazing international conferences. As a form of public-procurement, public-private partnerships undergo risk-assessment prior to implementation. Despite this process, cyber capacity building often results in the creation of new vulnerabilities posing security risks to states and the society. Approaching my topic through the lens of international security in cyberspace, cyber-lawmaking, and technology and society, each conference programme offered different insightful perspectives on how to account for all participants in cyberspace, i.e. states, civil society, and private actors. I would like to express my gratitude to CREATe and the School of Law, University of Glasgow, as well as the Essex Law School for their generous financial support, making this journey possible.

Starting with the ‘International Security in Cyberspace Conference’ at the University of Granada (30 November 2023 – 01 December 2023) hosted by Prof. Antonio Segura Serrano, I presented draft work on cyber capacity building under the 2014 African Union Convention on Cybersecurity and Personal Data Protection (Malabo Convention) in a panel on Defence and Espionage together with Dr Lucas J. Ruiz Días who discussed cyber defence in the European Union. Chaired by Prof. Ozana Olariu, the subsequent discussion offered important insights on the mitigation of adverse effects of information and communication technologies on a state level, the feasibility of existing measures, and an outlook on future developments. In recognition of the capacity gap between states and private actors, effective coordination of all actors still requires significant institutional advancement to achieve resilient cyber governance mechanisms. The nature of specific cyber security challenges, the applicability of international law to cyberspace, as well as the role of cybersecurity and the European Union were discussed during other panels. The broad range of security topics addressed in panels and keynote speeches during the conference offered a great opportunity to reflect on where capacity building measures are of universal character and where their design requires customising to account for specific regional circumstances and development levels.

Josephine, third from the left, smiles with fellow participants in front of an imposing library.

Josephine, third from the left, smiles with fellow participants.

Revising my work with the reflections from Granada, I took my topic to the CHAIN Conference on Public Governance of Emerging Technologies – Values, Trust, and Compliance by Design, hosted by the at the University of Utrecht on 11 and 12 January 2024. This provided an excellent interdisciplinary forum to move beyond the legal considerations of security and expand my insights into the constitutional and societal effects of information and communication technologies. Regarding the necessity of adapting cybersecurity strategies to regional needs, intriguing case studies in the field of cyber capacity building and the constitutional challenges of regulating a space beyond classic territorial boundaries were discussed. Chaired by Dr Wessel Reijers, I discussed the risk of potential self-regulation in the private sector, international liability mechanisms for state actors and how private actors are currently addressed in the context of the Malabo Convention. This includes the evolution of standards of risk-assessment in the Malabo Convention and involvement of both regional and international private actors in the capacity building process. My co-panelists, Dr. Banu Buruk and Marc-Olivier Busslinger, discussed the ethical evaluation of artificial intelligence and liability for states’ use of AI chatbots, respectively. The magnitude of challenges and strategies addressed during the three streams of the conference, i.e. values, governance, and regulatory compliance, bridged the theoretical recognition of cyberthreats and the practicalities of  mitigating against them.

Josephine speaking at a lectern with the coat of arms of Utrecht.
Successful knowledge exchange and the role of transparency in international collaboration was the topic of the paper I presented at the Modern Law Review Seminar on The Challenges of International Law-Making for the Use of Information and Communication Technologies, which was hosted at Essex Law School on 12 December 2023 by Dr Antonio Coco and Dr Meagan Wong. My paper discussed how ‘Transparency makes us vulnerable’  in the context of multi-stakeholderism in cyber law-making. The format emphasised a detailed response by an expert in the field; my paper receiving commentaries from H.E. Jongin Bae, Ambassador of the Republic of Korea to Bulgaria.

panelists smiling, Josephine is second from the left.

From left to right: respondent H.E. Jongin Bae, presenter Joséphine Sangaré, chair Dr. Christiane Ahlborn, respondent Prof. Russell Buchan, and co-panelist Dr. Fan Yan.


Each of the conferences offered many insights to reflect on. The different discussion formats, ranging from direct responses to panel discussions, as well as the different approaches to cybersecurity regulations have jointly refined the multi-dimensional framework of considerations for resilient cyber capacity building. I would like to express my sincere appreciation for everyone I met during the conferences, and the engaging discussions that followed. It was a great honour to meet you during this exciting journey.