The digitalization of the security sector has been a focal point for the work of DCAF – the Geneva Centre for Security Sector Governance — for over five years. DCAF is an international foundation under Swiss law and its mission is to promote good governance in the security sector. The digitalization of the security sector raises many challenges but presents several opportunities for good governance. For example, digital work processes can increase the efficiency of security actors. Digitalized records can potentially increase the transparency of their work and oversight actors, such as national parliaments, may find it easier to hold security sectors accountable as a result. With the use of digital tools, certain security actors might also be able to improve their exchange with the public, communicating messages about security more clearly and possibly being more responsive to the public’s security needs. However, the use of information and communication technologies in the security sector raises many challenges for accountability and the rule of law. For example: who can be held accountable if both decision-making and security tasks are carried out by artificial intelligence? How can oversight actors follow, understand, and evaluate fully-automated work processes? The digitalization of security also poses a danger that technologies, such as surveillance technologies, are used in a way that increasingly encroaches on the privacy of citizens. All of these issues require further research and DCAF will continue to work on the digitalization of the security sector, within the frame of promoting good governance,  and will launch several publications on the subject matter in the coming months.

DCAF has also provided operational support on the ground. The organization has been supporting key security sector ministries, such as ministries of interior (MoI) and ministries of defense (MoD), to ensure that when they commence digitalization, they have the appropriate security mechanisms in place to protect digital work processes from attacks. In 2018, DCAF started a three-year regional project in the Western Balkans, supported by the United Kingdom’s Foreign Commonwealth and Development Office, entitled “Enhancing Cybersecurity Governance in the Western Balkans”. As part of this project, DCAF has organized trainings for Computer Emergency Response Teams (CERTs) from MoIs and MoDs as well as for national CERTs. The CERTs were thus provided with the opportunity to increase their regional and international network, build trust with their colleagues, and join international associations of CERTs. Trust between CERTs is necessary to ensure effective communication on sensitive issues such as attack response – sharing details on attacks and how to analyze or mitigate them improves the CERTs’ capacities. To promote sustainable change within CERTs, DCAF has also worked with a select number of CERTs to review their internal structure and management. How can the team’s mandate, human resource policies, or training plans be improved to make sure that the team can work effectively and can attract and retain staff with the right expertise? In the coming years, DCAF intends to continue assisting key target groups in their efforts to protect their digital work processes from cyberattacks, foster relevant capacities, and increase their respective regional and international networks.