Cybersecurity and International Law

From 10 to 12 February 2025, participants from EU Member States and third countries gathered in Brussels for the ESDC’s cyber course Cybersecurity and International Law.

More than 20 participants, including civilian, military, diplomatic, and law enforcement professionals working in the fields of law and cybersecurity, had the opportunity to exchange views, share best practices, and enhance their knowledge.

The course welcomed participants from NATO, the UN, European Space Agency – ESA, EUMS, EUMC, and EU Careers by EPSO. Furthermore, in line with the ESDC’s high priority to support Ukraine, a group of participants from EUAM Ukraine and Ukrainian institutions were given the opportunity to attend the course remotely.

It has been a great honour for the ESDC to co-organise this important cyber activity with the Lodz Cyber Hub.

This course, which is aligned with the strategic objectives of Pillar 3 of the EU’s Cybersecurity Strategy for the Digital Decade, highlights the EU’s priority on cybersecurity within the Strategic Compass. It also supports the ENISA European Cybersecurity Skills Framework (ECSF) role profile for a Cyber Legal, Policy and Compliance Officer.

The course was opened by Fergal O’ Regan, Acting Head of the ESDC, Dr Joanna Kulesza, Course Director from the Lodz Cyber Hub, and Giuseppe Zuffanti, Coordinator for the ESDC Cyber ETEE platform. They welcomed the participants and provided an overview of the ESDC, the Lodz Cyber Hub, and the EU Cyber Ecosystem.

This course took a practical approach to applying international law in cyberspace, focusing on past geopolitical challenges and pragmatic solutions. It included a review of international legal instruments addressing relevant policies and covered topics such as state responsibility, cybersecurity due diligence, the peaceful settlement of cyber disputes, proportional countermeasures, and transboundary data flows. Specific areas of focus included personal data, Big Data, GDPR, intermediary liability, platform regulation, and the human rights implications of algorithmic design and artificial intelligence.

The ESDC extends its sincere gratitude to the speakers for their contributions, valuable insights, and thoughtful suggestions. Distinguished lecturers from the European External Action Service, the European Commission (DG-HOME), the European Defence Agency, and the EDPS – European Data Protection Supervisor provided key input. Equally, speakers from ICANN, the Internet Corporation for Assigned Names and Numbers, RIPE NCC, the European Regional Internet Registry, the Lancaster University, and the University of Bucharest shared their expertise and perspectives.

Special thanks go to the course directors, the Lodz Cyber Hub, and all participants for their active engagement and commitment.