Researcher
Lars Gjesvik
Contactinfo and files
Summary
Lars Gjesvik is a senior researcher in the Research Group for Security and Defence at NUPI, where he also serves as the co-leader of the research center for digitization and cyber security. His research focuses on the intersection of private enterprise and state interests, security challenges, and power politics related to digitalization and emerging technologies.
He recently obtained his doctorate from the University of Oslo (in 2023), where he studied the interaction between private companies and state interests in the digital space, and the role of technology companies in shaping international politics. Gjesvik's expertise also includes issues related to the global surveillance industry, digital infrastructure such as submarine internet cables and cloud services, cyber security, and technology dependency.
In his previous work, Gjesvik has addressed national approaches to cyber security and public-private cooperation, as well as disinformation and influence campaigns
Expertise
Aktivitet
Filter
Clear all filtersInterpreting cyber-energy-security events: experts, social imaginaries, and policy discourses around the 2016 Ukraine blackout
We analyse the expert debate around a cyber attack in 2016 that caused an electric power blackout in Ukraine. Two expert reports were crucial for interpreting this event, and there are several competing narratives of cybersecurity where the event plays different roles. We show that the most securitized narratives became more prominent and point to the power wielded by private companies and experts in this field.
Private infrastructure in weaponized interdependence
The ability of states to exploit private resources at an international level is an increasingly salient political issue. In explaining the mechanisms of this shift, the framework of Weaponized Interdependence has quickly risen to prominence, arguing that those states that are centrally placed in global networks can exploit their centrality given the appropriate domestic institutions. Building on this framework, I suggest that the relationship between states and the private corporations holding the resources states seek to exploit is more dynamic and contested than assumed. Drawing on developments in the industry for constructing and operating submarine cables, I find that a paradigm shift in the market has significantly limited the authority of states vis-à-vis key market players. The contribution of this finding is to expand Weaponized Interdependence as a framework, paying closer attention to the relationship between private companies and states. This expansion allows for the utilization of Weaponized Interdependence as a framework for a broader set of cases, explaining not only when a network is prone to weaponization but also the limitations states face when they seek to do so.
Frihet, sikkerhet og autonomi i skyen
Cloud computing has in under two decades moved from a niche indsutry to globe-spanning infrastructure. This chapter explores the consequences for national security, sovereignty and autonomy.
Surveillance Technology at the Fair: Proliferation of Cyber Capabilities in International Arms Markets
State cyber capabilities are increasingly abiding by the “pay-to-play” model—both US/NATO allies and adversaries can purchase interception and intrusion technologies from private firms for intelligence and surveillance purposes. NSO Group has repeatedly made headlines in 2021 for targeting government entities in cyberspace, but there are many more companies selling similar products that are just as detrimental. These vendors are increasingly looking to foreign governments to hawk their wares, and policymakers have yet to sufficiently recognize or respond to this emerging problem. Any cyber capabilities sold to foreign governments carry a risk: these capabilities could be used against individuals and organizations in allied countries, or even in one’s home country. Because much of this industry operates in the shadows, research into the industry in aggregate is rare. This paper analyzes active providers of interception/intrusion capabilities within the international surveillance market, cataloguing firms that have attended both ISSWorld (i.e., the Wiretapper’s Ball) and international arms fairs over the last twenty years.1 This dataset mostly focuses on Western firms and includes little on Chinese firms, due to historical under-attendance of Chinese firms at ISSWorld. However, the overarching nature of this work will help policymakers better understand the market at large, as well as the primary arms fairs at which these players operate. This paper identifies companies explicitly marketing interception/intrusion technology at arms fairs, and answers a series of questions, including: what companies are marketing interception/intrusion capabilities outside their headquartered region; which arms fairs and countries host a majority of these firms; and what companies market interception/intrusion capabilities to US and NATO adversaries? The resulting dataset shows that there are multiple firms headquartered in Europe and the Middle East that the authors assess, with high confidence, are marketing cyber interception/intrusion capabilities to US/NATO adversaries. They assume that companies offering interception/intrusion capabilities pose the greatest risk, both by bolstering oppressive regimes and by the proliferation of strategic capabilities.2 Many such firms congregate at Milipol France, Security & Policing UK, and other arms fairs in the UK, Germany, Singapore, Israel, and Qatar. The authors found that 75 percent of companies likely selling interception/intrusion technologies have marketed these capabilities to governments outside their home continent. Five irresponsible proliferators—BTT, Cellebrite, Micro Systemation AB, Verint, and Vastech—have marketed their capabilities to US/NATO adversaries in the last ten years.3 This paper categorizes these companies as potentially irresponsible proliferators because of their willingness to market outside their continents to nonallied governments of the United States and NATO—specifically, Russia and China.4 By marketing to these parties, these firms signal that they are willing to accept or ignore the risk that their products will bolster the capabilities of client governments that might wish to threaten US/NATO national security or harm marginalized populations. This is especially the case when the client government is a direct US or NATO adversary. This globalizing shift is important for two reasons. First, it indicates a widening pattern of proliferation of cyber capabilities across the globe. Second, many firms in the surveillance and offensive cyber capabilities markets have long argued for the legitimacy of their business model by pointing to the perceived legitimacy of their customers; yet, their marketing strategies contradict this argument. As the recent indictment of several former US intelligence personnel working for the United Arab Emirates (UAE) confirms, capabilities originally focusing on one target set may be expanded for other intelligence uses.5 When these firms begin to sell their wares to both NATO members and adversaries, it should provoke national security concerns for all customers. This paper profiles these important trends for their practical security impacts, and to enable further research into this topic. The authors suggest that the United States and NATO create know-your-customer (KYC) policies with companies operating in this space; work with arms fairs to limit irresponsible proliferators’ attendance at these events; tighten export-control loopholes; and name and shame both irresponsible vendors and customers. The authors encourage policymakers to focus their efforts to rein in companies that sell these capabilities directly to adversaries, or those willing to ignore the risk that their capabilities may be misused. The dataset presented below is open for use by others who might similarly seek to bring some measure of light to an industry that remains so insistently in the dark.
Research group for Security and Defence
Research group for Security and Defence
Norwegian cybersecurity: a small-state approach to building international cyber cooperation
As a small, open and highly digitalized country, cyber security is an issue of growing policy importance in Norway. Yet, like other highly digitalized states, Norway has faced difficulties in squaring national cyber security with private business interests and the multitude of actors. Recent years has seen efforts aimed at uniting disparate institutions and organizations into a coherent framework that works.
Managing a digital revolution: cyber security capacity building in Myanmar
Digitalization is exposing developing countries to a growing number of risks as well as opportunities associated with connecting to the Internet. Myanmar stands out as a critical case of both the pitfalls and the benefits Internet connection can bring. Amidst a political transition from military rule to a functioning democracy Myanmar is adding ICT to key areas like banking and e-government. Having been one of the least connected countries in the world only five years ago the country is now connecting to the Internet at an unprecedented pace, with few institutions in place to ensure the transition goes smoothly. The rapid expansion of Internet connectivity is connecting ever more people to an international world of business, discourse, and entertainment, but also crime, subterfuge, and discord. A crucial aspect for development in the years to come will be the harnessing of the benefits, as well as mitigating the downsides that inherently follow in the wake of Internet access (Schia, 2018). In this chapter, we examine the risks and potential benefits of Myanmar’s embracement of digital technologies.
Hacking democracy: managing influence campaigns and disinformation in the digital age
How are states responding to the threat of using digital technologies to subvert democratic processes? Protecting political and democratic processes from interference via digital technologies is a new and complicated security threat. In recent years the issue has been most prominent in terms of election security, yet the widespread usage of digital technologies allows for the subversion of democratic processes in multifaceted ways. From disrupting the political discourse with false information to inflaming and stoking political divisions digital technologies allows for a variety of ways for malicious actors to target democracies. This article compares different state experiences with interference in sovereign and contested political decisions. More specifically the article compares the Norwegian approach and experience in managing these challenges with those of Finland and the UK. Mapping both how the problem is understood, and the role of previous experiences in shaping public policy.
Avskrekke hvem? Betydningen av strategisk kultur for cybersikkerhet
There is an ongoing debate in academia about if and how deterrence theory may be used in cyberspace. Deterrence was originally a theory developed for avoiding conventional and nuclear war. In the current discussion on cyber security, there has been pointed out a range of technical problems of transferring a theory about the physical world to cyberspace. We recognize these challenges of deterrence in cyberspace, but in this article we want to shed light on a different aspect of deterrence. That is the interplay between social and technical factors of deterrence in cyberspace. In this article we will discuss how deterrence as a strategy in cyberspace is influenced by the specific strategic culture of a country. We will use China as a case study to showcase our argument. Contrasts between Chinese and “Western” strategic culture results in concrete differences in how Chinese and Western countries act in cyberspace. By utilizing four components of deterrence theory (denial, punishment, entanglement and norms), we will show how an in-depth knowledge of a state’s security policy and strategic culture may be used to tailor a more effective deterrence and enforce the capacity of hindering unwanted activity.