The role of the regional international organizations in cybersecurity governance: case studies of the OAS, the ASEAN, the AU, and the OSCE

This dissertation investigates the evolving role of regional organizations in cybersecurity governance, addressing their critical influence in mitigating cyber threats in an interconnected global landscape. By employing comparative content analysis, coupled with stakeholder interviews, this study examines the strategies, policies and their implementation of regional international organizations such as the OAS, the OSCE, the ASEAN, and the AU in cybersecurity governance. The research begins by overviewing cybersecurity threats and current governance frameworks from an international perspective. It then reviews the theoretical underpinnings of international organization role in global and security governance, drawing on frameworks from IR and cybersecurity studies. Additionally, practical observations are made on how IOs have governed technologies so far by focusing on nuclear weapons, conventional arms, and lethal autonomous weapon systems. It then conducts a detailed comparative analysis of the selected regional organizations, highlighting their approaches to norms, CBMS, capacity building, and international cooperation. Key findings indicate that regional organizations have a multifaceted role in cybersecurity governance. The analysis reveals that while regional organizations apply similar cybersecurity governance mechanisms, their focus within each issue area differ. As preliminary explanation suggests, differences in regional approaches are influenced by several factors, including regional-specific security threats, economic and technological disparities, political will and national sovereignty, the level of regional integration, and the specific mandates of the organizations. However, the research also identifies significant challenges, such as the varying levels of technological advancement and political will among member states, which can impede the effectiveness of regional cybersecurity governance. The dissertation concludes that while regional organizations have made substantial progress in cybersecurity governance, continuous adaptation and enhanced cooperation are essential to address the dynamic nature of cyber threats effectively. Through this examination, this research aims to fill a gap in the current IR scholarship on cybersecurity governance, which has largely focused on state and non-state actors or Europe-centered observations. This study contributes to the broader understanding of the critical role regional organizations play in global cybersecurity by offering a typology of their roles in its governance. Moreover, the empirical findings, coupled with theoretical insights and expert interviews, hopefully offer practical recommendations for policymakers and other stakeholders on potential ways to develop more effective regional approaches to international cybersecurity.