Designing a Governance System for Cybersecurity of Foreign Investment in Europe

Increased global digitalisation has brought both economic benefits as well as cybersecurity challenges; more and more companies around the world are becoming the target of cyberattacks. The consequences of cyberattacks have ranged from money losses and information theft to infrastructure destabilization. Companies face different types of cyberattacks. In the last years, the most frequent (documented) cyber-threats have been: malware; phishing attacks; spam; denial of service; ransomware; insider threats; data breaches; information leakage; cryptojacking and cyber espionage. In the context of investment protection, cyberattacks may have different targets: data on foreign investments and/or foreign investors that are available in digital forms (including trade secrets) and data related to investment arbitration. While the consequences of cyberattacks are clear, less clear is how to deal with this problem at the international (and European) regulatory level. This paper deals with the question of how foreign investment can be secured from cyberattacks within the investment law framework, both at the international and the European law levels. The focus is on which international and European actors are involved in cybersecurity and investment protection policies; the aim is to design a ‘map of relevant actors’ – by using the social network analysis method – and highlight the relevant relationships.

The full article for the International Investment Law journal can be found in the link below.