Get with the Times, International Relations

The top IR schools are hardly teaching students anything about cybersecurity — and that’s a big problem.

It was this summer, three years into my international relations major, that I started to realize something was missing.

I’d spent hours wading through articles about theory and practice — learning about guerrilla warfare, the nuclear proliferation debate, and the legal norms of war. But until I started interning for New America’s Cybersecurity Initiative, I couldn’t name one instance of a state-sponsored cyber offensive.

For anyone who is trying to use an international relations degree outside of the classroom today, that’s a pretty big curricular blindspot. It only takes a quick scan of the news to see that cyber attacks are a growing national security concern. The Senate Intelligence Committee is busy looking into Russia’s interference in the U.S. 2016 elections, the NSA pointed to North Korea for crippling more than 300,000 people with the WannaCry worm globally, and most recently, NATO’s Cooperative Cyber Defence Center of Excellence concluded a state actor was most likely to blame for “NotPetya” malware. It is no secret that our government’s security specialists are increasingly busy protecting our country’s cyberspace; some even argue cyber conflict may drive a new global ‘arms race’. If the next great conflict will play out on a digital battlefield, are we adequately preparing the future policymakers, citizens, voters, and politicians who are currently studying IR for what that future could hold?

According to my research — not so much. After doing some digging, I realized my university didn’t offer an introductory course on cyber conflict — the topic wasn’t even in the syllabus of any of the courses I could take. In fact, of Foreign Policy’s “Top 10 Undergraduate International Relations Programs” (most of these Ivy Leagues), only one undergraduate option offers a major combining technology and international affairs: Georgetown University’s Science, Technology, and International Affairs Major proposes a strand of studies with a focus in cyberwarfare and cybersecurity. Although it’s a start that half of these institutions offer a course with a cyber component, that’s sparse compared to the dozens of courses offered on the history and strategy of war, traditional and non-traditional warfare techniques, and the ethics of using force.

Without basic cyberwar awareness built into their education, a systematic skew in the national IR conversation will remain, in turn impacting national conversations with real-world implications.

Public schools are not better, with none of U.S. News’ “Top 10 Public Schools” offering an IR major integrating cybersecurity and more than half not offering an undergraduate IR course covering the topic. Even worse off are the U.S. News “Top 10 historically black colleges and universities;” 80% don’t offer an IR cybersecurity course– although it is worth noting Hampton University offers more cybersecurity and cyberwar undergraduate options under their criminal justice program than any other “Top 10” public or ivy league school.

Some of these schools actually do teach cybersecurity within international relations, but only at the graduate degree level. American University recently launched a cybersecurity concentration for their School of International Service Masters Students, recognizing “cyber-policy is now near the top of the foreign policy agenda of many countries.” Although this is definitely a step in the right direction, if secondary education IR curricula don’t take into account the new implications of cyberwar at the undergraduate level, our newest security studies graduates could be left with skills completely mismatched to the current threat environment. Without basic cyberwar awareness built into their education, a systematic skew in the national IR conversation will remain, in turn impacting national conversations with real-world implications.

Some may suggest a fix to this problem would be to encourage students to combine an IR curriculum with a computer science one. While this could be the answer for some particularly interested students, many of my peers find this option to be too different from their elected line of study, and generally miss the point of the political implications of cybersecurity. Bluntly speaking, understanding the foundations of programming won’t really teach you the objectives and methods of a political hacktivist or hostile state’s hacking team.

So, why are our schools so slow to adapt? The absence of cybersecurity in IR may come down to a workforce — or supply- problem rather than an interest — or demand — one. Theodore Johnson, a current cybersecurity professor at Georgetown’s public policy school (and New America Fellow), explains that most professors are currently either versed in IR theory, policymaking, or computer science. The number of academics able to triangulate between these three aspects inherent to IR cybersecurity curricula remains small. And even if schools were to bring in experienced practitioners, professors face challenges teaching completely new terminology to their students, Johnson explains. Because cybersecurity as an academic focus area is so new, there is no overarching baseline for language, making it difficult to standardize curricula across the board. Professors also struggle with “bolting in” the borderless, non-tangible aspects of cyberspace to 400-year old structures and framework dominating academic IR theory today.

Nonetheless, Johnson remains optimistic. The number of people practicing cybersecurity in international relations is only increasing and they’ll soon become available to fill academia’s holes. On top of this, unavoidable incoming cybersecurity catastrophes may force higher education institutions to update their IR curriculums, reminiscent of the Cold War educational improvement arms race. During that time, Harvard launched an ambitious fundraising campaign, presumably to keep up with the Soviets, and our nation’s scientists brainstormed to find better ways to teach American children biology, chemistry, and physics. Still, we probably don’t want to wait until a massive attack to persuade universities to get with the times.

If we continue down this road, many of our country’s decision makers and voters will carry with them an educational blindspot — conversant in the trends of the past century but unable to grasp the full potential of their diplomas.


Clementine Gazay was a summer intern with New America’s Cybersecurity Initiative. She is a French-American from Miami currently pursuing an honors B.A. in political science with a management minor at McGill University in Montreal, Canada.