Managing risk in Asia when security and economics collide

Asia Politics World

Author: Gordon de Brouwer, ANU

For over a generation, economics and security have been viewed as essential but largely separate elements of national interest. Two global developments have changed this: nationalist multipolarity and digitisation. The US–China relationship is characterised by growing strategic competition in both the security and economic domains. Meanwhile, digital technology, including quantum computing, machine learning and 5G, is radically transforming most domains of human activity — from the way people interact with each other and obtain information and learn, to goods and services and the way firms and markets operate, to defence and security. The extensive and increasing digitisation of economic and social interactions appears to leave states vulnerable to cyber intrusion and attack by both state and non-state actors.

A Chinese mobile phone user looks at the icons of the mobile apps of (from top left) Toutiao, Tiantian Kuaibao, Phoenix News and NetEase News on a smartphone in Ji'nan city, Shandong, China, 9 April 2018 (Photo: Reuters).

A Chinese mobile phone user looks at the icons of the mobile apps of (from top left) Toutiao, Tiantian Kuaibao, Phoenix News and NetEase News on a smartphone in Ji'nan city, Shandong, China, 9 April 2018 (Photo: Reuters).

Two principles can help countries in thinking about the interaction between economics and security.

First, thinking needs to be framed from the start in terms of national prosperity, security and social harmony. All three matter and reinforce each other. Security underpins prosperity, prosperity pays for power and security, and social harmony reduces economic and security risks.

Second, analysis needs to explain risks to the national interest and identify practical ways to mitigate them. Risks often affect both security and prosperity — mitigations can be found by thinking beyond a single domain. It is generally in a country’s interest that other countries which pose a security risk have other strong interests to balance. This raises the cost of conflict, creating an incentive to find an enduring solution.

Mitigations to security risk might lie in economic or social domains. For example, strengthening domestic governance, market systems and people-to-people connections support cooperation rather than confrontation.

Defence and security are public goods typically provided by governments. Risk mitigation, in contrast, need not always be directly provided by governments. The actions of other parts of society — especially business and civil society — can help mitigate risk over time. In this sense, the responsibility of government is to enable and create incentives for others to mitigate risks. This is typically achieved by strong domestic laws, markets and governance institutions supported by effective monitoring, compliance and enforcement.

Scenario analysis with a wide range of participants is another useful way to frame risk and look for solutions. Scenario analysis is a feature of Singapore’s national strategising, for example. These exercises bring insights into the global interplay of forces in the domains of the economy (technological change and the impact of digitisation), security (the multipolar order, non-conforming nations and proliferation) and society (trust in institutions, belonging and social media). This analytical framework challenges conventional habits of thinking and supports integrated strategic thinking.

Consider the concern that China is using the Belt and Road Initiative as a strategic play to gain leverage over governments and acquire critical infrastructure, especially in cases when countries cannot repay debt. How should a recipient country address this? Simply refusing foreign investment deprives the country of what might be economic and social infrastructure important for its prosperity. It also deprives China of an opportunity to support others’ development commensurate with its economic size and power.

All donor countries use aid and financial assistance as an instrument of foreign policy, so the interest of the recipient country is best served by engaging with a variety of donors and organisations so that it is not hostage to dependence on a single large donor. Meanwhile, strong governance — including objective cost-benefit analysis, competitive, open and non-discriminatory bidding, and independent dispute resolution — is an essential condition to secure the benefits of investment.

Another example of risk is foreign investment in digital and telecommunications infrastructure. The primary digital security risk is a cyberattack by malicious state or non-state actors that disables key digital and telecommunications infrastructure. Foreign investment rules focus on ownership, but ownership is not the fulcrum of risk. It is widely judged that cyber risk can be reduced but not eliminated. Reducing cyber risk includes strong defences in firms and organisations against cyberattacks and enforcement of strong laws against cyberattacks.

Market structure is important for risk mitigation. The more participants and the more diverse the structure of the market, the lower the risk associated with any one firm. Policies that encourage product innovation and the creation of new firms, along with policies and laws to protect market contestability, help mitigate security risks. The debate about foreign ownership of 5G networks might be different if the sector was competitive and diverse, rather than concentrated in a small number of highly integrated firms.

Risk associated with digital technology depends on whether potential cyberattacks are conducted by large state actors. Analogous to the nuclear arms race, the cyber capabilities of major powers have reached the stage where a cyberattack by one would likely lead to a cyberattack by another. Mutually assured digital destruction (MADD) changes the risk of cyberattacks between the major powers and their allies outside of war.

There are also concerns that international firms may be particularly susceptible to theft of personal data, including information about a person’s health, finances or behaviour. Again, cyberattacks are the core risk. Primary risk mitigation properly focuses on the cyber defences of firms, supported by the enforcement of strong laws around corporate transparency and the protection of privacy, and resilience when breaches occur.

The world has changed and the challenge is to draw on the full toolkit to assess risk clearly and mitigate it creatively and strategically. It is time for countries to engage on these issues rather than withdraw. They need to work together and engage directly with the United States and China on practical and mutually beneficial steps to mitigate, rather than exacerbate, US–China strategic competition.

Gordon de Brouwer is Honorary Professor at The Australian National University and was formerly the Secretary of the Australian Department of the Environment and Energy. 

This article appears in the most recent edition of East Asia Forum Quarterly, ‘Economics and security’, Vol. 11 No. 4.

Please follow and like us: