The Association of Southeast Asian Nations (ASEAN) was established in 1967 and comprises 10 Member States.1 The organisation aims for ‘cooperation in the economic, social, cultural, technical, educational and other fields, and in the promotion of regional peace and stability through abiding respect for justice and the rule of law and adherence to the principles of the United Nations Charter.’2 In 1994 ASEAN initiated the ASEAN Regional Forum (ARF), with the objectives ‘to foster constructive dialogue and consultation on political and security issues of common interest and concern; and to make significant contributions to efforts towards confidence-building and preventive diplomacy in the Asia-Pacific region.’3 Apart from States in the region, the participants in the ARF include the United States, Russia, China, and the European Union. ASEAN does not adopt binding legislation for its Member States.
Since the late 1990s, ASEAN has discussed cyber in the context of transnational crime and as an example of non-traditional security issues. In 2003 ASEAN structured their activities within three different communities: the Economic Community, the Political-Security Community and the Socio-Cultural Community. The Vientiane Action Programme 2004-2010 promotes progress in the different communities and also in the area of the security and integrity of ASEAN Information Infrastructures. One of the action items is the establishment of national Computer Emergency Response Teams (CERTs). The importance of a secure and connected regional information infrastructure is again mentioned in the ASEAN Economic Community Blueprint (2008).
The ARF has also addressed cyber security. The 19th ARF in 2012 produced a Statement by the Ministers of Foreign Affairs on Cooperation in Ensuring Cyber Security. During the 20th ARF in July 2013, cyber security was discussed in relation to counter-terrorism and transnational crime. The ARF participants affirmed the importance of intensifying cooperation in this area (see INCYDER news item).