Introduction The emergence of cyberspace as a strategic domain for conflict, competition, and cooperation has deepened divisions in the balance of power in the international system as states actively engage in cyber statecraft. Middle power states like South Africa risk diminishing influence unless they develop cyber statecraft instruments, both to contribute to global cooperation and to enhance their own cyber defenses and economic development. Methods This study employs qualitative document analysis of open-source South African policy and strategy documents situating them within the broader context of national security and South Africa's broader foreign policy goal of reshaping global power. They are interpreted thematically using the ends–ways–means framework to assess the coherence of cyber-related strategic objectives, resources, and instruments. Results Rapid advances in technology globally have left South Africa to play catch-up in developing its cyber-capabilities and its own version of cyberstatecraft. Major cybersecurity incidents likely influenced urgency in policy development, but the analysis of South Africa's key strategic documents shows a deficiency in strategic thinking more broadly, affecting both the acuity of the analysis of the threat environment and the potential ends, ways, and means at its disposal. The economic foundation of statecraft requires radical improvement should the country ever hope to match resources to ambition. Ultimately, state capacity and cyber capability need to be measured by practicality and feasibility. Discussion This paper discusses the way in which sovereignty is being redefined internally and externally by the need for states to develop cyber capacity to achieve national objectives. Unless these cyber-capabilities are expanded, the middle powers risk limited influence in their cyberdiplomacy on the global governance of cyberspace. Moreover, they will find themselves in a position of increased vulnerability relative to malevolent cyber actors, whether state or non-state. As the South African example shows, coherent national cyber governance frameworks and building resilience domestically are the first and last line of defense.
Raymond Steenkamp-Fonseca (Tue,) studied this question.