Anastasiya Kazakova, Senior Public Affairs Manager
More countries are appointing cyber ambassadors, who represent their Member States in the UN First Committee to discuss the use of ICTs in the context of international security and peace. In many cases these cyber ambassadors are also in charge of whole of government international engagement to represent and protect their state’s interests, including in the fields of national security, foreign policy, and economy and trade in cyberspace.
Since 1998 within the UN First Committee, States have been discussing responsible State behavior in cyberspace, and also a cyber-stability framework, which includes: international law, norms, confidence-building measures (CBMs), capacity building, and regular institutional dialogue. Cyber diplomats discuss matters like: (i) if the global community needs (or does not need) a ‘cyber treaty’ – a new legally binding instrument for cyberspace; (ii) how to implement non-binding norms and if new norms are needed; (iii) existing and emerging threats and how to address them; (iv) what the challenges are regarding attribution and how to overcome them; (v) how to protect critical infrastructure; and so on.
To private companies, this process of discussion and negotiation among States may seem complicated, highly nuanced, and requiring the special knowledge on the subject matter as well as on protocol and specific language used by cyber diplomats. Thus, you might wonder why companies would even be interested in this.
First, we see some States themselves welcoming the engagement and contributions of a multi-stakeholder community. Second, the threats that we all face in cyberspace require global discussion and solutions. In particular, while the protection of critical infrastructure is the prerogative of States, it is important to avoid fragmentation in States’ approaches – for private-sector entities this limits their ability to protect against cyber incidents and respond to them in a timely manner, in turn making critical infrastructure less reliable and less cyber-resilient. What’s more, in the event of significant cyber attacks on critical infrastructure located in several jurisdictions, the global community needs a global incident response mechanism. Finally, cyberspace cannot function as a ‘Wild West,’ and we would all benefit from greater predictability and clear rules for cyberspace.
For the first time in history, in 2019 the UN established the Open-Ended Working Group (OEWG) – a truly transparent, inclusive and open process, which allowed the participation of all 193 UN Member States. Moreover, the OEWG’s mandate allowed voluntary contributions and consultative meetings with interested parties – business, non-governmental organizations, and academia – but this has not always been as wide or diverse as in other multilateral fora.
To express our support to the intergovernmental negotiations taking place within the UN OEWG, we have shared our cybersecurity expertise: we made two submissions to two pre-Drafts of the UN OEWG report (the first and the second); a submission with suggestions for best practice implementation of some previously agreed non-binding norms; and final comments to the Final draft of the UN OEWG report. In late 2020, we co-organized together with delegations of France and Egypt as well as the Women’s International League for Peace and Freedom (WILPF), a multi-stakeholder session on regular institutional dialogue (RID). Before the adoption of the final UN OEWG report, we also delivered statements.
Our position could be summed up as follows:
As a result of the negotiations between States since 2019, on March 12, 2021, the UN OEWG adopted a consensus report on the use of ICTs in the context of international security and peace. Though the report itself represents “fairly limited progress,” the adoption of the report is a significant step forward in delivering consensus among all UN Member States. It is a truly major achievement for ensuring stability in cyberspace, and it would hardly be possible without the great work of States’ cyber diplomats, which the global community, including non-State actors had the opportunity to follow (all States’ submissions and comments have been published at the official website).
The global community needs cyber diplomats because they are the key professionals capable of ensuring that cyberspace – a highly diverse, multi-faceted, multi-stakeholder field, where, at the same time, we observe division and contention among States – will remain open, secure and stable. And we need the global ‘cyber dialogue’ to continue further, and we – a private sector company – stand ready to continue supporting States’ efforts further.