Can the United Nations Improve Cybersecurity?

The 2012-2013 Report from the Group of Governmental Experts (GGE) recommended “regular institutional dialogue with broad participation under the auspices of the United Nations, as well as regular dialogue through bilateral, regional and multilateral forums, and other international organizations.”

In typical UN fashion, the sentence attempts to please a number of constituencies without saying very much. First, it appeals to the United States and its allies by referring to “broad participation” and regular dialogue in venues outside the UN system. 

Second, it appeals to Russia, China, India, Brazil, and others that would like to see the UN take a more central role in cyber matters, not only on issues related to international peace and security, but when they are related to broader issues like Internet governance. 

Despite reaching a consensus on the need to talk more, the current GGE group will continue to argue over the appropriate place of the UN in discussions about cyber activity that can undermine international peace and security. The GGE will have two options to consider: status quo or something new.

While the GGE process has been instrumental in promoting the norm that international law applies to state behavior in cyberspace, the model is not sustainable for two reasons. First, GGEs have to be periodically renewed by the UN General Assembly, a process that can be upheld by politicking, deal-trading on unrelated issues, and pressures on the UN budget.
Second, the cyber GGEs are limited to a small number of states, five of which have always been the permanent members of the UN Security Council, and the membership changes every time a new GGE is created. 
The UN’s role in the military dimensions of cyberspace is likely to become a bargaining chip. While Russia and China may not push for a new UN cyber committee, middle income and developing countries in the current GGE such as Brazil, Kenya, Malaysia, and others may find it appealing as a way to develop expertise on the topic and could want to see a recommendation for a new group in the GGE’s report.

The United States, which is comfortable with the status quo approach, will likely resist such a move unless it can obtain some concessions in return. 

DefenseOne

 

« Google Adds Real-Time Analysis to its Cloud Service
Cyber Insurance: An Ineffective Way of Dealing with Hacks? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

WEBINAR: 2024 and Beyond: Top Six Cloud Security Trends

WEBINAR: 2024 and Beyond: Top Six Cloud Security Trends

April 4, 2024 | 11:00 AM PT: Join this webinar to find out about six emerging trends dominating the cloud cybersecurity landscape.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Research Institute in Trustworthy Industrial Control Systems (RITICS)

Research Institute in Trustworthy Industrial Control Systems (RITICS)

RITICS is one of three Research Institutes formed as part of the UK National Cyber Security Strategy.

MailGuard

MailGuard

MailGuard delivers a full suite of security solutions across email and web to protect your business before threats reach your environment.

OpenText

OpenText

OpenText is a leader in Enterprise Information Management software and a portfolio of related solutions for Information Governance, Compliance, Information Security and Privacy.

ISARA Corp

ISARA Corp

ISARA Corporation is a security solutions company specializing in creating class-defining quantum-safe cryptography for today's computing ecosystems.

Neupart

Neupart

Neupart provides Information Security Management System, Secure ISMS, allowing organisations to automate IT Governance, Risk and Compliance management.

ISA Security Compliance Institute (ISCI)

ISA Security Compliance Institute (ISCI)

ISCI, a not-for-profit automation controls industry consortium, manages the ISASecure™ conformance certification program for industrial automation and control systems.

Syber Technology

Syber Technology

Syber Technology is an IT project implementer empowering IT systems of Small to Medium Enterprises in the Middle East.

Cyber Pop-Up

Cyber Pop-Up

Cyber Pop-Up provide on-demand access to top security experts. No recruiting. No onboarding. No overhead costs.

Trustify

Trustify

Trustify is a Managed Security Service Provider offering a suite of world-class Cyber Risk Management services.

NXTsoft

NXTsoft

NXTsoft’s solutions help businesses secure, connect and optimize their data to maximize revenue opportunities, enhance profitability, and mitigate cybersecurity risk.

MedSec

MedSec

MedSec is the only company of its type focused solely on cybersecurity for hospitals and medical device manufacturers, offering both a cybersecurity software solution and consulting services.

HiSolutions

HiSolutions

HiSolutions is a renowned consulting firms for IT governance, risk & compliance in Germany, combining highly specialized know-how in the field with profound process competence.

GoodAccess

GoodAccess

GoodAccess is the cybersecurity platform that gives your business the security benefits of zero trust without the complexities so your users can securely access digital resources anytime, anywhere.

Gilsbar

Gilsbar

For more than half a century, Gilsbar has offered insurance service solutions and support for businesses and their employees.

White Knight Labs

White Knight Labs

White Knight Labs is a cyber security consultancy that specializes in cybersecurity training.

Autobahn Security

Autobahn Security

Autobahn Security is a growing team of 80+ experts from 25+ nationalities, established in 5 countries. We’re working hard to make Autobahn Security the No. 1 solution for improved hacking-resilience.