Opening Session | Seventh OEWG Session on ICT Security 

4 Mar 2024 15:00h - 18:00h

Event report

Agenda item 3 : organization of work

Table of contents

Disclaimer: This is not an official record of the session. The DiploAI system automatically generates these resources from the audiovisual recording. Resources are presented in their original format, as provided by the AI (e.g. including any spelling mistakes). The accuracy of these resources cannot be guaranteed.

Full session report

Seventh OEWG Session on ICT Security Commences with Focus on Evolving Threats and Normative Frameworks

The seventh substantive session of the Open-Ended Working Group (OEWG) on Security of and the Use of Information and Communications Technologies (ICTs) 2021-2025 commenced with a focus on the complex and evolving challenges and opportunities posed by the rapid advancement of the ICT landscape. Under-Secretary-General and High Representative for Disarmament Affairs, Ms. Izumi Nakamitsu, addressed the group via a pre-recorded video, emphasising the dual nature of ICT advancements that offer opportunities for sustainable development and climate change mitigation, while also presenting significant threats, especially in the context of armed conflict. She highlighted the urgency of addressing the digitalisation of conflict and the need to protect civilians from cyber threats and misinformation.

The Chair welcomed the delegates, highlighting the progress made by the OEWG since its inception in 2021 and the importance of an action-oriented, pragmatic approach. The Chair noted the high levels of participation and engagement from member states, underscoring the OEWG’s role as the only universal, open-ended, and inclusive mechanism for ICT security discussions. The Chair urged further broadening of participation and encouraged member states to support each other in increasing capacity and knowledge for meaningful participation.

The Chair outlined the key areas of focus for the session:

1. **Threat Landscape:** – The Chair called for objective discussions to understand and respond to the evolving threats in the ICT domain, including ransomware and attacks on critical infrastructure. The potential acceleration of threats by AI and other emerging technologies was also noted.

2. **Rules, Norms, and Principles:** – The Chair discussed the need to develop a common understanding of the normative framework for responsible state behaviour in ICT use. New norms proposed by stakeholders, addressing supply chain attacks, cloud services, software update manipulation, and cyber mercenary companies, were highlighted for consideration.

3. **International Law:** – The Chair acknowledged the challenges in deepening the understanding of international law as it applies to state behaviour in ICT use and suggested scenario-based discussions as an effective way to explore its application. The African Union’s adoption of a common position on the application of international law in cyberspace was highlighted as a significant development.

4. **Confidence-Building Measures (CBMs):** – The Chair underscored the importance of the OEWG as a CBM and the need to expand the initial list of global CBMs. Suggestions for additional CBMs included cert-to-cert cooperation and protection of critical infrastructure. The Chair called for nominations for the global Point of Contact (POC) directory.

5. **Capacity Building:** – The Chair described capacity building as urgent and essential, particularly for developing countries and small states. A mapping exercise report surveying existing capacity building programs was referenced, and the upcoming Global Roundtable on ICT Security Capacity Building was highlighted. India’s proposal for a global cybersecurity cooperation portal was also mentioned.

6. **Regular Institutional Dialogue:** – The Chair stressed the necessity of establishing a single-track process for regular institutional dialogue post-2025 to avoid parallel processes and competing frameworks. The Chair encouraged member states to engage in discussions on this topic, building on common elements identified in previous sessions.

The Chair concluded by urging member states to prepare for substantive discussions on the threat landscape and other key issues, maintaining a spirit of cooperation and open-mindedness. The Chair highlighted the importance of consensus-building, particularly in light of low global trust levels and geopolitical tensions. The session adjourned with the Chair encouraging member states to engage in dialogue and reflect on the week’s objectives, setting a clear agenda for the OEWG’s work.

The extended summary captures all key points from the transcript text, providing a detailed and coherent account of the session’s opening and the Chair’s comprehensive remarks. It reflects the Chair’s emphasis on concrete actions and outcomes, inclusivity, and the active participation of all member states in shaping the future of ICT security.

Session transcript

Chair:
Good morning, everyone. The first meeting of the seventh substantive session of the Open-Ended Working Group on Security of and the Use of ICTs 2021-2025, established pursuant to General Assembly Resolution 75-240, is now called to order. Distinguished delegates, I extend a very warm welcome to all delegations attending this meeting and to those who are following the meeting through UN Web TV. At this stage, I’d like to invite all of you to begin the session by hearing an opening statement by Under-Secretary-General and High Representative for Disarmament Affairs, Ms. Izumi Nakamitsu, through a pre-recorded video. I now give the floor to Ms. Nakamitsu to deliver her pre-recorded remarks.

Izumi Nakamitsu:
Mr. Chair, distinguished delegates, ladies and gentlemen. I am grateful for another opportunity to address the Open-Ended Working Group on Security of and in the Use of Information and Communications Technologies. I regret I cannot be here in person, but I am pleased to address you virtually. Just three months have passed since the last substantive session. While the time since December 2023 may seem quite short, there has been no shortage of ICT-related developments. From rapidly evolving cloud computing capabilities, To the never-ending expansion of the Internet of Things, the ICT landscape continues to grow more complex. This complexity grows with each passing day, let alone each passing month. Each advance is an opportunity for sustainable development to tackle climate change or better protect the people we serve. But with increasing complexity also come growing challenges. Among the most salient of these challenges is the development and use of ICTs in connection with armed conflict. The digitalization of conflict is now a foregone conclusion. While access to digital technology can save lives, the digitalization of conflict also brings new vectors for attacks and new threats to civilians. Digital technologies, including ICTs, are being used to harm civilians by disrupting infrastructure that provides essential services to the public, to incite violence against civilian populations, and to spread mis- and disinformation on social media. In this way, with each passing session of this working group, the stakes feel higher. This sense of urgency can only expect to grow as the working group has now passed its halfway mark. In the very able hands of the Chair, Ambassador Burhanga 4, this body continues to prove its value by reaching consensus outcomes even when global trust levels have been seriously challenged. From establishment of an intergovernmental points of contact directory, to elaboration of concrete confidence-building measures, to constructive exchanges on enhancing capacity building. actionable outputs have emerged. Beyond these tangible achievements, the working group regularly engages in increasingly detailed exchanges on topics like applicability of international law to the use of ICTs by states, strengthening measures to protect critical infrastructure from malicious ICT activity, and the need for a gender perspective in tackling ICT threats. I expect this year to prove equally successful, including with adoption of a third annual progress report by consensus in July. The rounds of intersessional meetings in May, including the global roundtable on capacity building, will no doubt serve as important moments for progress. Outside the working group, 2024 will also see highly relevant work in the context of preparations for the 2024 Summit of the Future. A multi-stakeholder process to elaborate a global digital compact is underway. The compact will focus on closing the digital divide and building an inclusive, open, safe, and secure digital future. A pact for the future is also under negotiation, including discussions on how to leverage science, technology, and innovation for development, while tackling challenges emanating from emerging domains like cyberspace. In this context, the sector general continues to advocate for means of protecting civilians from malicious cyber activity. He has called upon states to declare infrastructure providing services to the public and essential to the functioning of society off limits to malicious cyber activity. It is my hope that preparations towards the Summit of the Future will encourage further consideration and uptake of the sector general’s call. Mr. Chair, distinguished delegates, ladies and gentlemen, I have consistently encouraged delegations to redouble efforts to build conversions on the issues that seem farthest from consensus. While it is building common understandings on application of international law or unpacking the sufficiency of existing rules, norms and principles of responsible state behaviour, including any potential gaps, the most challenging issues can hold the most promise for positive impact. Let us not shy away from these issues because they are challenging, but rather tackle them because they are. I continue to believe there is considerable scope for the working group to build on these past achievements to make further progress. I thank you for your attention, and I wish you a successful session.

Chair:
Thank the Under-Secretary-General for her pre-recorded remarks, and I think it’s important that we reflect on her statement. Distinguished delegates, I’m very delighted to see so many familiar faces in France and also some new colleagues who have joined the process. I extend a very, very warm welcome to all of you. And at this stage, I’d like to offer some of my own personal reflections as chair of this process before we begin our substantive work. As Under-Secretary-General Nakamitsu said, we are midway through our process, and we’ve come a long way since this open-ended working group started in 2021. Now, when we started our process in June 2021, it seemed like there was a lot of time ahead of us. And I remember at that point that some of you had asked me, what were we really going to do for five years with so much time, and how were we going to use our time productively? I think that our collective efforts and our collective work over the past three years, I should say, has answered that question, which is that we have used our time productively. In fact, talking to some of you, I get the sense now that there are so many things to do and so little time available. Now, the good news is that we have taken some very concrete steps forward across all aspects of our mandate. And we have done this by being action-oriented, by being pragmatic, and by taking an incremental step-by-step approach. And I believe that this pragmatic, incremental, and action-oriented approach has served us well, and one that we should continue as we look ahead towards the remaining time in our process. The other piece of good news is that there is a very high level of participation and substantive engagement in the OEWG process. This is a good development because it shows that member states have understood the importance of the framework for responsible state behavior in the use of ICTs. I’ve often emphasized the significance of the OEWG as being the only universal, open-ended, and inclusive mechanism for work on ICT security. But a universal mechanism must continue to broaden participation and encourage all countries to be engaged in this process. And one of the positive outcomes of the OEWG is that we are seeing very high levels of engagement, and we see today, this morning, representatives from many, many small countries as well as many developing countries. And this is a good sign. And it is my hope that we can further increase the levels of participation. and include more and more delegations to be engaged in this process. And we can only do so by supporting each other, helping each other to increase our capacity and knowledge so that everyone is empowered to participate meaningfully in this process. So it is my hope that each one of you will also encourage your own friends and delegations and those in your regional groups to be engaged in this process. And even if we do not have the resources to participate in all our meetings and discussions, it is important that we disseminate information on the work of this working group to all delegations. And as we move towards implementation of some of the agreements we have reached, such as the global POC directory, it is really important that we expand participation and make it universal. And one of the most important outcomes of the OEWG process looking over the last few years is the strong spirit amongst all delegations of wanting to build consensus. And I feel this very strongly as I talk to many of you in bilateral and informal consultations that there is a clear commitment to make things work. And this positive and constructive spirit is something that we must continue to nurture and build upon. The fact that we have been able to adopt two very substantive consensus annual progress report is an indication of the spirit of consensus in this OEWG. And it is also an indication of the constructive approach taken by each one of you and by your delegation because ultimately you come to the process with an open mind, ready to engage, and willing to be flexible in order to achieve a broader, mutually beneficial outcome. But I also want to say that we cannot take further progress for granted. And as Under-Secretary General Nakamitsu said, the levels of trust globally are very low and the geopolitical situation remains tense and it remains very challenging. And the work at the UN across a range of issues and committees and working groups has also become very challenging and success is not guaranteed unless delegations work for a consensus outcome. In some ways, as we look back at our process, I think we have been able to manage the differences. We have been able to manage the geopolitical tensions. And we have been able to take some steps, move forward by reaching consensus on mutually beneficial outcomes. But it is important that this spirit of consensus remains very fragile and we cannot take that for granted. And I therefore call on each one of you, even as you have your own positions, to have a very keen understanding that it is important that we manage our differences, we keep an open mind, because ultimately if we want to take another step forward, we have to find consensus. We have about 16 months until the end of the process in 2025, so it is less than two months. years that we have left. And therefore it is very important that we build on what we have achieved so far, continue the incremental and step-by-step approach, and maintain the strong spirit of consensus building in order to complete our work by July 2025. I also want to share some of my views section by section across our mandate. I’m making this section by section comments in the hope that it will provide the context for our work this week and I also think that it might be useful as a summary of where we are, as an overview of where we need to go as we get back here this session. So let me talk first about existing and potential threats. And here I think it is important that we must continue our discussions in order to better understand the threat landscape. Because a clear, accurate understanding of the threat landscape is fundamental and foundational to our work. It sets the context for the discussions on the rest of the items under our mandate. And understanding clearly the threat landscape gives us the foundation to talk about cooperative measures that we can take in response. And we also need to keep in mind that threat landscape is constantly evolving. Last year, in the second annual progress report, we identified ransomware as a threat for the first time. And threats to critical infrastructure have also been gaining in prominence. And there are certainly more threats which are emerging and evolving, and they too need to be discussed and identified. So in revising my guiding questions, I have noted that at recent sessions, many delegations have highlighted AI, artificial intelligence, as a potential accelerator of threats in the ICT domain. Other emerging technologies, as well as proliferation of sophisticated ICT capabilities, as areas which will require our attention. So I look forward to having a deeper discussion on what specific aspects of these developments we can potentially identify and capture as part of our outcome at the third annual progress report. So, but in order to make some common understandings on the threat landscape it is important that we look at this issue in a very objective way without engaging in finger-pointing and it is important that the OEWG remains a safe space where all countries can come here to the UN and talk about threat landscape, talk about the threats that concerns them, talk about new threats and emerging trends, and it’s important that we have that discussion in a way that doesn’t undermine trust but also that doesn’t damage the process and prevent progress in other aspects of our work. As the threat landscape evolves, our cumulative and evolving framework must also continue to evolve in order to remain relevant and effective and this applies to our understandings and agreements across all aspects of the framework, whether it’s norms or international law or CBMs and capacity building. And this leads me to the second section on rules, norms, and principles, where we must continue to do two things. One, further develop our common understanding of the normative framework on the one hand, and on the other, continue our efforts to implement the agreed norms. Now firstly, with regard to further developing our common understanding of the rules, norms, and principles of responsible state behavior, as I said earlier, the threat landscape is evolving and so our understandings cannot stand still. If the framework is cumulative and evolving, so must our understanding of how we apply the framework. And as part of our discussion and as we build new understandings, there could be new norms in the form of new guidance. Now delegations may not have a common view in terms of what exactly we need to update in terms of our understanding of the norms, but I think we can all agree that it is important for us to have that discussion and build a common understanding of how we can keep the framework up to date and adapted to the evolving situation. At the last session, I called on all states with ideas, whether in the form of new norms or elaborations of existing norms, to put forward concrete and specific language suggestions on the table for discussions. And I think it’s important that we move beyond an abstract debate we have been having sometimes on whether there is a need for a new norm. Now in this regard I want to draw your attention to the focused discussion that I had with the stakeholders last week on rules, norms and principles, and I take this opportunity to acknowledge their presence here. Not all of them are here, some might be following the discussions on UN Web TV and I thank them for their presence and participation. And I wanted to say that the discussion with stakeholders which I convened last week was very useful. At that discussion some stakeholders put forward some very specific and concrete language on potential new norms. For example, one stakeholder group called for a new norm addressing supply chain attacks. I think we need to discuss this. Another stakeholder group proposed texts for four additional norms, and they were number one, a norm to protect against both AI powered cyber operations and attacks on AI systems. Number two, designate cloud services as critical infrastructure with protection against attacks under international law. Number three, protect against software update manipulation. And number four, limit the use of cyber mercenary companies. These are the four suggestions put forward by a stakeholder group, and I invite you to reflect on them and discuss them. So overall, I thought that the discussions last week with the stakeholder community on norms, rules, and principles was very useful, and I want to take this opportunity to thank them all. I’ve not highlighted all the different suggestions that they have put forward, but I would encourage member states who are also present in that dialogue to give me their views on some of the suggestions that they have put forward. This is why I think it’s important that we keep the dialogue and communications flowing between the stakeholder community and our process here, because as the threat landscape evolves, as technology evolves, it is important that we, as an intergovernmental process, are not lagging behind so significantly that our work becomes irrelevant. So that’s why it’s important to have this constant dialogue with the stakeholder community. So I’d be very interested to hear from delegations about some of the views that have been put forward by the stakeholder community with regard to new norms. Now at the same time we must also intensify our efforts to implement the agreed norms. And you will recall that in the second annual progress report the chair was mandated to produce an initial draft checklist on the implementation of norms. And I circulated this initial draft as a discussion paper dated 20th of February 2024. And you would all have seen this. This is a discussion paper. It is not a finalized product. And so this week I welcome suggestions from delegations on this discussion paper on a checklist of voluntary actions. I do acknowledge that it’s a lengthy document but I do want to emphasize that I’ve structured it as a compilation of voluntary practical and actionable measures that are gathered from different sources. And you can see the sources of where these voluntary actions have been taken from in the various footnotes to that document. So I hope to get your general views on the checklist and I’d like to also hear your views this week as to how we can use that checklist as a potential tool for implementation and capacity building. The third section that I want to address is international law. Now international law remains one of the most challenging aspects of our work and there are very strong views on all sides. Nonetheless if we want to make progress it is essential that we find some common ground even if it is challenging to agree on big steps in terms of international law in the near future. One important development at our last session it seemed to me was the recognition that scenario based discussions could be an effective way to deepen our understanding of international law. And many delegations at the last session highlighted the positive experience at the UNIDIR workshop which was titled application of international law to the behavior of states in the use of ICTs which was held in Geneva in November 2023. So I want to take this opportunity to thank and commend UNIDIR for organizing this workshop and I also thank and commend the very diverse group of member states who co-sponsored this workshop and more importantly this diverse group of countries worked together and that in itself I think was a good demonstration of a commitment to build confidence. So in the revised guiding questions I’ve asked the OEWG, all of you, I’ve asked how we can build on initiatives like the last workshop in order to continue our discussions on international law how we can further deepen our understandings. And I’ve also asked whether scenario based discussions could also be incorporated into the OEWG discussions and if so what are some of the scenarios that we could potentially discuss. So here too I’m looking forward to hearing your views. I also want to take this opportunity to highlight a very important development that has taken place recently which is the African Union’s adoption of the common African position on the application of international law in cyberspace. This is an important step forward in expanding participation in our discussions on international law and I understand that this afternoon during lunchtime there’s going to be a launch event to launch the African Union’s adoption of the common African position and if you haven’t been invited or if you haven’t seen the invitation, I would strongly recommend that as many of you as possible attend this event and give your support to the African Union’s adoption of the common African position on the application of international law in cyberspace. And of course, I also look forward to hearing more about the common African position this week from AU member states when we come to the section on international law. The next section I want to address is confidence building measures and confidence building is core function of the OEWG and it has been said many times and you know this well by now that the OEWG is itself a CBM and we have all seen how our discussions in the OEWG over the past three years have helped to build and rebuild at least a baseline of confidence between delegations and encourage also communications between delegations with different points of view. And I should add that communicating with delegations with similar point of view doesn’t always help to build convergence because if like-minded groups of delegations have conversations among themselves, then we are not building bridges. We also need to have conversations with people who have different points of view. So once again, I would encourage all of you to use this week to reach out and talk to delegations with a different point of view. It may be very comforting to talk to people who agree with you but if we want to take steps forward, if we want to build convergence, it’s important that each one of you talk to delegations with a different point of view. Now with regard to CBM, we have agreed on a very concrete deliverable which is the initial list of voluntary global CBMs. Now the initial list of global CBMs in my view was a very important outcome because for the first time now, for the first time at the global level, we have a list of CBMs. Some regional organizations had their own list of CBMs but we did not have one at the global level until we adopted it in this working group. So we need to think about how we can build on this initial list of CBMs, how we can put it into practice. So it is also important that we here in the OEWG start thinking about how we can expand our initial list of voluntary global CBMs. I draw your attention to the fact that we decided to call it an initial list because there was a recognition that additional CBMs may be needed at a later stage. So now we need to start reflecting on how and whether we can expand on this initial list. Now at the last session, many delegations proposed various ideas for additional CBMs and building on these discussions, I have asked in my guiding questions whether some examples of additional CBMs could include, number one, cert to cert cooperation, number two, cooperation between states on capacity building to close the digital divide, number three, protection of critical infrastructure, number four, public sector private sector cooperation, and number five, coordinated vulnerability disclosures. These are some of the questions that I have posed in terms of whether these could potentially be additional CBMs that we can discuss and hopefully find some common understanding. Under the rubric of CBMs, of course, one of the big outcomes that we have had in this OEWG is the global POC directory and delegations will recall that I gave a virtual informal briefing on the 31st of January and the Secretariat also gave an update for the implementation and the timeline for the global POC directory. And I think the slides of that presentation was made available and put on the website, so I do suggest that you take another look at it. But most importantly, I call on all delegations to nominate your POC’s points of contacts as soon as possible. The more states that we have that are participating in the global POC directory, the more effective and truly global the POC directory will be. And establishing the POC directory was only the first step, now it is up to us to make the POC directory a meaningful contribution to international peace and security through all our active participation. So I would encourage all member states to nominate POCs by the Secretariat’s suggested deadline of 15 April 2024. And I would also like to say that you do not need to have finalized all details of your POCs in order to make the nomination, because I understand that nominating a POC will entail a fair bit of internal coordination, but if you have already identified at least a single point of contact, whether it’s diplomatic or technical POC, you can still go ahead with nominating that POC first. And if and when you have additional nominations and additional details, then this information could be updated on a rolling basis, because we’ve all agreed that the POC directory will continue to be updated. So you do not need to wait for all details to be settled nationally before you make that nomination. And I think submitting even an initial set of details will be a clear indication of your intention to participate in the POC directory. And it is also important that each one of us reach out to other delegations which may need assistance, other delegations in your own region. or subregions, or your regional organization so that there is also a concerted effort to support an onboarding process for member states who are not participating in any POCs to encourage them to join the global POC directory. The fifth point I wanted to make was on capacity building. And here much remains to be done, and we have all recognized that capacity building is a cross-cutting pillar that underpins all other aspects of our cumulative and evolving framework. Now the success of the framework in promoting international peace and security is in some ways dependent on our success in capacity building. And we have heard repeatedly from many delegations, especially developing country delegations and small state delegation, that there is an urgent need for capacity building to happen immediately, not later, but as soon as possible. And it’s therefore very important to show results on capacity building. And in my view, it is time to stop talking about capacity building, and it’s time to start doing things to make capacity building real and concrete. Now, in this regard, I want to draw your attention to the Secretariat’s report, the mapping exercise, which was made available, I think, just this week, if I’m not mistaken, or was it – it was made available last week, the mapping exercise to survey the landscape of capacity building programs and initiatives within and outside the United Nations and at the global and regional levels. I strongly recommend that everyone looks at this report, because it is an aerial survey of the landscape of capacity building in the domain of ICT security. It is a survey of the offerings that are already on the table. And this report is a very rich report. It identifies the many different things that are already happening. And therefore, as we engage in a discussion on capacity building, it is really important that we have a good understanding of what is already happening, what are the offerings on the table, who are the actors and institutions engaged in this domain. And therefore, as it is said in the report, it is important that we avoid duplication. It is important that we build synergy. It is important that we build new partnerships. The report does identify what is already happening, does identify a range of partnerships at the regional, sub-regional level. But we also need to ask ourselves what kind of new partnerships are needed, what kind of gaps need to be filled. And that is the purpose of this mapping exercise. And I want to thank the many delegations which had submitted their inputs, which enabled the Secretariat to produce this very rich report that I draw your attention to. Now, the second thing I wanted to mention with regard to capacity building is that this year we will make an important step forward by convening the Global Roundtable on ICT Security Capacity Building. This Global Roundtable was mandated by the second annual progress report and this global roundtable will be a dedicated high-level global meeting on ICT security capacity building and it will be the first of its kind to be convened at the United Nations. And it is important that we make this global roundtable meeting a success and the global roundtable gives us an opportunity to gather as a community of states, practitioners, share best practices, share lessons learned, as well as build new partnerships when they are needed in order to address demands for capacity building as well as any potential gap. I had previously announced that the global roundtable will take place on the 10th of May and earlier in the year I circulated a letter outlining details of the global roundtable and a hard copy of this letter and invitation is on your desk. Please do look at it. Please bring this invitation to the attention of your ministers responsible for ICT capacity building and I also wanted to highlight to you that the global roundtable is meant to take place on the 10th of May and it coincides with the science and technology forum, science and technology and innovation forum that is convened by the Economic and Social Council, ECOSOC also that week. On the 9th of May they are having their meeting so that meeting will also attract science and technology ministers at the United Nations in New York. So in that sense there is some synergy between the ECOSOC STI forum ministerial meeting plus the global roundtable on ICT security capacity building which is going to be held on the 10th of May. And we had organized this by design so that participating ministers or senior officials will also be able to participate in in the other meeting, the SDI forum meeting. So, I wanted to once again underline how important this global roundtable is going to be as a demonstration of our collective commitment to making capacity building happen, to building new partnerships, and to deliver on concrete initiatives. Now, talking about concrete initiatives, I also want to draw attention to the proposal that had been put forward by India for a global cybersecurity cooperation portal. And you will recall that the second annual progress report called on member states to continue discussions on the GCSC, and India had also made a very detailed presentation on this proposal in December 2023 at the sixth substantive session. And it is my hope that we can build on that discussion we had last December, and I would also like to hear from member states whether we can potentially move towards finding some common elements of consensus with regard to this proposal. And I encourage, once again, all delegations to talk to each other on this very specific proposal so that when we come to the section on capacity building, I look forward to hearing your views. And I would also say that we need more concrete proposals or initiatives with regard to capacity building that you think we should take up within the framework of the OEWG. And if there are more initiatives or proposals, I look forward to hearing them when we come to the section on capacity building. Now, the sixth and last section that I wish to address, which is under our mandate, is regular institutional dialogue. And my sense is that reaching consensus on regular institutional dialogue is possible, and I am determined to do everything I can as chair of the OEWG to facilitate consensus within the OEWG on regular institutional dialogue by taking into account all different views, by taking into account all different proposals on the table, including, of course, the POA. Now, in my assessment, working towards a consensus on regular institutional dialogue is not a good-to-have. It is a must-have. And reaching consensus on regular institutional dialogue is not an option but an absolute necessity. The good news is that we already have done some good work in the OEWG to identify some common elements on RID, and we need to build on those common elements, and we need to take the next step forward. And the key to building consensus and the key to preserving what we have achieved in the OEWG over the last few years, if not the last few decades, is to reach agreement on a single-track process. post-2025. If we fail to agree on a single-track process for post-2025, we run the serious risk of weakening and damaging all the good outcomes of the past few years, if not the past two and a half decades. And let me also say that we should not underestimate the risk of creating parallel processes in the domain of ICT security. We should not underestimate this risk because this risk, in my view, is a very real one. And I just want to cite the example of the decision made by the first committee last year to establish two open-ended working groups to deal with issues in outer space. So there is a clear example from recent times where the possibility of a parallel process has become real. That is why I’d like to once again say that the risk of a parallel process in the ICT domain is very real if we do not work towards a single-track process, if we do not build common ground, and if we do not engage in an exercise of give and take. Now, fortunately, within the OEWG on ICT, we have so far been able to avoid a parallel process. And as I said earlier in my remarks, there is a good sense and a positive spirit that prevails. So that gives us a glimmer of hope, that gives me a glimmer of hope that a consensus is possible on regular institutional dialogue. Now, the cumulative and evolving framework that we have established over the last few years, as well as two decades, is only going to be useful if it is a framework that enjoys universal acceptance, recognition, and implementation. And we have been doing that. precisely over the last few years. But if we have multiple competing processes, then I think we will erode the support that has been built for this cumulative and evolving framework. Or worse still, we could see the development of multiple competing frameworks, which is not a path that I think we should take. So my friends, I apologize that I’ve given this very lengthy introduction because I wanted to make sure that everyone is on the same page, everyone is clear about where we are as a process and where we need to go as a process and what we need to do as a process. And one of the challenges of this process is that this brings together a very unique and special community of experts from capital, experts from New York, the stakeholder community. And a week like this is also an occasion for all of us to come together, understand what is before us and have a sense of where we need to go collectively. And it is in that spirit that I made this very, very lengthy remarks in order to set the context, to set the stage for our work for the rest of the week. So I apologize that I’ve taken a much longer time than I usually do for my opening remarks. And I intend also to make these remarks available on the website later today so that it’s there as a reference point for all delegations in terms of the work that we need to do this week, but also beyond this week. Thank you. Now, with regard to the regular institutional dialogue, I also wanted to draw your attention to the paper that I have made available, the discussion paper dated 20th of February. And delegations will recall that we were able to agree on some common elements for the the future mechanism in the second APR. And these common elements were drawn in turn from the ideas and proposals suggested by delegations. And my sense is that there is a strong commitment to expanding the common elements. And therefore, my discussion paper on regular institutional dialogue is meant to precisely facilitate that. And it is my hope that as we discuss this issue, we can include further common elements in the discussion paper so that we can take concrete steps forward towards a single track process. Now, I also want to draw your attention to some additional homework items that all delegations need to do. And the secretariat, I’ve asked them to flush a slide of your homework for this week and beyond. I’m sorry for sounding like a Singapore school teacher. But I’m doing this because as I went through my papers over the last few weeks to prepare for this meeting, it struck me that we have a lot of things to do. And we meet for a week, and we disperse. We meet again a few months later. So it is really important that we need to focus on what needs to be done. And as we enter our third year of this process, there’s a lot more follow-up that has come up. So this is a process that has grown. But also, it means it has grown in terms of the things we need to do. So I draw your attention to the nomination of POCs, which was issued on the 10th of January. And then there is also a secretariat, not very well, seeking submissions of views on the capacities required to participate in the POC directory, which was issued on the 7th of February. And I wanted to say that the mapping exercise report, in a sense, looks at the supply side in terms of what is available. The submission of views on the capacities required to participate in the POC is the demand side, in a sense, what do you need in order for you to participate in the POC directory. And the secretariat will then compile them and make that available. So that is going to be a very important report as well. And then, of course, the invitation letter to ministers for the global roundtable. on ICT security, please bring them to the attention of the ministers. I’m repeating this ad nauseam because the letters had gone out very early, but it is my sense that many delegations have not yet seen it. Either they are stuck in inboxes in New York, or they are stuck somewhere in capital. So I really want to underline the importance of each one of you taking up this invitation, identifying the best person who should represent your delegation at the Global Roundtable, because at that Global Roundtable, you will be able to talk with partners, talk with other like-minded countries to see what we can do collectively, what kind of new partnerships we can build. And finally, the chair’s letter on nomination of experts. Again, this is something that I mentioned in December, because we have an intersessional meeting that’s coming up in May, and the chair is mandated to invite experts from different regions. And in order to make sure that the experts come from diverse regions and there is equitable geographical representation, I want to make sure that we have a list of experts from different parts of the world, from the different countries. Otherwise, there’s a risk that we’ll end up inviting experts from one region, and that will not be good for a multilateral process like this. So it is really important that if you in your country, whether you’re a big country or a small country, if you think there is a preeminent expert, please make that nomination so that we can have a list of those experts available. And even if those experts cannot be invited in May, we can keep that list as a rolling list so that we can always invite those experts to future meetings of the OEWG. So that was for the homework that needs to be done for the rest of this week. Let me now say that I have concluded my remarks as chair of the process, and I’d like to take up agenda item three, which is organization of work. Now, with regard to agenda item three, organization of work, as you would recall, the working group had adopted its agenda as contained in document A-AC.292-2021-1 at its organizational session in June 2021. And at that same session, the group also decided to conduct its work in accordance with the rules of procedure of the main committees of the General Assembly, while acting on a consensus basis in accordance with General Assembly Resolution 75-1. Now, I’d like to draw the attention of members of the Open-Ended Working Group to the Provisional Programme of Work of the Seventh Substantive Session, as contained in Document A-AC.292-2024-1. May I take it that the Working Group wishes to proceed in accordance with the Provisional Programme of Work of the Seventh Substantive Session of the Working Group, as contained in Document A-AC.292-2024-1? I hear no objections. It’s so decided. Thank you very much, friends. As we all know, the work can be very fluid, and I would seek your continued flexibility in terms of how we apply the work programme so that we may make adjustments to the work programme as needed, based on our discussions. I would now like to address the attendance of stakeholders at the Seventh Substantive Session, and delegates would recall that the Working Group adopted the modalities for the participation of stakeholders in the OEWG at the first meeting of its Third Substantive Session. And in accordance with this decision, a list of non-governmental entities which submitted applications to participate in the current session was made available to all delegations before the session, and that updated list of non-governmental entities is contained in Document A-AC.292-2024-INF-1. May I take it that the OEWG approves the attendance of the non-governmental entities contained in Document A-AC.292-2024-INF-1? I hear no objections. It’s so decided. Friends, it used to be that the discussion of the programme of work, as well as stakeholder issues, took considerable time in this Working Group in recent years, so the fact that we are now in a situation where we are able to do this very quickly is in itself a very good sign, and I thank you very, very much for your attention. So, friends, in accordance with the programme of work, as we have just adopted, we are scheduled to discuss the section on threat from… 3 to 6 p.m. this afternoon. We could begin the discussion now as well since we have completed all the other organizational aspects of the work but on reflection it is my view that it will be good to adjourn the meeting at this point and we resume at 3 p.m. This is in order to give all delegations time to talk to each other reflect on the things that we need to do for the rest of the week and also for me to spend some time talking to as many of you as possible and so it’s my intention now to adjourn the meeting and we will resume at 3 p.m. at the same venue to begin our discussions on the threat landscape. So I wish you a pleasant morning of reaching out to others and talking about what needs to be done this week and I’ll see you at 3 p.m. The meeting is adjourned.

C

Chair

Speech speed

131 words per minute

Speech length

7206 words

Speech time

3291 secs


Arguments

Regular institutional dialogue is crucial and must be based on a single-track process post-2025 to avoid parallel processes and fragmentation.

Supporting facts:

  • The Chair highlighted the risk of parallel processes by citing the example of two open-ended working groups for outer space issues.
  • StRESS ON the importance of a single-track process for the post-2025 period to preserve the achievements of the OEWG.

Topics: Regular Institutional Dialogue, ICT Security, Cyberspace Governance


Capacity building is described as urgent, must be tangible, and is crucial for the success of the framework promoting international peace and security.

Supporting facts:

  • Delegates from developing countries have emphasized the immediate need for capacity building.
  • The mapping exercise report surveys the landscape of existing capacity building programs.

Topics: Capacity Building, ICT Security, International Collaboration


Concrete actions have been recommended to enhance ICT security which includes: establishing a global directory of points of contact, proposing a new cybersecurity cooperation portal by India, and organizing the Global Roundtable on ICT Security Capacity Building.

Supporting facts:

  • The OEWG aims to implement an initial list of voluntary global CBMs.
  • India presented a proposal for a global cybersecurity cooperation portal.

Topics: ICT Security, International Collaboration, Cybersecurity


The OEWG operates in a spirit of consensus, resolving differences through cooperation and inclusive dialogue among member states.

Supporting facts:

  • The OEWG adopted two substantive consensus annual progress reports, indicating a constructive approach.
  • Chair encourages dialogue with parties holding different viewpoints for consensus building.

Topics: Consensus Building, Multilateralism, ICT Security


The threat landscape in ICT is continuously evolving and needs regular evaluations to adapt the cumulative framework for relevance and effectiveness.

Supporting facts:

  • Ransomware was identified as a threat for the first time in the second annual progress report.
  • AI and emerging technologies are potential accelerators of threats in the ICT domain.

Topics: ICT Threat Landscape, Cybersecurity, Emerging Technologies


Report

The current discourse on cyberspace governance emphasises the critical importance of a unified strategy extending beyond 2025. The discussion is driven by apprehensions regarding the potential fragmentation and inefficiencies due to parallel efforts, a point highlighted by the Chair who referenced the redundancy created by two open-ended working groups focused on outer space issues.

The consensus is that regular institutional dialogues are pivotal for the continuity of a single-track process, which aims to protect the achievements of the existing Open-Ended Working Group (OEWG). This perspective is received positively, reflecting a collective commitment to counter fragmentation in this intricate policy area.

Urgent and substantial capacity building, particularly in developing countries, has been strongly advocated. The need for such measures is pressing, as evidenced by a survey detailing the current landscape of capacity-building programmes, and is considered a fundamental element for sustaining international peace and security.

These urgent capacity-building frameworks, essential for enhancing industry, innovation, and infrastructure within the context of Sustainable Development Goal 9, are recognised as drivers of a more secure cyberspace landscape. Recommendations for bolstering ICT security through concrete measures include implementing a list of voluntary global confidence-building measures (CBMs).

A proactive contribution from India, which proposed a global cybersecurity cooperation portal, exemplifies international efforts to strengthen cybersecurity collaboration. Additionally, plans for hosting a Global Roundtable on ICT Security Capacity Building indicate a strategic and active approach to improving ICT security resilience.

The spirit of multilateral consensus is manifested through the OEWG’s adoption of two consensus annual progress reports, reflecting a positive approach to international cooperation among member states. Encouraging dialogue with diverse perspectives, as suggested by the Chair, reinforces a culture of consensus building, underscoring the benefits of cooperative interaction and comprehensive dialogue in the field of ICT security.

A neutral sentiment is expressed towards the ICT threat landscape, noting the ever-evolving nature of threats which requires continuous vigilance. The regular updating of threat evaluations, including the identification of ransomware as a significant threat in the second annual progress report, suggests an adaptive approach.

Additionally, the potential of emerging technologies, such as artificial intelligence, to accelerate threats means that the cybersecurity framework must be regularly revised to maintain its relevance and efficacy. Overall, the assessment reveals a strong collective resolve to improve ICT security, with an overtly positive outlook on the collaborative endeavours currently in progress.

The emphasis on enduring, methodical, and inclusive action is pivotal for tackling the complex and constantly changing challenges faced in cyberspace governance and cybersecurity.

IN

Izumi Nakamitsu

Speech speed

117 words per minute

Speech length

756 words

Speech time

386 secs


Report

The speaker commenced their address by valuing the opportunity to speak to the Open-Ended Working Group on the Security of and in the Use of Information and Communications Technologies through virtual mechanisms, hinting at their inability to be present physically.

They remarked upon the swift evolution within the ICT sphere, which has seen significant intricacies arise, particularly with the advancements in cloud computing and the Internet of Things since their December 2023 session. The speaker acknowledged the twin aspects of these developments, recognising their capability to profoundly influence sustainable development and efforts to mitigate climate change.

Simultaneously, they emphasised the substantial challenges arising from the increased complexity. A chief concern highlighted by the speaker was the growing intersection of ICTs with armed conflict. They characterised the digitalisation of conflict as an undeniable truth. Digital technology, while essential for preserving lives, also presents new channels for attacks and threats, such as targeting critical infrastructure, violence incitement against civilians, and the spread of misinformation via social media platforms.

The speaker lauded the working group’s success in reaching consensus outcomes amidst a climate of diminishing global trust, acknowledging the pressures at the group’s halfway point. They underlined several achievements, including the establishment of an intergovernmental directory for contact points, development of confidence-building measures, and promotion of valuable discussions on capacity building.

With an optimistic outlook towards 2024, the speaker anticipated continuity in the group’s successes, expecting a third annual report based on consensus. The importance of the forthcoming May intersessional meetings was highlighted, emphasising a global capacity-building roundtable. The speaker outlined external preparations for the 2024 Summit of the Future, detailing initiatives like the drafting of a global digital compact to bridge the digital divide and ensure a safe digital future.

They also referenced negotiations for a prospective pact aimed at leveraging science, technology, and innovation for development, while addressing cyber-related challenges. The speaker referred to the UN Secretary-General’s call for reinforcing cyber protection for civilians, urging that the Summit of the Future seriously consider this proposition.

An imperative for designating public service infrastructure as immune to cyber threats was mentioned. A clarion call was made to the delegations to redouble their efforts in achieving consensus on contentious topics, such as applying international law to cyberspace and examining the adequacy of current norms for responsible state behaviour, pinpointing any insufficiencies.

The speaker insisted on the value of addressing complex issues, encouraging confrontation precisely because of their intricate nature. Concluding on a hopeful tone, the speaker reaffirmed their confidence in the working group’s capacity to build upon previous successes and progress further.

The address finished with gratitude expressed to the delegates for their engagement and best wishes for a fruitful session. **Corrections Made**: – Ensured consistent use of UK English spelling conventions. – Clarified and edited sentences for better flow and readability. – No significant grammatical errors or typos were detected.

– Maintained the use of long-tail keywords applicable to the context while enhancing the summary’s quality.