WSIS Action Line C5: Building Trust in Cyberspace
10 Jul 2025 10:00h - 10:45h
WSIS Action Line C5: Building Trust in Cyberspace
Session at a glance
Summary
This discussion focused on the WSIS Action Line C5 session addressing cybersecurity within ongoing UN intergovernmental processes, featuring experts from various UN agencies and Microsoft. The panel examined recent developments in multilateral cybersecurity frameworks and their implementation challenges. Glen Prichard from UNODC highlighted the successful adoption of the UN Convention Against Cybercrime after three years of negotiations involving 155 member states, emphasizing its significance as a rare example of global consensus in current geopolitical tensions. The convention will be signed in Hanoi, Vietnam in October 2024, marking a transition from negotiation to operationalization.
Melanie Regimbal from UNODA discussed the Open-Ended Working Group on ICT security, which was concluding its five-year process to establish a permanent mechanism for addressing cybersecurity issues. Key achievements included creating a global intergovernmental points of contact directory with over 120 participating states, establishing eight ICT security confidence-building measures, and facilitating dialogue on emerging threats. Motiehi Makumane from UNIDIR reflected on the evolution from voluntary norms to concrete implementation mechanisms, noting how non-binding standards have become integrated into national cybersecurity strategies and UN processes.
Kaja Ciglic from Microsoft presented a more sobering perspective on the threat landscape, citing 600 million daily identity attacks and increasing convergence between nation-state actors and cybercriminals. The discussion emphasized the need for enhanced multi-stakeholder engagement, capacity building that addresses varying national capabilities, and prevention through secure-by-design approaches. Participants stressed the importance of continuous dialogue and inclusive processes to bridge gaps between state-led negotiations and technical community perspectives in addressing rapidly evolving cyber threats.
Keypoints
## Major Discussion Points:
– **UN Cybercrime Convention Achievement**: UNODC successfully concluded a three-year negotiation process involving 155 member states to adopt the UN Convention Against Cybercrime, representing a significant multilateral achievement despite current geopolitical tensions. The convention will be signed in Hanoi, Vietnam in October 2024.
– **Open-Ended Working Group on ICT Security**: UNODA’s five-year process is concluding with the establishment of a permanent mechanism for cybersecurity governance, featuring key achievements including a global intergovernmental points of contact directory with 120+ participating states and eight confidence-building measures.
– **Evolution from Voluntary Norms to Concrete Mechanisms**: The discussion highlighted a significant shift in international cybersecurity governance from voluntary, non-binding norms to more concrete, actionable mechanisms and accountability measures, with states increasingly incorporating these standards into national cybersecurity strategies.
– **Escalating Cyber Threat Landscape**: Microsoft reported alarming statistics including 600 million daily identity attacks and increasing convergence between nation-state actors and cybercriminals, emphasizing that the threat landscape is evolving faster than multilateral agreements can address.
– **Multi-stakeholder Engagement and Capacity Building**: Participants emphasized the critical need for inclusive stakeholder participation, targeted capacity building that addresses different national maturity levels, and the importance of starting cybersecurity education at the student level while implementing secure-by-design principles.
## Overall Purpose:
The discussion aimed to review progress in UN-led intergovernmental cybersecurity processes, assess how the WSIS Action Line C5 (building confidence and security) can support these efforts, and identify opportunities for different stakeholders to contribute to global cybersecurity governance as the international community moves toward more concrete implementation mechanisms.
## Overall Tone:
The discussion maintained a cautiously optimistic yet realistic tone throughout. Participants celebrated significant multilateral achievements while acknowledging the substantial challenges ahead. The tone was professional and collaborative, with speakers showing mutual respect for each other’s work. There was an underlying sense of urgency about the rapidly evolving threat landscape, balanced by appreciation for the incremental but meaningful progress being made in international cooperation. The conversation remained constructive and forward-looking, focusing on practical next steps rather than dwelling on obstacles.
Speakers
**Speakers from the provided list:**
– **Sadhvi Saran** – Moderator/Host from ITU (International Telecommunication Union)
– **Glen Prichard** – Chief of the cybercrime and anti-money laundering section at UNODC (United Nations Office on Drugs and Crime), based in Vienna
– **Melanie Regimbal** – Chief of the UN ODA office in Geneva (UN Office for Disarmament Affairs)
– **Moliehi Makumane** – Researcher with UNIDIR (United Nations Institute for Disarmament Research)
– **Kaja Ciglic** – Senior Director of Digital Peace at Microsoft
– **Wout de Natris** – Representative from the board of the dynamic coalition of the IGF (Internet Governance Forum) on internet standard security and safety
– **Participant** – Professor in cyber security (name given as Nabi during the session)
**Additional speakers:**
– **Participant** – Online participant (name mentioned as Kunle during the session)
Full session report
# Summary: WSIS Action Line C5 Session on Cybersecurity within UN Intergovernmental Processes
## Introduction and Session Overview
This session, moderated by Sadhvi Saran from the International Telecommunication Union (ITU), examined cybersecurity developments within UN intergovernmental processes under WSIS Action Line C5. The discussion brought together representatives from UN agencies, private sector, and civil society to discuss recent progress in multilateral cybersecurity frameworks.
The panel included Glen Prichard from the United Nations Office on Drugs and Crime (UNODC), Melanie Regimbal from the UN Office for Disarmament Affairs (UNODA), Moliehi Makumane from the United Nations Institute for Disarmament Research (UNIDIR), Kaja Ciglic, Senior Director of Digital Peace at Microsoft, and Wout de Natris representing the board and dynamic coalition of the IGF on internet standard security and safety. Additional contributions came from Professor Nabi and online participant Kunle.
## UN Convention Against Cybercrime: Major Achievement
Glen Prichard presented the successful conclusion of the UN Convention Against Cybercrime after intensive negotiations. As he emphasized: “The fact that we could come together and have member states agree on a common framework to combat and prevent cybercrime shows the importance of this thing, because there’s not many things that the world are agreeing on at the moment.”
The convention involved 155 member states and required “over 421 hours of active negotiations over three years.” Prichard noted the extensive stakeholder participation throughout the process, with input from civil society, private sector, and technical communities. The convention includes strong preventative measures and explicitly calls for cooperation between states, private sector, and civil society organizations.
The signing ceremony is scheduled for October 25-26, 2024, in Hanoi, Vietnam. Following the signing, UNODC will focus on supporting countries with ratification processes and harmonization of legal frameworks.
## Open-Ended Working Group on ICT Security Progress
Melanie Regimbal detailed the progress of the Open-Ended Working Group on ICT security, which has been operating for five years and is concluding its mandate. She noted they were “on the penultimate day negotiating the final report” in New York during the session.
The working group has achieved consensus through unanimous agreement, producing three annual reports approved by all participating member states. Key achievements include establishing a global intergovernmental points of contact directory with over 120 participating states, featuring both “diplomatic and technical” designations for incident reporting and communication.
The group has also agreed on eight global ICT security confidence-building measures, with particular focus on critical infrastructure protection and public-private cooperation. As Regimbal noted, the approach emphasizes that “responsible behaviour is always built on trust and confidence.”
## Evolution of Cybersecurity Norms Implementation
Moliehi Makumane highlighted the shift from voluntary norms to more concrete implementation mechanisms. She explained that while “the norms are voluntary and non-binding, a lot of time and effort has gone into raising awareness about what the norms are,” these have become “reasonable standards of expectations for behaviour of member states in cyberspace.”
This evolution includes the development of practical tools such as self-assessment mechanisms and checklists that help states evaluate their readiness for norm implementation. The focus has moved from establishing principles to providing concrete guidance on how states can demonstrate commitment through policy adoption and practical measures.
## Private Sector Perspective on Current Threats
Kaja Ciglic provided a sobering assessment of the current threat landscape, noting that Microsoft observes “close to 600 million identity, just identity attacks per day” and tracks “over 80 trillion signals from across our network again on a daily basis, which is not something that any human could handle.”
She highlighted a concerning trend: “we are seeing increasing convergence between nation state actors and cyber criminals… they’re either tolerating to try to be charitable to a lot of them, and violating the norm of due diligence, cybercrime operators acting outside from their country, attacking other countries, or sometimes actively participating through their cybersecurity apparatus.”
Regarding AI in cybersecurity, Ciglic noted that “AI being used more for defensive purposes while attackers use it primarily as productivity tool rather than for innovative attacks.”
## Challenges in Multi-Stakeholder Engagement
Despite emphasis on multi-stakeholder approaches, significant barriers persist. Ciglic revealed that Microsoft faces access restrictions: “blocked by countries every single time” when applying to participate in certain processes. This creates tension between the need for private sector expertise and political considerations that sometimes prevent meaningful participation.
Regimbal acknowledged the need for “stronger modalities to ensure diverse stakeholder participation in cybersecurity governance mechanisms,” recognizing that current approaches may be insufficient for meaningful engagement from all relevant actors.
## Capacity Building and Development Needs
The discussion revealed consensus on tailored capacity building approaches. Makumane emphasized that “capacity building must be tailored and demand-driven, addressing varying national maturity levels and rapidly evolving threat landscapes.”
Online participant Kunle raised concerns about ensuring “advanced, developing, and least developed countries can progress at similar pace through cooperation.” Prichard responded that the convention “aims to establish common standards globally to eliminate safe havens for cybercriminals and bring all countries to same level.”
## Prevention Versus Mitigation Debate
Wout de Natris introduced a critical perspective, arguing that discussions focus too heavily on “mitigation and not about prevention.” He advocated for “the implementation of long existing security related internet standards into products secure by design.”
This intervention highlighted the tension between reactive approaches that respond to incidents and proactive approaches that prevent vulnerabilities from being introduced initially. De Natris offered assistance from the dynamic coalition with capacity building on secure-by-design implementation.
## Education and Structural Challenges
Ciglic identified fundamental gaps in cybersecurity education, noting that “if you look at university curriculums around the world… the majority of leading universities with pretty much anywhere around the world do not have cybersecurity as a compulsory part of IT curriculums.”
Professor Nabi emphasized starting cybersecurity education early, mentioning his work on creating “unprofitable curriculum” (likely non-profit curriculum) for teaching safe internet and AI usage to students.
## Pace of Progress Versus Threat Evolution
A notable tension emerged between diplomatic optimism and private sector concerns. Ciglic stated: “I think for us, I think we’re a little bit less optimistic than sort of some of the discussions here… oftentimes the progress is very incremental in the desire to have consensus and the threat landscape is getting worse day by day.”
This highlighted the challenge of balancing consensus-building in international processes with the urgency of rapidly evolving cyber threats that require immediate responses.
## Conclusion
The session demonstrated both significant progress in international cybersecurity cooperation and ongoing challenges. The successful conclusion of the UN Cybercrime Convention and progress of the Open-Ended Working Group show that multilateral cooperation is possible despite geopolitical tensions.
However, key challenges remain, including bridging the gap between the pace of international cooperation and rapidly evolving threats, ensuring meaningful multi-stakeholder participation, and balancing reactive mitigation with proactive prevention approaches. The discussion emphasized the continued need for tailored capacity building, improved cybersecurity education, and more effective mechanisms for inclusive global cybersecurity governance.
Sadhvi concluded by mentioning the UN interagency working group on AI and briefly referencing the Digital Emblem Project, indicating ongoing efforts to address emerging technologies within existing cybersecurity frameworks.
Session transcript
Sadhvi Saran: and Mr. Glen Prichard, Mr. Glen Prichard, Ms. Amy Hogan-Burney, Ms. Melanie Regimbal, Ms. Amy Hogan-Burney, Ms. Melanie Regimbal, Ms. Melanie Regimbal, Ms. Melanie Regimbal, Okay, good morning, everyone. Recording in progress! Welcome to the WSIS Action Line C5 session. Thank you very much for being here. We know it’s day four of two very hectic events, and there’s been a lot going on, but hopefully you’ve enjoyed your time here at ICANN. at the WSIS Forum and AI for Good so far. So today we’re going to be focusing a little bit more on the ongoing intergovernmental processes on cybersecurity within the UN. And of course, getting different perspectives on it from our very distinguished panel of experts. I don’t know how many of you are already familiar with the WSIS framework or with the action line, but this particular one on building confidence and security was established as part of the Geneva Plan of Action in 2003 to address growing global concerns regarding the confidence and security of tech with a focus on aspects that were likely to undermine trust, privacy, and security and safety online over the past couple of decades since then. And as we now look forward to the WSIS plus 20 review in December this year, C5 has evolved in scope and importance, keeping pace of course, with the evolving cyber threats, advancements in technology, which have only made the digital ecosystem more complex. And of course, cross-border and transnational in nature, and increasingly intersecting with other issues of peace development and human rights. And so what we have been saying at the ITU, which as many of you may know is the International Telecommunication Union and the UN Specialized Agency for Digital Technologies, as well as the facilitator for Action Line C5, addressing the challenges that we are now facing that requires unified multilateral and multi-stakeholder efforts. We need to have more enhanced collaboration. of course, at the global level, but also the national, regional, subnational levels, with the focus on seeing how we can develop agile, adaptive frameworks, as well as trustworthy technical standards that can help combine government requirements with industry wishes. So with that, you know, let me introduce our panel for today. They have all in one way or another been involved with the intergovernmental processes that have been going on, leading them, coordinating them, or contributing to them. And we will spend some time today, you know, not just reflecting on what’s been going on and how we can all contribute to it, but perhaps a little bit as well on how the WSIS Action Line can support and complement these efforts and what are the avenues and opportunities for different stakeholders to participate and support this work. So with that, let me first introduce the panelists, and then we get into our questions for the day. So we have Mr. Glen Prichard, we’re all scattered around the room to make it more interactive. But we have Mr. Glen Prichard, who is the chief of the cybercrime and anti-money laundering section at UNODC, which is the Office of Drugs and Crime based in Vienna. Thank you, Glen, for joining us. We have Ms. Melanie Rajimbal, I hope I’m saying that correctly, who is chief of the UN ODA office in Geneva, which is the UN Office for Disarmament Affairs. Thank you very much, Melanie, for being here. We have Ms. Motiehi Makumani, who is a researcher with UNODO. Thank you, Motiehi. And we have Ms. Kaya Csiklik, is that correct? Sorry. Who is the senior director of digital peace at Microsoft and has… flown here literally overnight to be here with us today. Thank you very much, Kaya. So perhaps we begin then with the first question. And we start with Glen. What are some of the key updates from the work that, you know, UNODC has been doing on the cybercrime convention? And if you’d like to share some of the main achievements and challenges in that process, and then what we’re now looking
Glen Prichard: forward to next, please. Thank you, Sadhvi Saran. And thank you for the invitation to be here on the panel today. Yes, the United Nations Office of Drugs and Crime have been the secretariat of a process that has evolved and eventuated in the adoption of the UN Convention Against Cybercrime. It has a strong focus on how to combat cybercrime and how to create, you know, harmonise legal frameworks around the world. But it also has strong preventative measures, which I’ll talk about a little bit later if I have a chance, because I think that’s really the focus of most of the group here in terms of how do we create that trust in cyberspace. The process itself definitely had some challenges, and it’s really a really big achievement for multilateralism in this day and age. And if we look at the geopolitical actions that are across the world at the moment and all the disparities that are happening, the fact that we could come together and have member states agree on a common framework to combat and prevent cybercrime shows the importance of this thing, because there’s not many things that the world are agreeing on at the moment, and the fact that they all come together and agreed on that. I just want to talk about some, it took, the process itself took over three years, and it took over 421 hours of active negotiations over those three years. It involved 155 member states and 21 UN entities, 139 civil society groups, academia, private sector. It was a very inclusive process and that really added to the power of the result of the outcome. If I talk about some of the complexities and some of the challenges that got there, you only have to look at the name of the convention to understand how hard it was. And this was the name that we ended up with. The United Nations Convention Against Cybercrime, semicolon, lots of argument over whether it was a colon or a semicolon, means of information and communication technology systems and for the sharing of evidence in electronic form of serious crimes. That’s the full title. We prefer to call it the UN Convention Against Cybercrime. It really is, as I said, a big milestone and heralds a new beginning, we hope. But now we need to operationalise it. And the first step in that is the signing ceremony that’s going to happen in Hanoi, Vietnam on the 25th and 26th of October. The registration for that will soon open on their webpage that’s been created for this convention. And we welcome participation from all stakeholders. Going forward after that, UNODC has put together a methodology in which will support countries to ratify the convention. There’s a large disparity of legal mechanisms and frameworks nationally that need to be addressed in terms so we can harmonise approaches in relation to combating. And we also want to set about promoting the preventative strategies that are involved in it. I think I’ve gone past my four minutes, but I’ll pause there.
Sadhvi Saran: Thank you. Thank you very much, Glenn. And indeed, we’ve been following very closely. We know exactly how complicated it has been to get to this point, but many congratulations to you again. It is a big milestone and a big achievement that we’re now discussing next steps in operationalising. And we’ll come back in the next round to understand a little bit more on engagement for different stakeholders. But with that, we move to you, Melanie, would you like to give us a little bit of an update on the work that’s been happening with the Open-Ended Working
Melanie Regimbal: Group? Thank you, Swadvi. It’s a pleasure to be here with you this morning and the timing of this event is actually quite auspicious. We are in New York, the Open-Ended Working Group on security of and in the use of information and communication technologies, which was created The IPCC, which was set in 2020 through Resolution 75-240, is on its penultimate day negotiating the final report, which, in principle, if all goes well, will establish a future and permanent mechanism to address these ICT cybersecurity issues. So it would be a mechanism that would, of course, be complementary to the other conventions and other efforts of the United Nations. This open-ended working group operates by consensus, so I have great sympathy for the large and long titles and the semicolon exercises, because this is something that we have gone through also. But over the course of the five years, and although we do not yet have a final outcome that will be reserved for tomorrow, but I understand from our colleagues in New York that the second draft of the report has now been submitted by the chair. This is a working group that has been chaired by Singapore, and so far the three annual reports that have led up to this process have been approved by consensus. And echoing what Glenn has said, anything that gets agreed by consensus in this organization is actually a huge success in the sense that it showcases the importance that this thematic has, but also the importance and the consensus that is being built over these issues. So this, I think, is a key achievement of the process so far. Of course, the big achievement will be if we are able to reach agreement tomorrow and finally establish this permanent mechanism. So maybe if I could just step back before we celebrate in an anticipatory manner for tomorrow and highlight three achievements that I think are particularly interesting for the C5 action lines, in particular Action H and J, so that those that deal with promotion of cooperation, interest in countries and nominating focal points, and interest in in keeping these mechanisms going. So the three achievements that we’ve had in the group and again, milestones that are important that we celebrate and in the context of the geopolitical tensions around the world, each of these milestones are quite significant, even if a standalone face value may seem quite minor. So in July, 2022, the states agreed to establish a global intergovernmental points of contact directory, which is really significant in the sense that we now have the ability to facilitate communication between states and be able to report with greater ease any ICT incident. And what’s interesting about this point of contact is that we have agreed to designate points of contracts from both a diplomatic and a technical standpoint, which also facilitates and deepens the conversation. Since its creation or its launch in May, 2024, so it was first initiated in July, 22, eventually launched in May, 2024, we now have more than 120 states that are participating in this directory and have provided nominations. We, as the Office for Disarmament Affairs, serve as the manager of this directory, and we’ve taken a lot of steps to support states’ participation, including a point of contact 101 online tutorial and series of tailored e-learning modules. And we’ve also concluded simulation exercises for these points of contacts in March, 2025. All of this is available on the website, and you can have a little bit more information on what the simulation exercise was about. The second milestone that has been reached in this open-ended working group was we agreed to eight global ICT security confidence-building measures, which is one of the pillars of the working group. and I will not go through all eight to spare you, but I would like to highlight three in particular. One of them has been the exchange of information and best practices on the protection of critical infrastructures and critical information infrastructure through capacity building, the strengthening of public-private cooperation in the area of ICT, which I think is one of the key standout issues that we have in this forum to understand that the stakeholders are shifting and that we need to have these public-private cooperations. And then the third is the promotion of information exchange, including national strategies, policies and program, legislations and best practices. These measures are important to foster not only transparency and predictability, but also to encourage cooperations and confidence building measures. And the third area of success that we’ve had with this open-ended working group that I’d like to highlight is that the substantive sessions of the group were used to be able to unpack existing and potential threats emanating from state use of ICTs and with a view to try to reach a common understanding, which of course is fundamental to being able to establish a permanent mechanism as it would go. The topics that were discussed went from anything from development of capabilities for military purposes and their use in current conflicts to the impacts on critical infrastructures and the protection of civilians, which is one of the key priorities that we have, and the proliferation of threat actors and convergence with other types of emerging technologies, such as AI and quantums. Of course, the working group over a period of four years has also experienced some challenges, and one of those challenges has been to ensure the broad participation of all stakeholders in this process, and that has been slightly challenging, both because of the heavy burden that most delegates already have and the numerous mandates and processes that are going on, and of course, the financial burdens both to the organizations and to the delegates themselves. So, one of the challenges One of the responses that we’ve had through generous voluntary funding has been the ability to promote sponsorship programs to facilitate the participation in this open-ended working group. And here I’d like to highlight that the sponsorship program focused particularly on the sponsorship of women and female delegates, which has increased our participation and made it much more gender balanced in terms of perspectives that were brought to the forefront. We also offered hybrid options for the informal meetings, thus lessening the burden and our environmental impact. But the main issue is that, of course, as in all of these processes, there has been divergence of views among states, but we are quite happy that everybody stuck to the process and were invested in the long haul and participated in these four years of exchanges. This is, to us, the most important thing is to ensure dialogue, ongoing dialogues, so that we can understand and highlight what could be potential red lines and to try to find solutions through these intergovernmental processes. And so we are quite confident that once a report is adopted, fingers crossed, tomorrow, that we will be able to establish a permanent mechanism that will be tailor-made to the priorities that have been established by this group. And so I think I’ll leave it at that for the time being. Thank you, Sanjeev.
Sadhvi Saran: Thank you, Melanie. And congratulations. This is also the conclusion of a five-year process, but yes, all the best for tomorrow. Fingers and toes crossed. I’m sure it’ll go well at this point, but, you know, once again, ITU’s been participating very actively and particularly on the points of contact directory. I know how much work it’s been to set that up and get that going, and so wishing you all the best for what comes tomorrow. Okay. With that, let’s move to Moti Ehi from the United Nations Institute for Disarmament Research, UNIDIR. So of course, you know, UNIDIR has been very involved in facilitating dialogue around norms and responsible state behavior in cyberspace. You’ve been following all of these processes very closely as well. What are your reflections on the shift from what we’ve seen before, which is agreements on a more voluntary, normative, high-level principles basis to more concrete mechanisms, such as now, you know, what we’ve just heard from Glenn and Melanie?
Moliehi Makumane: Thanks, Satvi, for inviting UNIDIR to this discussion, and like UNODA, UNIDIR has been able to provide technical expertise to the open-ended working group as well as the preceding six groups of governmental experts. So we’ve got quite a significant amount of experience and can now rightfully, in hindsight, look at the evolution and look forward. So what UNIDIR has been doing as a research institute, we’ve… supported the different GGEs and open-ended working groups with research on national implementation of the norms or how member states can translate the entire framework of responsible state behavior into national commitments. And because the norms are voluntary and non-binding, a lot of time and effort has gone into raising awareness about what the norms are. And I think at the end of the five-year process, member states and stakeholders can equally agree that the norms, though non-binding and voluntary, are reasonable standards of expectations for behavior of member states in cyberspace. And rightfully, like you say, there is a shift towards implementation and accountability, and that was also largely driven by the chair as well in pushing for practical concrete deliverables to come out of this process so that it would not just be another five-year talk shop. And one of them is the Survey of National Implementation, which was adopted in the 2019-2021 OEWG, which UNIDIR hosts. And on that National Survey of Implementation, states can self-assess on their readiness to implement the norms. And some of the readiness indicators include, does a state have a national interpretation of a norm, say, on the norm for cooperation for prosecuting criminal and terrorist use of ICT or even for the integrity of supply chain? Does the state have a national interpretation of that norm? But also, does the state have a POC focal point in case of malicious ICT incidents with a cross-border element? And also, what are the standard operating procedures for international cooperation? So states can go and self-assess to then build their capacities. Also, now, as this open-ended working group concludes one of the key deliverables that we’re hoping to get out of it. It is further discussion on another voluntary checklist for norms, which will then also help states to then again assess their readiness at the national level on whether they’ve got the necessary mechanisms to implement the norms. And then the other issue alongside implementation has been accountability, like you’ve said. And a lot of states, both in this process and the preceding processes, because it’s voluntary, accountability hasn’t necessarily been a big point. But what we’ve seen is member states are incorporating the norms in the national cybersecurity strategies. And so that is one way in which they are demonstrating their commitment towards the norms and against that then can be held accountable to a certain level of standard. But we also see, because there are in the norms themselves expectations of behavior on private sector and the broader multistakeholder community, that by states adopting these norms in the national architecture, they are also having different conversations with the multistakeholder community in terms of the implementation of the norms. I think to conclude, one of the big things has been how the process has also mainstreamed responsible state behavior across the UN. So we’ve had a lot of Security Council meetings also being convened on elements of the issues that were being discussed in the open-ended working group. And so again, the norms, though non-binding and voluntary, have really solidified themselves as good standards of behavior. And because they also run the full gambit from protection of critical infrastructure to supply chain to responsible vulnerabilities, disclosure and human rights, they’ve also been mainstreamed in a lot of other entities. And so that’s the big takeaway, I think, that we can get in UNIDIR is providing capacity building as well to support member states to then also understand what these norms mean for their national legislation, not just on norms, but also on the other elements of the framework, international law, and CBMs. Thanks, Sarfi.
Sadhvi Saran: Thank you. Thank you. That was a good overview of what’s been happening. And in fact, because we’re here on the sidelines also of AI for Good, a lot of the conversations around AI governance are trying to draw parallels with what has been happening in the cybersecurity space in terms of norms development and respecting, even though non-binding. you know, constituting in certain ways the way that nations are now practicing regulation and policy around that. So with that, I think it’s time to ask Akhaya from Microsoft, you know, from the private sector perspective, what do you see as some of the most urgent risks that, you know, are emerging from the accelerating digital transformation today in light of some of the conversations you’ve heard
Kaja Ciglic: already? Yeah, go ahead. Yeah, thank you. And thank you for having us. I think the, it’s, I think for us, I think we’re a little bit less optimistic than sort of some of the discussions here. I think the, well, obviously in the broader geopolitical environment, it’s important that progress is made, but oftentimes the progress is very incremental in the desire to have consensus and the threat landscape is getting worse day by day. You know, for us, the things that we’ve observed over the past year in particular have been the, I feel like not surprising, continued increase in ransomware operations across the world. I think in connection with that to an extent, but also separate increasing, and also really relevant for the UN discussions here, increasing convergence between nation state actors and cyber criminals. I think much more frequently those groups are working together, which, you know, for all the commitments that states are making in terms of the cyber crime convention or the open-ended working group, they’re either tolerating to try to be charitable to a lot of them, and It’s sort of in our view, violating the norm of due diligence, cybercrime operators acting outside from their country, attacking other countries, or sometimes actively participating through their cybersecurity apparatus. We continue to see a lot of, you know, hybrid war. I feel we all obviously follow the news. I think the state of the world is quite out of balance probably, you know, and whether you look at the Middle East, whether you look at Ukraine, Africa regions, I feel we see conflict in the real world, but we see that reflected in the online world as well. Whether you talk about traditional just cyberattacks against critical infrastructure, whether you look at espionage or pre-positioning attacks, or whether you look at sort of foreign influence operations. And then the other thing I would say is because of the sort of the scale of digital transformation, as you mentioned, we see just the numbers of attacks we see just on Microsoft systems are sort of not something that any human could handle, right? We see close to 600 million identity, just identity attacks per day. We, you know, we track over, I feel like 80 trillion signals from across our network again on a daily basis, which is not, you know, we have to, we use obviously AI to help with that. And so that’s the other, you know, also in the context of the conference, I think what we’re seeing, and that’s a positive story in reality, is we’re seeing a lot more use of AI for defense. The, you know, to search for vulnerabilities, to help. empower to deal with some of the scale and to also help empower with recommendations, with suggestions, the cyber defender community. On the other hand, obviously, we are seeing the attackers also start to use AI, but not consistently, not at scale. Yet, I feel a lot we have seen over the past year, except a few outlier exceptions, have been much more, they use it as a productivity tool, a little bit the way we use it if you use any of the AI tools available to help draft better phishing emails, to help find and collect email addresses, things like that. But it’s not driving innovative attacks per se, which was a fear, I think, earlier on. I think I’ll leave it there. I think we’re going to run out of time. But I’m obviously happy to answer another round of questions.
Sadhvi Saran: Thanks. Thanks. I mean, those are staggering numbers. We’ve also been engaging with the human rights community a little bit at ITU as well through RightsCon. It’s, I think, an important and ongoing conversation in terms of what we can do to really support that work as well. Okay, so we’re moving to the second round. We are running a little behind time. So it would be nice to have a few minutes at the end in case there’s any questions from the audience. But perhaps this can be kind of a final word from all of you. We’ll begin with you, Melanie. Do you have any ideas for how WSIS stakeholders can contribute to and benefit from the processes that UNODA is leading, given that it can be a pretty complex landscape sometimes, and also the motivating factor behind this session? So please, go ahead. Thank you.
Melanie Regimbal: Just to very quickly summarize, I think where the WIFS can help us in the open-ended working group is to support the modalities of the stakeholder engagements. I think that that will be the most important to ensure that we have a wide variety of stakeholders participating in whatever mechanism is finally established. That will be the key thing so that we ensure that the environment in which these discussions take place are not done so in a silo and or on a in an echo chamber where we only hear from states. Obviously the interconnection between all of these topics is necessary to have all the stakeholders around the table and so I think that that would be one of the biggest contributions that we can continue to work on together and then we’ll wait and see what happens tomorrow with the establishment of what we hope will be a
Sadhvi Saran: permanent mechanism. Thank you. Thank you. Glen? If I could just tie it back to the UN Convention
Glen Prichard: Against Cybercrime. As I mentioned before, there are really strong chapter in relation preventative measures and it calls on state parties to develop these cooperation mechanisms not only amongst themselves but also with private stakeholders and also with NGOs and the civil society. I think as a group here we do a lot of work, all the organisations that are part of this working group in relation to prevention. I think we can use this as a powerful mechanism to bring together and work collaboratively together to ensure that we’ve got actually a mandate now that we can actually use as that mechanism to bind people together, pull people together and make us work together. It talks about a range of different areas in which that cooperation can take place. It’s all in Article 53 or there’s a whole chapter six of the convention dedicated to prevention measures and it talks about raising awareness. So I think we need to collaboratively
Sadhvi Saran: Thank you, Moti. I guess the question would be a little bit more also for perhaps how
Moliehi Makumane: the Action Line C5 could evolve, you know, to meet the shifting cybersecurity landscape. I think what we’re hearing from member states is, like Kaya was saying, because of the way the threat landscape is evolving so quick, is that some of these multilateral agreements that were developed 10 plus years ago are not as responsive. But then throwing it back to member states is also to, in any way, get and continue to encourage member states to survey their needs, to understand the national threat landscapes, because alongside the calls for tailored, demand-driven capacity building, which is what we hear a lot, there’s this gap in understanding exactly where member states are at the national level. So any support and calls for that kind of encouragement for states to survey their needs and to identify what capacity needs they do have and what they do need is always helpful. But again, on capacity building, which is a big thing, I think, for any action line or any program of work on capacity building, is everything seems urgent and it is, but then how do we deliver capacity building that addresses today’s needs, as well as help member states prepare for future threats? And I think in the multi-stakeholder type of environments, like WSIS and what the OEWG was trying to do, is creating those touch points where, if member states are not able to do something, there are good ways in which they can engage the multi-stakeholder community to help them with some of those capabilities.
Sadhvi Saran: Thank you. And finally, back to you, Kaya, in terms of, again, what we’ve discussed today, what can organizations like the UN do to bridge the gap between state-led dialogues and the perspectives of the technical community and industry?
Kaja Ciglic: I think, you know, to what has been said earlier, I think it’s really important that the state-led dialogues actually consult I would say, with the multi-stakeholder community. And, you know, whether that is a link to WSIS or whether there is a, and I think the link with this action should be much stronger to some of the dialogues, but also the, in terms of the processes itself, it’s important that there is an opportunity for continuous conversation. I think the, and sort of we hear that frequently from states, not all states, but I think the recognition that both the private sector as the operators and civil society as the ones that are closest to seeing sort of some of the impact, they have important information and can share experiences on how to address some of the issues. At the same time, we don’t always see the openness and the formats created to enable those conversations. I think we’ve always said, you know, stakeholders should have a voice, not a vote, and I think that that was actually very well implemented through the Cyber Crime Convention negotiations, which had really good modalities. I think in terms of, I’m hopeful that going forward, whatever the new, hopefully permanent mechanism is on the, on sort of the norms discussions, the Future Open and the Working Group, I think borrows heavily from the Cyber Crime Convention. I think for us, you know, we get blocked as Microsoft, we apply every time, we get blocked by countries every single time, normally by one, sometimes by two, I feel most recently by three. And it sort of blocks a level of transparency, right? I think it’s important, like I said earlier, to recognize that not all states have the same voice. and Ms. Mary Hogan. I think we’re all in a room where we’re negotiating. And we’re negotiating in a way that the states always act in good faith. And that is the information that everybody should have in the room when we’re negotiating. When you are negotiating the states, basically. The at the same time, you know, process are slow. Like I said, I think there’s an opportunity for the. You know, there’s an opportunity for the states to sort of have a conversation about, you know, what are some of the new technologies that are being developed? Particular in terms of how some of the norms can be implemented in real life. You know, how some of the new developments like AI. I don’t think they, they, they might be some small. Like outliers where they, you might not need a new norm. The vast majority of the time you can take the existing laws. And, you know, have a conversation about what are the new technologies that are being developed. And, you know, having those conversations as part of the. Sort of multi-stakeholder conversation, not necessarily lawmaking. I think would be a helpful contribution.
Sadhvi Saran: Thank you. You know, in fact, there’s a UN interagency working group on AI, which is a group that’s been working on AI for a long time. And we’re really excited to see how we can learn from this cybersecurity experience of the past few years, but also to see how we can already interpret existing instruments and apply them to, to governance for AI. And we found that there were over 60 that existed. At least internationally that would directly apply. But with that, let me open up. Thank you again. Colleagues. For engaging in that rapid fire last question. So we do have a few minutes left for any questions from the room. Yes, sir, please. I don’t know if there’s any mics, but I think we could. Yes. Have you up at the table?
Wout de Natris: Thank you. My name is Walter from the board and I represent the dynamic coalition of the IGF here on the internet standard security and safety. What I notice in these discussions that is very often all going about mitigation and not about prevention. And what we’re advocating as a dynamic coalition is the implementation of long existing security related internet standards into products secure by design. And I think when you talk about capacity building, that is something that nations can learn how to procure their ICTs secure by design. And I think that Microsoft is a very good example because they negotiated with the Dutch government that everybody has now DNSSEC, I understand, in Microsoft systems, only because the government started a negotiation. So I think that that is an example with post quantum computing coming towards us, who knows tomorrow or 10 years from now, that is the most urgent problem we’re facing talking about standards deployment, we have the chance to do that before the so called Q day. And that’s actually the next session here in this room. So let me stop there. But I think that this is a topic that we’re working on as a dynamic coalition for five years, we’re ready to assist with capacity building. And everybody interested to work with us, just step up, and then we’ll can discuss further. But I think this is a tremendously important prevention topic and authentication. Thank you.
Sadhvi Saran: Absolutely, we couldn’t agree more with you had the idea you I was I was there at Oslo as well for, you know, a week ago. And there’s a lot to be said on that. But we can take a couple of questions and comments and come back. Yes, please. Yeah. My name is Nabi. I’m professor
Participant: in cyber security. And I need to tell you, actually, I’m doing research in the same area. And what I did last two years, research in, in a student, actually, I didn’t say anyone talk about the these these area of, of research, but I found I had a joke when I found how the student is dealing with the internet and social media. And that’s why I create like an unprofitable curriculum because I do believe that if you need to change the future in terms of digitalizing the future, we need to start from the students. So my message actually, I create a curriculum that have interactive screens to teach the students how you can deal with the Internet and social media and safe mode and how can you use in a fixed way AI and so on. So my message is we need to cooperate to start with stakeholders, with the level of students. So I do believe that we can change the future if we start from this area. Thank you very much.
Sadhvi Saran: Thank you. That’s an important point indeed. Any other comments, thoughts? So we have someone online. Kunle, would you like to take the floor and unmute yourself, please? All right. Thank you very much.
Participant: And yeah, I think to a large extent, I want to agree with the last speaker. And what I just want to add is the issue of how we are going to ensure that everybody is placed on the same pedestal when it comes to capacity building, knowing fully well that we have advanced country, we have developing countries, and we have less developed country. So we should be looking at a strategy that we ensure that everybody can be on the same pedestal, looking at cooperation. And of course, the issue of multistakeholderism is also very important here. So for me, I think we need to find a way to bring everybody together so that everybody can move at the same pace. I know that that is going to be difficult, but I think that is one of the conversations we need to engage in going forward. Thank you very much.
Sadhvi Saran: Thank you, sir. And indeed, that’s one of the main objectives of the WSIS Action Lines as well. So in the interest of time, perhaps we stop here. some great feedback around the question of the importance of technical standards, around skills development, capacity development, and of course, bridging the digital divide. So I open it up for our panelists, whoever would like to go first, if you have any feedback or any thoughts to share.
Kaja Ciglic: Maybe I’ll start and just to sort of build on the sort of the focus on the sort of the next generation. I think, I think you need to do both, right? I think you cannot wait for another sort of 10 years or 20 years before the sort of the young people today come into positions where they can change things. So I think, but I do think it’s important to invest, I continuously, I think this is a particular gripe of ours. If you look at university curriculums around the world, we’ve seen some progress in terms of how cybersecurity is made part of those, but if you look at IT courses in particular, but these are by and large, still voluntary. The fact that the majority of leading universities with pretty much anywhere around the world do not have cybersecurity as a compulsory part of IT curriculums, it demonstrates that there continues to be a disconnect about the importance of how important thinking about security is then, you know, from the effectively developer community. And you know, we talk a lot about the responsibility of states, but, you know, the responsibility of the technical communities, the industry, and I think that’s where also where we need to start. I agree completely.
Sadhvi Saran: Thank you.
Melanie Regimbal: Thank you. Well, I agree that capacity building is one of the core issues, but as is dialogue. And so we are quite hopeful that despite the fact that progress may seem very slow. In short, at a frustrating pace, we are confident that as long as we keep these issues at the forefront of the agenda, and we are able to move forward with these types of mechanisms, we will be able to find both mitigating measures and preventive measures as we go forth. Responsible behavior is always built on trust and confidence, and so this is the basis for the dialogue, and we’re hopeful that this topic will continue to be at the forefront of our agenda.
Sadhvi Saran: Thank you. Glen?
Glen Prichard: I’m just in terms of an uneven approach in terms of capacity building and support across the world. The reason we have these different treaties that are coming into vogue now in terms of the Cybercrime Convention, the Open Ending Working Group, is so we can have a set of common standards that we can work across the world with in terms of how we do investigate, how we combat cybercrime, how we prevent cybercrime, and the idea that sits behind that is getting everyone up to the same level, and that’s really what the whole intent of the convention is about. Of course, we can’t have safe havens for criminals, and the nature of cybercrime is that people can commit it from anywhere in the world now, so we have to bring everyone to that same standard, so I just wanted to leave you with that.
Sadhvi Saran: Thank you. Udi?
Moliehi Makumane: Thanks, Satvi. Again, on the matter of capacity building, I think what the processes have also agreed on is that states are not starting from the same level, and so they should be very targeted in specific capacity building depending on where states sit on the maturity ladder, if I can call it that, and what we’ve seen is when last year the chair convened a global roundtable on cybercapacity building, that helped us. said, it happens so quickly and the needs emerge so quick. We do a scoping for six months and have to deliver within the next six months. Otherwise, other needs crop up because of the landscape, but it’s something that we’re all keeping an eye on.
Sadhvi Saran: Thank you. And I think we have a few questions online as well, but unfortunately we’re out of time. So I just want to say thank you again. Thank you for taking the time to come and speak with us and thank you for listening and for your feedback and your comments. Hopefully, we can continue this dialogue. It doesn’t have to end here, but there’s also a session tomorrow that I wanted to flag, which speaks a little bit in terms of armed conflicts extending into cyberspace. It’s a project by the International Committee of the Red Cross. It’s called the Digital Emblem Project. It’s in room C at 1130 tomorrow, where the idea is to see how we could potentially flag networks in cases of armed conflicts where they’re being used for civilian purposes, for medical purposes, and so on. So I think an interesting discussion there as well. But with that, thank you very much again and hope you enjoy the rest of the day at WSIS Forum in the air for good. Thank you.
Glen Prichard
Speech speed
163 words per minute
Speech length
824 words
Speech time
302 seconds
Convention represents major multilateral achievement despite geopolitical tensions, involving 155 member states and extensive stakeholder participation over three years
Explanation
The UN Convention Against Cybercrime represents a significant multilateral achievement in an era of global disagreements and geopolitical tensions. The process involved extensive participation from 155 member states, 21 UN entities, 139 civil society groups, academia, and private sector over three years with 421 hours of active negotiations.
Evidence
Process took over three years with 421 hours of active negotiations, involved 155 member states, 21 UN entities, 139 civil society groups, academia, and private sector
Major discussion point
UN Cybercrime Convention Development and Implementation
Topics
Cybersecurity | Legal and regulatory
Agreed with
– Melanie Regimbal
– Sadhvi Saran
Agreed on
Importance of multilateral cooperation and consensus-building in cybersecurity governance
Convention includes strong preventative measures and calls for cooperation between states, private sector, and civil society organizations
Explanation
The convention has a strong focus on prevention measures beyond just combating cybercrime. It specifically calls for state parties to develop cooperation mechanisms not only among themselves but also with private stakeholders, NGOs, and civil society organizations.
Evidence
Article 53 and chapter six of the convention are dedicated to prevention measures including raising awareness and cooperation mechanisms
Major discussion point
UN Cybercrime Convention Development and Implementation
Topics
Cybersecurity | Legal and regulatory
Agreed with
– Melanie Regimbal
– Kaja Ciglic
Agreed on
Need for comprehensive multi-stakeholder engagement in cybersecurity processes
Disagreed with
– Wout de Natris
– Melanie Regimbal
– Moliehi Makumane
Disagreed on
Focus on mitigation versus prevention in cybersecurity approaches
Next steps involve signing ceremony in Vietnam and supporting countries with ratification and harmonization of legal frameworks
Explanation
The immediate next step is the signing ceremony scheduled for October 25-26 in Hanoi, Vietnam. Following this, UNODC will support countries in ratifying the convention and addressing the large disparity in national legal mechanisms to harmonize approaches for combating cybercrime.
Evidence
Signing ceremony on October 25-26 in Hanoi, Vietnam; UNODC has developed methodology to support country ratification
Major discussion point
UN Cybercrime Convention Development and Implementation
Topics
Cybersecurity | Legal and regulatory
Convention aims to establish common standards globally to eliminate safe havens for cybercriminals and bring all countries to same level
Explanation
The convention’s purpose is to create common standards worldwide for investigating, combating, and preventing cybercrime. This is essential because cybercrime can be committed from anywhere in the world, requiring all countries to reach the same standard to prevent safe havens for criminals.
Evidence
Nature of cybercrime allows people to commit crimes from anywhere in the world, necessitating global standards
Major discussion point
Bridging Digital Divides and Ensuring Equitable Progress
Topics
Cybersecurity | Legal and regulatory
Agreed with
– Moliehi Makumane
– Participant
Agreed on
Capacity building must be tailored to different national development levels and maturity
Convention provides mandate for collaborative prevention work between organizations, private stakeholders, and civil society
Explanation
The convention creates a powerful mechanism and mandate for bringing together various stakeholders to work collaboratively on prevention. It provides a binding framework that can unite different organizations, private sector, and civil society in cooperative efforts.
Evidence
Convention talks about cooperation in Article 53 and chapter six on prevention measures, covering areas like raising awareness
Major discussion point
Multi-stakeholder Engagement and Capacity Building Needs
Topics
Cybersecurity | Legal and regulatory
Melanie Regimbal
Speech speed
144 words per minute
Speech length
1472 words
Speech time
611 seconds
Working group operates by consensus and has achieved three annual reports approved unanimously, demonstrating global commitment to cybersecurity cooperation
Explanation
The Open-Ended Working Group on ICT security operates by consensus, which makes any agreement a significant achievement given current geopolitical tensions. Over five years, three annual reports have been approved by consensus, showcasing the importance of cybersecurity issues and the consensus being built around them.
Evidence
Three annual reports approved by consensus over five years; anything agreed by consensus in current geopolitical environment is a huge success
Major discussion point
Open-Ended Working Group on ICT Security Progress and Outcomes
Topics
Cybersecurity | Legal and regulatory
Agreed with
– Glen Prichard
– Sadhvi Saran
Agreed on
Importance of multilateral cooperation and consensus-building in cybersecurity governance
Established global intergovernmental points of contact directory with over 120 participating states for incident reporting and communication
Explanation
In July 2022, states agreed to establish a global directory of points of contact that facilitates communication between states and enables easier reporting of ICT incidents. The directory includes both diplomatic and technical contacts, which deepens the conversation capabilities.
Evidence
Directory launched in May 2024 with over 120 participating states; includes both diplomatic and technical points of contact; supported by online tutorials and simulation exercises
Major discussion point
Open-Ended Working Group on ICT Security Progress and Outcomes
Topics
Cybersecurity | Infrastructure
Agreed on eight global ICT security confidence-building measures focusing on critical infrastructure protection and public-private cooperation
Explanation
The working group established eight confidence-building measures designed to foster transparency, predictability, and cooperation. Key measures include exchanging information on critical infrastructure protection, strengthening public-private cooperation, and promoting information exchange on national strategies and best practices.
Evidence
Eight measures include protection of critical infrastructures through capacity building, public-private cooperation in ICT, and promotion of information exchange on national strategies and policies
Major discussion point
Open-Ended Working Group on ICT Security Progress and Outcomes
Topics
Cybersecurity | Infrastructure
Process aims to establish permanent mechanism for addressing cybersecurity issues complementary to other UN efforts
Explanation
The working group is negotiating to establish a future permanent mechanism that would address ICT cybersecurity issues in a complementary manner to other UN conventions and efforts. This would create an ongoing institutional framework rather than temporary working groups.
Evidence
Working group is on penultimate day negotiating final report to establish permanent mechanism; second draft of report submitted by Singapore chair
Major discussion point
Open-Ended Working Group on ICT Security Progress and Outcomes
Topics
Cybersecurity | Legal and regulatory
Need for stronger modalities to ensure diverse stakeholder participation in cybersecurity governance mechanisms
Explanation
WSIS can help the open-ended working group by supporting better modalities for stakeholder engagement. This is crucial to ensure a wide variety of stakeholders participate in whatever permanent mechanism is established, preventing discussions from occurring in silos or echo chambers with only state participation.
Evidence
Recognition that interconnection between topics requires all stakeholders around the table; need to avoid silo discussions or echo chambers
Major discussion point
Multi-stakeholder Engagement and Capacity Building Needs
Topics
Cybersecurity | Legal and regulatory
Agreed with
– Glen Prichard
– Kaja Ciglic
Agreed on
Need for comprehensive multi-stakeholder engagement in cybersecurity processes
Responsible behavior is always built on trust and confidence, and so this is the basis for the dialogue, and we’re hopeful that this topic will continue to be at the forefront of our agenda
Explanation
Despite slow progress that may seem frustrating, maintaining dialogue and keeping cybersecurity issues at the forefront of international agendas is essential. Trust and confidence form the foundation for responsible behavior, making continued dialogue crucial for finding both mitigating and preventive measures.
Evidence
Progress may seem slow and frustrating, but keeping issues at forefront of agenda enables finding solutions
Major discussion point
Multi-stakeholder Engagement and Capacity Building Needs
Topics
Cybersecurity | Legal and regulatory
Disagreed with
– Kaja Ciglic
Disagreed on
Pace of multilateral progress versus urgency of threat landscape
Moliehi Makumane
Speech speed
129 words per minute
Speech length
1056 words
Speech time
488 seconds
Shift from awareness-raising about voluntary norms to practical implementation and accountability measures at national level
Explanation
There has been an evolution from spending time raising awareness about what the voluntary, non-binding norms are to focusing on practical implementation and accountability. This shift was driven by the chair pushing for concrete deliverables rather than just another talk shop, moving toward more practical outcomes.
Evidence
Chair pushed for practical concrete deliverables; Survey of National Implementation adopted in 2019-2021 OEWG hosted by UNIDIR
Major discussion point
Evolution from Voluntary Norms to Concrete Implementation Mechanisms
Topics
Cybersecurity | Legal and regulatory
States increasingly incorporating cybersecurity norms into national strategies and demonstrating commitment through policy adoption
Explanation
Member states are demonstrating their commitment to voluntary norms by incorporating them into national cybersecurity strategies. This provides a mechanism for accountability even though the norms are non-binding, as states can be held to standards they have adopted in their national frameworks.
Evidence
States incorporating norms in national cybersecurity strategies; having different conversations with multistakeholder community on implementation
Major discussion point
Evolution from Voluntary Norms to Concrete Implementation Mechanisms
Topics
Cybersecurity | Legal and regulatory
Development of self-assessment tools and checklists to help states evaluate their readiness for norm implementation
Explanation
UNIDIR has developed tools like the Survey of National Implementation that allow states to self-assess their readiness to implement norms. These tools include readiness indicators such as whether states have national interpretations of norms, points of contact for incidents, and standard operating procedures for international cooperation.
Evidence
Survey includes readiness indicators like national interpretation of norms, POC focal points for malicious ICT incidents, standard operating procedures for international cooperation
Major discussion point
Evolution from Voluntary Norms to Concrete Implementation Mechanisms
Topics
Cybersecurity | Development
Capacity building must be tailored and demand-driven, addressing varying national maturity levels and rapidly evolving threat landscapes
Explanation
Member states are calling for tailored, demand-driven capacity building because multilateral agreements developed over 10 years ago are not responsive to the rapidly evolving threat landscape. However, there’s a gap in understanding exactly where member states are at the national level in terms of their capabilities and needs.
Evidence
Multilateral agreements developed 10+ years ago not responsive to current threats; gap in understanding national threat landscapes and capacity needs
Major discussion point
Multi-stakeholder Engagement and Capacity Building Needs
Topics
Cybersecurity | Development
Targeted capacity building required based on where states sit on cybersecurity maturity spectrum
Explanation
The processes have recognized that states are not starting from the same level of cybersecurity maturity, requiring very targeted and specific capacity building depending on where each state sits on the maturity ladder. The challenge is that needs emerge quickly and by the time scoping is completed, new needs may have emerged due to the rapidly changing landscape.
Evidence
Chair convened global roundtable on cyber capacity building; needs emerge quickly requiring delivery within six months or other needs crop up
Major discussion point
Bridging Digital Divides and Ensuring Equitable Progress
Topics
Cybersecurity | Development
Agreed with
– Glen Prichard
– Participant
Agreed on
Capacity building must be tailored to different national development levels and maturity
Kaja Ciglic
Speech speed
141 words per minute
Speech length
1305 words
Speech time
552 seconds
Threat landscape deteriorating with increased ransomware operations and convergence between nation-state actors and cybercriminals
Explanation
The cybersecurity threat landscape is getting worse daily, with continued increases in ransomware operations and growing convergence between nation-state actors and cybercriminals. This convergence involves these groups working together more frequently, with states either tolerating or actively participating in cybercrime operations targeting other countries.
Evidence
Continued increase in ransomware operations; nation-state actors and cybercriminals working together more frequently; states violating due diligence norm by tolerating cybercrime operators
Major discussion point
Current Cybersecurity Threat Landscape and Private Sector Perspective
Topics
Cybersecurity
Microsoft observes 600 million identity attacks daily and processes 80 trillion security signals, requiring AI-assisted defense systems
Explanation
The scale of cyberattacks has reached levels that no human could handle, with Microsoft seeing close to 600 million identity attacks per day and tracking over 80 trillion signals from across their network daily. This massive scale necessitates the use of AI to assist with defense and threat detection.
Evidence
600 million identity attacks per day; 80 trillion signals tracked daily across Microsoft network; scale requires AI assistance
Major discussion point
Current Cybersecurity Threat Landscape and Private Sector Perspective
Topics
Cybersecurity
AI being used more for defensive purposes while attackers use it primarily as productivity tool rather than for innovative attacks
Explanation
There’s increased use of AI for defense purposes, including searching for vulnerabilities and empowering cyber defenders with recommendations. However, attackers are primarily using AI as a productivity tool for tasks like drafting better phishing emails and collecting email addresses, rather than driving innovative attacks.
Evidence
AI used for defense to search vulnerabilities and empower defenders; attackers use AI for productivity like drafting phishing emails and collecting addresses, not innovative attacks
Major discussion point
Current Cybersecurity Threat Landscape and Private Sector Perspective
Topics
Cybersecurity
Importance of continuous consultation between state-led dialogues and technical community, though access barriers persist for private sector
Explanation
It’s crucial that state-led dialogues consult with the multi-stakeholder community, as private sector operators and civil society have important information and experiences to share. However, access barriers persist, with Microsoft being blocked from participation by countries in various processes, limiting transparency and information sharing.
Evidence
Microsoft gets blocked by countries every time they apply for participation, normally by one, sometimes by two, recently by three countries
Major discussion point
Multi-stakeholder Engagement and Capacity Building Needs
Topics
Cybersecurity | Legal and regulatory
Agreed with
– Glen Prichard
– Melanie Regimbal
Agreed on
Need for comprehensive multi-stakeholder engagement in cybersecurity processes
University IT curricula worldwide still lack mandatory cybersecurity components, creating gap in developer community security awareness
Explanation
There’s a significant disconnect in cybersecurity education, as the majority of leading universities worldwide do not have cybersecurity as a compulsory part of IT curricula. This creates a gap in security awareness within the developer community, despite some progress in making cybersecurity part of university programs.
Evidence
Majority of leading universities worldwide do not have cybersecurity as compulsory part of IT curricula; cybersecurity courses remain largely voluntary
Major discussion point
Prevention Through Technical Standards and Education
Topics
Cybersecurity | Sociocultural
Agreed with
– Wout de Natris
– Participant
Agreed on
Critical importance of cybersecurity education and prevention
Wout de Natris
Speech speed
168 words per minute
Speech length
244 words
Speech time
86 seconds
Emphasis needed on prevention through implementation of existing security standards and secure-by-design procurement practices
Explanation
There’s too much focus on mitigation rather than prevention in cybersecurity discussions. The solution lies in implementing long-existing security-related internet standards into products through secure-by-design principles, which nations can learn to procure through capacity building programs.
Evidence
Microsoft negotiated with Dutch government resulting in DNSSEC implementation in Microsoft systems; post-quantum computing represents urgent standards deployment opportunity
Major discussion point
Prevention Through Technical Standards and Education
Topics
Cybersecurity | Infrastructure
Agreed with
– Kaja Ciglic
– Participant
Agreed on
Critical importance of cybersecurity education and prevention
Participant
Speech speed
167 words per minute
Speech length
329 words
Speech time
118 seconds
Cybersecurity education should start with students through interactive curricula teaching safe internet and AI usage
Explanation
To change the digital future, education must start with students through interactive curricula that teach safe internet and social media usage. The speaker created a non-profit curriculum with interactive screens to teach students how to safely use the internet, social media, and AI technologies.
Evidence
Speaker created interactive curriculum with screens to teach students safe internet, social media, and AI usage; two years of research on student internet behavior
Major discussion point
Prevention Through Technical Standards and Education
Topics
Cybersecurity | Sociocultural
Agreed with
– Kaja Ciglic
– Wout de Natris
Agreed on
Critical importance of cybersecurity education and prevention
Need for strategies ensuring advanced, developing, and least developed countries can progress at similar pace through cooperation
Explanation
There’s a need to ensure that all countries – advanced, developing, and least developed – can be placed on the same level when it comes to capacity building. This requires finding strategies that enable everyone to move at the same pace through cooperation and multistakeholder approaches.
Evidence
Recognition of different development levels: advanced countries, developing countries, and less developed countries
Major discussion point
Bridging Digital Divides and Ensuring Equitable Progress
Topics
Development | Cybersecurity
Agreed with
– Glen Prichard
– Moliehi Makumane
Agreed on
Capacity building must be tailored to different national development levels and maturity
Sadhvi Saran
Speech speed
140 words per minute
Speech length
1781 words
Speech time
760 seconds
WSIS Action Line C5 has evolved in scope and importance over two decades, keeping pace with evolving cyber threats and technological advancements
Explanation
Since its establishment in the Geneva Plan of Action in 2003, Action Line C5 on building confidence and security has grown to address the increasingly complex digital ecosystem. The action line now intersects with issues of peace, development, and human rights as cyber threats have become more cross-border and transnational in nature.
Evidence
Established in Geneva Plan of Action 2003; evolved over past couple of decades; digital ecosystem more complex, cross-border and transnational; intersecting with peace development and human rights
Major discussion point
WSIS Action Line C5 Evolution and Framework
Topics
Cybersecurity | Legal and regulatory
Addressing current cybersecurity challenges requires unified multilateral and multi-stakeholder efforts with enhanced global collaboration
Explanation
The ITU emphasizes that tackling today’s cybersecurity challenges necessitates coordinated efforts across multiple levels – global, national, regional, and subnational. This approach should focus on developing agile, adaptive frameworks and trustworthy technical standards that balance government requirements with industry needs.
Evidence
ITU as UN Specialized Agency for Digital Technologies and facilitator for Action Line C5; need for collaboration at global, national, regional, subnational levels; focus on agile, adaptive frameworks and trustworthy technical standards
Major discussion point
WSIS Action Line C5 Evolution and Framework
Topics
Cybersecurity | Legal and regulatory
Agreed with
– Glen Prichard
– Melanie Regimbal
Agreed on
Importance of multilateral cooperation and consensus-building in cybersecurity governance
AI governance discussions are drawing parallels from cybersecurity norms development experience for regulatory and policy frameworks
Explanation
The conversations around AI governance are attempting to learn from the cybersecurity space’s experience in developing norms and standards. Even though cybersecurity norms are non-binding, they have influenced how nations practice regulation and policy in that domain, providing a model for AI governance approaches.
Evidence
AI governance conversations drawing parallels with cybersecurity norms development; cybersecurity norms influencing national regulation and policy practices
Major discussion point
Cross-Domain Learning Between Cybersecurity and AI Governance
Topics
Cybersecurity | Legal and regulatory
UN interagency working group on AI has identified over 60 existing international instruments that directly apply to AI governance
Explanation
Rather than creating entirely new frameworks for AI governance, there is significant potential to interpret and apply existing international instruments to AI governance challenges. The UN interagency working group has found that many current international legal and regulatory frameworks can be adapted for AI governance purposes.
Evidence
UN interagency working group on AI found over 60 existing international instruments that would directly apply to AI governance
Major discussion point
Cross-Domain Learning Between Cybersecurity and AI Governance
Topics
Legal and regulatory
ITU has been actively participating in cybersecurity processes, particularly supporting the points of contact directory development
Explanation
The International Telecommunication Union has been closely following and participating in various cybersecurity initiatives, with particular involvement in supporting the development and implementation of the global points of contact directory. This demonstrates the organization’s commitment to supporting multilateral cybersecurity efforts.
Evidence
ITU participating very actively in cybersecurity processes; particular involvement in points of contact directory setup and operation
Major discussion point
Multi-stakeholder Engagement and Capacity Building Needs
Topics
Cybersecurity | Infrastructure
Agreements
Agreement points
Importance of multilateral cooperation and consensus-building in cybersecurity governance
Speakers
– Glen Prichard
– Melanie Regimbal
– Sadhvi Saran
Arguments
Convention represents major multilateral achievement despite geopolitical tensions, involving 155 member states and extensive stakeholder participation over three years
Working group operates by consensus and has achieved three annual reports approved unanimously, demonstrating global commitment to cybersecurity cooperation
Addressing current cybersecurity challenges requires unified multilateral and multi-stakeholder efforts with enhanced global collaboration
Summary
All speakers emphasized the critical importance of multilateral cooperation and consensus-building in cybersecurity governance, highlighting that achieving agreement among nations in the current geopolitical climate represents a significant accomplishment and demonstrates the universal recognition of cybersecurity as a priority issue.
Topics
Cybersecurity | Legal and regulatory
Need for comprehensive multi-stakeholder engagement in cybersecurity processes
Speakers
– Glen Prichard
– Melanie Regimbal
– Kaja Ciglic
Arguments
Convention includes strong preventative measures and calls for cooperation between states, private sector, and civil society organizations
Need for stronger modalities to ensure diverse stakeholder participation in cybersecurity governance mechanisms
Importance of continuous consultation between state-led dialogues and technical community, though access barriers persist for private sector
Summary
There is strong consensus that effective cybersecurity governance requires meaningful participation from all stakeholders – governments, private sector, civil society, and technical communities – with proper modalities to ensure their voices are heard in decision-making processes.
Topics
Cybersecurity | Legal and regulatory
Capacity building must be tailored to different national development levels and maturity
Speakers
– Glen Prichard
– Moliehi Makumane
– Participant
Arguments
Convention aims to establish common standards globally to eliminate safe havens for cybercriminals and bring all countries to same level
Targeted capacity building required based on where states sit on cybersecurity maturity spectrum
Need for strategies ensuring advanced, developing, and least developed countries can progress at similar pace through cooperation
Summary
All speakers agreed that capacity building efforts must recognize that countries start from different levels of cybersecurity maturity and require tailored, targeted approaches to bring everyone to common standards while eliminating safe havens for cybercriminals.
Topics
Cybersecurity | Development
Critical importance of cybersecurity education and prevention
Speakers
– Kaja Ciglic
– Wout de Natris
– Participant
Arguments
University IT curricula worldwide still lack mandatory cybersecurity components, creating gap in developer community security awareness
Emphasis needed on prevention through implementation of existing security standards and secure-by-design procurement practices
Cybersecurity education should start with students through interactive curricula teaching safe internet and AI usage
Summary
There is strong agreement that prevention through education is crucial, starting from university curricula and extending to students at all levels, with emphasis on implementing existing security standards and secure-by-design principles rather than just focusing on mitigation after incidents occur.
Topics
Cybersecurity | Sociocultural
Similar viewpoints
Both speakers emphasized that achieving consensus in cybersecurity governance represents a remarkable accomplishment given current geopolitical tensions, with both processes involving extensive stakeholder participation and demonstrating global commitment to cooperation.
Speakers
– Glen Prichard
– Melanie Regimbal
Arguments
Convention represents major multilateral achievement despite geopolitical tensions, involving 155 member states and extensive stakeholder participation over three years
Working group operates by consensus and has achieved three annual reports approved unanimously, demonstrating global commitment to cybersecurity cooperation
Topics
Cybersecurity | Legal and regulatory
Both speakers recognized that the rapidly evolving threat landscape requires adaptive and responsive approaches, with Makumane focusing on the capacity building response and Ciglic detailing the specific nature of emerging threats.
Speakers
– Moliehi Makumane
– Kaja Ciglic
Arguments
Capacity building must be tailored and demand-driven, addressing varying national maturity levels and rapidly evolving threat landscapes
Threat landscape deteriorating with increased ransomware operations and convergence between nation-state actors and cybercriminals
Topics
Cybersecurity
Both speakers advocated for prevention-focused approaches, with de Natris emphasizing technical standards implementation and the participant focusing on educational prevention starting with students.
Speakers
– Wout de Natris
– Participant
Arguments
Emphasis needed on prevention through implementation of existing security standards and secure-by-design procurement practices
Cybersecurity education should start with students through interactive curricula teaching safe internet and AI usage
Topics
Cybersecurity | Sociocultural
Unexpected consensus
AI’s current limited role in innovative cyberattacks despite widespread concerns
Speakers
– Kaja Ciglic
Arguments
AI being used more for defensive purposes while attackers use it primarily as productivity tool rather than for innovative attacks
Explanation
It’s unexpected that despite widespread fears about AI enabling sophisticated cyberattacks, the private sector perspective reveals that AI is currently being used more for defense than for innovative attacks, with attackers primarily using it as a productivity tool for basic tasks like drafting phishing emails.
Topics
Cybersecurity
Successful multilateral cooperation despite global geopolitical tensions
Speakers
– Glen Prichard
– Melanie Regimbal
Arguments
Convention represents major multilateral achievement despite geopolitical tensions, involving 155 member states and extensive stakeholder participation over three years
Working group operates by consensus and has achieved three annual reports approved unanimously, demonstrating global commitment to cybersecurity cooperation
Explanation
It’s remarkable that in an era of significant geopolitical tensions and global disagreements, cybersecurity has emerged as an area where nations can still achieve consensus and multilateral cooperation, suggesting that cyber threats are universally recognized as transcending political boundaries.
Topics
Cybersecurity | Legal and regulatory
Overall assessment
Summary
The discussion revealed strong consensus on the need for multilateral cooperation, comprehensive multi-stakeholder engagement, tailored capacity building, and prevention-focused approaches to cybersecurity. All speakers agreed that cybersecurity challenges require unified global responses that include all stakeholders and recognize different national starting points.
Consensus level
High level of consensus with significant implications for cybersecurity governance. The agreement across UN agencies, private sector, and civil society representatives suggests a mature understanding of cybersecurity as a global challenge requiring coordinated responses. This consensus provides a strong foundation for implementing the various frameworks and mechanisms discussed, though practical challenges around stakeholder access and capacity building implementation remain.
Differences
Different viewpoints
Pace of multilateral progress versus urgency of threat landscape
Speakers
– Kaja Ciglic
– Melanie Regimbal
Arguments
I think the, it’s, I think for us, I think we’re a little bit less optimistic than sort of some of the discussions here. I think the, well, obviously in the broader geopolitical environment, it’s important that progress is made, but oftentimes the progress is very incremental in the desire to have consensus and the threat landscape is getting worse day by day
Responsible behavior is always built on trust and confidence, and so this is the basis for the dialogue, and we’re hopeful that this topic will continue to be at the forefront of our agenda
Summary
Kaja Ciglic from Microsoft expresses pessimism about the slow pace of multilateral progress compared to rapidly deteriorating threats, while Melanie Regimbal from UNODA emphasizes the importance of maintaining dialogue and consensus-building despite slow progress
Topics
Cybersecurity | Legal and regulatory
Focus on mitigation versus prevention in cybersecurity approaches
Speakers
– Wout de Natris
– Glen Prichard
– Melanie Regimbal
– Moliehi Makumane
Arguments
What I notice in these discussions that is very often all going about mitigation and not about prevention. And what we’re advocating as a dynamic coalition is the implementation of long existing security related internet standards into products secure by design
Convention includes strong preventative measures and calls for cooperation between states, private sector, and civil society organizations
Summary
Wout de Natris argues that discussions focus too much on mitigation rather than prevention through technical standards implementation, while the UN representatives emphasize that their frameworks do include preventative measures, though perhaps not with the technical focus de Natris advocates
Topics
Cybersecurity | Infrastructure
Unexpected differences
Optimism about multilateral cybersecurity progress
Speakers
– Kaja Ciglic
– Glen Prichard
– Melanie Regimbal
Arguments
I think the, it’s, I think for us, I think we’re a little bit less optimistic than sort of some of the discussions here
Convention represents major multilateral achievement despite geopolitical tensions, involving 155 member states and extensive stakeholder participation over three years
Working group operates by consensus and has achieved three annual reports approved unanimously, demonstrating global commitment to cybersecurity cooperation
Explanation
Unexpectedly, the private sector representative (Microsoft) is more pessimistic about progress than the UN representatives, despite typically being seen as more agile and solution-oriented. This reverses the expected dynamic where private sector might be more optimistic about technological solutions while government representatives might be more cautious about diplomatic progress
Topics
Cybersecurity | Legal and regulatory
Overall assessment
Summary
The discussion reveals moderate disagreements primarily around the pace and effectiveness of current multilateral approaches versus the urgency of evolving threats, and different emphases on technical prevention versus diplomatic frameworks
Disagreement level
Low to moderate disagreement level. While speakers have different perspectives on approach and pace, they share fundamental agreement on the importance of cybersecurity cooperation, multi-stakeholder engagement, and capacity building. The disagreements are more about methodology and urgency rather than fundamental goals, suggesting potential for constructive dialogue and complementary approaches rather than irreconcilable differences
Partial agreements
Partial agreements
Similar viewpoints
Both speakers emphasized that achieving consensus in cybersecurity governance represents a remarkable accomplishment given current geopolitical tensions, with both processes involving extensive stakeholder participation and demonstrating global commitment to cooperation.
Speakers
– Glen Prichard
– Melanie Regimbal
Arguments
Convention represents major multilateral achievement despite geopolitical tensions, involving 155 member states and extensive stakeholder participation over three years
Working group operates by consensus and has achieved three annual reports approved unanimously, demonstrating global commitment to cybersecurity cooperation
Topics
Cybersecurity | Legal and regulatory
Both speakers recognized that the rapidly evolving threat landscape requires adaptive and responsive approaches, with Makumane focusing on the capacity building response and Ciglic detailing the specific nature of emerging threats.
Speakers
– Moliehi Makumane
– Kaja Ciglic
Arguments
Capacity building must be tailored and demand-driven, addressing varying national maturity levels and rapidly evolving threat landscapes
Threat landscape deteriorating with increased ransomware operations and convergence between nation-state actors and cybercriminals
Topics
Cybersecurity
Both speakers advocated for prevention-focused approaches, with de Natris emphasizing technical standards implementation and the participant focusing on educational prevention starting with students.
Speakers
– Wout de Natris
– Participant
Arguments
Emphasis needed on prevention through implementation of existing security standards and secure-by-design procurement practices
Cybersecurity education should start with students through interactive curricula teaching safe internet and AI usage
Topics
Cybersecurity | Sociocultural
Takeaways
Key takeaways
The UN Cybercrime Convention represents a major multilateral achievement, involving 155 member states over three years of negotiations, with signing ceremony scheduled for October 25-26 in Vietnam
The Open-Ended Working Group on ICT Security is concluding its five-year process and aims to establish a permanent mechanism for addressing cybersecurity issues through consensus-based approach
There is a clear evolution from voluntary cybersecurity norms to concrete implementation mechanisms, with states increasingly incorporating norms into national strategies
The cybersecurity threat landscape is deteriorating rapidly, with increased ransomware operations and convergence between nation-state actors and cybercriminals
Multi-stakeholder engagement remains crucial but faces barriers, particularly for private sector participation in state-led dialogues
Prevention through technical standards implementation and cybersecurity education starting at student level is essential for long-term security
Capacity building must be tailored to different national maturity levels while ensuring equitable progress across developed and developing countries
Resolutions and action items
UNODC to support countries with ratification of the UN Cybercrime Convention and harmonization of legal frameworks
Registration for the Vietnam signing ceremony to open soon on the convention’s webpage
UNODA to continue managing the global intergovernmental points of contact directory with over 120 participating states
Final report of the Open-Ended Working Group to be concluded the day after this session
WSIS stakeholders to support modalities for stakeholder engagement in future permanent cybersecurity mechanisms
Dynamic Coalition on Internet Standards Security and Safety offers assistance with capacity building on secure-by-design implementation
Unresolved issues
How to bridge the gap between slow multilateral progress and rapidly evolving cyber threats
Ensuring equitable participation of all stakeholders, particularly addressing financial and access barriers
Balancing state sovereignty with need for global cooperation in cybersecurity governance
Addressing the convergence between nation-state actors and cybercriminals while maintaining diplomatic relations
Implementing secure-by-design principles across diverse national procurement systems
Making cybersecurity education mandatory in university IT curricula globally
Developing responsive capacity building that addresses both current needs and future threats
Suggested compromises
Stakeholders should have ‘a voice, not a vote’ in state-led cybersecurity dialogues
Hybrid meeting options to reduce financial burden and environmental impact while maintaining participation
Sponsorship programs focusing on women and developing country delegates to improve participation balance
Complementary rather than competing mechanisms between different UN cybersecurity processes
Tailored, demand-driven capacity building that recognizes different national starting points rather than one-size-fits-all approaches
Continuous consultation processes between state-led dialogues and multi-stakeholder community rather than isolated negotiations
Thought provoking comments
The fact that we could come together and have member states agree on a common framework to combat and prevent cybercrime shows the importance of this thing, because there’s not many things that the world are agreeing on at the moment, and the fact that they all come together and agreed on that.
Speaker
Glen Prichard
Reason
This comment reframes the cybercrime convention not just as a technical achievement, but as a rare example of successful multilateralism in an increasingly fragmented geopolitical landscape. It highlights the unique urgency that cybercrime presents, transcending traditional political divisions.
Impact
This observation set a tone of cautious optimism for the discussion and established cybersecurity as a unifying issue that can bridge geopolitical divides, influencing how other panelists framed their own processes as achievements despite global tensions.
We see close to 600 million identity, just identity attacks per day. We track over 80 trillion signals from across our network again on a daily basis, which is not something that any human could handle.
Speaker
Kaja Ciglic
Reason
These staggering numbers provide concrete evidence of the scale mismatch between current threats and human capacity to respond. This shifts the discussion from abstract policy frameworks to the urgent reality of what organizations are facing daily.
Impact
This comment created a stark contrast with the slower-paced multilateral processes discussed earlier, highlighting the tension between the speed of threats and the pace of international cooperation. It reinforced the need for AI-assisted defense and challenged the adequacy of current approaches.
We are seeing increasing convergence between nation state actors and cyber criminals… they’re either tolerating to try to be charitable to a lot of them, and violating the norm of due diligence, cybercrime operators acting outside from their country, attacking other countries, or sometimes actively participating through their cybersecurity apparatus.
Speaker
Kaja Ciglic
Reason
This comment exposes a fundamental challenge to the state-centric approach of UN processes – when states themselves are part of the problem through tolerance or active participation in cybercrime. It questions the basic assumptions underlying international cooperation frameworks.
Impact
This observation added complexity to the discussion by highlighting the limitations of state-led solutions when states themselves may be complicit. It implicitly challenged the optimism of earlier speakers about international cooperation and introduced the theme of accountability gaps.
What I notice in these discussions that is very often all going about mitigation and not about prevention… we’re advocating as a dynamic coalition is the implementation of long existing security related internet standards into products secure by design.
Speaker
Wout de Natris
Reason
This comment fundamentally challenges the entire framing of the discussion by pointing out that much focus is on responding to problems rather than preventing them through better technical implementation. It suggests that solutions already exist but aren’t being deployed.
Impact
This intervention shifted the conversation from high-level policy frameworks to practical technical implementation, introducing the concept that prevention through secure-by-design approaches might be more effective than the mitigation-focused international processes being discussed.
If you look at university curriculums around the world… the majority of leading universities with pretty much anywhere around the world do not have cybersecurity as a compulsory part of IT curriculums, it demonstrates that there continues to be a disconnect about the importance of how important thinking about security is.
Speaker
Kaja Ciglic
Reason
This comment identifies a fundamental structural problem in how the next generation of IT professionals is being trained, suggesting that the cybersecurity crisis is being perpetuated at the educational level. It connects current threats to systemic educational gaps.
Impact
This observation broadened the discussion beyond immediate policy responses to longer-term structural changes needed in education systems. It reinforced the earlier audience comment about starting with students and added urgency to educational reform as a cybersecurity imperative.
Because the norms are voluntary and non-binding, a lot of time and effort has gone into raising awareness about what the norms are… though non-binding and voluntary, are reasonable standards of expectations for behavior of member states in cyberspace.
Speaker
Moliehi Makumane
Reason
This comment highlights a key tension in international governance – the gap between voluntary norms and binding enforcement. It suggests that even non-binding agreements can have normative power, but questions remain about their practical effectiveness.
Impact
This observation provided nuance to the discussion about the effectiveness of international processes, suggesting that progress shouldn’t only be measured by binding agreements but also by the establishment of behavioral expectations and their integration into national policies.
Overall assessment
These key comments collectively shaped the discussion by introducing multiple layers of complexity and tension that weren’t apparent in the initial presentations. While the UN representatives presented their processes as achievements in multilateral cooperation, the private sector perspective and audience interventions revealed significant gaps between policy frameworks and operational realities. The discussion evolved from celebrating international cooperation to acknowledging the limitations of state-centric approaches, the scale mismatch between threats and responses, and the need for more fundamental changes in technical implementation and education. The most impactful comments challenged the underlying assumptions of the international processes being discussed, shifting the conversation from ‘how to improve current approaches’ to ‘whether current approaches are adequate.’ This created a more honest and comprehensive dialogue about the true challenges facing cybersecurity governance, moving beyond diplomatic optimism to confront practical limitations and structural problems.
Follow-up questions
How can WSIS stakeholders contribute to and benefit from the processes that UNODA is leading, given the complex landscape of cybersecurity governance?
Speaker
Sadhvi Saran
Explanation
This was posed as a direct question to understand how the World Summit on the Information Society framework can better integrate with and support UN disarmament processes in cybersecurity
How can the Action Line C5 evolve to meet the shifting cybersecurity landscape?
Speaker
Sadhvi Saran
Explanation
This question addresses the need to adapt existing frameworks to respond to rapidly evolving cyber threats and technological changes
What can organizations like the UN do to bridge the gap between state-led dialogues and the perspectives of the technical community and industry?
Speaker
Sadhvi Saran
Explanation
This explores the challenge of ensuring meaningful multi-stakeholder participation in intergovernmental cybersecurity processes
How can existing international laws and norms be interpreted and applied to AI governance?
Speaker
Sadhvi Saran
Explanation
This relates to applying lessons learned from cybersecurity governance to emerging AI governance challenges, building on the finding that over 60 existing international instruments could apply to AI
How can secure-by-design principles and internet security standards be better implemented in government procurement and capacity building?
Speaker
Wout de Natris
Explanation
This addresses the gap between focusing on mitigation versus prevention, emphasizing the need for proactive security measures in ICT procurement
How can cybersecurity education be integrated as mandatory components in university IT curricula globally?
Speaker
Kaja Ciglic
Explanation
This highlights the disconnect between the importance of cybersecurity and its optional status in most university IT programs worldwide
How can capacity building strategies ensure all countries (advanced, developing, and least developed) can progress at a more equitable pace in cybersecurity capabilities?
Speaker
Online participant (Kunle)
Explanation
This addresses the challenge of bridging the digital divide and ensuring inclusive cybersecurity capacity building across different development levels
How can cybersecurity education and awareness programs be developed and implemented at the student level to shape future digital citizens?
Speaker
Professor Nabi
Explanation
This focuses on the need for early intervention in cybersecurity education to build a more security-conscious next generation
How can capacity building programs be made more responsive to rapidly evolving threat landscapes while maintaining effectiveness?
Speaker
Moliehi Makumane
Explanation
This addresses the challenge of delivering timely and relevant capacity building when cyber threats and needs change faster than traditional program development cycles
Disclaimer: This is not an official session record. DiploAI generates these resources from audiovisual recordings, and they are presented as-is, including potential errors. Due to logistical challenges, such as discrepancies in audio/video or transcripts, names may be misspelled. We strive for accuracy to the best of our ability.