Agenda item 5: discussions on substantive issues contained in paragraph 1 of General Assembly resolution 75/240 (continued)/5/OEWG 2025

Summary

This transcript covers the 8th meeting of the 10th substantive session of the Open-Ended Working Group on Security of and the Use of ICTs, focusing on capacity building and regular institutional dialogue. The discussion centered on establishing a future permanent mechanism for addressing cybersecurity issues at the UN level. Delegates from various countries and regional groups presented their positions on the structure and modalities of this mechanism.

Key points of debate included the composition of thematic working groups, stakeholder participation, and decision-making processes. Many countries emphasized the importance of capacity building, particularly for developing nations, to address the digital divide and enhance cybersecurity capabilities. There was general agreement on the need for an inclusive, action-oriented approach, but disagreements persisted on specific implementation details.

Some delegates advocated for a pillar-based structure aligned with the existing framework, while others supported a more cross-cutting, issue-focused approach. The role of non-governmental stakeholders was another contentious issue, with some countries pushing for greater inclusion and others emphasizing the intergovernmental nature of the process.

The Chair expressed concern about the lack of progress towards consensus, urging delegates to show more flexibility in their positions. He emphasized the limited time remaining before the July deadline and the need to find common ground on key issues to ensure a smooth transition to the permanent mechanism. The Chair stressed the importance of balancing different approaches and warned of the consequences of failing to reach consensus, including the potential unraveling of years of work in this area.

Keypoints

Major discussion points:

– Structure and format of the future permanent mechanism, including proposals for thematic working groups vs. maintaining the current pillar-based approach

– Modalities for stakeholder participation in the future mechanism

– Capacity building as a key priority and how to incorporate it into the future mechanism

– Decision-making processes and the role of consensus

– Time constraints and need for flexibility to reach agreement before July deadline

Overall purpose/goal:

The purpose of this discussion was to work towards consensus on the structure and modalities of a future permanent UN mechanism on ICT security, building on the work of the current Open-Ended Working Group before its mandate ends in July 2025.

Tone:

The tone was initially diplomatic but became more urgent and frustrated as the discussion progressed, particularly in the Chair’s closing remarks. The Chair expressed concern about entrenched positions and lack of flexibility, urging delegates to be more open to compromise in order to reach consensus before time runs out. There was an undercurrent of tension between different blocs of countries with competing visions for the future mechanism.

Speakers

– Chair: Facilitator of the Open-Ended Working Group session

– Russian Federation: Member state representative

– Burkina Faso: Member state representative

– Fiji: Member state representative

– Germany: Member state representative

– Ukraine: Member state representative

– Philippines: Member state representative

– France: Member state representative

– Mali: Member state representative

– Dominican Republic: Member state representative

– Kuwait: Representative speaking on behalf of the Arab Group

– Democratic Republic of the Congo: Member state representative

– Samoa: Member state representative

– Paraguay: Member state representative

– OAS: Representative of the Organization of American States

– OSCE: Representative of the Organization for Security and Co-operation in Europe

– World Bank: Representative of the World Bank

– ODA: Catherine Preisman, Secretariat Representative from UN Office for Disarmament Affairs

– African Group – Nigeria: Representative speaking on behalf of the African Group

– Nicaragua: Representative speaking on behalf of a group of like-minded countries

– European Union: Representative speaking on behalf of EU member states and other aligned countries

– Arab group – Kuwait: Representative speaking on behalf of the Arab Group

– Argentina: Representative speaking on behalf of a group of Latin American countries

– Venezuela: Member state representative

– Mexico: Member state representative

– Morocco: Member state representative

– United States: Member state representative

Additional speakers:

– Catherine Preisman: Secretariat Representative from UN Office for Disarmament Affairs (ODA)

Expanded Summary of the 8th Meeting of the 10th Substantive Session of the Open-Ended Working Group on Security of and the Use of ICTs

The 8th meeting focused on establishing a future permanent mechanism for addressing cybersecurity issues at the UN level. Discussions centered on the structure, stakeholder participation, decision-making processes, and priorities for this mechanism.

1. Structure and Format of the Future Permanent Mechanism

Delegates proposed various approaches to the structure:

– Morocco advocated for dedicated thematic groups with a streamlined approach.

– The African Group (represented by Nigeria) proposed three distinct groups on threats/prevention, international law/norms, and capacity building.

– France suggested three overarching groups on resilience, cooperation, and stability, and mentioned a new discussion paper on thematic groups and meeting structure.

– The United States opposed standalone groups, preferring to maintain the existing OEWG format.

– Argentina called for a specialized working group on capacity building.

– Mexico proposed a flexible hybrid participation model.

2. Stakeholder Participation Modalities

Views differed on non-governmental stakeholder involvement:

– Nicaragua advocated for maintaining current OEWG modalities.

– The United States pushed for enhanced stakeholder participation, including in thematic groups.

– Mexico proposed a structured framework aligned with the “voice not vote” principle.

– Morocco emphasized the need for clear guarantees and a verification process.

– The United States suggested an accreditation process allowing voting on objections without the chair as intermediary.

3. Decision-Making Process

Conflicting views emerged on the decision-making process:

– Nicaragua and Venezuela insisted on consensus among member states for all decisions.

– Mexico argued against viewing consensus as 193 vetoes, suggesting following General Assembly rules of procedure, including voting.

4. Focus and Priorities for Future Work

Delegates outlined various priorities:

– Venezuela called for developing a legally binding instrument on ICT security.

– The European Union emphasized implementing the existing framework and identifying potential gaps.

– The Arab group (represented by Kuwait) focused on prevention of cyber threats and applicability of international law.

– Multiple delegations, including Burkina Faso and Venezuela, prioritized addressing the digital divide between the Global North and South.

– The Russian Federation emphasized avoiding politicization and respecting state sovereignty in capacity building efforts.

5. Capacity Building

Broad agreement on the importance of capacity building, with differing views on implementation:

– The Philippines proposed establishing a dedicated capacity building portal and voluntary fund.

– The European Union suggested capacity building should be cross-cutting across thematic groups.

– Argentina emphasized South-South, triangular and regional cooperation.

– Samoa and Fiji stressed tailoring capacity building to specific needs of each country, particularly small island developing states.

– Germany supported demand-driven, targeted capacity building approaches.

– Several speakers, including Fiji and Germany, raised the importance of incorporating a gender perspective in capacity building.

The Global Roundtable on Capacity Building was referenced positively by several delegates.

6. Role of Regional Organizations

The OAS and OSCE representatives highlighted potential roles for regional organizations:

– Key role in capacity building and implementing UN mandates

– Acting as interlocutors and knowledge-sharing platforms

– Supporting policy setting and regional cooperation

7. Resources and Funding

Ensuring adequate resources was a key concern:

– Morocco called for adequate and sustainable funding.

– Kuwait proposed establishing a UN voluntary fund to support participation and capacity building.

– The World Bank representative noted $270 million allocated for cybersecurity capacity building in 2025 and mentioned their cybersecurity trust fund.

Chair’s Concerns and Closing Remarks

The Chair expressed growing concern about the lack of progress towards consensus, urging delegates to show more flexibility. He emphasized the limited time remaining before the July 2025 deadline and the need to find common ground on key issues. The Chair stressed balancing different approaches, using a metaphor of building a house to illustrate the need for both pillar-based and cross-cutting elements. He also commented on the potential use of AI chatbots in the process.

Conclusion

The discussion highlighted the complex challenges in establishing a future permanent mechanism for addressing cybersecurity issues at the UN level. While there was broad agreement on the importance of capacity building and the need for focused discussions, significant work remains to negotiate the specifics of the mechanism’s structure, stakeholder participation, and decision-making processes. The urgency of finding compromise solutions was underscored to ensure the establishment of an effective and widely accepted framework for addressing global cybersecurity challenges before the July 2025 deadline.

Chair: Good afternoon, distinguished delegates. The 8th meeting of the 10th substantive session of the Open-Ended Working Group on Security of and the Use of ICTs is now called to order. We’ll continue our consideration of the agenda item relating to capacity building. And as I indicated before we adjourn, we have about 15 speakers, and we will go to them at this point before we move on to the next item. I have on the list Russian Federation to be followed by Burkina Faso. Russian Federation, you have the floor, please.

Russian Federation: Thank you, Mr. Chairman. One of the priorities of the Open-Ended Working Group is to develop practical action-oriented recommendations and proposals on capacity building in the field of ICT security. We believe that such measures should address the specific needs of the Global South countries to bridge the digital divide. They should be depoliticized and open, and they should be aimed at respecting the principle of state sovereignty. At the same time, we deem unacceptable any attempts to curtail countries’ access to advanced ICTs and to strengthen their technological dependence on states that dominate in this field. This includes through monopolization by certain countries and or with their assistance by private companies on the ICT market. We note the efforts of the OEWG on capacity building in the field of International Information Security, IIS. We wish to comment on the thematic reports circulated by the UNODA in February 2023. While we are still carefully examining both documents, we’re prepared to share our preliminary assessments. In principle, we commend the paper on the parameters of the Future Voluntary Fund to support capacity building. We agree with the proposal to focus its efforts on facilitating the in-person participation of delegates from developing countries in the Future Permanent Mechanism on IIS, as well as supporting thematic initiatives. We share the idea that all decisions on the new structure should be made by states. We have no objections to designating the UNODA as the fund’s administrator. At the same time, we would like to highlight several provisions of the report that should be improved. In particular, we believe that capacity building initiatives should be targeted not only at the implementation of the voluntary rules of behavior, but also at the development of new norms, including legally binding ones, in line with the consensual understanding of the framework of responsible behavior in information space, as well as the mandate of the Future Permanent Negotiating Body. We are wary about the idea that the fund will be sponsored both by states and non-governmental organizations. Such structures and the companies that back them might attempt to exert pressure on beneficiary countries with a view to influencing their approaches to key aspects of IIS. We cannot agree with the language about the acknowledgment by states of the mapping exercise carried out by the UN Secretary to survey the landscape of capacity building initiatives. At the previous sessions of the OEWG, the Russian delegation underscored that our country’s contribution on this matter had virtually not been reflected. There’s also an excessive emphasis paid to gender aspects. We trust that the UNODA will prepare an updated version of the report that takes into consideration our objections. As for the document summarizing the positions of states on the Global ICT Security Cooperation and Capacity-Building Porter, we see the risks that it will be politicized in the idea that it will be focused inter alia on voluntary reporting by states on the implementation of non-binding rules of behavior as well as information sharing on threats and incidents in the ICT field. We assume that NGO contributions should be published only for the information of states. As we see it, one should also think about how the content of the portal’s section on capacity-building initiatives in the field of ICT security will correlate with the efforts of the future voluntary fund. We trust that the updated version of the report will clearly set out the main purpose of the portal, which is to serve as the official website of the successor body of the OEWG and as an online repository of developments and initiatives in the field of IIS. It is also crucial to highlight the leading role of states in populating the online portal. The full version of the Russian contribution related to the portal is available on the OEWG’s website. Mr. Chairman, now we would like to give the floor to a representative of the Ministry of Technology and Communications of the Russian Federation to present our national efforts on capacity-building in developing countries. Distinguished colleagues, We are guided in this activity by the principles of respecting the sovereignty of states and ensuring their domestic legislation. Considering the needs of the states of the Global South, we pay particular emphasis to training ICT security staff. We are prepared to accept requests by any partners that are interested. In coordination with the private sector, we organize informational events every year providing assistance to developing countries in IIS. There’s one major event. It was the first ministerial conference of the Russia-Africa Forum. It was held in Sochi. That was on the 9th to 10th of November, 2024. This conference demonstrated the interest of African partners in Russian initiatives in the field of IIS. With the assistance of the National Association of International Information Security, we are planning to hold in 2025 the 9th International Forum entitled Partnership of the State, Business and Civil Society in Ensuring International Information Security. That will be in Moscow in September of 2025. The International Conference on International Information Security entitled Kuban Cyber Security Conference 2025 will be held in Sochi in October. There’s also the International Conference entitled Cyber Stability, Approaches, Prospects and Challenges. That will be in Moscow in December 2025. We note in particular the convening on the 6th and 7th of June in Nizhny Novgorod of the first global cyber forum that will be held on the margins of the conference Digital Industry of Industrial Russia. This event, with the participation of states from the Global South, will help demonstrate Russian ICT solutions. It will share experience on the development of software and hardware based on open code and in compliance with the legislation of the countries in which such ICT products are used. Our partners are very interested in coordination of efforts to strengthen ICT security measures. One can see this in the international cyber championships and cyber trainings held in our country. These competitions are traditionally held as public-private partnerships, and they bring together information security specialists to practice their skills in combating computer attacks in near real-life conditions. These events are already slated to be held in the context of one of the largest international forums in the Russian Federation in 2025. We invite interested states to participate in them, and we are prepared to render the necessary assistance. Thank you.

Chair: Thank you very much, Russian Federation, for your contributions. Burkina Faso to be followed by Fiji.

Burkina Faso: Mr. Chairman, since this is the first time that Burkina Faso is taking the floor, our delegation wishes to address to you, as well as to the members of your team, our congratulations on the excellent work you are doing. We assure you of our support, and we wish you every success in your mission. Burkina Faso aligns itself with the positions expressed by the African group, and we note with interest the points brought forth by the Russian Federation in this working group. Mr. Chairman, Burkina Faso commits itself to ensure that the digital domain is an avenue for development, including with the adoption of the law on the international security system, the fight against cybercriminality, as well as norms on cybersecurity and the establishment of the platform. My delegation fully supports the concerns expressed at the beginning of our work with regard to the real threat which exists in cyberspace. Indeed, technological developments, artificial intelligence, and quantum computing are subject to sophisticated terms. Burkina Faso supports capacity-building for stakeholders in order to face cyber threats. For our country, capacity-building in this domain is strategic, and it is specifically for developing countries. In addition to digital transformation, these countries are exposed and vulnerable to cyber threats. The development of skills in cybersecurity are needed to guarantee and to strengthen our position against attacks. This is given innovation and with a view to economic development. Mr. Chairman, in this dynamic, Burkina Faso wishes to emphasize the need to establish links between training programs and the existing threats in order to be able to adapt to the specific needs of every state. This approach is essential, given technological advances, in order to guarantee to all states the resources and skills that they need for their critical infrastructure and to strengthen their cyberspace. We insist on the need to have equitable implementation of these measures, guaranteeing to all states, irrespective of their level of technological development, access to resources, the necessary training in order to ensure their digital safety and security. In conclusion, capacity-building portal – this is an urgent and important solution. It will allow for the training of important state actors in a short period of time. Thank you.

Chair: Thank you very much, Burkina Faso, for your contribution. Fiji, to be followed by Germany.

Fiji: Thank you very much, Chair. Fiji aligns itself with the statement delivered by the Kingdom of Tonga on behalf of the Pacific Islands foreign members and delivers the following remarks in our national capacity. In that, we wish to underscore the agreed principles of capacity-building as annexed in our second APR and in our region, the Langitoye Declaration and Action Plan and Pacific for Capacity-Building and Coordination Report, which help guide states in their ICT-related capacity-building activities. In particular, the capacity-building activities should be tailored to specific needs and contexts. As other states have said, capacity-building must be inclusive, needs-based, and aligned with national priorities. In Fiji’s context, like in the case of the Pacific, and SIDS in general, we face unique challenges in addressing cyber threats, ranging from bridging the digital divide across our many remote islands, the data gaps, limited technical expertise and infrastructure constraints, the lack of economies of scale, to the increasing digital threats targeting our critical infrastructure. All of these are exacerbated by the impact of climate change and natural hazards which further compound our inherent vulnerabilities disproportionately and which requires consistent and continued targeted support. Chair Fiji’s national priorities include investing in digital infrastructure and enhancing cyber security to build a resilient and adaptable digital economy. We also prioritize strengthening digital skills and capabilities within the workforce, which is important to maintain competitiveness in a rapidly evolving digital landscape. For that reason, we support Kiribati’s comments that capacity building must be mainstreamed across the future permanent mechanism. It is against this background that Fiji also welcomes the proposal for the UN Voluntary Fund to support capacity building in ICT security, particularly for leased developed countries, landlocked developing countries and SIDS. This will enable inclusive participation of representatives from SIDS in the future permanent mechanism, ensuring that our voices, concerns and priorities are effectively represented. We also welcome the references within the fund that recognizes that the importance of gender equality is crucial for international peace and security, that it is important to take into consideration gender diversity to achieve equal, full and effective participation and the recognition of leadership of women in discussions and platforms on ICT security. Fiji expresses its agreement with the goals of the Voluntary Fund to support the participation of particularly delegates from developing countries in meetings of the future permanent mechanism and capacity building activities for states. We also support Vanuatu’s comments that capacity building activities must be ongoing and not a one-off training. Chair Fiji welcomes and thanks the Secretariat for the initial report outlining the proposal for the development and operationalization of a dedicated global information and communications technology security cooperation and capacity building portal. Fiji agrees with the objectives and purposes of the portal as outlined in part three of the paper and that the proper security measures including taking a least privilege approach are determined prior to the design of the proposed portal. In noting its proposed one-stop-shop nature and considering our limited resources we hope that once states update this portal that the information is also reviewed and updated in other portals. Fiji agrees that and as mentioned by other states the proposed portal take into account existing portals to avoid duplicating efforts. Furthermore we hope that prior to the launch of the proposed portal the proper user acceptance tests are undertaken to ensure that it meets the needs of member states. Chair Fiji also welcomes the working paper on strengthening capacity building within the framework of a future UN mechanism on the use of ICTs in the context of international security by a group of countries and looks forward to discussing specific needs of small island developing states and mapping these to existing or new initiatives with a view to proper implementation. Finally we welcome continued discussions on ICT security capacity building in these areas and particularly as Fiji advances its own digital transformation journey. We urge all states to support efforts that make ICT security capacity building more accessible effective and sustainable for all. Thank you chair.

Chair: Thank you very much Fiji for your contribution. Germany to be followed by Ukraine

Germany: Thank you, Mr. Chair, for giving me the floor. Germany fully aligns itself with the statement of the European Union and wishes to add the following remarks in its national capacity. Chair, you have rightfully mentioned it throughout this week, as we are fast approaching the finish line of our collective efforts here at the OEWG, that we should keep an open mind to end this marathon by reaching our common goal of consensus. For the past few sessions, for us it has become evident that we can agree on one important point, the need for action-oriented and demand-driven capacity building as part of the future mechanism. And we align with Ghana, Tonga, Vanuatu and many others that it should be cross-cutting and in accordance with the needs of each nation. Germany believes that this unity is something we should build on, and like for most delegations in the room, capacity building has become its top priority to promote a peaceful, open, stable, accessible and secure cyberspace, in line with implementing the UN Framework of Responsible State Behaviour. Our cyber capacity programming consequently is based on a demand-driven, targeted and principled partnership approach that strives for holistic community building between states, stakeholders and across sectors alike, due to the borderless nature of cyber threats. For example, since December, African New York-based diplomats participated in a hybrid classroom as part of a cybersecurity diplomacy online course by the Diplo Foundation, and we are happy that, as part of our ongoing AU Germany Cyber Capacity Initiative, and in close collaboration with our colleagues from Egypt, we could contribute to this initiative. This Monday, colleagues terminated their joint efforts with a scenario-based discussion dealing with a real-life incident infiltrating critical infrastructure. here at German House. From our view, this simulation served as extremely useful endeavor of bridging the gap between theoretical discussions and real life incidents by dashing out our very concrete questions in the first place. It also exemplified how the dedicated thematic working groups on resilience and others as proposed by France could provide a framework for similarly concrete discussions. Additionally, we believe that the annual global round table offers another valuable platform for a wider range of in-depth discussions on best practices and capacity building among policy makers, practitioners, and stakeholders from all sectors. Combining both fora within the future mechanism would, from our point of view, help to achieve a deeper understanding on gaps in cyber capacity building while providing more concrete actions for strengthening global cyber security capacity. Furthermore, Germany would like to extend its gratitude to UNODA for advancing our work on a dedicated global ICT security cooperation and capacity building portal, as well as the voluntary capacity building fund to complement our visual image of the action oriented future permanent mechanism. Within this regard, Germany would like to reiterate the importance of supporting states in identifying their needs for effective capacity building. As such, my delegation deems the outlined modules as part of the paper to be useful to avoid duplication of efforts and work in a coordinated manner. Moreover, we support advancing the concept of the dedicated global information and technologies security cooperation and capacity building portal in cohesion with existing initiative like the Sybil portal by GFCE, or UNIDIR cyber policy portal, and like India suggested today, it should be user friendly and accessible to all. Regarding the Voluntary Fund, it remains imperative for my delegation to put in place clear links to already existing instruments, like to the Multi-Donor Trust Fund of the World Bank, which Germany contributes to, in order to make use of possible synergies and its lessons learned for effective operationalization. Moreover, we fully agree with Australia that any resources dedicated to the Voluntary Fund should be effectively targeted and well spent. Finally, we share the sentiment of Cuba, El Salvador, and many others that a comprehensive and holistic approach to capacity building is needed to effectively address the demands of those in need, leaving no country behind. Looking at threading the combination of proposals together within the action-oriented Future Permanent Mechanism, namely the three cross-cutting dedicated thematic working groups, Resilience Cooperation and Stability, the Global Roundtable, as well as the Portal, we believe important work has been done, which we can build on to turn this vision into reality. Thank you, Mr. Chair.

Chair: Thank you very much, Germany, for your contribution. Ukraine, to be followed by the Philippines.

Ukraine: Mr. Chair, Ukraine aligns itself with the statement delivered by the European Union. We would like to make a statement in our national capacity. Ukraine emphasizes that cyber capacity building is essential for promoting a peaceful and stable online environment, including through the implementation of the UN Framework for Responsible State Behavior in Cyberspace. We advocate for the prioritization of capacity building across each of the dedicated thematic groups proposed for the program action. We cannot overlook the progress made in the third annual progress report on capacity building last year. Ukraine is ready to contribute to further elaboration of concrete proposals, including the Trust Fund and the Global Cybersecurity Cooperation. At the same time, we still need to have greater clarity on these two initiatives, especially in the context of establishing the future permanent mechanism. Moreover, as many in this room have already stated, a UN portal should not duplicate the existing functions of the UNIDIR cyber policy portal or the GFC Sibyl portal. In turn, any future UN fund must also not duplicate the work already being undertaken at the regional level. During a global roundtable on capacity building, Ukraine strongly supports this initiative, given the positive experience of convening the high-level roundtable in 2024. Mr. Chair, Ukraine continues strengthening its cyber capabilities, which is crucial for our country in the light of existing threats and challenges in the cyber domain. It is worth mentioning that since the beginning of the full-scale invasion of Ukraine by the Russian Federation, we have successfully engaged numerous professionals from the private sector in cyber defence. This has brought remarkable results. In this connection, we believe that the combination of several essential elements is vital for strengthening cyber defence and countering threats in cyberspace. In recent years, significant efforts have been made to develop human resources in the field of cybersecurity. Ukraine has launched training programs, established professional standards, and launched the Qualification Centre for Information Technologies and Cybersecurity, enhancing the professional competence of civil servants directly responsible for cyber defence as a key objective for the Action Plan for Implementing the Concept of the National Resilience System by 2025. Against this backdrop, Ukraine actively cooperates, exchanges experience and knowledge with international partners, particularly within the TALIN mechanism, bilateral security cooperation agreements and other formats. In cooperation with key partners, Ukraine has initiated joint projects, which include cyber hygiene, awareness campaigns, adaptation of cyber… diagnostic tools, and the introduction of automated systems to monitor the implementation of cyber security strategy of Ukraine. We would also like to inform UN member states that on 11 and 12 March, Kyiv will host the International Cyber Resilience Forum 2025. And taking this opportunity, we invite all interested UN member states and representatives of the stakeholder community to participate in this important event. Mr. Chair, Ukraine is ready to share its experience in countering threats in cyber and information domain, implementing joint initiatives and strengthening partnership with key partners and other states across different regions. In conclusion, Ukraine reiterates that cyber capacity building is a priority area aimed at enhancing the overall resilience of states against malicious cyber activities and supporting the implementation of agreements reached at the UN level. For us, capacity building remains one of the cornerstones of our national cyber security policy. Thank you, Mr. Chair.

Chair: Thank you very much, Ukraine, for your contribution. Philippines, to be followed by France.

Philippines: Good afternoon, Mr. Chair. The Philippines ranks among the country’s most vulnerable to cyber attacks, having faced thousands of cyber threats, including advanced persistent threats, or APTs, that have repeatedly attempted to infiltrate targeting our government agencies, academic institutions, and corporations in recent years. These highlight the increasing sophistication of these threats and their potential to significantly impact our national security and economic stability. Given this challenging cybersecurity’s landscape, the Philippines has embraced a proactive stance. Our concentrated efforts over recent years in strengthening cybersecurity, building capacity, and fostering international collaboration have yielded… significant results, as evidenced by the Philippines’ advancement to Tier 2 status in the United Nations Global Cybersecurity Index. Thus, international cooperation and capacity-building initiatives remain cornerstone elements of our cybersecurity strategy, advancing crucial discussions on secure 5G networks and open RAN architectures while emphasizing the critical nature of fortified global undersea cable networks and cloud computing infrastructures. Our commitment extends to ensuring seamless and secure flow of data across borders, advancing global data protection and privacy frameworks, and actively participating in the Global Cross-Border Privacy Rules Forum. To enhance international cyberspace stability, data security and privacy, and cyber and digital capacity-building in our region, we continue to strengthen partnerships and dialogue to advance cooperation in cyberspace, including civilian cybersecurity capacity-building, cybersecurity workforce development, maritime cybersecurity, and information sharing. As an active member of the Counter-Ransomware Initiative, the Philippines continues to strengthen its national cyber policies and capacities while contributing to global cyber resilience. We remain steadfast in our commitment to advancing cooperation that prioritizes the growth of our ICT ecosystems, laying the groundwork for thriving digital economies, and contributing to international stability in cyberspace. We take this opportunity to commend the valuable initiatives under the UNIDIR SECTEC program, especially the training in norms, international law, and cyberspace. This training has provided the Philippines with comprehensive insights into the OEWG’s progress while reinforcing crucial concepts, including norms, of responsible state behavior, fundamental principles of sovereignty, non-intervention, and self-defense, and practical approaches to addressing cyber-attack scenarios. Mr. Chair, on the proposal for the development and operationalization of a dedicated global ICT security cooperation and capacity-building portal, we commend the Secretariat’s effort in providing us with an initial report, particularly the inclusion of a needs-based capacity-building catalog. This tool will prove invaluable in assisting states to identify capacity-building requirements and access information on available resources to support identified needs. We strongly support the endorsement and establishment of this portal through this working group and advocate for its continuation within the future permanent mechanism. Thank you, Mr. Chair.

Chair: Thank you very much. Philippines. France. To be followed by Mali.

France: Mr. President. Mr. Chair, my delegation aligns itself with the statement made by the European Union, and we would like to make the following remarks in our national capacity. France strives towards responsibility, cooperation, and solidarity in its cyber-international policy. In practice, this means that France fully involves the beneficiary states in the governance of the capacity-building activities we implement with them. Indeed, as the delegation of Vanuatu observed this morning, how can we set priorities without taking the needs of states as the starting point? Allow me to share an example. We’ve already discussed it here. In 2023, with Slovenia and Montenegro, we established the Western Balkans Cyber Capacity Center to ensure that training programs continue. to meet the needs of our partners, the Center has a network of national coordinators. They are responsible for responding to beneficiaries’ requests. In an innovative fashion, in 2025, the Center will strengthen the inclusiveness of its governance by setting up an international organization, bringing together beneficiary states and voluntary donor states based on a coordination-by-design approach. At the global scale now, here there is still a clear need for cybercapacity building. We would like to thank the Latin American countries for their regional paper published this month, which provided a precise typology of the needs identified. The content of this paper has provided useful input for our own thinking on an action-oriented approach to the meetings of the dedicated thematic groups of the future POA. In the future, we propose that our discussions within these thematic groups will systematically connect states’ capacity needs with capacity-building solutions. Let’s imagine the meeting of a thematic group on resilience, whose agenda would be critical infrastructure protection. Such a meeting could be held in three stages. First, we would begin with a briefing from experts and practitioners in the area on the extent of the threat to critical infrastructures, for example, in the area of health care or banking sectors, depending on the priority needs of all states. Next, states could also share both their best practices and their needs with regard to the implementation of the agreed framework applicable to infrastructure protection. For example, this discussion could review the implementation of Norm 13G and all the pillars of the agreed framework. Finally, in a third agenda item, the meeting could look in an operational manner at capacity-building solutions to better protect our critical infrastructures. We could build on existing activities and consider new initiatives based on needs. The future program of action will thus place capacity-building needs and solutions at the heart of our discussions. This three-part meeting structure could be duplicated for any concrete challenge faced by all states to ensure that we leave no one behind. This has been in the DNA of the program of action since 2020. Mr. Chair, our objective with this new architecture is simple. It is to enable us – all of us, us cyber diplomats – to return from the meetings in New York, Geneva, or anywhere else with elements that will be useful to our colleagues who work daily on our national cyber resilience. France published a paper illustrating this approach on the OEWG website yesterday, and I invite delegations to consult it. Finally, with a view to the July session, I would like to mention our points of emphasis on the Secretariat’s two initial reports published ahead of this session. First, on the web portal, we consider that an Internet portal could usefully support the activities of the Future Mechanism, as proposed in the cross-regional working paper published in 2021 on the POA. Nevertheless, as other delegations have pointed out, It is important to take into account existing initiatives of the same kind so as to optimize synergies and avoid the risk of duplication. Next on the idea of a voluntary trust fund. That idea is also interesting. However, we must resist the temptation to create a tool that could be too cumbersome and not very operational. It’s important to support the participation of national representatives and experts in the discussions of the future mechanism. This is why we funded with the UNODA a sponsorship program with Ireland in December. On the other hand, as underscored today, the UN is not necessarily the most flexible structure for direct support for capacity-building activities. It could be better positioned to play a role in linking existing initiatives so as to implement a demand-driven approach. Thank you.

Chair: Thank you very much, France, for your contribution. Mali, to be followed by the Dominican Republic.

Mali: Thank you very much, Mr. Chairman. This is the first time that we’ve taken the floor. So on behalf of the delegation of Mali, I wish to hail your leadership and congratulate your team in this very important process. My delegation aligns itself with the statement delivered by the Federal Republic of Nigeria on behalf of the African group. We also endorse Russia’s proposal on the establishment of a legally binding instrument. We would like to deliver the following remarks in our national capacity. Mali, like other countries of the world, in particular, the African countries, recognizes the paramount importance of digital technology as a lever for transformation and socio-economic development. The very highest authorities in Mali have always expressed their strong desire to ensure the digitalization of administration, to bring about more transparency, and to ensure that users have better access to public services. The president of the transition therefore moved on the 18th of February 2025 to launch a secure IT solution in the diplomatic and consular missions of Mali abroad. The need to have a reference framework for the security of information systems and electronic transactions has always been the priority of the government of Mali. In order to lay the groundwork to foster the trust of citizens and businesses in the digital economy, this is the reason why the government of Mali has put in place appropriate legal and institutional frameworks with appropriate organizational structures, including the authority for the protection of personal data, the center for coordination and for responses to incidents linked to the security of information systems, and we have addressed artificial intelligence and robotics, et cetera. Mali has also developed a national cybersecurity strategy. That strategy is in the process of being adopted by the government, and it aims to strengthen cybersecurity and combat cybercrime in Mali by improving resilience and the robustness of information infrastructure and by building the capacity of the relevant stakeholders tasked with combating cybercrime. This strategy has three strategic pillars. These are the following. First, the improvement of cybersecurity governance with the establishment of synergy at the national level and strengthening international cooperation. Next, strengthening the culture of cybersecurity through information, training, and awareness raising of stakeholders in cyberspace about risks and through the establishment of cooperation with universities and researchers. The final pillar is the protection against security risks with the establishment of norms, standards, and reference requirements, the improvement of security and resilience of sensitive and critical infrastructures, and the combating of cybercrime. Mr. Chairman, for the delegation of Mali, the future permanent mechanism to be established in July 2025 must take into account the following priority points. The great digital divide between major global powers in developing countries, especially Africa. Next, digital cooperation among states in cyberspace governed by universal principles regarding peace and security, equity, human rights, and sustainable development, which appears more and more to be an essential condition to mobilize all the energy and all the necessary resources to sustainably stem cybercrime in all its forms and manifestations. Next, sharing of skills, sharing experience. development, protection of infrastructure, and raising the awareness of governance and the people is also a priority for my country. Developing countries must be supported as they develop and implement their policies and strategies to better address certain already existing norms while taking into account the specific features of states. And with that, I thank you.

Chair: Thank you very much, Marley, for your contribution. Dominican Republic to be followed by Kuwait.

Dominican Republic: Thank you, Chairman. The Dominican Republic reiterates its firm conviction that capacity building is an essential pillar to strengthen cybersecurity in a global sense where cyber threats are constantly evolving. Capacity building not only allows states to respond effectively to cyber incidents, but it also promotes stability, resilience, and international cooperation and cybersecurity. A chain is as strong as its weakest link. We’re all together on this, and no state should be left behind. It is imperative for capacity building efforts to be inclusive, sustainable, and adapted to the specific needs of every country. To this end, it is essential to have better coordination among multilateral bodies, regional mechanisms, and national initiatives, avoiding the duplication of efforts and maximizing the impact of investments on capacity building. It is also imperative to have key and clear indicators about the impact on capacity building so as to adequately guide these efforts. and initiatives. In our region, the Dominican Republic has been a key actor in promoting capacity building in terms of cyber security and cyber diplomacy, as well as in terms of the prosecution of cyber crime. In this regard, we emphasize the essential role played by the Organization of American States in our region and its work in capacity development on cyber security, facilitating technical training, simulation exercises, and assistance on the design of national policies. We wish to emphasize our partnership with the European Union and the establishment of the Cyber Capacity Center for Latin America and the Caribbean, LAC4, in Santo Domingo as part of its EU Cybernet project. This is in support of technical capacities, and it has facilitated specialized training and thus has contributed to the professionalization of talent in our region. We also wish to emphasize the importance of global initiatives, such as the Global Forum on Cyber Expertise, which has made it possible to consolidate a structured approach based on best practices. In this context, we promote better synergies between the programs supported by the United Nations and those supported by the ITU, the UNODC, and UNODA and UNIDIR, and other existing mechanisms, such as the World Bank, the Inter-American Development Bank, among others. Chair, we wish to appeal to this working group to continue prioritizing capacity building as a key tool to reduce the digital divide, to improve cyber security, and to guarantee that all states will have the necessary tools to meet the current and future cyber challenges. We also emphasize the importance of strengthening cooperation among the public and private sectors, academia, and civil society, ensuring that capacity development programs are comprehensive and meet the actual needs of countries. The Dominican Republic commits itself to actively contribute to global capacity-building efforts to build a safer, more resilient, and inclusive cyberspace. With regard to the relationship of the matter of capacity development and the future permanent mechanism, the Dominican Republic is part of a group of states that will make a joint statement that will be read by Argentina under the regular institutional dialogue. Thank you.

Chair: Thank you very much, Dominican Republic, for your contribution. Kuwait to be followed by the Democratic Republic of the Congo.

Kuwait: Distinguished Chairperson, distinguished delegates, in response to the initial report outlining the proposal for the development and operationalization of dedicated global information and communication technologies, security cooperation, and capacity-building portal, the State of Kuwait expressed its full support for the establishment of this member-state-driven initiative. Kuwait acknowledges the importance of a modular, one-stop-shop platform under the auspices of the United Nations. Furthermore, Kuwait supports the proposal submitted by India for the establishment of a dedicated capacity-building platform. Additionally, Kuwait welcomes the idea to link existing platforms, such as UNIDIR and GFC portal, to the global ICT portal. This integration would optimize resources and ensure that member-state benefits from a comprehensive and accessible platform. Moreover, Kuwait welcomes the UNODA as a logical entity to manage and oversee the development and operation of the proposed portal. Mr. Chairperson, building on Kuwait’s presentation during the ninth session of the OEWG and considering the positive engagement from member states and the support by League of Arab States, Kuwait remains committed to advancing practical solutions for ICT security cooperation, recognizing the urgent need to support state in implementing norms, exchanging best practices, and where necessarily developing new ones. Kuwait emphasizes the importance of streamlined mechanism for norm adoption, leverage, complement and support the existing living checklist as a comprehensive digital tool. We believe that this module would provide direct support to member states in self-monitoring and or voluntary reporting on the national implementation of the cumulative and evolving framework for responsible state behavior in cyberspace. In this regard, Kuwait proposes the inclusion of a platform for rules, norms, and principle as a dedicated module within the global ICT portal. We look forward for garnering further support from member states for this initiative as it represents an important step forward advancing the implementation of the UN Framework for Responsible State Behavior in Cyberspace. We encourage all member states to review the full proposal and presentation which has been uploaded to the OEWG website for more comprehensive understanding of this initiative and its benefits. Thank you, Mr. Chair.

Democratic Republic of the Congo: Mr. Chairman, my delegation aligns itself with the statement made by Nigeria on behalf of the African Group on Capacity Building. Given the continued development of threats in cyberspace, the existing disparities in national capacities in this regard pose major risks for international security. That fact is why the Democratic Republic of the Congo believes that capacity building remains a basic pillar in the context of our working group to allow all states to contribute to the establishment of a safe, stable, and inclusive cyberspace. Working to close these gaps will allow developing states to acquire the capacity that they need to come to grips with the issue of ICTs so they can contribute to the establishment of existing norms and can respond effectively to all sorts of threats. Mr. Chairman, the Democratic Republic of the Congo underscores the importance of international cooperation and technical assistance to face the challenges in the area of cyberspace. Hence, my delegation supports the creation of a special trust fund of the United Nations to facilitate the participation of representatives and experts from developing countries. Given the fact that capacity building needs may differ from one country to the next, my delegation supports initiatives that seek to adapt capacity-building to the specific needs of each beneficiary state, this could encompass the sharing of knowledge, skills, and technologies according to the modalities agreed on by common agreement and with no conditions. While hailing the establishment of the Global Cooperation Portal on cybersecurity, as other delegations have done before me, my delegation reaffirms the importance of developing a catalog of capacity-building activities for ICT security, one which is based on needs, in order to help states take stock of capacity-building needs and obtain information on how to request capacity-building programs and learn about resources available in this area. Mr. Chairman, we agree with the Island of Mauritius as concerns investing in education and training programs for cybersecurity so as to give government officials and other technical experts the skills they need to address cybersecurity challenges. We welcome the fellowship program provided by Singapore, which has allowed experts from my country to participate in it. My delegation supports the strengthening of the capacity of women in cyberspace, which facilitates the overcoming of challenges and it allows for them to participate on a and equal footing. We wish to – we welcome the program providing fellowships for women in international security and in cyberspace, which has facilitated since 2020 the capacity-building for female diplomats in cyberspace from a specific region. My delegation would like for this program to be expanded to allow female diplomats from other regions to benefit from it. Mr. Chairman, capacity-building also means promotion of multilingualism. As was emphasized by Djibouti in its statement, it is vital for these trainings and even the functioning of the Future Mechanism to take into account linguistic constraints to ensure equal participation for everyone. Thank you.

Chair: Thank you very much, DRC, for your contribution. Samoa to be followed by Paraguay.

Samoa: Thank you, Mr. Chair. At the outset, we would like to express our appreciation for your guidance and able leadership, as well as to the Secretariat for their support and preparatory work since the inception of this working group. I would also take this opportunity to extend my gratitude to the Government of Australia for facilitating participation in this OEWG under the Women in Cyber Fellowship, which in and of itself is an exemplary initiative that enhances capacity-building and promotes inclusivity in cyber diplomacy. Samoa aligns itself with the statement delivered by the representative of the Kingdom of Tonga on behalf of the Pacific Islands Forum. Samoa reaffirms the importance of capacity-building as a fundamental pillar. and emphasizes that such efforts must be needs-based, tailored to national context, and delivered in an inclusive, transparent, and non-discriminatory manner. CHAIR Samoa has made significant strides in enhancing its cybersecurity framework through the implementation of its National Cybersecurity Strategy, in which capacity building is a core component. The strategy aims to equip our institutions and citizens with the necessary skills and knowledge to navigate the digital landscape safely and securely. As a small island developing state, the ongoing efforts by the international community, regional organizations, and development partners to support these cybersecurity capacity building initiatives have been indispensable. We welcome and commend the suggestion regarding the global ICT security cooperation and capacity building portal, yet we also stress the need to consider value-added in the midst of existing portals, such as those offered by GFCE and UNIDIR, and hence support suggestions brought forward by other member states for either incremental development or streamlined coordination of existing resources to avoid duplication of efforts. We affirm that the future mechanism should play a critical role in facilitating capacity building efforts and ensuring that all states, particularly developing countries and small island developing states, have access to the necessary tools, expertise, and financial support to fully participate in global cyber discussions. Finally, we look forward to working constructively with stakeholders to ensure that capacity building remains at the heart of our collective efforts to promote a secure, stable, and peaceful cyberspace. Thank you, Chair.

Chair: Thank you very much, Samoa. Paraguay, please.

Paraguay: Thank you, Mr. Chairman. Paraguay believes that one of the fundamental pillars in the discussions of this group is capacity building, since it not only entails institutional growth, but also the development of skills applied to security, the security of the information and communication. And it protects against cyber threats. It guarantees the security of data and allows us to be at the vanguard of the constant development of this topic. Together with other delegations, we believe it essential for the future mechanism to include a specialized working group, specialized on capacity building, which will allow for the continuous discussion on crucial items, so as to facilitate the consolidation of national efforts in preparing policies, exchanging data and information, improving cyber security practices and incident responses. In this regard, Paraguay has joined in the proposal which has been submitted on behalf of several countries, the working paper Strengthening Capacity Building in the Framework of a Future United Nations Mechanism on the Use of ICTs in the Context of International Security. And we encourage countries to join this proposal. Paraguay wishes to thank you for your efforts, and we wish to refer briefly to several issues. With regard to the proposal on the five thematic groups, Paraguay is concerned about the participation of delegations which have a limited number of personnel. In order to follow the issues in New York, as well as in our capitals, we will show flexibility toward a consensus, however. In the proposal of the Global Portal on Cooperation and Capacity Building on the Security of ICTs, we consider this relevant, but together with other countries we agree that other existing initiatives should be made use of. so as to avoid duplication and optimize resources. We also welcome the proposal made on the United Nations Voluntary Fund, with the contribution of member states, NGOs, and academia. In this regard, it is important with regard to criteria that we take into account geographic distribution, gender, and to take into account the specific needs of each state, identify the specific technological levels and deficiencies, including transfers of technology, protection of critical infrastructure, and incident and risk management. Lastly, we wish to take this opportunity to emphasize that Paraguay has been significantly benefited by the capacities shared by other countries, NGOs, international organizations, and academia. This has contributed to reducing our country’s cybersecurity divide, and our national strategy on cybersecurity was built together with the OAS and our ministry on ICTs. We also wish to express our sincere thanks to organizations and countries that support our national efforts in strengthening the capacities of technical experts and diplomats. And I mentioned the program Women in Cyber, supported by the Government of Canada, the OAS, and the Global Forum on Cyber Expertise, the UNIDIR training course on norms, international law, and cyberspace, and the United Nations Singapore Fellowship Program, as well as other initiatives. Thank you.

Chair: Thank you very much, Paraguay, for your contribution. Three other requests to speak from intergovernmental organizations with standing invitations to participate in the work of the General Assembly. They are the OAS, OSCE, and the World Bank. So we’ll hear from all three of them. OAS to be followed by OSCE. Please, you have the floor.

OAS: Distinguished Chair of the Open-Ended Working Group, delegates, I would like to begin by thanking the Chair for the opportunity to speak today on behalf of the Organization of American States and its Inter-American Committee Against Terrorism. The complexity and frequency of cyber threats continue to challenge the capacities of governments and businesses alike to protect their critical assets. Many regions are struggling to keep up with the rapid pace of digitization, and it is in this context that I would like to highlight the role that regional organizations can play in cybersecurity capacity building. From our experience, regions should address cybersecurity workforce development as a multidimensional and multidisciplinary policy issue in order to provide education, skills development, and better access to employment and advancement in the labor market to achieve maximum overall sustainable economic growth. From the OAS, we have seen at the regional level the benefit of establishing corporation agreement with different stakeholders to provide capacity building, while also playing a unique role of serving as a platform for connecting and engaging with global bodies. As a practical example, the OAS has championed the coordination within its capacity building efforts in the Americas region with entities such as the EU, GFCE, ICRC, and ITU, to name a few, with the aim of identifying possible areas of collaboration to reduce duplication and optimize resources and efforts. We have done this even more recently, as we have began in a discussion with the ITU and EU LAC4 to collaborate on the deployment of the ITU’s. HerCybertracks, which is a program to train and mentor women in cyber security for the Americas region. Chair, yet one more example is our 10 years of implementing our annual Saba Boot Camp, held in collaboration with the government of Spain, which facilitates Latin American and Caribbean countries to be in Spain for two weeks for an international cyber security training program, which is designed to strengthen cyber security at the national, regional and global level. Chair and members, this training is open to European counterparts and we have seen over the past 10 years the strengthening of relationship across regional technical communities, which promotes trust and information exchanges. The longstanding work of the OAS in the Americas as a regional political body has demonstrated that it has been both a catalyst for policy setting in the area of cyber security and a knowledge keeper of CCCB efforts previously implemented in our region. These efforts are driven by an understanding of the need for sustainability and the fostering of peer-to-peer learning while sharing good practices with other international organizations and regional bodies, such as the OACE, governments and other stakeholders. Regional organizations can play a role with regards to cyber security exercises for incident handling and the management of cyber security aspects across various stakeholders. We can touch upon policy representatives, security forces and incident response teams. We believe, Chair, that the exchange of experiences, including in the implementation of CCB, that supports CBM’s effort can only benefit UN processes. I will close with a statement we made as far back as 2022, during the third substantive session which still stands true today. Regional organizations, such as the OAS, have long acted as interlocutors for implementing UN mandates at the regional level and support capacity for Member States to fulfill their various international obligations. while contextualizing the global UN efforts to realize these in our respective regions. As the discussion of the future permanent mechanism evolves, I want to add and emphasize that for Latin America and the Caribbean, CCB is an area where the OAS has been working for over 20 years with various UN agencies and bodies, such as UNIDIR, UNCT, and UNODC, to ensure that international responses take into account the regional cybersecurity challenges and capacities. Chair, as one more quote from the ocean cleanup founder, Boan Slat, he once said that whenever you start to work on something, you have to go about it with the underlying assumption that the puzzle has a solution. If you start putting together a jigsaw puzzle not knowing where all the pieces were in the box, it would be a difficult and not so fun exercise. Chair, as you think about your task as you lead up to July, I want you to think about this analogy, and one can actually say that regional organizations are a piece of that puzzle in that puzzle box as you discuss the future mechanism. Thank you.

Chair: Thank you very much, OAS. OAS, I think indeed this puzzle has a solution, and everyone’s part of this puzzle. But no one is puzzled, actually, because we are going to find a solution in July. I am determined that we will get there, collectively, all of us. So, OSCE, you two are part of the puzzle. Where are you? Please.

OSCE: Thank you so much, Chair. Yes, part of the puzzle, and already doing inter-regional cooperation in practice sitting beside the OAS. Thank you so much for giving me the floor. While the OSCE mainly focuses on confidence-building measures in cyberspace, our capacity-building activities… support the broader implementation of the UN Framework of Responsible State Behavior in Cyberspace. In November last year, the OSCE Secretariat held its third annual training on international cyber diplomacy, gathering 26 participants from Eastern and Southeastern Europe, Central Asia, South Caucasus, and Mongolia to build national capacities to engage in international cyber policy deliberations. The first edition of this training event was organized in 2022 to underline the importance of participating in international discussions on cyberspace. As these discussions grow in both significance and complexity, it is essential for all states to develop a good understanding of the issues discussed and to have the resources required to make meaningful contributions. The topic of last year’s training were cyber diplomacy in practice, an overview of the main processes of international cyber policy, insights into developing national positions on the applicability of international law in cyberspace, and was concluded with a facilitated practical exercise. We are grateful for the support of the United Kingdom in making this training possible, and additionally, I would like to express my gratitude to Ms. Catherine Priceman of UNODA, who gave an overview of the development of the UN Framework of Responsible State Behavior in Cyberspace, and an update on the work of the OEWG. And I have to emphasize that due to scheduling constraints, Catherine delivered her excellent presentation at 5 a.m. in the morning. So I’m very, very grateful for her engagement and her commitment. Thank you so much.

Chair: Thank you so much, OEC, for your contribution, and thanks to Catherine as well, Catherine Priceman. World Bank, you have the floor, please.

World Bank: CHAIR, THE WORLD BANK APPRECIATES YOUR LEADERSHIP AND THE SECRETARIAT’S GUIDANCE IN ADVANCING THESE IMPORTANT DISCUSSIONS. SO THE WORLD BANK’S DEDICATED MULTI-DONOR CYBERSECURITY TRUST FUND ACTIVELY SUPPORTS CAPACITY BUILDING IN EMERGING ECONOMIES. SINCE ITS ESTABLISHMENT IN 2021, IT HAS FINANCED OVER $20 MILLION IN INITIATIVES COVERING INCIDENT DEVELOPMENT, CRITICAL INFRASTRUCTURE PROTECTION, AND LEGAL REVIEWS. THIS WORK HAS BEEN MADE POSSIBLE THROUGH CONTRIBUTION FROM JAPAN, GERMANY, THE UNITED STATES, ESTONIA, THE NETHERLANDS, ITALY, AND OTHERS. FURTHER, A COLLABORATION OF THE WORLD BANK, THE GOVERNMENT OF KOREA, AND THE GLOBAL FORUM ON CYBER EXPERTISE ESTABLISHED THE ASIA PACIFIC CYBERSECURITY HUB WITHIN KOREA’S SUPREME PROSECUTOR’S OFFICE TO PROVIDE SPECIALIZED TRAINING AND CAPACITY BUILDING SUPPORT IN THE REGION. LOOKING AHEAD, THIS TRUST FUND SUPPORT HAS ALSO CONTRIBUTED TO LARGE-SCALE WORLD BANK FINANCING. THE WORLD BANK HAS ALLOCATED APPROXIMATELY $270 MILLION FOR CYBERSECURITY CAPACITY BUILDING IN 2025, REFLECTING ITS COMMITMENT TO DIGITAL RESILIENCE. TO STRENGTHEN OUR COMMITMENT AND UNDERSCORING THE CROSS-SECTORAL NATURE OF THE DIGITAL ECOSYSTEM, LAST YEAR THE WORLD BANK ELEVATED ITS DIGITAL DEVELOPMENT GLOBAL PRACTICE TO A DIGITAL TRANSFORMATION VICE PRESIDENCY. BEYOND DIRECT FINANCIAL COMMITMENTS, ENSURING SUSTAINABLE INVESTMENT IN CYBER CAPACITY REQUIRES BALANCING PRIORITIES IN A RESOURCE-CONSTRAINED ENVIRONMENT. DESPITE ITS CRITICAL IMPORTANCE, MOBILIZING CAPITAL FOR CYBER CAPACITY BUILDING REMAINS CHALLENGING AS IT COMPETES WITH ESSENTIAL NEEDS SUCH AS CLEAN WATER, EDUCATION, AND HEALTH CARE. TO ADDRESS THIS, THE WORLD BANK CONTINUES TO DEVELOP KNOWLEDGE PRODUCTS. that provide both fiscal and economic justifications to support informed investment decisions. Ensuring coordination between the World Bank’s initiatives and emerging efforts under this working group is vital, as emphasized by member states. The World Bank stands ready to share insights from its cyber initiatives, align efforts to maximize synergies and prevent duplication, and work closely with member states to ensure effective resource allocation. We reaffirm our commitment to supporting member states and strengthening cyber resilience worldwide. Thank you, Chair.

Chair: Thank you very much, World Bank, for your contribution and for your participation in this meeting, and we look forward to your continued engagement with our work here at the United Nations. Distinguished delegates, there are no more speakers. At this point, I’d like to invite Catherine Preisman, our Efficient and Dynamic Secretariat Representative from UNODA, to check if she has any comments, because there has been quite a number of references to the report prepared by the Secretariat. And, Catherine, thank you very much for the two reports. It was prepared by your department, UNODA, and I wanted to see whether you had any reactions or comments on some of the comments that have been made by delegations. Over to you.

ODA: Thank you. Thank you very much, Mr. Chair, for the opportunity to briefly comment. And, of course, thank you very much to all distinguished delegates for diligently reviewing the reports and offering constructive reactions and feedback. We are very pleased to hear from several delegations that the reports provide a useful basis for states’ further consideration of these proposals with a view to potentially reaching consensus recommendations in July. We took good note of many of the proposals and further reactions raised, including on the principles and functions, accessibility questions, multilingualism. As we, the Secretariat, note in both reports, we, of course, stand ready to establish these proposals in line with the decisions of states. I would like to thank you, Mr. Chair, for giving the opportunity to just draw out a couple of points that I think will be useful for delegations that are in the report, but just to highlight that, and we’ve heard it from several delegations already, that both proposals should be established in close connection with the future permanent mechanism. This is something we recommend in the report to enable their evolution to be closely connected with the discussions and decisions of states in the dedicated intergovernmental process. With regards to the portal, we heard a lot of calls for ensuring that duplication is avoided. This is well noted. And in order to do so, we advise that states consider the specific modalities for operation of the portal. With a view to leveraging it as a UN platform that, of course, offers an important degree of inclusivity, while also drawing on the existing resources that we have out there, including the UNIDIR Cyber Policy Portal. Specific modalities we request and suggest that states consider include things like access parameters, which we heard some comments on, the potential content of the needs-based catalog of capacity building opportunities, and the scope for engagement with nongovernmental entities. With regards to the fund, we also heard a good reaction. and I know it remains under consideration of states, but to ensure an efficient and effective establishment should states so decide. It is critical for states to provide maximum clarity on the operation of the fund, including on state preferences for priority areas of capacity building. We do offer some suggestions in the report, but it’s certainly not exhaustive or prescriptive at this stage. And also the prioritization criteria for sponsored national representatives and experts. I would note that our report provides a very basic indicative budget of the number, for example, of participants and number of projects. This is just to provide a sort of sense of potential ceilings. That does include sponsorship and suggested capacity building activities. Those things could be decoupled if states wanted to just consider one of those work streams. And so certainly not dependent on each other, and that speaks to the incremental approach that some states supported today. And one final comment with regards to the technical and administrative requirements. We would encourage delegations to kindly review those sections in particular, especially for the portal, because those sections were coordinated internally with colleagues from our office of ICTs, the colleagues who do real ICT work, with regards to technical UN-hosted platforms and websites. So we do have some constraints in terms of what’s required, in terms of integration of existing platforms and things of that nature. But we are happy to provide more information and to engage. further on these proposals as states consider taking them forward. I know there was a suggestion for a more detailed budget. Unfortunately, this is not something we can provide at this stage without the full scope of details and a request via the General Assembly through a regular budgeting process. But we can certainly try to give you as much of a picture as possible to inform your decisions. And Mr. Chair, if I may, before giving you back the floor, also within the scope of capacity building, ODA and with our friends and partners at UNIDIR are pleased to inform delegations that we’ve launched the second edition of the Cyber Diplomacy eLearning course. We had a launch event at lunch this afternoon. Those of you who couldn’t make it, this was pursuant to a request of this working group in the second APR that ODA update this diplomacy online course for diplomats. So we’re pleased to say it’s now fully launched and available on the disarmament education dashboard. So we express our thanks to our partners in UNIDIR and also for the generous extra budgetary funding provided by Singapore, in particular the Cyber Security Agency that enabled us to undertake this update. Thank you very much.

Chair: Thank you very much, Catherine, for the update. And also with regard to the two reports plus the launch of the Cyber Diplomacy Online Program, which is an indication that even as we speak of capacity building, things are happening and things are moving. And by the way, with regard to the Cyber Diplomacy Online Program, it can be completed in about two hours. And you will get a digital certificate, which you can print and put it on your wall or put it on your LinkedIn page. I just found that out at the launch event this afternoon. Distinguished delegates, I want to say that this discussion has been so encouraging and positive in tone and very positive in substance as well. So I want to thank all of you who have spoken, because you have brought a lot of ideas and energy into this discussion. And the fact that so many of you had spoken about capacity building is itself an indication, a good indication, that all of you attach a lot of importance. The level of interest is high. And also, the level of expectation is high in terms of what more can be done. Even as we are doing a lot, and there’s a lot that is already happening, not just at the UN. The UN is one piece of the puzzle, as one of you said, there’s a whole ecosystem of actors and programs and individuals and institutions acting and contributing and making a real difference. So that is good news. And our challenge in this working group, and as we think of how we design and structure the future permanent mechanism, is to see how we can channel all these ideas and enthusiasm and political commitment to create a momentum that contributes to building trust, building knowledge and capacity, of course. but also contributes to building trust, building bridges of understanding between countries. And that’s where the UN, because of its uniquely positioned role as an inclusive, universal, neutral platform that it can do. It also has a very unique ability to be a convener and a convening platform that is unmatched in the ecosystem because the United Nations is the only universal intergovernmental body that we have. And it is an arena for building confidence, trust, understanding, and partnership between countries. The discussion in many ways today also was a demonstration of how countries are also sharing their expertise and knowledge with each other and also building partnerships. There are so many different partnerships that are happening. The role of regional organizations is very important in this ecosystem. Quite a number of you spoke about what’s happening in your region. We also heard from some of the regional organizations here in this discussion. So all of these are very positive indications. What is most positive is the commitment and importance that all of you attach to capacity building as being at the heart of the process here, as one of you put it. And as we have also agreed in this working group, capacity building is also a cross-cutting issue that acts like a confidence-building measure because when one provides and shares knowledge, it is a sharing of expertise but it is also a building of trust. and building up confidence. So I think all of you are committed to this, and I think that’s very encouraging. There’s also considerable convergence in terms of what more we can do. Many different ideas have been put forward, specifically on the idea of a portal as well as a fund. My sense was that there was a lot of convergence around those ideas, but there were also questions raised, and those are fair and legitimate questions. And in the context, my sense is that everyone agrees on the need to avoid duplication. Everyone agrees on the need to optimize synergies. So as we look at the ecosystem, I think no one wants to replicate existing structures or the work that is already being done, because that would be wasteful. And I think no one wants to waste resources, and even if resources are deployed, I think everyone can agree and agrees, I think, that the resources must be deployed in a very efficient manner. So there, too, I sense that there is a lot of commonality among delegations, especially with regard to the portal and the fund. Now, with regard to the portal and the fund, again, I think it’s a question of being incremental. The portal cannot be everything and cannot possibly achieve to do or set out to do everything. So I think the approach that was recommended in the report of the Secretariat was to take an incremental approach. a step-by-step approach, a modular approach with some very clear scoping and parameters about what the portal can do. It has to be also a portal that assures member states that it will not be misused in any way or could lead to mistrust between member states. So it has to be a platform that is inclusive and neutral to share information and that taps on existing databases, taps on existing portals, and we have heard of already two other portals, UNIDO and GFCE has its own portals. So the idea of synergy and tapping on existing portals is a point that I think came across very strongly. And that makes sense, honestly, because the idea is not to set out and create something entirely new to replace what is already being done. The idea is to ride on what is being done, but to ride on the capacity and ability of the UN to be the inclusive and neutral platform that brings member states together. The fund itself, there were a bit more questions related to the fund, but again, I think we need to look at the fund in terms of being very incremental and step-by-step. If we have a fund, the question is what is the scope, what is the terms of reference. If the fund is confined to providing support for the participation of delegations in this process, then that’s a very narrow scope for the fund, in which case it’s something that could help. to manage the cost, manage the effective utilization of resources, and avoid wasteful utilization of resources, or avoid duplication. But if the fund is expected to also do projects and a range of other stuff, then there’s the risk of duplicating what other funds might also be doing, and then there’s the whole question of how much fund or funding is going to be available. So even on the question of the funds, I think it’s important to look at it in a step-by-step incremental way, and with regard to the participation of funding, the participation of representatives in this process, I think that’s also an important objective, because if we are seeking to make this process as inclusive as possible, then we certainly need more people at the table if we want to increase the number of countries who make presentations on their national positions, or make presentations on how they apply and understand international law, or if we expect more countries to nominate points of contacts in the POEOC directory, then there is still work to do in terms of increasing the level of participation. So if the fund is focused on enhancing and supporting participation, then that would be one way to narrowly scope the terms of reference of a voluntary trust fund that will avoid duplication. And in that regard, I think many of you are already funding representatives in many ways, different programs to fund the participation. And so some of this is already happening and so that is a good thing that there is a commitment to fund the participation and increase the level of representation in this working group. I think a lot of you spoke about the capacity building principles. I think it is an important framework. We should not forget about that. It was an important key from the previous working group that we have endorsed in this working group. So it is important to keep that in mind that fundamentally it is driven by the needs, it is demand driven, so we are not discussing capacity building in an abstract. It has to be driven by the needs of member states, the needs of different member states have different needs, the small states, small and vulnerable states have a different perspective as opposed to medium size to larger states who may have a different need and a different expectation of what they want from capacity building. A lot of you spoke about the global roundtable on capacity building and that to me is a very interesting example because when we first discussed the idea of a global roundtable, let the truth be told, there was a high degree of scepticism as to whether we needed it. There was reluctance and reticence. What is this global roundtable? Do we really need it? So I found it gratifying that as we do things we realise the value of it but also we try and do it in a way that generates value. Of course a new idea or proposal usually strikes us as being Perhaps not immediately useful or to understand the usefulness of it, or perhaps the idea is not operationalized in a way that people can understand. But this is how we make incremental progress in this working group. So the fact that many of you thought that the Global Roundtable was one way to bring together practitioners to share experiences, to build new partnerships, is also an example of how we have made some progress in this working group. And so we did convene one Global Roundtable. We have agreed in principle that we should have another one at regular intervals, but we haven’t decided when that should be. And it is my hope that as part of our final report we decide when the next Global Roundtable is going to be convened. So that way, you know, you can plan for it, you can mobilize the ecosystem of participants to come and make this Global Roundtable an active one. Now there was a lot of discussion about how capacity building should be part of the future permanent mechanism. There was a big, big chunk of the discussion. So that is a nice segue to the next topic, which is regular institutional dialogue. And there too, the question was how do you best approach capacity building? How do you organize it? How do you structure it in the future permanent mechanism? Whether it should be discussed in the context of thematic groups in a horizontal, cross-cutting way or whether you need a dedicated group in its own right. Whether one approach is better than the other or whether we need a mix of approaches, well, this is where we need to get into as part of the regular institutional dialogue discussion. So the discussions overall was very positive, very constructive. I think we have plenty of material for the final progress report. I think we should be guided by the principle that we will seek to make incremental progress, avoid duplication, optimize synergies, but strengthen what we have achieved so far and give it another nudge by taking one or two steps in the right direction. So that is not really a summary, some random reflections if you like, and I’ll give some thought to how exactly we will have to start drafting the final progress report. At this point, maybe we can move into regular institutional dialogue as part of the program of work. So let me open the floor for delegations wishing to take the floor under regular institutional dialogue. Yeah, it looks like we have 193 delegations. So we’ll have to extend into Saturday morning. So please change your flights and cancel your Broadway tickets. No, I am exaggerating a little, but we have a long list of speakers, and we’ll start with those who have given us an indication that they are speaking on behalf of groups. So we’ll start with Nigeria speaking on behalf of the African group, Nicaragua also on behalf of a group of countries, and then, of course, the European Union. We’ll start with Nigeria, Nicaragua, and European Union, and then we’ll go through the rest of the list. Nigeria, over to you, please.

African Group – Nigeria: Thank you, Chair. I really appreciate you giving me the floor. The group would like to allude to your discussion paper once again on the draft element on stakeholder modality and dedicated thematic group on the future permanent mechanism, as well as the recommendation therein. In light of the foregoing, the African group would like to share its view on these two following points. The African group believe that input from various stakeholders, including civil society, academia, and private sector, would no doubt add value to the discussion. As such, their engagement with work of the future permanent mechanism will not only enhance the discussion, but provide additional impetus. That said, the African group reiterates the intergovernmental and state-led nature of the current process, as well as the prospective permanent mechanism, and thus caution against introducing new idea that might be counterproductive and have a detrimental impact on the proceeding of such an important mechanism. Accordingly, it is most advisable to continue applying the current modalities that have been successfully working on the open-ended working group process while continuing discussion on possible options. to enhance the participation of stakeholders in our proceedings as well as on the sideline of the formal convening and during the intersessional period. Having said that, we would like to also speak on the structure of the dedicated thematic group. The African group would like to reaffirm the relevance and equal importance of the five pillars of the framework. However, the greater for efficiency and obvious reasons of inclusiveness, the group suggests the formation of three distinct thematic group within the future permanent mechanism as follows. Understanding the threat and relevant prevention and response as this would provide a platform for formulating a continuously updated list of concurrent and emerging threats and seeking the best means and way of preventing and responding to these threats from technical and operational perspective. This thematic group will also discuss cooperation in ICT, incident management and confidence building measures. The second one, the focus will be on the application of international law in cyberspace, as well as existing and future norm of state responsible behavior. As this will have deep and meaningful discussion on the effectiveness of and the existing landscape of obligations and norms. This will also give an insight into whether we need to enact a mix of both binding and non-binding measure to deal with the increasing and rapid development of threat, as well as address the gaps. Third and the last is on capacity building. As the group believed that this would provide a veritable platform for the exchange of views and ideas on the best option to strengthen developing countries and bridge digital gaps that impede resilience and effective response. Nonetheless, we acknowledge that both capacity building and international law might, international law matters, would naturally feature in cross-cutting manner in the discussion of the other two thematic working groups. Finally, Mr. Chair, the group welcome once again the ongoing proposal regarding the organizational arrangement for the future mechanism and take note of those put forward by certain states. The group reiterates its readiness and commitment to continue consultation in order to finalize arrangements and would guarantee the effectiveness and inclusiveness of the future permanent mechanism. Thank you, Mr. Chair, for giving the floor.

Chair: Thank you very much, African Group. Nigeria, on behalf of the African Group, please do share your written statement with the Chair’s team. Thank you very much. Nicaragua, followed by you. Nicaragua, please.

Nicaraqua: Thank you, Mr. Chair. I have the honor to speak on behalf of a like-minded group of countries, the Republic of Belarus, the Plurinational State of Bolivia, the People’s Republic of China, Cuba, the Democratic People’s Republic of Korea, the Islamic Republic of Iran, the Russian Federation, the Republic of the Sudan, the Bolivarian Republic of Venezuela, the Republic of Zimbabwe. and my own country, Nicaragua. The Group of Like-Minded States welcomes the consensus agreement reached by the Open-Ended Working Group on security of and in the use of ICTs in July 2024 and approved by the UN General Assembly in December 2024 on the establishment of a permanent body under the UN auspices to succeed the OEWG. We are committed to reaching an agreement on the parameters of the future mechanism and adopting the final package decision in 2025. In this regard, we call upon the OEWG member states to be guided by the following. Negotiations on all aspects of the activities of the future mechanism in accordance with the third annual progress report of the OEWG should take place strictly within the OEWG on the basis of consensus and ensure that the views of all UN member states are taken into account. All decisions, including procedural ones, should be made within the future mechanism by consensus of the UN member states in accordance with provisions of the third APR. The modalities of stakeholders’ participation should continue to be determined by consensus. Any attempts to shift away from the agreed modalities of stakeholders’ participation within the current OEWG risk to erode and delegate the balance reached thus far on this project, which has proved to be both important and sensitive for many. In this regard, we emphasize the proposals aimed at limiting states’ prerogatives by undermining the practice of the principle of non-objection for the participation of NGOs in the work of the United Nations, as well as providing NGOs with an opportunity to make statements during substantive plenary meetings are incompatible with the very intergovernmental nature of the process. That said, we believe that the modalities of stakeholders’ participation should be carefully considered and tailored due to the unique and sensitive agenda of the future negotiating body dealing with the issues of international and national security. The work on all the levels within the new mechanism should be streamlined in strict accordance with the pillars of its mandate, namely threats, rules of behavior, international law, confidence-building measures, CBMs, and capacity building, as set out in the OEWG’s third APR adopted by the UNGA Resolution 79-237. Thus we believe that other issues, such as protecting critical infrastructure and increasing stability in the ICT sphere, should be addressed within the discussions on rules of behavior, CBMs, capacity building, and international law CBMs, respectively. We also insist on facilitating focused discussion on the universal legally binding instrument within the international law pillar. Given the agreement that all decisions within the future permanent mechanism should be taken by consensus of member states, and mindful of the fact that this process must be states-led In an inclusive and transparent manner, we consider that decisions related, among others, to the appointment of co-facilitators of the dedicated thematic groups and convening ad hoc groups must be taken collectively by the entire membership of the future permanent mechanism. Proceeding in this manner, in line with the prevailing practice and without an expansion of the powers and functions of the chair, will also contribute to preventing his or her role as a neutral facilitator in this process. As for the title of the future mechanism, we advocate a restoration of the language approved within the UN by consensus, security of and in the use of ICTs. Finally, it is essential to guarantee that activities of the future mechanism are not undermined, as it happens within the OEWG, by visa denial to delegates of the UN Member States. I thank you, Mr. Chair.

Chair: Thank you very much, Nicaragua. Would you also make available copies of your statement to all delegations, so that everyone can understand each other’s position? I give the floor now to the European Union, to be followed by Kuwait speaking for the Arab Group. EU, please.

European Union: Thank you very much, Chair. I have the honor to speak on behalf of the UN’s Member States, the candidate countries North Macedonia, Montenegro, Serbia, Albania, Ukraine, the Republic of Moldova, Bosnia-Herzegovina and Georgia, and the EFTA country, Norway, member of the European Economic Area, as well as San Marino, align themselves with this statement. I speak on behalf of 37 states, that’s 20% of UN membership. Let me start by thanking you, Chair, for organizing the town hall meeting on this issue a few weeks ago. And let me reassure you that the EU and its Member States are committed to finding consensus on the features of the future permanent mechanism, the POA. We need to build a stable environment within the UN that will allow the international community to come together to discuss, to exchange and learn from each other, to support each other and to strengthen cooperation in view of international security and stability. The program of action first discussed in the Open-Ended Working Group already in February 2020 will combine the reflections on the five pillars with cross-cutting and action-oriented discussions to tackle the challenges we face. Keeping everything as it is will not help us to make progress. Progress that is much needed to ensure security of our citizens. as well as unlock the economic potential of digital development. The proposal for the POA is at the same time also flexible enough to accommodate all delegates. For instance, with regard to the proposal to have dedicated discussions on international law, both the plenary and the dedicated working group discussions will provide a forum for dialogue on how international law applies and whether gaps exist that need to be addressed, if any. Similarly, the proposal by India for global port oil, as well as the POC directory, can be linked to the permanent structure. As mentioned also in my capacity building statement, the combination of the plenary, the dedicated capacity building discussions in the thematic groups, and the strengthened roundtable could enable a strong emphasis on capacity building under the permanent mechanism. Chair, in response to your question on how we can ensure that discussions in the dedicated thematic group dive deeper into issues that are raised during the substantive plenary sessions, the answer is by framing the discussion in light of three things that bind us. One, the challenges we face and why we gather here at the UN to seek solutions. Two, the application of all pillars of the UN framework and the exchange of best practices and solutions to counter these threats alongside these pillars. And three, the need to build global capacities to address cyber threats. This could be a program of work. Increasing our common understanding of the threats, bringing all the pillars together to address these challenges, as well as identifying needs and solution for capacity building in light of the threat, will allow us to implement the UN framework for responsible state behavior coherently, as well as identify potential gaps. Furthermore, scenario-based exercises can help us to better understand how the UN framework is implemented and where further work, including with the multi-stakeholder community, is needed. International law will play a crucial role in the future substantive plenary discussions and will be relevant across the several thematic groups. For example, any discussion of critical infrastructure within the resilience group would involve international law, as international law can provide protection for critical infrastructure. The same applies to the discussions on capacity building, where cross-cutting groups allow us to exchange and identify needs in light of the threat. Therefore, this cross-cutting approach supports not one, but actually three discussions on these issues, putting an emphasis on the strong links between the pillars and enabling us to bring recommendations of these discussions to the plenary. With regard to stakeholder participation, we do not believe that the status quo will support any meaningful stakeholder engagement. With the veto modality remaining, contributions by stakeholders will continue to be limited by one state, restricting access for all UN Member States to knowledge, expertise and capacity building. We therefore believe that the non-paper put forward by Canada and Chile on how to overcome the veto is the one that deserves further discussion during this session. It offers a fair, inclusive and transparent approach and represents a constructive attempt to compromise. In closing, allow me to emphasize once again that the POA proposal is not only a truly inclusive proposal, as it builds on the stable infrastructure in the UN on these issues. It is also a proposal that actually aims to make progress, to address challenges faced in an actionable way and strengthen the UN role as a convening platform for the international community. Once again, Chair, we thank you and the Secretariat for your hard work in preparing and sharing all the working papers, and we remain committed to working with you and other delegations to establish a single track, permanent mechanism on this important issue. Thank you very much.

Arab group – Kuwait: Mr. Chair, Kuwait delivers a statement on behalf of the Arab Group. Our group supports the consensus based on the fact that a future mechanism must be a unique, inclusive, and permanent process under UN auspices. It should take all decisions based on consensus and based on the consensus-based products of this working group, and we think the future mechanism must be based on the following points. First, striking a balance between the creation of groups and platforms to discuss pillars that could strengthen cyber security without forgetting additional – the missions of each country and the needs of all delegations to ensure that all delegations can participate in the process simultaneously. Furthermore, there’s a need to focus on prevention of cyber threats and on the means to counter them and on the applicability of international law and conceptual frameworks that exist currently, as well as potential ones, and to focus on capacity building for developing states. Second, there’s a need to hold practical discussions in order to monitor threats and counter them, that is, cyber security threats. This should be done while establishing an exhaustive list of such threats, threats that affect developed and developing countries alike. In parallel, there’s a need to continue to develop a theoretical legal discussion on the applicability of international law, and there’s a need to find the gaps in the consensual normative framework in place with regard to cyber security. This normative framework must be developed in order to arrive at legally binding instruments. Third, there’s a need to build the capacity of states in sustainable fashion and to continue to build the capacity of developing countries. Fourth, the Arab group welcomes the participation of various stakeholders in discussions on cybersecurity, in particular with regard to the technical expertise of these stakeholders and their contribution to multilateral work. There is also a need to address the new proposals meticulously, especially as concerns stakeholder participation in the future mechanism, and one must always take into consideration the intergovernmental nature of this platform. There’s a need to follow the same approach adopted in this working group, which has proven effective until a consensus is reached on new stakeholder modalities. Thank you.

Chair: Thank you very much. Kuwait, speaking for the Arab group. Please also make us available a copy of the statement in English, if it’s possible. Thank you. Argentina, to be followed by Venezuela.

Argentina: Thank you, Mr. Chairman. It is my honor to speak on behalf of the following Latin American countries – Brazil, Chile, Colombia, Costa Rica, Ecuador, El Salvador, Guatemala, Honduras, Mexico, Paraguay, Peru, Dominican Republic, Uruguay, and my own delegation, Argentina. We are presenting the working paper entitled Strengthening Capacity-Building in the Framework of a Future Mechanism of the United Nations on the Use of ICTs in the Context of International Security. This document has been prepared jointly by the above-mentioned delegations, and it has been circulated and issued on the web page. of the United Nations Disarmament Office last February, 6 February. Capacity building is fundamental to guarantee an open, secure, stable, peaceful, interoperable and resilient cyberspace. Throughout the mandate of the OEWG, the delegation’s authors of this working paper highlighted the importance of this, emphasizing the need for a comprehensive approach to strengthen the security of ICTs globally. As mentioned in the Annual Progress Report 2024, the OEWG has been an inclusive platform to exchange best practices. In this context, we believe it essential for the future permanent mechanism on the security of ICTs in the context of international security to have a specialized working group on capacity building. This would allow for the consolidation of international efforts on the subject and would guarantee a space which would be structured and sustained for dialogue. Its establishment is essential to ensure that all states, irrespective of their level of development, may benefit from initiatives of cooperation on cybersecurity. To this end, we propose the establishment of a thematic group or a similar mechanism which allows states to exchange information on programs and initiatives on capacity building, to share experiences and lessons learned, to identify and map specific areas of need, to explore new sources of financing and training programs. Our working paper proposes a non-exhaustive list of key areas on capacity building, ranging from public policies and cyber diplomacy to incident response and management, as well as the adoption of best practices on cybersecurity. We also emphasize the importance of South-South triangular, sub-regional and North-South cooperation as fundamental to the development of the security of ICTs. We also invite all member states of the OEWG to co-sponsor this working paper and to support its context as a joint contribution to the debate on the future permanent mechanism. We believe that a broad basis of support will strengthen the impact of this initiative and will contribute to its adequate implementation. Finally Mr. Chairman, we reaffirm our commitment to an inclusive and action-oriented mechanism which guarantees the participation of all states and facilitates equitable access to resources and necessary knowledge to face the emerging challenges of cyberspace in this regard. And in line with this working paper, the 15 states authoring this working paper will soon present a new text with language for the annual report of July in order to formalize the establishment of a specialized group on capacity building. We hope that this proposal will contribute to strengthening international cooperation on the subject and we’re grateful for the commitment of all member states in making progress toward an interoperable and resilient space for cyber security. Thank you.

Chair: Thank you very much Argentina for your statement and also for your contribution on behalf of a group of countries. Go now to Venezuela to be followed by Mexico.

Venezuela: Thank you Mr. Chairman. Since this is the first time that we take the floor during this session, permit me to begin by recognizing your leadership, dynamism and efforts as well as that of your team. In making progress in our discussions on a topic which is increasingly important given the development of ICTs, which continues to increase the digital divide between the North and the South, with regard to the establishment of a future permanent mechanism under the auspices of the United Nations to establish a periodic institutional dialogue on the security of ICTs, the Bolivarian Republic of Venezuela believes that it should focus its discussions on those aspects for which there is broad support and which have been clearly established in the Third Annual Progress Report. While we are flexible about the proposal to have a group of thematic working groups, we think that there should be a well-balanced discussion of the five pillars which support the work of this OEWG and the future permanent mechanism, taking into account its interdependence and interrelationship. We insist that all discussions of these potential working groups should take place following the strictly in-person modality. However, we emphasize the importance my country attaches to capacity building, which is an unequal playing field. Among other things, it gives rise to intervention in our internal affairs and it violates our sovereignty. It also lends itself to disinformation. To make progress on this topic will allow us to improve our digital technologies, which is another area of concern to countries, including Venezuela, given its vulnerability to cyber attacks. It is also necessary to put an end to the obstacles which exist and which limit international cooperation and assistance, as well as the transfer of technology, leading to the illegal application of unilateral measures. In this context, we take positive note, and with interest, of the working paper recently submitted by the delegation of Argentina on behalf of a group of countries. Chairman, the Bolivarian Republic of Venezuela supports the statement by Nicaragua on behalf of a like-minded group of countries. And now, very briefly, in a national capacity, we’d like to emphasize two points. Firstly, our firm support for consensus as the mechanism for decision-making. This is procedural, be they procedural or substantive. This guarantees that all our discussions will be not only led by states, but they will also lead to broad, transparent, and inclusive discussions, which may then lead to commitments which will take into account the positions, concerns, and priorities of all. To proceed in this manner will allow us to protect the figure of the chair of the future mechanism given possible questions about its neutrality on matters which have an impact on the national security of our countries. Secondly, our preference is for not reopening discussions on matters which during this OEWG have shown to be sensitive and controversial, and with regard to which we have achieved minimum agreement. We believe that we have more important matters to focus on, especially on the substantive issues, and we discourage any attempt to reopen a debate on the matter of the participation of other stakeholders, including based on what a group of countries has termed practical modalities, as included in the working paper recently circulated by Canada and Chile. Therefore, we call for preserving the balance we have achieved so far. In the light of the continued participation of the OAS in our work, My delegation insists that it does not feel it is represented by any of its contributions taking into account that Venezuela, together with other countries of Latin America, the Caribbean, are not part of that forum. Therefore, it’s not a representative organization of the entire region or with which all members of the region have relations of cooperation, including in the area of cyberspace and security. We also take this opportunity, sir, to state that we support the working paper submitted by the People’s Republic of China on the future permanent mechanism, including the structure proposed for its meetings during the next five-year period. Mr. Chairman, we also take this opportunity to reiterate our wish to achieve norms, rules and principles which are clear and which allow us to guarantee the peaceful use of ICTs for the economic and social development of our peoples and to avoid the militarization of cyberspace. Thus, we appeal to the establishment of a concrete roadmap to make strides without further delay toward the negotiation of a legally binding instrument on this important subject, which establishes obligations and clear and concrete responsibilities for states. In conclusion, you may count on our full support and commitment to achieve the commitments and agreements which will allow us to preserve consensus and to move toward a fluid transition toward a permanent mechanism on the security and the use of ICTs. Thank you.

Chair: Thank you very much, Venezuela, for your contribution. Mexico to be followed by Morocco.

Mexico: Thank you, Mr. President. Thank you, Chairman. In Mexico’s view, the establishment of the permanent dialogue mechanism at the end of this working group should reflect a good balance between its intergovernmental nature and the stakeholders significantly. It’s not simply a matter of replicating the model of the working group established for a specific purpose and for a given period of time, but rather to develop a mechanism which guarantees the continuity and evolution of international cooperation in this area. We appeal to learning from prior experiences. For example, the program of action on small and light weapons. We recall that one of the main challenges of this mechanism has been the non-inclusion of non-government actors, which has significantly limited a diversity of views and effectiveness of the implementation of the measures proposed. In the cyber context, where the private sector, academia, and civil society have crucial roles, their exclusion could result in incomplete or ineffective approaches by governments. With regard to the methods of work, Mexico reaffirms its position that consensus should not be viewed as the goal, but rather as a means to promote the broadest possible understanding. Unfortunately, we have seen that the consensus has been understood as being 193 vetoes. This is paralyzed action, and it has allowed one state to place its interest above the collective majority. The prevent mechanism should follow the rules of procedure of the General Assembly, since it will be a subsidiary organ of the first committee. While Mexico is flexible in terms of the specific number of thematic groups, it should be a manageable number in order to ensure the efficient operation of the future mechanism. And with the basis of the proposal of the chair, we could consider the possibility of merging some thematic groups to avoid redundancy and to improve coordination. once they start working. Mexico reaffirms that capacity building should be a priority in informing the thematic groups. This aspect, as well as the practical implementation of confidence-building measures, strengthen international cooperation and contribute to preventing cyber incidents. With regard to differentiating between discussions in the thematic groups and in the plenary sessions, Mexico is interested in the thematic groups allowing for a more technical and specialized analysis on specific areas of the agenda involving experts and relevant stakeholders. By contrast, substantive plenary meetings could serve as the space where conclusions and recommendations of the thematic groups are presented, thus facilitating the final decision-making. Mexico suggests a working approach based on thematic programs which address challenges on cybersecurity, especially in the context of technological progress, which is constantly evolving. We agree with the chair that in addition to the dedicated thematic groups mentioned in the working paper, we could also convoke additional ad hoc thematic groups. In order to have deeper discussions, we could develop basic documents with guiding questions and scenarios, as has been done successfully by the chair. In like manner, we suggest using a model similar to that of the review conferences on disarmament, where the conclusions of technical working groups directly feed into the negotiation of final documents and plenary. The discussion of international law and cyberspace should continue to be a specific group within the mechanism, in addition to having a cross-cutting approach, since it is not a debate that has concluded. Mexico notes that this forum should be flexible to address the voluntary nature of the norms and the possibility of there being future legally binding instruments, if considered relevant. To avoid fatigue among delegations, we could establish a revolving working program where some topics are prioritized in each working cycle, similar to the methodology of the Disarmament Commission for its current thematic groups. On the work cycle and methodology, Mexico proposes that instead of a traditional review cycle, we could establish a program of work structured on the basis of three or five year periods, similar to the pattern used in the Disarmament Commission. Also during each cycle, we should define specific thematic priorities, ensuring strategic planning and clear goals of the medium and long term. We believe that this would be preferable to only focusing efforts on the goals of review conferences. Also, as we have mentioned, the example of the Commission on the Use of Outer Space for Peaceful Purposes, COPUOS, as a possible model, in addition to the plenaries, it has subcommittees to deal with technical and legal subjects, more specifically. In the view of Mexico, we must consider the hybrid participation in order to facilitate the inclusion of delegations with limited capacity, and also the participation of experts from capitals, especially when dealing with technical or legal topics. A flexible approach on the work modality would allow for larger representation and equitable participation. It would be important to have multilingualism in any format. Mexico sees the proposal of working groups by the chair, incorporates the gender perspective as a cross-cutting issue. It’s imperative for the future work on the security of ICTs in the context of international security, maintain the trend of gender parity in the participation of delegations, and to promote spaces for the significant participation of women experts in the field. In this regard, we welcome the proposals made in the UNIDIR and OAS report and the work paper presented by a group of countries on the future permanent mechanism and gender. With regard to the modalities of participation of stakeholders, with regard to accreditation and participation of NGOs, Mexico is not opposed to the current proposal of the chair, which relates their participation to a process of accreditation reviewed every five years, provided that it is guaranteed that the mechanism will continue to be inclusive and functional. Thus, we may consider aligning the process of accreditation with the review cycles of the mechanism, ensuring coherence and predictability in the participation of non-governmental actors. Mexico agrees with the joint proposal of Canada and Chile of a more structured framework for the participation of non-state actors, aligned with the principle of a voice, not a vote, which in our view continues to guarantee that negotiations and decisions will continue to be intergovernmental in nature. My country considers it important to continue a mechanism of periodic technical consultations with all stakeholders prior to every substantive session of the permanent mechanism to ensure that the contributions informed. the formal discussions without affecting the intergovernmental process. In line with the proposal of Canada and Chile, Mexico agrees with implementing a defined period of objections, for example, two or three weeks prior to each session, where states could present reservations against the accreditation of certain stakeholders. Finally, with regard to the periods for informal consultations, Mexico considers it reasonable to have a period of time no greater than the intersessional period, since the current mechanism meets three times a year with intersessionals of three months. This time period would make it possible to address the concerns of states without delaying discussion or implementation. And the English translation of this statement will be at the portal. Thank you.

Chair: Thank you very much, Mexico, for your statement. Morocco, to be followed by France.

Morocco: Merci, Monsieur le Président. Thank you, Chair. Morocco welcomes the discussion on the modalities and the structure of the future permanent mechanism, in keeping with the revised list which you so carefully developed, my country remains firmly committed to regular institutional dialogue, which is inclusive, transparent, and based on consensus. In this regard, we would like to provide you with the following remarks. Turning to the modalities for stakeholder participation, and given the diversity of viewpoints seen on this aspect, we believe that new creative approaches must guarantee large, broad inclusion, which takes into consideration the concerns of member states. In this regard, we. encourage the stakeholder modalities that are structured and in keeping with the first committee of the General Assembly. Morocco recognizes the need to strike a balance between inclusiveness and the concerns of member states. In this regard, the establishment of clear guarantees, like those of verification missions, and a relevant process would allow for the concerns of stakeholders to be met while respecting the principle of leaving no one behind. In order to ensure a productive and constructive debate, stakeholders must respect the guidelines aiming to prevent any politicization of cyberspace. Furthermore, a code of conduct strengthened by monitoring and reporting mechanisms could help to ensure that these principles are upheld. As for the dedicated thematic groups, they need to be structured so as to ensure an in-depth analysis of key issues. It would be beneficial for the next facilitator of this group to set the topics in order to ensure clarity and to avoid any overlapping. The discussions and thematic groups should enrich the discussions in the plenary session. In order to do this, these groups should produce detailed analyses and propose action-oriented recommendations so as to fuel the debates in the plenary session. In order to avoid overburdening delegations, Morocco proposes that there be a reasonable number of thematic groups, and they could possibly be grouped together when deemed necessary. Such a streamlined approach would facilitate participation of member states while ensuring cross-cutting coverage of the essential issues. A structured timetable for the meetings spread over a period of two years would allow for a balanced approach on all questions under review. Furthermore, the timetable for meetings must absolutely take into consideration resource constraints, and it must avoid convening a large number of parallel meetings. The future permanent mechanism must integrate best practices from existing fora while maintaining flexibility to adapt to future developments. The regular evaluation mechanism must assess the effectiveness of the mechanism and make changes when needed. It goes without saying that the success of the future permanent mechanism will hinge on the availability of adequate resources. Therefore we encourage sustainable modalities of financing, and we must make good use of the scant resources available. In closing, Mr. Chair, Morocco remains committed to constructive dialogue on these matters, and we will continue our cooperation in the five months to come, side by side with you and with all other stakeholders, so that we may develop a robust, inclusive, effective, equitable, and sustainable future permanent mechanism. Thank you.

Chair: Thank you very much, Morocco, for your contribution. France, to be followed by the United States.

France: Merci, Monsieur le Président. Thank you, Mr. Chair. The management of cyber threats at the UN level entails three dimensions. The first is, of course, our multilateral discussions. This dialogue at the global level has enabled the formation of a cumulative and evolving normative framework. The second dimension is the translation of these discussions at the national and slash or regional level. through the development of practices and policies by our states, our national cybersecurity agencies, and other relevant stakeholders. The third dimension is the essential feedback loop to connect these concrete practices to our multilateral discussions. But this dimension is missing today, although it is more necessary than ever to anchor our discussions in reality and respond to the concrete needs of states to implement the agreed framework, or even to update it if necessary. It is from this observation that the proposal for a program of action was born five years ago. Mr. Chair, this proposal comes from a group of several dozen states that have fully committed to the OEWG so that all delegations can contribute to this future mechanism. In this spirit, France proposed last December three overarching thematic groups for the future POA. One group on building the resilience of cyber ecosystems and critical infrastructures. We’ll call that group the Resilience Group. One group on cooperation in the management of ICT-related incidents. We’ll call that the Cooperation Group. One group on preventing conflict and maintaining stability in cyberspace. We’ll call that the Stability Group. For this week’s session, France published a new discussion paper yesterday to contribute to our discussions. This paper highlights three concrete modalities. First, the agenda of the meetings of these groups, thematic groups. Next, a work program to illustrate the specific concrete challenges on which to focus our discussions in these thematic groups. And, finally, the connection, a link with the plenary, which will continue in a format similar to today’s to import concrete recommendations from these thematic groups, and thus to anchor our discussions in practice. We believe that this paper provides answers to some of the questions that delegations have been raising since the beginning of the week, and we invite delegations to consult it on the OEWG website. To complement this paper, I would like to briefly present how a meeting of these action-oriented thematic groups could take place. Such a meeting could take place in three stages. For example, let’s take the cooperation group, with the following concrete challenge on its agenda, how to improve information sharing in the event of cyber incidents. The meeting could start with a briefing by experts, for example, practitioners from our cybersecurity agencies or existing cert-to-cert networks, or any other relevant stakeholders on this subject. The second phase would review all the pillars of the agreed framework to identify best practices in the implementation of the framework, the needs encountered by states in this implementation process, as well as possible gaps in the existing framework to address the matter on the agenda, which would be improving information sharing in the case of cyber incidents. Finally, the third phase would be dedicated to a discussion of capacity building through the identification of solutions and initiatives that are either new or existing that have to do with this item on the agenda. This meeting structure could be duplicated for any topic, to ensure that the subject is addressed in a cross-cutting manner. Mr. Chair, since Monday, we have been listening carefully to the viewpoints and the questions of all delegations on the functioning of the Future Mechanism. Our paper proposes four fundamental answers that I will summarize here. The group Resilience, Cooperation, and Stability preserve and strengthen the pillars of the agreed framework. Next, the meetings of these groups focus on threats and challenges that are universal and in an action-oriented manner. Third, the agenda of these groups prioritizes capacity building by systematically focusing on the capacity gaps of states, and then on existing or to-be-created solutions. Finally, all the results of these groups are reported to the plenary discussions in order to provide recommendations based on practice and the needs of states, and thus to enrich the discussions on the various pillars. Mr. Chair, having drawn inspiration from a Chinese colleague who asked the DeepSeek Company’s chatbot what it thought of our work, we interviewed Le Chat, which is the application recently developed by the French company Nistral. When asked what the main characteristics of the OEWG’s work were, the application responded, consensus and inclusiveness. You can see for yourself this app is available in all of the application stores. We’re pleased to see that this new technology reflects at this point the state of mind of our delegation. And I hope it reflects the mindset of the entire group regarding the continuation and the end of our work. We will continue, of course, to listen to everyone’s viewpoint and to seek compromise to enter, after 2025, into a new action-oriented phase of our endeavor. Thank you.

Chair: Thank you very much, France, for your statement. I think I need to access AI program to prepare the first draft of the zero draft. But then the question will arise, which software program it was. From which continent did it emanate? And that will bring us back to the classic UN dynamic of debating what should be the parameter and which database is better. So thank you very much for that thought. I have been consulting one of the chat boxes myself from time to time. And it was just earlier in the week that I typed in a question. I won’t mention which chat bot. And I said, is a consensus possible in July? It was like consulting perhaps a therapist, if you like, or a crystal ball. And the chat bot was very cryptic. It said, it’s possible but uncertain. And I was going to make this at some point. But your reference to chat bots encouraged me to share this story with you. So it sort of sums up. And I was going to make some comments right at the end. Maybe we’ll take one more speaker. The next speaker is Open AI, sorry, United States.

United States: Thank you, Chair. I won’t take that personally. Chair, we appreciate your ongoing efforts to help this group find consensus on the topic of RID. The 2024 APR represents an important step in defining a clear path for the single-track permanent action-oriented mechanism with implementation of the consensus framework as its foundation and mandate. Your updated paper on stakeholder modalities and dedicated thematic groups also raises important issues. Starting with the topic of stakeholder modalities, while we appreciate your efforts to find common ground, the proposal outlined in the paper falls far short of the inclusive modalities we must have in the future mechanism. Stakeholders, particularly those from the private sector, have brought significant value to our process. Their contributions can be further enhanced, and their participation is critical in all elements of the future mechanism, including the dedicated thematic groups. We regret that the proposal on stakeholder modalities did not address participation in these groups. Moreover, a small group of member states repeatedly block the participation of key stakeholders in this OEWG, and the existing accreditation process allows them to do this without explanation and without opportunity for reconsideration by all member states. The new mechanism must address these shortcomings. In addition, we cannot accept modalities that empower an individual chair to determine when to call a vote on accreditation at the expense of member states’ ability to take such a decision. The proposed process by which the chair would assess whether consensus exists before putting forward a decision to the permanent mechanism is unnecessarily resource and time intensive. If a state objects to a stakeholder, we can already reasonably conclude that no consensus exists. Instead, in line with the modalities of the cybercrime AHC process, we believe member states should have the opportunity to vote on whether an objection should be sustained without the chair as an intermediary. Separately, we can all agree that the issues we are facing in cyberspace and the solution to these challenges cut across the framework’s pillars. While the existing OEWG format has been valuable in raising awareness of the content and purpose of norms, legal obligations, and CBMs, we struggle to see how to develop in-depth, practical outcomes if we are restricted to only the existing format. We have an opportunity with the thematic groups to take a major step forward in strengthening cyber resilience, making each of us more secure. This would also complement continued discussion in the plenaries on each of the framework’s pillars, a format that has demonstrated its value in this OEWG. Unfortunately, the group structure outlined in the paper is directly contrary to this goal of moving our conversation into a more cross-cutting format. Several of the groups lack the action-oriented approach for which all states have expressed their support. In addition, we do not support an approach that pulls out certain pillars of the framework for prioritized, stand-alone work, given that the framework is a comprehensive, balanced, and interconnected concept. Additionally, we do not support proposals to combine a few elements of the pillars, such as voluntary norms and bindingly international legal obligations, into a single dedicated thematic group. Such a scoping would cause confusion and would not lead to a more practical, cross-cutting, issue-focused conversation in these groups. Norms in law are fundamentally related to other aspects of the framework, and pulling out these two silos to merge together does not make practical sense and risks confusion between non-binding political commitments and binding international obligations. Finally, we take note of and appreciate states’ contributions to this discussion, particularly the new paper by France and the modality paper coordinated by Chile and Canada and co-sponsored by a group of states. Thank you, Chair.

Chair: Thank you very much, United States. Could I also kindly ask you to share your statement with all delegations? France, we have about 10 minutes, and I just wanted to make some comments because it’s quite clear we need to continue tomorrow, possibly the whole of tomorrow. We do have a long list of speakers, and it’s important that we hear each other. But I wanted to share with you that although some of you have said we have about five months, this is our penultimate substantive session before the final session in July. And this is the penultimate day of the penultimate session before the final session in July. After tomorrow, when we adjourn, we will have the possibility of having some virtual informal town hall meetings to continue our work. But we will not be able to meet again in person until the 7th of July, which is the final substantive session. So the time period we have is actually not very long. The time we have to meet and interact in person, to find common ground, is not very much. I’d like you to keep that in mind because the range of statements I’ve heard so far on regular institutional dialogue indicates to me that positions have not shifted fundamentally. It’s an expression of your desired positions. And I have no doubt that these are deeply held positions. But if these positions are so deeply held, and in the remaining time that we have, with some virtual town halls in between, we will not be able to get to a common ground on these issues of regular institutional dialogue. So we can spend the rest of tomorrow hearing your deeply held positions. And I’m not sure how we can make that transition to a common ground if we don’t begin to entertain the possibility of new ideas or possible middle path approaches to get to common ground. So I wanted to give you that reality check on Thursday evening of the last day of our penultimate session. Because the zero draft is not going to provide you with an immediate parting of the seas that will allow you to traverse towards the promised land. Unless the ground shifts, we can’t produce a consensus from thin air. So please reflect on it. Tomorrow, I’d like each one of you this evening to go back and revise the statements you have prepared and see what indications of flexibility that you can indicate at the discussion tomorrow. And for those of you who have spoken, I’ll give you another opportunity to speak later in the evening. tomorrow, so that if you’d like to make additional comments, we need to use the time that we have this week, because this is a precious moment where we are here in person. We are not talking to each other. You prefer a virtual town hall and circulating your positions and posting it on the portal as if it would be processed by an open AI or a Deep Seek or some other program. I’m not trying to be facetious, but I’m trying to share with you the dilemma that we are all in collectively. So it’s my intention to use every single minute available, but I would urge each one of you to start thinking about it. Secondly, I also want to share with you that the discussion between pillar and cross-cutting has somehow presented the picture of a binary choice, and groups of countries have retreated into a pillar corner and a cross-cutting corner, as if these are binary options, mutually exclusive. I know this process is underpinned by political sort of considerations and dynamics. We all know that. But if you want to build a house, you need pillars and ceilings and floors. If you just had pillars, you have no roof to hold the pillars, and you are going to be in serious trouble. And if all you had was a cross-cutting floor, you’re not going to be able to raise the ceiling either. So if you really want to build a collective house, you need a combination of approaches. And the thematic approach, actually, is not my invention. It actually came from Resolution 75-240. This working group’s mandate did say, and I remind you, all of you, please go and take a look at it, this mandate, OP4 says that the working group may decide to establish thematic subgroups with a view to fulfilling its mandate. And it is then in that context that we began the discussion on thematic subgroups. In fact, I remember when this working group was convened, many of you were keen to get started with thematic subgroups right away, and I said, let’s get into a momentum and then see if those thematic groups would be needed. And so please do not look at the establishment of thematic groups as an option that will deeply compromise your objectives. Your objectives are valid, but it’s not the thematic groups or the composition or the structure of the groups that are going to deeply compromise your national positions. We have the substantive sessions, and if you want to repeat the same discussion at the substantive session, then it’s another substantive session, it’s another plenary session. If that’s the way you want to go, well, that’s the choice you make. But we all clearly have had a discussion, and we thought that it will be useful to have thematic subgroups. Now, we are debating about the choice of the subgroups, and I can understand some of you feel that if it’s designed this way, it will compromise your substance. I agree, but surely there must be ways of not replicating the exact structure as the plenary. You start with another plenary. Then you’re having the same discussion. And then you’re repeating the discussion. So where are you going to get into that? Really action-oriented stuff So this working group has been all about plenary discussions because we did that by design because we wanted to be transparent I’ve not had any informal discussions or no working groups. Everything is discussed here But as we progress we must find ways to get into details Because otherwise we spend the next five years having The same general discussions and that will be frankly a waste of your time because I won’t be here next for the next future meetings and I think that’s not wise for you to travel all the way to come here and have the same Discussions at the plenary and at the plenary and again and again So my advice to you as a friend My sincere advice to you, please send this back to your capitals if you need to Please look at how we can organize the discussions in the thematic groups In a way that is in line with the mandate as We have agreed for the future permanent mechanism. That is the parameter But if you had ten thematic groups, then you won’t have time so we the idea is how do you make it manageable? So, please take an open-minded flexible approach to to the thematic group discussions, I really would like to appeal to you and the last point is about consensus whether it’s the thematic groups or the modalities for stakeholder Modalities, I know where you’re coming from. I’ve been in the UN for the last nine years this modalities debate has gone on for even longer and I know where countries stand We need to make a decision on modalities on stakeholder modalities in this working group by consensus Because that’s how we have worked as a working group. But each one of you have a sovereign right to bring things to a vote, wherever you choose. But if you do that, there will be consequences. We have built a certain level of trust. I think we can reach agreement by consensus on modalities for stakeholders, if there is flexibility. If you don’t need the chair as intermediary, fine. In fact, you don’t even need a chair, because all of you are perfectly capable of reaching consensus. My role has been insignificant and irrelevant, frankly, because I am just sitting here on the podium listening to you. So you don’t need the chair as an intermediary. Produce a consensus. If you don’t produce a consensus that has consequences, it means you will not have a smooth transition. Simple as that. You will not have a future permanent mechanism, because this process comes to an end on the 11th of July. So I’m just pointing out the facts to you. In some ways, I wanted to give you a reality check on Thursday evening. You decide what you want to do, because you’re representatives of sovereign nations. The chair is not sovereign. So folks, if you want to come in tomorrow and repeat the positions as you have prepared them in capital and as I’ve heard them, and as I can deduce them even before you speak, please proceed. But it’s not going to get us to consensus. you demonstrate flexibility. By you, I mean all of you. If you keep repeating our positions, then what is the chair to do? You don’t like the chair’s proposals, you don’t like the chair’s modalities, then produce a superior set of modalities that will command consensus. If not, we will not have consensus, we will not have a smooth transition, we will not have a future permanent mechanism, and we will undo the work we have done for the last 25 years. So, on that note, I adjourn the meeting, and I wish you a pleasant evening. Thank you. Thank you.

Agreement Points

Importance of capacity building

speakers

– African Group – Nigeria
– Argentina
– Burkina Faso
– Dominican Republic
– Fiji
– Germany
– Mali
– Morocco
– Paraguay
– Philippines
– Russian Federation
– Samoa
– Ukraine

arguments

Establish a specialized working group on capacity building

Capacity building should address needs of Global South and respect state sovereignty

Capacity building must be tailored to specific needs and contexts of small island developing states

Support action-oriented and demand-driven capacity building as part of future mechanism

Prioritize capacity building across dedicated thematic groups

Prioritize sustainable capacity building for developing countries

summary

Multiple speakers emphasized the critical importance of capacity building, particularly for developing countries and small island developing states. They agreed that capacity building efforts should be tailored to specific needs, action-oriented, and demand-driven.

Need for thematic groups in future mechanism

speakers

– African Group – Nigeria
– France
– Germany
– Morocco

arguments

Three distinct thematic groups on threats/prevention, international law/norms, and capacity building

Three overarching thematic groups on resilience, cooperation, and stability

Combine thematic working groups with global roundtable for in-depth discussions

Streamlined approach with reasonable number of thematic groups

summary

Several speakers supported the idea of establishing thematic groups within the future permanent mechanism, although there were differences in the proposed number and focus of these groups.

Similar Viewpoints

Both Nicaragua and Venezuela advocated for maintaining the current consensus-based decision-making process and existing modalities for stakeholder participation.

speakers

– Nicaragua
– Venezuela

arguments

Maintain current OEWG modalities for stakeholder participation

Maintain consensus as decision-making mechanism

Both the United States and Mexico supported enhanced stakeholder participation in the future mechanism, including in thematic groups, while maintaining the intergovernmental nature of decision-making.

speakers

– United States
– Mexico

arguments

Enhanced stakeholder participation needed, including in thematic groups

More structured framework for non-state actor participation aligned with “voice not vote” principle

Unexpected Consensus

Avoiding duplication in capacity building efforts

speakers

– Fiji
– Germany
– Ukraine

arguments

Capacity building portal should avoid duplication with existing initiatives

Support for global ICT security cooperation and capacity building portal

Avoid duplication with existing regional initiatives

explanation

Despite differing perspectives on other issues, there was unexpected consensus among Fiji, Germany, and Ukraine on the need to avoid duplication in capacity building efforts and to leverage existing initiatives.

Overall Assessment

Summary

The main areas of agreement centered around the importance of capacity building, the need for some form of thematic groups in the future mechanism, and the desire to avoid duplication in capacity building efforts. There was also general recognition of the need to address stakeholder participation, although views differed on the specifics.

Consensus level

The level of consensus was moderate on broad principles but low on specific implementation details. This suggests that while there is general agreement on the importance of certain issues, significant work remains to be done in negotiating the specifics of the future permanent mechanism. The lack of consensus on key structural and procedural aspects could potentially hinder progress in establishing an effective and widely accepted mechanism.

Different Viewpoints

Structure of thematic groups

speakers

– African Group – Nigeria
– France
– United States
– Argentina

arguments

Three distinct thematic groups on threats/prevention, international law/norms, and capacity building

Three overarching thematic groups on resilience, cooperation, and stability

Avoid standalone groups that prioritize certain pillars over others

Establish a specialized working group on capacity building

summary

Delegations disagree on the number and focus of thematic groups for the future permanent mechanism, with proposals ranging from three to five groups and differing views on whether to organize groups around pillars or cross-cutting themes.

Stakeholder participation modalities

speakers

– Nicaraqua
– United States
– Mexico

arguments

Maintain current OEWG modalities for stakeholder participation

Enhanced stakeholder participation needed, including in thematic groups

More structured framework for non-state actor participation aligned with “voice not vote” principle

summary

Delegations have conflicting views on how to involve stakeholders in the future permanent mechanism, ranging from maintaining current restrictive practices to significantly expanding stakeholder participation.

Decision-making process

speakers

– Nicaraqua
– Mexico
– Venezuela

arguments

All decisions should be made by consensus of member states

Consensus should not be viewed as 193 vetoes that paralyze action

Maintain consensus as decision-making mechanism

summary

There is disagreement on whether strict consensus should be required for all decisions or if alternative decision-making processes should be considered to prevent paralysis.

Unexpected Differences

Approach to international law discussions

speakers

– United States
– Venezuela
– Mali

arguments

Maintain existing OEWG format focused on framework pillars

Develop legally binding instrument on ICT security

Develop legally binding instruments to address cybersecurity

explanation

While many delegations focus on implementing existing frameworks, some unexpectedly push for developing new legally binding instruments, revealing a fundamental disagreement on the approach to international law in cyberspace.

Overall Assessment

summary

The main areas of disagreement include the structure of thematic groups, stakeholder participation modalities, decision-making processes, and approaches to international law and capacity building.

difference_level

The level of disagreement is significant, with fundamental differences on key aspects of the future permanent mechanism. These disagreements could potentially hinder progress towards establishing an effective and widely accepted framework for addressing cybersecurity challenges at the international level.

Partial Agreements

While delegations agree on the need for more focused discussions through thematic groups or specialized working groups, they disagree on the specific structure and organization of these groups within the future permanent mechanism.

speakers

– African Group – Nigeria
– France
– United States
– Argentina
– Germany

arguments

Three distinct thematic groups on threats/prevention, international law/norms, and capacity building

Three overarching thematic groups on resilience, cooperation, and stability

Avoid standalone groups that prioritize certain pillars over others

Establish a specialized working group on capacity building

Combine thematic working groups with global roundtable for in-depth discussions

Delegations agree on the importance of capacity building and the need to tailor efforts to specific country needs, but differ on how to prioritize and organize capacity building within the future permanent mechanism.

speakers

– Russian Federation
– Fiji
– Germany
– Ukraine
– Dominican Republic

arguments

Capacity building should address needs of Global South and respect state sovereignty

Capacity building must be tailored to specific needs and contexts of small island developing states

Support action-oriented and demand-driven capacity building as part of future mechanism

Prioritize capacity building across dedicated thematic groups

Support establishment of specialized group on capacity building

Similar Viewpoints

Both Nicaragua and Venezuela advocated for maintaining the current consensus-based decision-making process and existing modalities for stakeholder participation.

speakers

– Nicaragua
– Venezuela

arguments

Maintain current OEWG modalities for stakeholder participation

Maintain consensus as decision-making mechanism

Both the United States and Mexico supported enhanced stakeholder participation in the future mechanism, including in thematic groups, while maintaining the intergovernmental nature of decision-making.

speakers

– United States
– Mexico

arguments

Enhanced stakeholder participation needed, including in thematic groups

More structured framework for non-state actor participation aligned with “voice not vote” principle

Key Takeaways

There are divergent views on the structure and format of the future permanent mechanism, with some favoring dedicated thematic groups and others preferring to maintain the existing OEWG format

Stakeholder participation modalities remain contentious, with some calling for enhanced participation and others wanting to maintain current restrictive practices

Consensus decision-making is supported by some countries but viewed as potentially paralyzing by others

Capacity building is widely seen as a priority area that should be a key focus of the future mechanism

Regional organizations can play an important role in capacity building and implementing UN mandates

Adequate and sustainable funding will be crucial for the effectiveness of the future mechanism

Resolutions and Action Items

Continue discussions on the structure and modalities of the future permanent mechanism

Consider proposals for dedicated thematic groups on topics like resilience, cooperation, and stability

Further develop proposals for a UN voluntary fund and capacity building portal

Explore ways to enhance stakeholder participation while addressing state concerns

Unresolved Issues

Final structure and number of thematic groups for the future mechanism

Specific modalities for stakeholder participation

Decision-making process (consensus vs. voting)

How to balance pillar-based and cross-cutting approaches

Scope and governance of proposed UN voluntary fund

How to address the digital divide between developed and developing countries

Suggested Compromises

Take an incremental approach to developing the portal and voluntary fund

Consider a hybrid of pillar-based and cross-cutting thematic groups

Explore accreditation processes that allow voting on objections without chair as intermediary

Establish clear guidelines and verification processes for stakeholder participation to address state concerns

Develop a flexible work program with rotating thematic priorities over 3-5 year cycles

Capacity building remains a basic pillar in the context of our working group to allow all states to contribute to the establishment of a safe, stable, and inclusive cyberspace. Working to close these gaps will allow developing states to acquire the capacity that they need to come to grips with the issue of ICTs so they can contribute to the establishment of existing norms and can respond effectively to all sorts of threats.

speaker

Democratic Republic of the Congo

reason

This comment highlights the critical importance of capacity building in enabling all states, especially developing ones, to participate fully in cybersecurity efforts. It frames capacity building as essential for both norm-setting and threat response.

impact

This comment helped refocus the discussion on the importance of capacity building as a foundational element for inclusive participation and effective cybersecurity. It likely influenced subsequent speakers to address capacity building in their remarks.

The group structure outlined in the paper is directly contrary to this goal of moving our conversation into a more cross-cutting format. Several of the groups lack the action-oriented approach for which all states have expressed their support. In addition, we do not support an approach that pulls out certain pillars of the framework for prioritized, stand-alone work, given that the framework is a comprehensive, balanced, and interconnected concept.

speaker

United States

reason

This comment challenges the proposed structure for thematic groups, arguing for a more integrated, cross-cutting approach. It raises important questions about how to balance different elements of the cybersecurity framework.

impact

This critique likely prompted other delegations to reconsider their positions on the structure of thematic groups and how to best organize discussions to be action-oriented and comprehensive.

If you want to build a house, you need pillars and ceilings and floors. If you just had pillars, you have no roof to hold the pillars, and you are going to be in serious trouble. And if all you had was a cross-cutting floor, you’re not going to be able to raise the ceiling either. So if you really want to build a collective house, you need a combination of approaches.

speaker

Chair

reason

This metaphor effectively illustrates the need for both pillar-based and cross-cutting approaches in structuring the discussions. It challenges the binary thinking that had emerged in the debate.

impact

This comment likely prompted delegates to reconsider their rigid positions and think more flexibly about how to combine different approaches in the future mechanism.

We need to make a decision on modalities on stakeholder modalities in this working group by consensus because that’s how we have worked as a working group. But each one of you have a sovereign right to bring things to a vote, wherever you choose. But if you do that, there will be consequences. We have built a certain level of trust.

speaker

Chair

reason

This comment addresses the tension between consensus-based decision-making and voting, highlighting the potential consequences of moving away from consensus. It emphasizes the importance of trust-building in the process.

impact

This stark reminder of the stakes involved likely prompted delegates to reflect on the importance of finding common ground and maintaining the collaborative spirit of the working group.

Overall Assessment

These key comments shaped the discussion by challenging existing approaches, highlighting critical issues like capacity building and stakeholder participation, and pushing for more flexible and integrated thinking. The Chair’s interventions, in particular, seemed to shift the tone of the discussion from entrenched position-stating to a more reflective consideration of how to move forward productively. The comments collectively emphasized the need for practical, action-oriented approaches while maintaining inclusivity and consensus-building.

How can the proposed global ICT security cooperation and capacity-building portal be designed to avoid duplication with existing initiatives?

speaker

Multiple delegations including Russian Federation, Germany, Philippines

explanation

Many countries expressed concern about potential overlap with existing portals and emphasized the need to optimize synergies and resources.

What specific modalities should be considered for the operation of the proposed UN Voluntary Fund for capacity building?

speaker

Catherine Preisman (UNODA)

explanation

The Secretariat noted that states need to provide more clarity on operational aspects like priority areas and criteria for sponsoring participants.

How can the future permanent mechanism best incorporate capacity building as a cross-cutting issue?

speaker

Multiple delegations including Germany, Fiji, Argentina

explanation

There was broad agreement on the importance of capacity building, but differing views on how to structure it within the future mechanism.

What approach should be taken to stakeholder participation modalities in the future permanent mechanism?

speaker

Multiple delegations including Nicaragua, European Union, United States

explanation

There were divergent views on whether and how to modify existing stakeholder participation processes.

How can the structure of thematic groups in the future mechanism balance focused discussion with cross-cutting issues?

speaker

Multiple delegations including African Group, France, United States

explanation

There were differing proposals on how to organize thematic discussions to be both focused and comprehensive.

What specific steps can be taken to reach consensus on the key aspects of the future permanent mechanism before the July 2025 deadline?

speaker

Chair

explanation

The Chair emphasized the limited time remaining and need for flexibility to reach agreement on unresolved issues.