Geneva Dialogue on Responsible Behaviour in Cyberspace
Launched in 2018, the Geneva Dialogue on Responsible Behaviour in Cyberspace (GD) aims to map the roles and responsibilities of actors in contributing to greater security and stability in cyberspace in the context of international peace and security.
The exploitation of vulnerabilities in digital products and a lack of transparency in today’s complex ICT supply chains are essential components of cyberattacks which may cause security and safety risks for users, as well as cause social and economic disruptions for societies. A lack of security in digital products also allows well-resourced threat actors and such attacks to damage global cyber-stability.
Several international processes developed cyber norms to reduce such vulnerabilities. The main challenge lies in implementation. Of particular relevance for the work of the GD are the UN cyber norms which have been agreed upon and endorsed by all UN member states. These include the norms 13(i) and 13(j) of the UN GGE report of 2021, which are related to the integrity of the supply chain and security of digital products, and the responsible reporting of vulnerabilities and related information sharing. Those norms, as well as norms and principles developed in other regional and multistakeholder fora, invite close cooperation among states and non-state actors.
The environment in which this cooperation should happen is increasingly complex and uncertain: cyber risks are heavily influenced by geopolitics; emerging national legal and regulatory frameworks are pressed by national security concerns, and risk additionally fragmenting the global policy environment; and whether traditional good cybersecurity practices, such as certifications, may fit for the increasing diversity of relevant actors, convergence of technologies, and pace of threat landscape change, remains an open question.
The GD is an international process established in 2018 to map the roles and responsibilities of actors to contribute to greater security and stability in cyberspace. It is led by the Swiss Federal Department of Foreign Affairs (FDFA) and implemented by DiploFoundation, in partnership with the Center for Digital Trust (C4DT).
The GD aims to clarify the roles and responsibilities of non-state actors in implementing cyber norms related to reducing vulnerabilities and supply chain security. The GD provides a trusted environment for a regular conversation between industry, NGOs, technical and cybersecurity experts, and academia to play a constructive role in enhancing responsible and secure supply chains as well as reducing risks for users stemming from vulnerabilities in digital products. Through regular virtual consultations, the GD aims to collect best practices in this regard as well as discuss existing challenges for different actors. The results shall be published in the Geneva Manual on the non-state actors’ contribution to cyber-stability through the implementation of voluntary norms for responsible behaviour.
As one of the pillars of the Swiss Digital Foreign Policy Strategy, the GD aims to:
- Facilitate an inclusive global dialogue on the roles and responsibilities of non-state actors in securing supply chains and reducing risks for users stemming from vulnerabilities in digital products;
- Assist non-state stakeholders in contributing to greater security and stability in cyberspace through the implementation of voluntary norms for responsible behaviour, by providing specific guidance in the form of the Geneva Manual;
- Strengthen the awareness of stakeholders as well as their capacities for mutual dialogue on and cooperation in securing cyberspace.
By organising a regular dialogue and building a trusted community for international partners, the Geneva Dialogue also highlights the role of International Geneva and Switzerland in promoting responsible behaviour across stakeholders through the implementation of relevant norms to secure ICT supply chains and reduce risks for users from vulnerabilities in digital products.
Timeline of the dialogue
Results and publications
- Geneva Dialogue on Responsible Behaviour in Cyberspace: Private Sector. Framework Document, November 2018
- Geneva Dialogue on Responsible Behaviour in Cyberspace: Civil Society. Framework Document, November 2018
- Phase 1 Report by Camino Kavanagh and Paul Cornish, May 2019
- Output report ‘Security of digital products and services: Reducing vulnerabilities and secure design: Good practices’, November 2020
- Report and messages on ‘Security of digital products and international standards’, May 2021
- Report and messages on ‘Security of digital products and the regulatory environment’, September 2021
- Comparative analysis of Governance Approaches to the Security of Digital Products, November 2021