cybersecurity

Geneva Cyber Week to bring diplomacy, cyber policy, and AI security debates together

The United Nations Institute for Disarmament Research and the Swiss Federal Department of Foreign Affairs will co-host Geneva Cyber Week from 4 to 8 May 2026, bringing policymakers, diplomats, technical experts, industry leaders, academics, and civil society representatives to venues across Geneva and online for a week of discussions on cyber stability, resilience, governance, digitalisation, and the security implications of emerging technologies, including AI.

Returning after its inaugural edition, the event is being positioned as a response to a more fragile cyber and geopolitical environment. Held under the theme ‘Advancing Global Cooperation in Cyberspace’, Geneva Cyber Week 2026 comes at a moment of mounting cyber insecurity, intensifying geopolitical tension, and rapid technological change, with organisers framing the gathering as a space for more practical cooperation across diplomatic, technical, operational, and policy communities.

“Cybersecurity is no longer a niche technical issue; it is a strategic policy challenge with implications for international peace, economic stability and public trust. At a moment of growing fragmentation and accelerating technological change, Geneva Cyber Week brings together the communities that need to be in the room — diplomatic, technical, operational and policy — to move from shared concern to practical cooperation,” said Dr Giacomo Persi Paoli, Head of Security and Technology Programme at UNIDIR.

The programme will feature nearly 90 events and reinforce Geneva’s role as a centre for cyber diplomacy, international cooperation, and digital governance. Scheduled sessions include UNIDIR’s Cyber Stability Conference, Peak Incident Response organised by the Swiss CSIRT Forum, Digital International Geneva, the World Economic Forum Annual Meeting on Cybersecurity, and a Council of Europe session titled ‘Artificial Intelligence, Cybercrime and Electronic Evidence: Risks, Opportunities, and Global Cooperation’.

The week will also include partner-led panels, workshops, simulations, exhibitions, and networking events to connect specialist communities that do not always work in the same room. That broader structure reflects an effort to treat cyber issues not only as a technical or security matter but also as a governance, trust-building, and international-coordination challenge.

“At a time when digital threats know no borders, fostering inclusive discussions is essential to building trust, advancing common norms, and promoting a secure and open cyberspace for all. International Geneva provides an unparalleled multilateral environment to address these cybersecurity challenges collectively. Geneva Cyber Week’s diverse programme embodies this collaborative spirit,” said Marina Wyss Ross, Deputy Head of International Security Division and Chief of Section for Arms Control, Disarmament and Cybersecurity at the Swiss FDFA.

Across the city, Geneva will also mark the week visually, including flags on the Mont Blanc Bridge and special illumination of the Jet d’Eau on Monday evening. But beyond the symbolism, the event’s significance lies in how it seeks to bring cyber diplomacy, incident response, governance debates, and emerging technology risks into the same international conversation.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!  

European Business Council in Japan holds first cybersecurity conference in Tokyo

Tokyo hosted a cybersecurity conference organised by the European Business Council in Japan (EBC) Digital Committee on 7 April. The event took place at the EU Delegation in Tokyo.

The conference was the EBC Digital Committee’s first event. It brought together experts from the public and private sectors to exchange views on cybersecurity challenges and policy developments.

Speakers included Luis Miguel Vega Fidalgo from the European Commission, Satoshi D. from Japan’s Ministry of Economy, Trade and Industry, and Amelia Alder from Knorr-Bremse. A question-and-answer session followed their presentations.

Participants continued discussions during a networking reception after the session. The Digital Committee co-chairs, Wataru Suzuki and Felix von Helden, thanked the speakers and organisers, including Peter Fatelnig from the EU Delegation to Japan.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot 

Project Glasswing unites tech firms for AI-driven cyber defence

Major technology and security companies have joined forces under Project Glasswing to defend critical software infrastructure using advanced AI. The initiative brings together organisations including AWS, Apple, Google, Microsoft, NVIDIA, Cisco, CrowdStrike, JPMorganChase and the Linux Foundation.

Anthropic is deploying its frontier model, Claude Mythos Preview, at the centre of the effort. The system detects complex software vulnerabilities at scale, uncovering thousands of previously unknown flaws across operating systems, browsers, and core infrastructure.

The model’s findings suggest a major shift in cybersecurity capabilities. AI systems are increasingly capable of matching or surpassing human expert performance in vulnerability discovery, raising both defensive opportunities and security risks.

Some of the flaws identified had persisted for decades, undetected by traditional testing methods.

Project Glasswing aims to convert these capabilities into a coordinated defensive advantage. Partners will use the model to scan and secure systems more efficiently, supported by $100 million in usage credits and additional funding for open-source security initiatives.

The programme also targets long-term improvements in cybersecurity standards and secure development practices.

Modern society depends on software that runs critical infrastructure, including banking systems, healthcare networks, energy grids, and communications platforms. When AI systems find vulnerabilities at scale, the balance shifts between attackers and defenders, making hidden weaknesses easier to uncover and faster to fix before exploitation.

For global infrastructure, this means cybersecurity is shifting from slow, human-driven auditing to continuous, AI-assisted defence, where speed, coordination, and secure-by-design practices become essential to maintaining stability and reducing systemic risk.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!  

US agencies warn of cyber intrusions into critical infrastructure systems

A joint cybersecurity advisory issued by the Federal Bureau of Investigation, Cybersecurity and Infrastructure Security Agency, National Security Agency, and several sector-specific partners warns US organisations of an ongoing campaign by actors targeting industrial control systems across US critical infrastructure.

The activity focuses on internet-exposed operational technology (OT), particularly programmable logic controllers (PLCs), which are widely used to automate industrial processes in sectors such as energy, water and wastewater systems, and government services.

According to the advisory, the attackers are exploiting PLCs by leveraging their direct exposure to the internet. The attackers gain initial access by scanning for internet-facing PLCs and connecting through commonly used industrial communication ports. Once access is established, the actors interact with device project files and manipulate data displayed on human-machine interfaces (HMI) and supervisory control and data acquisition (SCADA) systems. This enables them to disrupt industrial processes in real time. In several confirmed cases, such intrusions have resulted in operational disruption and financial loss, underscoring the tangible, physical-world impact of these cyber operations.

The advisory provides a detailed set of indicators of compromise (IOCs), including specific IP addresses associated with malicious activity, along with mappings to the MITRE ATT&CK framework to help defenders contextualise tactics and techniques.

Organisations are strongly encouraged to review both current and historical network logs for signs of compromise, particularly for unusual traffic on ports commonly used by OT protocols.

The campaign appears to be part of a broader escalation in Iranian-linked cyber activity, likely tied to geopolitical tensions involving the USA and its allies. The advisory links the activity to previously identified advanced persistent threat (APT) groups associated with Iran’s Islamic Revolutionary Guard Corps (IRGC).

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

ENISA launches consultation on EU digital wallet certification

The European Union Agency for Cybersecurity (ENISA) has launched a public consultation on a draft candidate certification scheme for the EU Digital Identity (EUDI) Wallets.

The draft was developed with a dedicated ad hoc working group, and the consultation aims to gather feedback on its structure, core elements, and annexes. Responses are open until 30 April 2026.

The initiative follows the adoption of a regulation establishing the European Digital Identity Framework. The European Commission has mandated ENISA to support the certification of EUDI Wallets, including the development of a European cybersecurity certification scheme under the Cybersecurity Act.

The objective is to define cybersecurity requirements for digital identity solutions and support their consistent implementation across the EU.

In February 2026, ENISA signed a €1.6 million contribution agreement with the European Commission for two years to support the development and rollout of national certification schemes.

Funded under the Digital Europe Work Programme 2025–2027, the agreement supports capacity development, skills development, and alignment with a future European certification framework. Member states are expected to provide at least one certified EUDI Wallet by the end of 2026.

Digital identity wallets are intended to enable secure identification and the protection of personal data in both digital and physical environments.

The proposed certification scheme aims to verify compliance with cybersecurity requirements, addressing the limited use of formal certification in current wallet implementations.

The initiative carries significant regulatory weight as it translates the European Digital Identity Framework into enforceable cybersecurity standards. It ensures harmonised compliance across member states while strengthening trust, interoperability, and legal certainty within the EU’s digital identity ecosystem.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Global cyber stability conference set for May 2026 in Geneva

The Cyber Stability Conference 2026 will take place on 4–5 May at the Centre International de Conférences Genève in Geneva, bringing together global stakeholders to discuss the future of ICT security and cyber governance.

Organised by the United Nations Institute for Disarmament Research, the event will run in a hybrid format during Geneva Cyber Week.

The conference comes amid growing international efforts to strengthen frameworks for responsible state behaviour in cyberspace and improve coordination on digital security challenges. It is positioned within a broader push to adapt governance systems to rapid technological change.

Discussions will focus on how cyber governance can respond to emerging technologies such as AI and quantum computing. Emphasis will be placed on aligning regulatory and security approaches with technological development to reinforce international stability.

Participants from government, academia, industry, and civil society will review past lessons, assess current risks, and explore future pathways for global ICT security governance.

Cyber stability is becoming a core pillar of global security as digital infrastructure underpins economies, governance systems, and critical services. Stronger coordination on cyber governance is essential to reducing systemic risks and ensuring technological progress does not outpace security frameworks.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

UN Global Mechanism on ICT security discusses procedures, debates co-facilitator appointments

The United Nations Global Mechanism on developments in the field of ICTs in the context of international security and advancing responsible state behaviour in the use of ICTs held its third organisational meeting, focusing on operational arrangements for the newly established permanent forum.

The session, chaired by Ambassador Egriselda López of El Salvador, addressed decision-making procedures, meeting schedules for 2026, and the structure of two dedicated thematic groups (DTGs), which will complement plenary sessions.

Delegations discussed the mechanism’s working methods, with López noting that decisions would be taken by consensus in line with UN General Assembly rules of procedure.

A central point of discussion was the appointment of co-facilitators for the two DTGs, one focusing on ICT security challenges and the other on capacity development. López indicated that she intended to appoint co-facilitators, taking into account geographic balance.

Several delegations, including the Russian Federation, the Islamic Republic of Iran, China, and Belarus, said that such appointments should be agreed upon by consensus among member states. Other delegations, including the European Union, the United States, and Australia, expressed support for the Chair’s approach and emphasised the need to proceed with preparations for substantive work.

Delegations also addressed stakeholder participation, noting that non-governmental organisations, the private sector, and academia would contribute in a consultative manner, while decision-making would remain intergovernmental.

The provisional agenda for future substantive plenary sessions was discussed, with some delegations, including Iran and the Russian Federation, requesting adjustments to ensure alignment with the agreed mandate. Other delegations supported the structure proposed by the Chair, which is organised around the five pillars of the framework for responsible state behaviour in cyberspace.

The meeting concluded without agreement on the provisional agenda or the appointment of co-facilitators. The Chair said she would conduct informal consultations with member states to address outstanding issues ahead of the first substantive plenary session scheduled for July 2026.

The Global Mechanism is mandated to advance discussions on threats, norms and principles, the application of international law, confidence-building measures, and capacity development, as part of its role as a permanent UN forum on ICT security.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

UN Global Mechanism on ICT security advances work, shifts focus to implementation

The United Nations Global Mechanism on developments in the field of ICTs in the context of international security and advancing responsible state behaviour in the use of ICTs held its second meeting, during which member states conducted a general exchange of views on the work of the newly established permanent forum.

The session, chaired by Ambassador Egriselda López of El Salvador, focused on agenda item four, during which 61 member states and three intergovernmental organisations delivered statements on priorities for the mechanism.

Delegations emphasised the transition from the previous Open-Ended Working Group (OEWG) to the new permanent mechanism, highlighting the need to build on existing agreements and move towards practical implementation. Several speakers stressed that the mechanism should focus on translating the agreed framework for responsible state behaviour in cyberspace into concrete outcomes, rather than negotiating new commitments.

Across statements, member states reaffirmed the five-pillar framework covering threats, norms and principles, the application of international law, confidence-building measures, and capacity development.

Capacity development was highlighted as a cross-cutting priority, particularly by developing countries and Small Island Developing States, which pointed to the need for demand-driven and sustainable approaches to strengthen cybersecurity capabilities. Delegations also noted challenges, including ransomware, threats to critical infrastructure, and the impact of emerging technologies such as AI.

Member states welcomed the establishment of two dedicated thematic groups, one addressing substantive ICT security challenges and another focused on capacity development, as a means to support more detailed discussions and implementation.

Several delegations reaffirmed that international law, including the UN Charter, applies to cyberspace and called for further work on its practical implementation. Many also emphasised the importance of maintaining a consensus-based, intergovernmental process, while enabling contributions from stakeholders, including the private sector, academia, and civil society, in line with agreed modalities.

The meeting forms part of the initial phase of the Global Mechanism’s work, following its establishment as a permanent UN forum on ICT security. The mechanism is expected to convene its first substantive plenary session in July 2026, alongside dedicated thematic group meetings scheduled for December 2026.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

New quantum threat could weaken cryptocurrency encryption systems

A new warning from Google says advances in quantum computing could weaken widely used cryptographic systems protecting cryptocurrencies and digital infrastructure. A new whitepaper suggests future quantum machines may need fewer resources than previously estimated to break elliptic curve cryptography.

The research focuses on the elliptic curve discrete logarithm problem, which underpins much of today’s blockchain security. Findings suggest quantum algorithms like Shor’s could run with fewer qubits and gates, increasing concerns about cryptographic resilience.

To address the risk, the paper recommends a transition to post-quantum cryptography, which is designed to resist quantum attacks. It also outlines short-term blockchain measures, including avoiding reuse of vulnerable wallet addresses and preparing digital asset migration strategies.

Google also introduced a responsible disclosure approach using zero-knowledge proofs to communicate vulnerabilities without exposing exploitable details.

The company says this balances transparency and security, supporting coordinated efforts across crypto and research communities to prepare for quantum threats.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

UN launches Global Mechanism on ICT security, elects chair for 2026–2027

The United Nations has convened the organisational session of the Global Mechanism on developments in the field of ICTs in the context of international security and advancing responsible state behaviour in the use of ICTs, a new permanent forum established by UN General Assembly resolution 80/16.

The session was opened by Izumi Nakamitsu, Under-Secretary-General and High Representative for Disarmament Affairs, who facilitated the election of Ambassador Egriselda López of El Salvador as chair for the 2026–2027 biennium.

During the meeting, the Russian Federation said it would not block the consensus-based appointment of López to ensure the swift launch of the mechanism. However, it expressed ‘deep disquiet’ regarding the pre-election process, stating that the UN Office for Disarmament Affairs (UNODA) had initiated an informal silence procedure on 13 March regarding López’s candidacy without prior discussion with member states. The delegation described the step as ‘unauthorised’ under UN General Assembly resolutions 79/237 and 80/16.

In her remarks following the election, López emphasised that the mechanism should focus on implementation of existing commitments, stating the need to move from agreements to ‘concrete results.’ She underlined that the process remains intergovernmental and should be guided by consensus among member states.

The session adopted its provisional agenda and proceeded with a general exchange of views among delegations.

Several regional groups outlined priorities for the mechanism. Nigeria, speaking on behalf of the African Group, highlighted capacity development as a cross-cutting priority and pointed to cybersecurity threats affecting developing countries, including ransomware and attacks on critical infrastructure.

The Pacific Islands Forum, represented by the Solomon Islands, emphasised the vulnerabilities of Small Island Developing States and called for practical implementation of agreed measures.

The Arab Group and the European Union also stressed the importance of translating existing frameworks into action, with the EU highlighting the need to enhance implementation of the agreed framework for responsible state behaviour in cyberspace.

Across statements, delegations highlighted several common priorities, including:

  • strengthening capacity development efforts;
  • addressing ransomware and threats to critical infrastructure;
  • advancing the application of international law in cyberspace;
  • ensuring that the mechanism builds on the outcomes of the previous Open-Ended Working Group.

Member states also welcomed the establishment of two dedicated thematic groups, one focusing on substantive issues and another on capacity development, and called for clear mandates and coordination between them.

The Global Mechanism is mandated to advance discussions across five pillars:

  • threats
  • norms and principles
  • the application of international law
  • confidence-building measures
  • capacity development.

It will convene annual plenary sessions, thematic group meetings, and a review conference every five years, leading up to the 2030 review.

The organisational session marks the start of the mechanism’s substantive work as a permanent UN forum on ICT security.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot 

Diplo chatbot can make mistakes. Consider checking important information.