ICT4Peace briefs the UN Security Council on Cybersecurity and International Peace and Security

ICT4Peace briefs the UN Security Council on Cybersecurity and International Peace and Security

ICT4Peace was invited on 28 November 2016 to brief the members of the UN Security Council on Cybersecurity and International Peace and Security. The Arria-formula meeting was co-chaired by Secretary of State Félix Sanz (Spain) and Ambassador Fodé Seck (Senegal), President of the Security Council in November 2016 and co-organised by these two countries.

Daniel Stauffacher, representing the ICT4Peace Foundation urged the UN Security Council to engage more actively in conflict prevention in cyberspace, – as the first destructive acts of offensive cyber operations have occurred – and not wait that new threats materialise and violent conflicts erupt. He reminded that the relatively new environment of cyberspace presents us with a golden opportunity to engage in conflict prevention. The internet alone represents an information and communication platform of extraordinary importance. With over 3.5 billion users, the global society is highly dependent on the internet for its well-being and prosperity. As the international community embarks on the UN Agenda 2030 for development, societies will increasingly need to apply ICTs to achieve their goals. Yet, despite its enormous socio-economic importance and its overwhelming use for civilian purposes, much remains to be done to ensure that cyberspace is used “for peaceful purposes” and “in the interests of all countries”, Daniel Stauffacher said.

In particular, he stressed the need to ensure that states commit to protecting critical civilian infrastructure from state sponsored attack. The dictates of international law, including international humanitarian law, and the recognition of common security interests require, at a minimum, such restraint. To this end, States should move rapidly to implement cyber security confidence building measures aimed at protecting such critical infrastructure, including the computer emergency response teams (CERTs) that are the “first responders” of cyberspace.

More generally, at this early stage of considering what sort of governance should be applied to cyberspace, he urged that the advocates of peaceful uses of cyberspace are given priority. For some, he mentioned, the necessary diplomacy to realise this goal has lagged behind the moves to militarise and indeed weaponise this vulnerable environment. He called for, that the outcome of the positive discussions and recommendations of a series of UN Group of Governmental Experts studying ICT developments in the context of international security are acted upon by all states. Especially relating to international law, norms of responsible state behaviour as well as confidence measures. To that end he hoped that appropriate ways to involve member states beyond the UN GGE format could be found.

Focusing on those actions that can have a destabilising effect – for instance, offensive cyber operations against critical civilian infrastructure – would be a good starting point, he underlined. They would focus on those state-conducted activities, the effects of which can cause significant damage, including physical damage. As has been the case in the past with measures to limit arms and/or destabilising military activity, he mentioned the need to base these on a common security interest in sustaining a stable and smoothly functioning cyberspace. In parallel to diplomatic efforts, there should also be a greater focus on capacity building, he stressed, not only to minimise vulnerability to malicious activity but also to maximise cooperation in the event of incidents.

The full presentation by Daniel Stauffacher, President of ICT4Peace Foundation can be found here.