Can the United Nations Improve Cybersecurity?

Uploaded on 2015-04-28 in NEWS-Cybersecurity News, INTELLIGENCE--International, FREE TO VIEW

The 2012-2013 Report from the Group of Governmental Experts (GGE) recommended “regular institutional dialogue with broad participation under the auspices of the United Nations, as well as regular dialogue through bilateral, regional and multilateral forums, and other international organizations.”

In typical UN fashion, the sentence attempts to please a number of constituencies without saying very much. First, it appeals to the United States and its allies by referring to “broad participation” and regular dialogue in venues outside the UN system. 

Second, it appeals to Russia, China, India, Brazil, and others that would like to see the UN take a more central role in cyber matters, not only on issues related to international peace and security, but when they are related to broader issues like Internet governance. 

Despite reaching a consensus on the need to talk more, the current GGE group will continue to argue over the appropriate place of the UN in discussions about cyber activity that can undermine international peace and security. The GGE will have two options to consider: status quo or something new.

While the GGE process has been instrumental in promoting the norm that international law applies to state behavior in cyberspace, the model is not sustainable for two reasons. First, GGEs have to be periodically renewed by the UN General Assembly, a process that can be upheld by politicking, deal-trading on unrelated issues, and pressures on the UN budget.
Second, the cyber GGEs are limited to a small number of states, five of which have always been the permanent members of the UN Security Council, and the membership changes every time a new GGE is created. 
The UN’s role in the military dimensions of cyberspace is likely to become a bargaining chip. While Russia and China may not push for a new UN cyber committee, middle income and developing countries in the current GGE such as Brazil, Kenya, Malaysia, and others may find it appealing as a way to develop expertise on the topic and could want to see a recommendation for a new group in the GGE’s report.

The United States, which is comfortable with the status quo approach, will likely resist such a move unless it can obtain some concessions in return. 

DefenseOne

 

« Google Adds Real-Time Analysis to its Cloud Service
Cyber Insurance: An Ineffective Way of Dealing with Hacks? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

AA Certification (AAC)

AA Certification (AAC)

AAC provide ISO Quality Management System certification services including ISO 27001.

High Sec Labs (HSL)

High Sec Labs (HSL)

High Sec Labs develops high-quality, cyber-defense solutions in the field of network and peripheral isolation.

Nexthink

Nexthink

Using our solution, hundreds of IT departments effectively balance offering a productive and enjoyable end-user experience with making the right decisions to secure and transform the digital workplace

Acalvio Technologies

Acalvio Technologies

Acalvio provides Advanced Threat Defense (ATD) solutions to detect, engage and respond to malicious activity inside the perimeter.

GOVCERT.lu

GOVCERT.lu

GOVCERT.lu is responsible for the treatment of all computer related incidents jeopardising the information systems of the government and defined critical infrastructure operators in Luxembourg.

Lineal Services

Lineal Services

Lineal supports clients in meeting their digital forensics, cyber security and eDiscovery needs by providing bespoke solutions to complex problems.

Cybertonica

Cybertonica

Cybertonica is a FinTech company which detects and prevents fraudulent transactions and reduces risk for financial services organisations.

FortifyData

FortifyData

FortifyData is the next generation of cyber risk management–a comprehensive platform that continuously evaluates your third-party, internal and people risks.

EVOKE

EVOKE

EVOKE is an award-winning Digital Transformation company that partners with its clients to build digital workplace solutions for organizational challenges.

Servian

Servian

Servian is one of Australia's leading IT consultancies, with expertise in cloud, data, machine learning, DevOps and cybersecurity.

Query.ai

Query.ai

At Query.AI, we are committed to helping companies unlock the power of their security data, so they are empowered to meet security investigation and response goals while simultaneously reducing costs.

Outseer

Outseer

Outseer is a leading technology company in the fight against payments fraud. Outseer reliably determines authentic customers from fraudulent behavior.

Guardz

Guardz

Guardz helps small and growing businesses to go from zero or low cyber protection to having comprehensive security – in the quickest and most straightforward way.

Abstract Security

Abstract Security

Abstract Security has created a revolutionary platform, equipped with an AI-powered assistant, to better centralize the management of security analytics.

MergeBase

MergeBase

Reduce software supply chain risk with MergeBase proven Software Composition Analysis (SCA).

Security4Media

Security4Media

Security4Media is a non-profit association set up to reduce risks and support trust in media, in the face of increasing cybersecurity threat levels.