Cybernorms
Contents
Cybernorms are voluntary guidelines and principles that promote responsible state behaviour in cyberspace.
They are designed to enhance international security and stability by providing a framework for states and other stakeholders to follow in order to mitigate cyber threats and prevent cyber conflicts.
While non-binding, these norms aim to foster cooperation, transparency, and trust among states and other actors in the digital space. Effective implementation of cybernorms requires regular dialogue, cooperation on technical measures, and efforts to hold violators accountable.
Here are the 11 cybernorms endorsed by the United Nations.
-
Non-use of ICTs for Internationally Wrongful Acts:Â States should not conduct or knowingly support ICT activity that intentionally damages critical infrastructure or otherwise impairs the use and operation of critical infrastructure to provide services to the public.
-
Protection of Critical Infrastructure:Â States should take appropriate measures to protect their critical infrastructure from ICT threats.
-
Incident Response Cooperation:Â States should respond to appropriate requests for assistance by another State whose critical infrastructure is subject to malicious ICT acts.
-
Respect for Human Rights:Â States should respect human rights and fundamental freedoms in their use of ICTs.
-
Non-interference in Internal Affairs:Â States should not conduct or knowingly support ICT activity that intentionally damages or impairs the use and operation of critical infrastructure for political coercion or to destabilize another State.
-
Non-Use of Proxies:Â States should not use proxies to commit internationally wrongful acts using ICTs.
-
Responsible Reporting of Vulnerabilities:Â States should encourage responsible reporting of ICT vulnerabilities and share associated information on available remedies to address such vulnerabilities to limit and possibly eliminate potential threats to ICTs and ICT-dependent infrastructure.
-
Respect for International Law:Â States should recognize that international law, including the UN Charter, is applicable and essential to maintaining peace and stability and promoting an open, secure, stable, accessible, and peaceful ICT environment.
-
Cooperation for Stability and Security:Â States should cooperate in developing and applying measures to increase stability and security in the use of ICTs and to prevent ICT practices that are harmful or that may pose threats to international peace and security.
-
Capacity Building:Â States should consider how best to cooperate to build capacity in developing countries to address ICT security and to develop and implement measures to protect their critical infrastructures.
-
Confidence-Building Measures:Â States should take steps to build confidence and trust with other States, such as exchanging information, building transparency, and engaging in dialogue to reduce the risk of misperception and miscalculation related to ICT incidents.
From our blog
The Overlooked Peril: Cyber failures amidst AI hype
19 July 2024
Today's CrowdStrike failure jolted us into a harsh reality. For the past two years, the tech world has been abuzz with discussions about the potential risks of AI. Conferences, initiatives, and think tanks have dedica...
Cyber road from Ukraine: where will it take us?
08 March 2022
Conflict and crisis, Critical infrastructure, Cyberconflict and warfare, Cybernorms, Cybersecurity, International law, Security
‘The potential for the next Pearl Harbor could very well be a cyberattack.’ US Defense Secretary Leon Panetta, 2012 This (in)famous warning has been discussed and re-discussed since 2012. Could a devastating...
Year in review: The digital policy developments that defined 2021
27 December 2021
AI diplomacy, Cybernorms, Cybersecurity, Data and diplomacy, Development, Economic, Human rights, Infrastructure, Internet governance and digital policy, Legal and regulatory, Metaverse Diplomacy, Sociocultural, Surveillance
For most countries, 2021 was a continuation of pandemic woes. As people swapped contact tracing apps for vaccine passports, the wave of misinformation on COVID-19 vaccines spread even faster. Beyond COVID-19, the b...
Who’s behind a cyberattack?
26 October 2021
Cyberconflict and warfare, Capacity development, Conflict and crisis, Cybernorms, Cybersecurity
Unravelling cyberattacks through a simulation game A seemingly ordinary Monday. You enter your office, turn on your computer, and grab a cup of coffee. As you settle in your desk to check your emails and connect to...
Training and courses
Events
Information session: Geneva Dialogue on Responsible Behaviour in Cyberspace
01 Oct 18 - 02 Oct 18
Switzerland
Diplo at the ‘Cyber security and cybercrime policies for African diplomats’ workshop
12 Apr 18 - 13 Apr 18
Ethiopia, Africa
Cyber War and Cyber Crime: Session at the Belgrade Security Forum
20 Sep 12 -
Serbia, Southeast Europe
Joint Australian-Egyptian Missions informal roundtable on information and cyber security issues
01 Jun 12 -
United States
Resources
2019
International cyber security diplomatic negotiations: Role of Africa in inter-regional cooperation for a global approach on the security and stability of cyberspace
This research paper examines African countries cybersecurity readiness and how Africa can play a role in shaping international negotiations and discussions on global cybersecurity governance.... Read more...
2017
International multistakeholder cyber threat information sharing regimes: Policy considerations for scaling trust and active participation
This paper examines cybersecurity information sharing mechanisms. It looks at the research into public-private partnership (PPP) theory, their application for cybersecurity, and the burgeoning field of international cybersecurity collaboration, and draws conclusions on... Read more...