The Warsaw Process Working Group on Cybersecurity met in Seoul, Republic of Korea on October 7-8, 2019. The discussions were co-chaired by the Republic of Korea, Poland, and the United States.

The rapid growth of the internet and information and communication technologies has produced great developments in the global economy, but it has also led to new and emerging threats to international peace and security. Destabilizing activity in cyberspace is increasing around the world including in the Middle East as the availability of criminal and commercial malware and the ubiquity of internet-connected devices has created new opportunities for state and non-state actors to launch malicious and damaging cyber operations.

Cooperation among states is more important than ever to promote stability in cyberspace and to prevent conflict that could potentially result from malicious cyber activities. Given that states around the world have unique expertise, addressing cybersecurity at the national or regional level requires deeper international cooperation and partnership. The Working Group on Cybersecurity is an opportunity to increase cooperation on critical cyber issues with regional actors by leveraging expertise from countries around the world.

The working group favored a two-pronged approach within the context of UN efforts in this regard: focused first on practical steps that states in the region can take to develop and enhance regional cyber security capacity; and second, on policy objectives that promote cooperative mechanisms for deterring and responding to significant cyber incidents.

On cooperative mechanisms for responding to significant cyber incidents, delegations discussed: the critical importance of sharing cybersecurity best practices; capacity building for cyber incident response; combatting cybercrime, noting the Budapest Convention on Cybercrime; and developing and implementing national cyber strategies. The Working Group will continue to work on practical steps, including procedures and tools for more effective cyber threat identification and information sharing as well as faster e-evidence collection and exchange to increase attribution and response potential in accordance with agreed UN framework.

On policy objectives that promote cooperation in deterring and responding to significant cyber incidents, delegations discussed how the framework for stability in cyberspace developed by the UN Group of Government Experts and recommended by the UN General Assembly can help increase security throughout all regions. This framework has three primary elements: 1) affirmation that all existing international law applies to state behavior in cyberspace; 2) adherence to voluntary, non-binding norms of responsible state behavior in cyberspace during peacetime; and 3) the consideration, development, and implementation of practical confidence building measures (CBMs) to reduce the risk of conflict in cyberspace.

United Nations Member States have already committed to be guided in their actions by this framework, and the working group discussed increasing support for this framework by states to improve regional stability and security, as well as additional actions to deter actors from carrying out destabilizing activities in cyberspace, and to hold malicious actors accountable. The group also discussed increasing support for capacity building and other CBMs including building cyber points of contact and sharing national cyber strategies or policies as another key way to support the framework and broader regional stability. The group acknowledged the importance of inter-regional cooperation to effectively cope with cyber threats, among others, through sharing information on the best practices of regional CBMs and capacity building initiatives of states around the world.

The following countries contributed to the working group statement:

  1. Afghanistan
  2. Australia
  3. Austria
  4. Bahrain
  5. Belgium
  6. Brazil
  7. Colombia
  8. Croatia
  9. Czech Republic
  10. Denmark
  11. Ecuador
  12. Egypt
  13. Estonia
  14. Finland
  15. France
  16. Germany
  17. Greece
  18. Hungary
  19. Ireland
  20. Italy
  21. Israel
  22. Jordan
  23. Kuwait
  24. Latvia
  25. Mexico
  26. Morocco
  27. Montenegro
  28. New Zealand
  29. Nigeria
  30. Norway
  31. Oman
  32. Poland
  33. Portugal
  34. Qatar
  35. Romania
  36. Saudi Arabia
  37. Slovakia
  38. Spain
  39. Switzerland
  40. The Netherlands
  41. The Republic of Korea
  42. The United Arab Emirates
  43. The United Kingdom
  44. The United States
  45. Tunisia
  46. Ukraine

U.S. Department of State

The Lessons of 1989: Freedom and Our Future