GFCE Cybersecurity Knowledge Modules

KM3 - Cyber diplomacy and international cooperation
Module objectives
1. Risks for international peace and cyber-stability
3 Topics
1.1 Cyber-attacks and geopolitics
1.2 Cyber as part of hybrid warfare
1.3 Cyber-armament
2. Towards an international agreement
4 Topics
2.1. Framework for responsible state behaviour in cyberspace
2.2. Applicability of international law
2.3. Norms, confidence building measures, and capacity building
2.4 Broader context
3. International cooperation
4 Topics
3.1. The United Nations
3.2. Other multilateral forums
3.3. Regional efforts
3.4. Multistakeholder efforts
4. Cyber diplomacy
5. Main takeaways
6. Assignment
1 Quiz
KM3 Quiz
KM4 - Cyber Incident Management
Module objectives
1. Introduction
2. Types of Cyber Incident Response Teams
5 Topics
2.1. National Computer Security Incident Response Team
2.2. Product Security Incident Response Team
2.3. Sector CSIRTs
2.4. Security Operation Centre
2.5. Commercial CSIRT
3. What needs to be considered when establishing a National CSIRT?
2 Topics
3.1. CIRT framework
3.2. How to set up CSIRT and SOC
4. How to assess cyber incident readiness
3 Topics
4.1. Security Incident Management Maturity Model (SIM3)
4.2. Security Operation Centre Capability and Maturity Model (SOC-CMM)
4.3. CSIRT Maturity – Self-assessment Tool
5. Which services do the CSIRTs offer?
2 Topics
5.1. FIRST CSIRT services framework
5.2. ITU-T Recommendation X.1060 service categories
6. Who does the CSIRT serve?
7. Which Tools does a CSIRT need?
8. Policies, frameworks, and guidelines
9. Resourcing and funding a CSIRT
1 Topic
9.1. What does a CSIRT Budget look like?
10. CSIRT capabilities
3 Topics
10.1. Training and certification
10.2. Auditing
10.3. Cyber drills
13. Main takeaways
14. Assignment
1 Quiz
KM4 Quiz
2 of 5
Previous Lesson
Next Topic

2.1. Framework for responsible state behaviour in cyberspace

GFCE Cybersecurity Knowledge Modules 2. Towards an international agreement 2.1. Framework for responsible state behaviour in cyberspace

🎯What are the current ‘rules of the road’ for states in cyberspace?

The UN negotiations have given birth to a framework for responsible state behaviour in cyberspace (further referred to as the Framework), consisting of four pillars: international law, norms, CBMs, and capacity building (video).

Video: UN framework on responsible state behaviour in cyberspace (you can download an infographic here) (Source: ASPI)

The framework is defined by the body of existing international agreements under the UN (informally known as the “acquis”, reminding of the term used as a reference to the EU’s body of laws), in particular the reports of the UN Group of Governmental Experts (GGE) and the UN Open-ended Working Group (OEWG).

The proposed UN General Assembly (UNGA) Resolution A/C.1/76/L.13, tabled jointly by the USA and Russia in autumn 2021, clarifies that the two core instruments which should guide states in their use of information and communication technologies (ICT) are:

  • The 2021 report of the Open-ended Working Group (OEWG) (UNGA Res. A/75/816)
  • The 2021 report of the Group of Governmental Experts (GGE) (UNGA Res. A/76/135)

In addition, the resolution reiterates the importance of the three previous consensus reports of the GGE: from 2010 (A/65/201), 2013 (A/68/98* and A/RES/68/243), and 2015 (A/70/174 and A/RES/70/237).

Resources

Ambassador Jürg Lauber, Permanent Representative of Switzerland to the United Nations and other Organizations in Geneva, gave a ‘masterclass’ interview for the ‘Inside Cyber Diplomacy’ podcast. In his discussion with Jim Lewis and Chris Painter, he shared experiences from his work as Chair of the OEWG, how his previous UN experience helped him increase engagement in the process, and where to go from here.

Similarly, Ambassador Guilherme Patriota, Brazil’s Consul General in Mumbai and Chair of the UN GGE on Advancing responsible State behaviour in cyberspace in the context of international security, gave an interview for the ‘Inside Cyber Diplomacy’ podcast. There, he discussed the influence his past negotiating experience had in how he chaired the group, how they had to adjust to negotiating during Covid to achieve a consensus report, and whether his future plans will involve ICTs.

Previous Lesson
Back to Lesson
Next Topic

New post

Your email address will not be published. Required fields are marked *

1 post
Collapse posts
May 18, 2024 at 12:28 pm

1

Reply
Skip to content