ABOUT
The exploitation of vulnerabilities in digital products is an essential component of sophisticated cyberattacks. Well-resourced adversaries increasingly exploit vulnerabilities for economic, political, or military gain, causing effects which destabilise cyberspace. Unsecured digital products allow attacks to damage global cyber stability. Several multilateral and multistakeholder fora develop(ed) cyber norms to reduce such vulnerabilities. The main challenge lies in implementation.
The Geneva Dialogue aims to clarify the roles and responsibilities of all stakeholders stemming from accepted norms on responsible behaviour in cyberspace, promoting a free, open, and secure internet.
The thematic focus for 2022/23 will be on addressing the cyber norms related to reducing vulnerabilities. The Geneva Dialogue will aim to clarify the roles and responsibilities of different stakeholders – especially those of the non-state actors – in line with the existing cyber norms, and provide them with guidance on how to contribute to their implementation. The results shall be published in the Geneva Manual on the non-state actors implementation of voluntary norms for responsible behaviour in cyberspace.
The Geneva Dialogue will endeavour to:
- Facilitate an inclusive global dialogue on the roles and responsibilities of non-state actors in relation to voluntary norms, while building on previous achievements of the Geneva Dialogue towards reducing the vulnerabilities of digital products, and in line with the ongoing diplomatic and political discussions about cyber norms.
- Assist non-state stakeholders in contributing to implementation of voluntary norms, by providing specific guidance in form of the Geneva Manual.
- Strengthen the awareness of stakeholders about the existing international cyber processes, implementation practices and their respective roles, and their capacities for the mutual dialogue and cooperation on securing cyberspace
The Geneva Dialogue on Responsible Behaviour in Cyberspace aims to map the roles and responsibilities of actors – states, the business sector, civil society, and the academic and tech communities – in contributing to greater security and stability in cyberspace in the context of international peace and security; identify good practices and possible gaps in existing efforts; and, ideally put forward recommendations for overcoming such gaps.
Currently in its second phase, the dialogue will focus on the roles and responsibilities of the business sector. The project aims to: convene global business sector actors to discuss responsible behaviour in cyberspace; assist the business sector to develop its capacities to understand, follow, and meaningfully contribute to international policy and diplomatic processes; and, facilitate dialogue among global businesses towards shaping principles and an action plan contributing to the global efforts at the UN and elsewhere.
The second phase of the dialogue is led by the Swiss Federal Department of Foreign Affairs (FDFA), and implemented by DiploFoundation.
LATEST BLOGS
Software supply chain security
Everyone can develop software, and the resulting quality can vary considerably. There is no single ‘right way’ to write code and reach a given goal. Numerous technologies exist with increasing complexities. Like in all disciplines, ‘mistakes happen’, and software development is no exception.
Are vulnerabilities bad, and what can I do about it?
What are vulnerabilities? Many of us are probably used to the all too frequent messages like ‘Update in progress, don’t turn off your computer.’ We see this not only on our laptops but also on our mobile phones, game consoles, fridges, cars, lightbulbs, fish tanks, and egg cookers.
Can we make cyberspace less vulnerable through greater transparency?
Exploiting vulnerabilities in digital products and services is an - if not the - essential component of sophisticated cyberattacks. Well-resourced threat actors, including state-related actors, increasingly seek to exploit vulnerabilities in operating systems and applications for economic, political, or military gain, causing destabilisation in cyberspace. The Sony hack, NotPetya ransomware, ICRC cyberattack, 2021 breaches exploiting vulnerabilities in the Microsoft Exchange Server … this list will most likely expand in the coming years amidst growing militarisation and geopolitical tensions in cyberspace.
Vulnerabilities in Digital Products: How Does This Impact the World Around Us?
Welcome back to the Geneva Dialogue! Since 2018, this international process has been focusing on responsible behavior in cyberspace and exploring ways to enhance cyber stability. Over the years, we've built a community with partners from diverse industries and who are leading in digitisation, including the manufacturing of digital products. This year, the Geneva Dialogue is going to the next level. Led by the Swiss Federal Department of Foreign Affairs (FDFA) and implemented by Diplo with the support of C4DT, the Dialogue will focus on the implementation of cyber norms related to reducing vulnerabilities in digital products and supply chain security.
RESULTS
Policy research report ‘Governance Approaches to the security of digital products’
The report provides an overview of public policies around the security of digital products. It summarizes the challenges that public policymakers are frequently facing in this context and the solutions that have been adopted. The report also elaborates how the relatively new policy area of digital product security can be distinguished from cybersecurity regulations around critical infrastructure protection and data security.
The report was commissioned by the Swiss Federal Department of Foreign Affairs in order to support the Geneva Dialogue. Interviews with public officials from seven different jurisdictions were conducted in order to achieve better insights into domestic policies. The report was prepared by the Center of Security Studies at ETH Zürich and presented at a Geneva Dialogue event dedicated to the security of digital products and their regulatory environment in September 2021.
Online event on ‘Security of digital products and the regulatory environment’
The online event on ‘Security of digital products and the regulatory environment’, organised by Diplo and the Swiss Confederation, took place on 29 September 2021. It focused on a need for greater dialogue and aligning national regulations more closely with industry good practices, international standards, and global norms and principles.
The event featured keynotes which provided directions and trends related to security of digital products on a strategic level, including insights into other ideas/plans and strategic thinking.The discussion which followed outlined the work of some of the national regulatory authorities in the field of security of digital products, and ways of addressing the main challenges of the fast-changing environmentand increasing cooperation on national and international levels.Preliminary findings of the research that maps the challenges public policymakers face in this context, and the solutions that have been adopted, were presented. Key messages from the event were prepared based on the discussions by the Geneva Internet Platform (an initiative of Swiss authorities operated by Diplo).
This event was the second in a series of online discussions between the industry, standard-setting organisations, diplomats, and regulators, about the future of norms, regulation, and standardisation for the enhanced security in digital products.
Online event on ‘Security of digital products and international standards’
The event featured high-level updates on the work of the leading standard-setting organisations in the field of security of digital products, and explored ways to address main challenges of the fast-changing environment. The discussions that followed centred around the availability of standards in the field, the challenges faced during their development and implementation, and fora where dialogue on standards of digital products could continue. Key messages from the event were prepared based on the discussions by the Geneva Internet Platform (an initiative of Swiss authorities operated by Diplo).
This event was the first in a series of online discussions between the industry, standard-setting organisations, diplomats, and regulators, about the future of norms, regulation, and standardisation for the enhanced security in digital products.
Output document: Good practices
The output document entitled ‘Security of digital products and services: Reducing vulnerabilities and secure design: Good practices’ is a result of the partner inputs during the fourteen discussions of the Geneva Dialogue on Responsible Behaviour in Cyberspace (GD) in 2020 (May-November 2020), and a number of written contributions submitted in that period. Click here to download the document and add your good practices.
High-level event on Digital Security and Economic Recovery
The Geneva Dialogue high-level event entitled ‘Digital Security and Economic Recovery: Boosting Confidence and Productivity through Secure Digital Technology’ was organised by DiploFoundation and the Swiss Confederation on Thursday, 26 November. It focused on possible global collaboration for developing trustworthy supply chains and secure digital technologies to facilitate financial and economic recovery.
Watch the recording of the session below.