About

The Geneva Dialogue on Responsible Behaviour in Cyberspace (Geneva Dialogue) is an international process established in 2018 to map the roles and responsibilities of non-state stakeholders – private sector, civil society, academia, and technical community – in contributing to greater security and stability in cyberspace. It is led by the Swiss Federal Department of Foreign Affairs (FDFA) and implemented by DiploFoundation, with support of the Republic and State of Geneva, C4DT and UBS.

Since its inception, the Geneva Dialogue has evolved through phases, each addressing a specific dimension of responsible behaviour in cyberspace.

The private sector’s role in addressing vulnerabilities in digital products and ICTs

2020-2021

This phase culminated in an output report capturing insights from structured discussions with private sector partners, including their written contributions, agreed definitions related to secure design, and examples of best practices to reduce ICT vulnerabilities and enhance product security.

A shift toward the practical implementation of agreed cyber norms

2021

This phase sought to clarify the roles and responsibilities of non-state stakeholders from the private sector, academia, civil society, and the technical community—including the open-source community—in implementing agreed cyber norms.

Initial consultations focused on ICT supply chain security and the responsible reporting of ICT vulnerabilities. Drawing on these consultations, which captured areas of stakeholder agreement and disagreement, the Dialogue published the first chapter of the Geneva Manual on Responsible Behaviour in Cyberspace.

Examining the implementation of agreed cyber norms and confidence-building measures (CBMs) related to critical infrastructure protection (CIP)

2024-2025

This phase examined the implementation of agreed cyber norms and CBMs related to CIP, with particular attention to the roles and responsibilities of non-state actors and the practical challenges of protecting critical services in interconnected and high-risk environments.

The findings of this phase informed Chapter 2 of the Geneva Manual on Responsible Behaviour in Cyberspace, translating stakeholder discussions into practical guidance on applying CIP-related norms and CBMs in real-world contexts.

‘Stress-testing’ cybersecurity and cyber norms as the core focus

2026

‘Stress-testing’ cybersecurity and cyber norms under growing geopolitical and systemic pressure. This phase assesses cybersecurity practices through scenario-based discussions and expert consultations, examining how cyber norms, responsibilities, and cooperative frameworks hold up in practice amid fragmentation, emerging technologies, and real-world constraints.

The outcome of this phase will be Chapter 3—a practical guide grounded in collective expert assessment of the evolving cybersecurity landscape, supporting practitioners in making informed decisions in a strained international environment.

The Geneva Dialogue team:

  • Serge Droz (Swiss Federal Department of Foreign Affairs)
  • Anastasiya Kazakova (DiploFoundation)
  • Vladimir Radunović (DiploFoundation)

Steering committee:

  • Imad Add, Technical Project Manager, Center for Digital Trust, C4DT – EPFL
  • Silvan Schellenberg, UBS AG, CISO Switzerland
  • Maria Paz Canales, Co-Head of Policy and Advocacy, Global Partners Digital
  • Xiang Zheng Teo, Vice President of Advisory, LL. M, B. Eng, CISSP, EnCE, CEH, AWS-SA, Ensign Infosecurity
  • Sofia Martinez Gomez, Cybersecurity Expert, AlixPartners
  • Maya Bundt, Swiss Risk Association, Chair Cyber Resilience Chapter
  • Constant Kohler, Cybersecurity Regulations and Standards Expert, Siemens
  • Christopher James Sampson, Conceptual Systems Designer, Future Earth Systems
  • David Rufenacht, Senior Threat Intelligence Analyst, InfoGuard
  • Fabian Willi, Head Cyber Key Accounts, Swiss Re
  • Nicolas Grunder, Global Lead Counsel Digital, Data & Cyber at ABB

Contributors to the Geneva Dialogue include both organisations and experts participating in their personal capacity:

  • Private sector companies and organisations: ABB, Alibaba, AlixPartners, Asus, Bi.Zone (Sber Group), Cisco, CL2R Advisory, Cognizant, Ensign InfoSecurity, Ericsson, FireEye, Hitachi, Huawei, InfoGuard, Kaspersky, Mandiant, Microsoft, PNG Digital ICT Cluster, Proton, Red Hat, SICPA, Siemens, Swisscom, Swiss Re, Swiss Risk Association, Tata Consultancy Services, Tech Mahindra, UBS, Wisekey, and Vu Security
  • Academia and policy experts: Kamilia Amboudini, Winnona DeSombre (Atlantic Council), Kayle Giroud (Global Cyber Alliance), Bart Hogeveen (Australian Strategic Policy Institute), Arindrajit Basu (Leiden University), Imad Aad (Center for Digital Trust (C4DT) – EPFL), Franziska Klopfer and Natalija Radoja (Geneva Centre for Security Sector Governance, DCAF), Lennart Maschmeyer (Center for Security Studies (CSS) at ETH Zurich), Jan Martin Lemnitzer (Copenhagen Business School), Katherine Getao (Cyber Hygiene, Cyber Diplomacy, and ICT Strategy and Governance Consultant, former CEO of ICT Authority in Kenya and the Kenyan representative to the UN GGE), Mischa Hansel (Berlin University of Economics and Law, HWR Berlin), Jen Ellis (NextJen Security), Benjamin Ang and Eugene EG Tan (S. Rajaratnam School of International Studies, RSIS), Alexandra Paulus (German Institute for International and Security Affairs, SWP), Christina Rupp (interface), Jeroen van der Ham (University of Twente and FIRST), Chao Wang (Wuhan University), Valentin Weber and Maria Pericas Riera (German Council on Foreign Relations, DGAP), Tom Wingfield (RAND)
  • Technical community experts: Klée Aiken and Sherif Hashem (FIRST), Mirko Boehm (Linux Foundation), Pablo Corona Fraga (NYCEM Mexico), Richard Harris (MITRE), Pablo Hinojosa (APNIC), Koichiro Komiyama (JPCERT/CC), Steven Sim Kok Leong (OT-ISAC Executive Committee, Singapore), Maninder Singh Narang, Madison Q. Oliver (GitHub Security Labs), Takayuki Uchiyama, Igor Kumagin
  • Civil society organisations and experts: Abdul-Hakeem Ajijola (African Union Cybersecurity Experts Group), Consumers International, CyberPeace Institute, CIPESA, DataSphere Initiative, Christopher James Sampson (Future Earth Systems), Global Forum on Cyber Expertise, Global Partners Digital, ICT4Peace