Skip to main content

Acting responsibly in cyberspace II

Monday 15 – Wednesday 17 April 2024 I WP3348

Acting-responsiblity-in-cyberspace-2024-resized
  1. Acting responsibly in cyberspace II
  2. Cyber governance
  3. Private sector
  4. Prioritising cyber security
  5. Cyber security and human-centrism
  6. Next steps: takeaways and action

In partnership with the United Kingdom’s Foreign, Commonwealth and Development Office and the Ministerio de Relaciones Exteriores de Chile

In November 2022, in partnership with Commonwealth and Development Office, Wilton Park hosted a dialogue entitled Acting Responsibly in Cyberspace. The purpose of the dialogue was to explore the concept of responsible cyber behaviour (summary and full technical reports available here).

From 15-17 April 2024, and this time in partnership with the United Kingdom’s Foreign, Commonwealth and Development Office and the Ministerio de Relaciones Exteriores de Chile, Wilton Park convened a second dialogue in Santiago, Chile. This dialogue brought together a range of different stakeholders – including representatives from partner countries, international organisations, non-governmental organisations, industry, academia and civil society within the region – to examine what responsible cyber behaviour looks like in practice.

This summary report provides an overview of the key themes raised during the Acting Responsibly in Cyberspace II dialogue.

Cyber threats

  1. Participants observed that there has been a diversification and democratisation of cyber threats in terms of malicious actors, victims, vectors and the evolving technology. They explained that the threat landscape will become increasingly complex and difficult to manage with the development of new technologies such as Artificial Intelligence and Quantum Computing. They also noted that there has been a blurring of the threat landscape insofar as malicious cyber operations are no longer targeted against specific actors, sectors or infrastructure but are instead directed at all members of society. Participants also stressed that modern cyber security threats impact disproportionately on marginalised groups. One participant suggested that systematising cyber threats into “buckets of challenges” can help raise awareness, share best practices and find solutions. Participants emphasised that a critical step in addressing cyber threats is to develop effective attribution methodologies which allow the mask of anonymity to be lifted and for malicious actors to be identified. A participant suggested that the development of an international, impartial cyber attribution body may be useful. 
  2. Some participants maintained that inaction can also be a source of threats and instability in cyberspace, which makes the cyber threat landscape even more complex, diverse and unpredictable. Various examples were given of “threats through inaction”, such as the failure of stakeholders to: report cyber threats and share threat information; direct sufficient resources to combating cyber threats; improve and develop digital literacy; empower individuals online; reduce reliance on outdated (and insecure) legacy systems; adopt the necessary cyber security laws, policies, strategies and standards; engage meaningfully with other cyber stakeholders; and participate in cyber governance processes, mechanisms and initiatives. These participants explained that inaction can embolden and incentivise malicious actors, disempower communities and create new threats as well as exacerbate existing ones.
  3. Participants emphasised that countering cyber threats requires effective information sharing. Some participants noted that the sharing of information on threat actors and software vulnerabilities must go beyond the existing State-to-State or CERT-to-CERT models and include all relevant stakeholders such as industry and civil society actors.

Next

Cyber governance

Want to find out more?

Sign up to our newsletter