The United Nations and the regulation of cyber-security

With the rise in prominence of issues of cybersecurity many measures have been adopted at the national and regional level. Action at the United Nations, however, has been relatively sluggish. For the most part activities since the Russia Federation initially introduced a draft resolution in 1998 have been impeded due to fundamental differences between the Russian Federation and the United States. However, since 2010 when the US for the first time acted as a co-sponsor to this resolution there has been a discernable momentum within the UN on issues of cybersecurity. The cyber attacks in Estonia in 2007, Georgia in 2008, and Iran in 2010, along with the revelations regarding states spying on one another, have only increased this momentum. As such, activity can be seen in various committees of the UN General Assembly including consensus being reached within several Groups of Governmental Experts on various issues. However, issues of cybersecurity have also been witnessed in the UN Security Council in the context of terrorist activity, the Economic and Social Council and various subsidiary organs and specialized agencies. With such a complex system of bodies addressing the issues, however, dialogue and communication between the various UN organs, bodies and groups now needs to be improved to enable further integrated concerted action and norm development. Furthermore, with discernable opposition to a comprehensive treaty on cybersecurity other forms of action, both regionally and bilaterally, also looks set to continue.