By examining official documents, analyzing relevant laws and regulations, and investigating the structure of government agencies, this paper sheds light on the Republic of Korea’s potential to conduct international cyber operations and the principles likely to govern their deployment.

Citation: So Jeong Kim, International Cyber Operations: Doctrines and Capabilities of the Republic of Korea (Geneva: UNIDIR, 2026).

The post International Cyber Operations: Doctrines and Capabilities of the Republic of Korea first appeared on UNIDIR.

Through a series of dynamic, multi-stakeholder panel discussions, the event examined the ripple effects such incidents can have across borders and sectors, highlighting the growing interdependence of digital ecosystems.

This report also offers clear, action-oriented guidance for relevant stakeholders seeking to enhance resilience, cooperation, and preparedness.

Citation: UNIDIR Security and Technology Programme, 2025 Cyber Stability Conference, Crisis Averted: Cyber Resilience in Action (Geneva: UNIDIR, 2026).

The post Cyber Stability Conference 2025: Crisis Averted: Cyber Resilience in Action first appeared on UNIDIR.

Organized into three interrelated sections, the report explores:

• Evolving cyberthreats: From attacks on critical infrastructure and supply chains to the rise of ransomware, disinformation and cybercrime, this section analyses how the growing scale and complexity of cyberattacks pose systemic risks to national, regional and global stability. It explains how these threats operate and includes case-based illustrations of their real-world impacts on peace and security.
• Cyberthreat actors: Examining the increasingly blurred lines between State and non-State actors in cyberspace. This section explores the motivations and tactics of various actors, including States, cybercriminals, hacktivists and private entities, and highlights how overlapping behaviours may complicate response.
• Emerging technologies: Focusing on artificial intelligence and quantum computing, this section outlines how technological advancements are reshaping offensive and defensive cyber operations. The report considers how these technologies offer new opportunities for cybersecurity while also creating new vulnerabilities and strategic risks for the international community.

Throughout, the report provides explanatory textboxes designed to help diplomats and policymakers better understand how cyberattacks work at a technical level, as well as case studies that concretely demonstrate the international security impacts of malicious cyber activity. By demystifying complex technical concepts and contemporary trends, the report hopes to support national and international deliberations to strengthen resilience, reduce risks and advance an open, secure, stable, accessible and peaceful cyberspace for all.

Citation: UNIDIR Security and Technology Programme, Securing Cyberspace for Peace: Insights into Cyberthreats and International Security in 2025 (Geneva: UNIDIR, 2026).

The post Securing Cyberspace for Peace: Insights into Cyberthreats and International Security in 2025 first appeared on UNIDIR.

Drawing on desk research and interviews with national CSIRTs and international and regional networks, the brief analyses how domestic institutional arrangements shape CSIRTs’ capacity to engage in effective information exchange and collaboration at the bilateral, regional and global levels.

The brief identifies key challenges and highlights good practices to enhance information exchange and coordination, as well as offering practical recommendations to support States in strengthening national CSIRTs and advancing responsible State behaviour in cyberspace.

Citation: Samuele Dominioni and Helena Hinkel, Strengthening National CSIRT Cooperation: From Domestic Setups to International Networks (Geneva: UNIDIR, 2026)

The post Strengthening National CSIRT Cooperation: From Domestic Setups to International Networks first appeared on UNIDIR.

This convergence introduces new and potentially significant risks. They include possible attacks on biological research and development facilities, targeting the confidentiality, integrity and accessibility of information. In the context of international peace and security, ICT incidents present a spectrum of consequences, from minor to significant. For example, a minor event could involve a malicious actor spoofing an agricultural facility’s sensors to transmit false data to owner, impacting the annual production of crops. Conversely, a significant event could involve a malicious actor infiltrating the ICT systems of a biological research and development facility, to interfere with an automated production system, remotely altering the compounds, thus rendering its product ineffective, or worse, harmful.

Various scholars and practitioners have attempted to name and define a concept recognizing the unique characteristics of the infrastructure, data, vectors, and risk implications at this nexus. Cyberbiosecurity refers to a collection of practices aimed at addressing the potential ICT threats to those systems at the intersection of the digital and biological domains. More specifically, it includes methods, procedures and measures to tackle ICT threats to biosafety and biosecurity.

To better understand the nexus between ICT and the biological field, this paper begins with an outline of some of the benefits introduced by the integration of advanced ICT in biological research and development. It then introduces the above definition of the concept of ‘cyberbiosecurity’ and proceeds to outline some of the key risks at this nexus. The New Agenda for Peace launched by the Secretary-General in 2023 highlights the need for Member States to prevent the weaponization of emerging domains and promote responsible innovation (Action 11). The 2024 Summit of the Future was an opportunity for Member States to reaffirm their commitment to the prevention of biorisks and misuse of emerging technologies. This was particularly reflected in the Pact for the Future, specifically in Action 26 (to uphold disarmament obligations and commitments) and Action 27 (to seize opportunities associated with new and emerging technologies and address potential risks posed by their misuse). Cyberbiosecurity appears at the junction of these two goals.

This notion has however received tangential attention in the multilateral discussion on international ICT security, specifically the General Assembly subsidiary bodies the Groups of Governmental Experts from 2004 to 2021 and Open-ended Working Groups since 2019. In the context of the Biological and Toxin Weapons Convention (BWC), limited attention has been given to cyberbiosecurity related issues. There are however cyber-related elements mentioned in documents and statements of the last 10 years.

Finally, in the United Nations Security Council, several States have expressed concern over the increase in cyber operations targeting critical infrastructure, including in the health sector, particularly during the COVID-19 pandemic. While not encompassing all aspects of this issue, these discussions can help in sensitizing the international community and practitioners on the need for better measures.

 One way forward could be to clarify the breadth of the concept of cyberbiosecurity through exchanges with relevant communities and considering cyberbiosecurity in the context of the ongoing BWC Working Group, notably in discussions on scientific and technological developments. This approach could allow for an exchange of views and good practices in the cyber domain and their applicability to biological research and development facilities.

Citation: Louison Mazeaud and Andraz Kastelic, “Cyberbiosecurity: A Matter of International Peace and Security?” UNIDIR, Geneva, 2025. https://doi.org/10.37559/WMD/25/CBW/02.

The post Cyberbiosecurity: A Matter of International Peace and Security? first appeared on UNIDIR.

This report introduces a novel approach that not only highlights how existing cyber threats may impact people differently based on gender, but also provides actionable guidance to support more inclusive, equitable cybersecurity governance.

Citation: Katharine Millar and Verónica Ferrari, A Novel Approach to the 11 UN Norms for Responsible State Behaviour in Cyberspace: Guidelines for Gendered Implementation. (Washington, DC: Organization of American States; Geneva: UNIDIR, 2025).

Partner

The post A Novel Approach to the 11 UN Norms for Responsible State Behaviour in Cyberspace: Guidelines for Gendered Implementation first appeared on UNIDIR.

In 2023, UNIDIR published its first report on subsea cables, entitled Wading Murky Waters: Subsea Communications Cables and Responsible State Behaviour. The initial scoping study sought to raise awareness of this essential transmission technology. Since then, a slew of new initiatives have been proposed, including at the international level, signalling both the strategic importance of the infrastructure and the need to strengthen security and resilience across all of its components.

This follow-on study sets out to understand what it means in policy and practice when governments qualify or designate subsea telecommunications cables as critical infrastructure (CI). The report draws from the CI literature to frame government approaches to security and resilience, identifying how government policy and practice interact with core CI concepts such as absorptive, restorative and adaptive resilience capacities. While subsea cable systems are generally designed and deployed with these capacities in mind, effective government action on security and resilience can contribute to strengthening them.

Citation: C. Kavanagh, J. Franken, and W. He. “Achieving Depth: Subsea Telecommunications Cables as Critical Infrastructure”. Geneva, Switzerland: UNIDIR, 2025.

The post Achieving Depth: Subsea Telecommunications Cables as Critical Infrastructure first appeared on UNIDIR.

Over the years, the Portal has evolved with new features and capabilities, including availability in all UN official languages, and enhanced content search and filtering functions. In response to the many questions we’ve received about the Portal, we created a booklet that provides an overview of the wealth of information available through this confidence-building tool.

Citation: Giacomo Persi Paoli, Lenka Filipová “Unlocking the UNIDIR Cyber Policy Portal: A Comprehensive User Guide”, UNIDIR, Geneva, 2024.

The post Unlocking the UNIDIR Cyber Policy Portal: A Comprehensive User Guide first appeared on UNIDIR.

The roundtable was organized by the Chair of the Open-ended Working Group on Security of and in the Use of Information and Communications Technologies 2021–2025 (OEWG), as requested by Member States in the second Annual Progress Report of the OEWG.

The purpose of this report is to summarize the discussions and highlights from this inaugural roundtable. It provides an overview of the key points and addresses the barriers to ICT capacity-building mentioned during the event.

Citation: Giacomo Persi Paoli, Samuele Dominioni, Aamna Rafiq, Lenka Filipová “Accelerating ICT Security Capacity-Building: Takeaways from the Global Roundtable on ICT Security Capacity-Building”, UNIDIR, Geneva, 2024.

The post Accelerating ICT Security Capacity-Building: Takeaways from the Global Roundtable on ICT Security Capacity-Building first appeared on UNIDIR.

However, the fragmentation of the ICT environment, and more specifically of the internet, has become an increasingly serious possibility, which is already occurring in certain settings. Indeed, the fragmentation of the internet can affect different and sometimes intertwined levels, including political, commercial, and technological. The purpose of this primer is to provide a brief and concise analysis of the possible effects and consequences of internet fragmentation on cybersecurity as broadly understood.

Citation: Samuele Dominioni (2023). “Internet Fragmentation and Cybersecurity: A Primer”, UNIDIR, Geneva, Switzerland.

The post Internet Fragmentation and Cybersecurity: A Primer first appeared on UNIDIR.

To support the development of a shared understanding on the mandate and role of the cyber PoA, and acknowledging the critical role that the multi-stakeholder community already plays in the implementation of the framework of responsible State behaviour, UNIDIR offered a platform to non-governmental organizations, civil society organizations, academic institutions, and the private sector to share their perspectives on the prospects of establishing a cyber PoA, and on its scope, structure, and content. This offer included a call for written inputs followed by a workshop.

Based on the analysis of the workshop and written inputs, this report presents a consolidated set of considerations and options for action to inform States’ discussions on the cyber PoA.

Citation: Security and Technology Programme (2023) “Drawing Parallels: A Multi-Stakeholder Perspective on the Cyber PoA Scope, Structure and Content”, UNIDIR, Geneva, Switzerland

The post Drawing Parallels: A Multi-Stakeholder Perspective on the Cyber PoA Scope, Structure and Content first appeared on UNIDIR.

The purpose of the Conference was twofold: first, to advance the international discussions on how international law applies to cyberspace and to contribute to confidence-building by promoting transparency in order to reduce misperception and misunderstanding among the Member States and, second, to contribute to capacity-building by providing a platform for expert briefings and exchange of good practices.

This report provides a summary of the Conference briefings and discussions, an outline of the emerging convergent and divergent positions, as well as several suggestions for how to advance multilateral discussions on the application of international law to State conduct using ICTs and to ensure rule of international law in the twenty-first century. As such, the report charts the potential focus areas for future multilateral deliberations on the Charter and the use of ICTs in the context of international peace and security.

Citation: Security and Technology Programme (2023) “Use of ICTs by States: Rights and Responsibilities Under the Charter of the United Nations”, UNIDIR, Geneva, Switzerland

The post Use of ICTs by States: Rights and Responsibilities Under the UN Charter first appeared on UNIDIR.

In response to this demand and to increase the cybersecurity and resilience of Member States, the UNIDIR Security and Technology programme conducted a research study with three main objectives, which are to identify foundational cyber capabilities, strengthen States’ ability to effectively prevent or mitigate the impact of selected malicious ICT activities, and design a tool to better identify requirements and prioritize capacity-building interventions.

The outcomes of the research project can be found in these two publications. The first report, Part I. Mapping the Foundational Cyber Capabilities, is centered on the concept of Foundational Cyber Capabilities (FCCs), which are defined as the combination of policies and regulations, processes and structures, partnerships and networks, people and skills, and technology necessary to implement the Framework.

The second report, Part II. Introducing a Threat-Based Approach, proposes an approach that would allow governments to better assess their readiness to leverage the Framework to prevent or respond to specific malicious ICT activities and threats.

Citation: Samuele Dominioni and Giacomo Persi Paoli (2023) “Unpacking Cyber Capacity-Building Needs: Part I. Mapping the Foundational Cyber Capabilities”, UNIDIR, Geneva, Switzerland

The post Unpacking Cyber Capacity-Building Needs: Part I. Mapping the Foundational Cyber Capabilities first appeared on UNIDIR.

In response to this demand and to increase the cybersecurity and resilience of Member States, the UNIDIR Security and Technology programme conducted a research study with three main objectives, which are to identify foundational cyber capabilities, strengthen States’ ability to effectively prevent or mitigate the impact of selected malicious ICT activities, and design a tool to better identify requirements and prioritize capacity-building interventions.

The outcomes of the research project can be found in these two publications. The first report, Part I. Mapping the Foundational Cyber Capabilities, is centered on the concept of Foundational Cyber Capabilities (FCCs), which are defined as the combination of policies and regulations, processes and structures, partnerships and networks, people and skills, and technology necessary to implement the Framework.

The second report, Part II. Introducing a Threat-Based Approach, proposes an approach that would allow governments to better assess their readiness to leverage the Framework to prevent or respond to specific malicious ICT activities and threats.

Citation: Samuele Dominioni and Giacomo Persi Paoli (2023) “Unpacking Cyber Capacity-Building Needs: Part II. Introducing a Threat-Based Approach”, UNIDIR, Geneva, Switzerland

The post Unpacking Cyber Capacity-Building Needs: Part II. Introducing a Threat-Based Approach first appeared on UNIDIR.

Sponsor Organizations: France, Germany, the Netherlands, Norway, Switzerland, and Microsoft

Citation: Samuele Dominioni (2023) “Operationalizing a Directory of Points of Contact for Cyber Confidence-Building Measures”, UNIDIR, Geneva, Switzerland.

The post Operationalizing a Directory of Points of Contact for Cyber Confidence-Building Measures first appeared on UNIDIR.

The conference provided a platform for structured discussion among State representatives on good practices in the field of inter-State cooperation and the relevant confidence- and capacity-building measures for more peaceful and stable international ICT environment.

Citation: Security and Technology Programme (2023) “Towards a More Stable and Secure ICT Environment: Unpacking Inter-State Cooperation”, UNIDIR, Geneva, Switzerland.

The post Towards a More Stable and Secure ICT Environment: Unpacking Inter-State Cooperation (Conference Summary Report) first appeared on UNIDIR.

This report approaches subsea communications cables from a systemic perspective: as core elements of the broader ICT ecosystem. It begins with an overview of developments in subsea cable technology and associated ‘wet’ (undersea) and ‘dry’ (land) plant infrastructure and the main actors involved in the subsea cable industry. It then provides an overview of the more commonly cited threats and vulnerabilities relevant to subsea cable systems and related infrastructure, followed by an introduction to the extant subsea cable governance regime. Drawing in part from the Government Best Practices of the International Cable Protection Committee and existing recommendations negotiated under the umbrella of the General Assembly’s First Committee on Disarmament and International Security, it concludes with some preliminary recommendations on cooperative steps that governments can take to advance responsible State behaviour and to strengthen the resilience of subsea cable systems and related infrastructure.

TRANSLATIONS

The Executive Summary of this publication is available in the following languages:

• Arabic
• Chinese
• French
• Russian
• Spanish

Sponsor Organizations: European Union

Citation: Camino Kavanagh (2023) “Wading Murky Waters: Subsea Communications Cables and Responsible State Behaviour”, UNIDIR, Geneva, Switzerland.

The post Wading Murky Waters: Subsea Communications Cables and Responsible State Behaviour first appeared on UNIDIR.

The conference convened representatives from international organizations, industry, governments, and civil society to reflect on how to further progress in multilateral discussions and support more efficient policy interventions by national governments for critical infrastructure protection.

Citation: Camino Kavanagh (2022) “Cyber Stability Conference: Protecting Critical Infrastructure And Services Across Sectors”, UNIDIR, Geneva, Switzerland.

The post Cyber Stability Conference: Protecting Critical Infrastructure And Services Across Sectors first appeared on UNIDIR.

Citation: Samuele Dominioni (2022) “Cyber Stability Conference: Towards a More Secure Cyberspace – 2021 Conference Report”, UNIDIR, Geneva, Switzerland.

The post Cyber Stability Conference 2021: Towards a More Secure Cyberspace first appeared on UNIDIR.

It traces trends both in the development of cyber capabilities and the digitalization of nuclear weapons systems that could drive more frequent interactions at the cyber–nuclear nexus. It considers how these interactions, direct and indirect, might impact on escalatory risk scenarios—drawing upon State doctrines, postures, and capabilities in the nuclear and cyber spheres. It then outlines a series of recommendations for States both to minimize cyber–nuclear interactions and to mitigate their effects when they do occur.

As part of UNIDIR’s ongoing research on nuclear risk reduction, this paper is intended to feed into the dialogue on taking forward risk reduction—and on the development of practical and feasible measures that can help to close pathways to use.

Citation: Wilfred Wan, Andraz Kastelic, and Eleanor Krabill (2021) “The Cyber-Nuclear Nexus: Interactions and Risks” NRR: Friction Points Series, Paper 2. UNIDIR, Geneva, https://doi.org/10.37559/WMD/21/NRR/03

The post The Cyber-Nuclear Nexus: Interactions and Risks first appeared on UNIDIR.

First, Australia has been advancing its offensive cyber capabilities with an eye on a full spectrum of situations covering “grey-zone” activities prevalent in the Indo-Pacific. These capabilities are housed in its major intelligence agency and are intended to discourage offshore malicious actors from targeting its networks in violation of cyber norms.

Second, Japan has limited its external cyber capabilities to responses by its armed forces and to situations of an armed attack.

Third, notwithstanding the importance of a collective approach to filling gaps in cyber capabilities between Australia and Japan, there is growing divergence between like-minded States over the applicability of some rules of international law to cyberspace – notably the principles of sovereignty and due diligence. This could have an adverse effect on their willingness to take concerted and effective cyber measures against the growing “grey-zone” cyber activities in the region.

Teaser: Contrasting Their Doctrines and Capabilities for the Rule-Based International Order

Citation: Masahiro Kurosaki (2021) “The Projection of Cyber Power by Australia and Japan: Contrasting Their Doctrines and Capabilities for the Rule-Based International Order”, UNIDIR, Geneva, Switzerland.

The post The Projection of Cyber Power by Australia and Japan: Contrasting Their Doctrines and Capabilities for the Rule-Based International Order first appeared on UNIDIR.

To address the risk of increasingly complex and effective cyber threats aimed at critical infrastructure, the international community uses norms of expected behaviour of States in cyberspace to promote cooperation.

This report investigates the norm – as proposed in 2015 by the United Nations Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security – that urges States to respond to other States’ requests for assistance or mitigation in the event of malicious cyber operations against critical infrastructure.

Citation: Andraz Kastelic (2021) “International Cooperation to Mitigate Cyber Operations Against Critical Infrastructure”, UNIDIR, Geneva, Switzerland.

TRANSLATIONS

• Arabic: التعاون الدولي للتخفيف من العمليات الإلكترونية التي تمس البنية التحتية الحيوية

• Chinese: 通过国际合作减少针对关键基础设施的网络行动 

• Spanish: Cooperación internacional para mitigar las operaciones cibernéticas contra la infraestructura crítica

Teaser: Normative Expectations and Emerging Good Practices

The post International Cooperation to Mitigate Cyber Operations Against Critical Infrastructure first appeared on UNIDIR.

Citation: Security and Technology Programme (2020) “2020 Cyber Stability Conference: The Future of Dialogue”, UNIDIR, Geneva, Switzerland.

Teaser: Conference report

Sponsor Organizations: UNIDIR’s Security and Technology Programme core donors: Germany, the Netherlands, Norway, Switzerland and Microsoft. In addition, this year’s conference was also supported by the Russian Federation.

The post Cyber Stability Conference 2020: The Future of Dialogue first appeared on UNIDIR.

Teaser: Summary Report

Citation: Security and Technology Programme (2019) “Cyber Stability Conference 2019: Strengthening Global Engagement”, UNIDIR, Geneva, Switzerland.

The post Cyber Stability Conference 2019: Strengthening Global Engagement first appeared on UNIDIR.