As cyber threats evolve in complexity and scale, the international peace and security landscape is continuously challenged. In a technology-reliant society, risks of digitalization emerge in parallel to its benefits and the interconnectedness of our computer systems and networks exposes growing vulnerabilities. These challenges expand beyond IT departments, requiring policies and governance frameworks from a multistakeholder approach and strong international cooperation. The Cyber Stability Conference 2025, a UNIDIR flagship event, provides a space for these discussions to take place and highlights the Institute’s commitment to fostering interdisciplinary dialogue that advances stability and resilience in the cyberspace.
On 12 May, the conference brought together experts from all domains to deliberate under the theme “Crisis Averted: Cyber Resilience in Action”. Opting for an innovative approach, the panels evolved around a fictional scenario featuring a region, Dystopia, in complete disarray. The lack of adequate cybersecurity measures in Dystopia allowed attackers to compromise air traffic systems, causing failures, collapsing transportation, crippling the healthcare system, and threatening access to clean water.
A recording of this event is available on our YouTube channel, and below.
Why does cyber security matter?
In recent years, preventing malicious cyber operations and strengthening countries’ cyber security have risen to the top of the global agenda. The escalating number of cyberattacks worldwide has demonstrated their potential to threaten international peace, security and trust. Cyberattacks have transformed modern conflicts, granting the space for malicious actors to manipulate public opinion, steal sensitive information and target critical infrastructure. With these unprecedented risks and far-reaching consequences of cyber operations, cyber security and cyber resilience have become an international common goal.
Cybersecurity encompasses practices, strategies and policies designed to prevent malicious activities such as ransomware attacks, phishing scams, and data theft – all of which are key forms of cybercrime. These threats target digital systems, networks, and data with the intent to disrupt operations, destabilize institutions, or pursue political and economic gains.
Cybercrimes vary in sophistication and scale, ranging from targeting individuals to threatening national security. In today’s connected world, what might appear as a minor incident at first, can trigger cascading effects across systems and sectors and jeopardize critical infrastructure. For instance, health services and patient data can be compromised, or power outages could disrupt communication and transport infrastructure disrupting air and land traffic.
The numbers only underscore the magnitude of the issue. According to IBM’s 2024 Cost of a Data Breach Report, the global average cost of a data breach was projected at USD 4.88 million – the highest value recorded to date. Meanwhile, Cybersecurity Ventures estimates that the aggregate cost of cybercrime is expected to reach USD 10.5 trillion in 2025, positioning it the world’s third-largest economy by GDP.
Consequently, the demand for cybersecurity experts is on the rise. ISC2’s Cybersecurity Workforce Study from last year revealed a global workforce gap of approximately 4.8 million professionals, representing the mismatch between the number of people currently employed in the field and the number needed for organizations to properly secure themselves.
An ever-evolving field
The field of cybersecurity is evolving alongside new technologies. As in many other domains, artificial intelligence (AI) is proving to be a double-edged sword. In the wrong hands, AI tools can advance cyberattacks by, for instance, automating phishing emails or improving threat actors’ methods in real time, making malicious activity detection even more difficult. Conversely, AI-powered solutions have been successful at strengthening IT infrastructure and, ironically, improving threat detection.
Technological progress empowers both attackers and defenders. The challenge facing the international community now is how to ensure the defenders stay several steps ahead rather than being forced to react only when a crisis is already unfolding.
UNIDIR recently published a new framework to analyze both malicious and security activities in the information communication technologies (ICT) environment, aiming at visualizing where these activities can take place. The UNIDIR Intrusion Path is designed to be a tool to make cyber diplomacy more inclusive and better informed.
The role of the international community
As the number of malicious ICT activities is on the rise, the international community can only move forward in unison. Given the far-reaching consequences of cyberattacks, efforts to ensure the resilience of digital infrastructure cannot be confined to the IT department alone. From individuals taking basic precautions to governments implementing robust risk management strategies, cybersecurity demands a collective effort at every level and cyber resilience becomes a “team sport”.
In 2015, the UN adopted the 11 voluntary norms, as part of its framework of responsible state behaviour in cyberspace. The framework mainly promotes interstate cooperation, respect of human rights and privacy, critical infrastructure protection, and the prevention of malicious use of digital technologies on states’ national territories.
In late 2024, the United Nations General Assembly adopted the UN Convention against Cybercrime. As the first global treaty to tackle digital threats in such a comprehensive manner, it represents a historic milestone and a testament to multilateralism.
Since 2019, all UN Member States have been represented in the Open-Ended Working Group of and in the use of ICTs. In July 2025, the group will reconvene for its final session. Participants of Cyber Stability Conference emphasized the role of this meeting in shaping practical guidelines for how states can address cyber challenges in a coordinated and inclusive way.
A platform for cyber resilience, trust and cooperation
As the opening event of the inaugural Geneva Cyber Week 2025, the Cyber Stability Conference brought together the diplomatic community, industry leaders, civil society and academia to discuss the importance of cyber resilience as a cyber crisis unfolded in the fictional region of Dystopia with not so fictional consequences.
During a keynote speech, Will Smart shared his experience as a NHS’s CIO during the WannaCry ransomware attack of May 2017, which disrupted operations and tests at major NHS hospitals in London. While Dystopia may be fictional, the WannaCry incident serves as a dire reminder that such scenarios are not impossible.
“WannaCry was a catastrophic event that changed everything that came after. The next attack is already being planned. The only question is whether we'll be victims or defenders.”
— United Nations Institute for Disarmament Research (@UNIDIR) May 12, 2025
– Will Smart, keynote speaker at the Cyber Stability Conference 2025 🗨️ #CS25 pic.twitter.com/dWn2IsDj7W
Will Smart stressed how in the aftermath of the attack, the NHS underwent a cultural shift, adopting a new mindset toward cybersecurity – one that meets the demands of 21st-century challenges and recognizes cyberthreats as threats to human lives, not just IT systems. His words were later echoed by other panelists, who expressed their commitment to a multistakeholder approach with transparency, trust and collective capacity building at the core.
Among the speakers, there was a clear consensus that the value of all actors must be recognized. This extends beyond the collaboration between the private sector and governments and spotlights the key role of civil society. With the magnitude of cyberattacks, it has become even more apparent that, beyond sophisticated technology, people need to be at the center of cybersecurity policies. This ‘team spirit’ was felt throughout the entirety of Cyber Stability Conference, along with a strong sense of urgency.
Effective teamwork cannot be built in the heat of the moment. A resilient cybersecurity community grounded in trust, collaboration and collective approach must be ever-present.
