Session
Organizer 1: Civil Society, Eastern European Group
Organizer 2: Civil Society, Eastern European Group
Organizer 3: Government, Western European and Others Group (WEOG)
Organizer 2: Civil Society, Eastern European Group
Organizer 3: Government, Western European and Others Group (WEOG)
Speaker 1: Fei Su, Civil Society, Western European and Others Group (WEOG)
Speaker 2: Maria Paz Canales, Civil Society, Western European and Others Group (WEOG)
Speaker 3: Christopher Sampson, Civil Society, Asia-Pacific Group
Speaker 4: E Guang Eugene Tan, Civil Society, Asia-Pacific Group
Speaker 2: Maria Paz Canales, Civil Society, Western European and Others Group (WEOG)
Speaker 3: Christopher Sampson, Civil Society, Asia-Pacific Group
Speaker 4: E Guang Eugene Tan, Civil Society, Asia-Pacific Group
Format
Roundtable
Duration (minutes): 90
Format description: The roundtable layout with a 90-minute duration is best suited for facilitating our simulation-based discussions while ensuring both structured learning and dynamic interaction. This setup provides a clear structure for guiding participants through the cyber quest, where they will analyze a fictional cyberattack on critical infrastructure and take on different stakeholder roles. The format strikes a balance between focused small-group discussions and collective reflection, optimizing engagement and knowledge retention: the roundtable would allow for effective instruction while enabling seamless transitions into smaller discussion groups during the simulation exercise, and importantly, this layout also ensures that all participants can come together for a large roundtable-style debriefing after the exercise. The session aims to provide a space where every participant can contribute their perspectives on implementing cyber norms and protecting critical infrastructure.
Duration (minutes): 90
Format description: The roundtable layout with a 90-minute duration is best suited for facilitating our simulation-based discussions while ensuring both structured learning and dynamic interaction. This setup provides a clear structure for guiding participants through the cyber quest, where they will analyze a fictional cyberattack on critical infrastructure and take on different stakeholder roles. The format strikes a balance between focused small-group discussions and collective reflection, optimizing engagement and knowledge retention: the roundtable would allow for effective instruction while enabling seamless transitions into smaller discussion groups during the simulation exercise, and importantly, this layout also ensures that all participants can come together for a large roundtable-style debriefing after the exercise. The session aims to provide a space where every participant can contribute their perspectives on implementing cyber norms and protecting critical infrastructure.
Policy Question(s)
How can the UN framework, cyber norms be implemented to prevent cyber threats against CI, minimize consequences, and reduce political escalation risks?
In a globally connected digital landscape with a complex supply chain, what responsibilities do tech companies, CI operators, researchers, and civil society have in CI protection? How do these roles shift in times of blurred lines between peace and conflict, and how can the Geneva Manual support them?
In a polarized world, can stakeholders secure CI without political capture, or are we heading toward fragmentation? How can we ensure true stakeholder inclusion in cybersecurity policymaking at all levels?
What will participants gain from attending this session? Participants in this session will engage in a knowledge-exchange experience focused on critical infrastructure protection and the implementation of agreed cyber norms. Through an interactive cyber quest, attendees will have the opportunity to share their perspectives on the roles and responsibilities of various actors in securing critical infrastructure and responding to cyber incidents. They will discuss these issues from the perspectives of both government and non-government actors.
The session will bring together leaders from diverse stakeholder groups to exchange views in a highly interactive simulation exercise, fostering collaboration and mutual learning.
By participating in this dynamic exercise, attendees will gain a deeper understanding of the practical steps that each stakeholder group is required to undertake to protect critical infrastructure and how to strengthen collaboration among stakeholders. Their insights will directly contribute to the Geneva Manual, which explores actionable implementation strategies, challenges, and good practices for non-state stakeholders in cybersecurity.
SDGs
Description:
Imagine waking up to a world where hospital systems crash overnight—patients stranded, medical records lost. The attack wasn’t aimed at them, but the fallout was devastating. In our hyper-connected world, cyber operations send shockwaves far beyond their targets. As cyber threats evolve, so does the geopolitical landscape. Nation-states are becoming more assertive, emphasising sovereignty and national security in cyberspace. The UN’s framework for responsible behavior in cyberspace, built on universal cyber norms and confidence-building measures, was designed to provide stability. But does it still hold weight in an era of increasing polarization? Where does this leave non-state actors—tech companies, critical infrastructure operators, researchers, academia, and civil society? Are they bystanders in a state-dominated space, or do they have agency in shaping global cyber-stability? This is where the Geneva Dialogue on Responsible Behaviour in Cyberspace (GD) steps in. Launched by Switzerland in 2018 and implemented by DiploFoundation, GD brings together private sector leaders, technical experts, academics, and civil society to map the roles and responsibilities of these actors in implementing agreed cyber norms. Its work is captured in the Geneva Manual, a practical guide that translates high-level principles into real-world action. At this session, we take these discussions a step further—into action. Participants will immerse themselves in a highly interactive simulation, where they step into the shoes of governments and industry responding to a fictional cyberattack on hospitals. The stakes will be high, the decisions complex, and the perspectives diverse. How should different stakeholders react? What tensions emerge between national security and transnational cooperation? Building on the outcomes of IGF 2024, this session invites you to not just discuss these questions but to experience them. In a world where cyber threats respect no borders, collaboration isn’t just an option—it’s a necessity. Will you be part of the solution?
Imagine waking up to a world where hospital systems crash overnight—patients stranded, medical records lost. The attack wasn’t aimed at them, but the fallout was devastating. In our hyper-connected world, cyber operations send shockwaves far beyond their targets. As cyber threats evolve, so does the geopolitical landscape. Nation-states are becoming more assertive, emphasising sovereignty and national security in cyberspace. The UN’s framework for responsible behavior in cyberspace, built on universal cyber norms and confidence-building measures, was designed to provide stability. But does it still hold weight in an era of increasing polarization? Where does this leave non-state actors—tech companies, critical infrastructure operators, researchers, academia, and civil society? Are they bystanders in a state-dominated space, or do they have agency in shaping global cyber-stability? This is where the Geneva Dialogue on Responsible Behaviour in Cyberspace (GD) steps in. Launched by Switzerland in 2018 and implemented by DiploFoundation, GD brings together private sector leaders, technical experts, academics, and civil society to map the roles and responsibilities of these actors in implementing agreed cyber norms. Its work is captured in the Geneva Manual, a practical guide that translates high-level principles into real-world action. At this session, we take these discussions a step further—into action. Participants will immerse themselves in a highly interactive simulation, where they step into the shoes of governments and industry responding to a fictional cyberattack on hospitals. The stakes will be high, the decisions complex, and the perspectives diverse. How should different stakeholders react? What tensions emerge between national security and transnational cooperation? Building on the outcomes of IGF 2024, this session invites you to not just discuss these questions but to experience them. In a world where cyber threats respect no borders, collaboration isn’t just an option—it’s a necessity. Will you be part of the solution?
Expected Outcomes
The session will assist participants in getting a deeper understanding of how non-state stakeholders can contribute to protecting critical infrastructure and implementing agreed cyber norms and confidence-building measures (CBMs). Through an interactive cyber quest, i.e. the Geneva Dialogue’s simulation-based discussion (supported by the gaming approach, AI tools, and inspiring videos and visuals), attendees will collaboratively identify key actions for stakeholders and explore practical strategies for effective norms implementation. The session will also highlight good practices and lessons learned from diverse experiences, providing participants with actionable insights. Ultimately, the session aims to extend the Geneva Dialogue platform for building dialogue and trust between stakeholders from different regions, sectors, and organizations in today’s polarized world, ensuring more inclusive and effective cybersecurity efforts.
Hybrid Format: The session will integrate onsite and online participants seamlessly, leveraging Diplo’s expertise in hybrid facilitation. It will feature two key parts: a simulation-based exercise in smaller groups, followed by a multistakeholder roundtable discussion. The session will begin with key findings from the Geneva Manual on Responsible Behaviour in Cyberspace, setting the stage for discussions on non-state stakeholders’ roles in implementing cyber norms and CBMs for critical infrastructure protection. The Cyber Quest simulation will ensure equal participation for all attendees.
Remote participants will actively engage through chat discussions and breakout groups mirroring onsite exercises, with dedicated moderators bridging interactions. The session will prioritize inclusivity, focusing on youth, open-source communities, SMEs, academia, and Global South participants, fostering dialogue across regions and sectors. By integrating diverse voices, the session aims to enhance collaboration and strengthen the role of non-state actors in securing critical infrastructure against cyber threats.