Cybersecurity

Why cybersecurity matters

In today’s interconnected world, cybersecurity underpins trust in digital systems, the safety of online interactions, and the resilience of economies. It protects critical information, secures digital transactions, and ensures that societies can reap the benefits of digital transformation.

For civil society, cybersecurity is not just a technical issue; it is a fundamental enabler of human rights, democratic processes, and equitable access to technology. Without robust cybersecurity measures, activists, organisations, and marginalised groups are vulnerable to surveillance, harassment, and attacks.

Key challenges in cybersecurity

From ‘release now, patch later’ to holistic security

The rapid pace of technological innovation often prioritises speed over security. This reactive approach, where vulnerabilities are usually addressed only after they are exploited, creates systemic risks for individuals, organisations, and states alike.

The interconnected nature of cyber threats

Cyber threats do not operate in silos:

Criminal exploitation: Malicious actors exploit vulnerabilities to steal data or commit fraud.
National security risks: State and non-state actors use cyberspace for espionage and warfare, sometimes repurposing vulnerabilities exploited by criminals.
Impact on society: Cyberattacks on critical infrastructure, such as hospitals or energy grids, can disrupt lives and threaten public safety.

Civil society has a critical role in raising awareness about these interconnections and pushing for collaborative, inclusive cybersecurity solutions.

Exclusion of marginalised voices

Cybersecurity discussions often exclude civil society, especially organisations from the Global South. This exclusion risks policies and solutions that overlook the needs of vulnerable communities.

Explore how cybersecurity threats are addressed and the global governance efforts shaping a safer digital environment on the Digital Watch Observatory.

The policy dimensions of cybersecurity

Human rights and privacy

Surveillance tools and cybersecurity measures can be misused to violate privacy and suppress dissent. Civil society can advocate for human-rights-centric approaches to cybersecurity that balance security with individual freedoms.

Economic stability

Cybersecurity ensures the integrity of digital markets and financial systems, fostering innovation and growth. However, the economic divide means that developing regions often lack the resources for robust cybersecurity measures. Advocacy is needed to ensure equitable access to cybersecurity tools and training.

Capacity building

A lack of cybersecurity expertise, particularly in the Global South, exacerbates vulnerabilities. Civil society can promote training programmes and international cooperation to bridge this gap.

Forums where cybersecurity is addressed

Civil society can engage with numerous forums and initiatives to influence global cybersecurity policy.

The Council of Europe oversees the Budapest Convention, the primary international treaty addressing cybercrime, offering a framework for cross-border cooperation and harmonisation of laws.

The UN’s Groups of Governmental Experts (UN GGE) and Open-Ended Working Group (OEWG) discuss norms and rules for responsible state behaviour in cyberspace, focusing on international peace, security, and cooperation in the digital realm. The International Telecommunication Union (ITU) promotes secure digital infrastructure, and facilitates international cooperation on emerging cyber threats.

When it comes to technical organisations, the Internet Engineering Task Force (IETF) and the World Wide Web Consortium (W3C) develop technical protocols and standards to enhance internet security. Initiatives like the Global Forum on Cyber Expertise and the Geneva Dialogue on Responsible Behaviour in Cyberspace work to implement cybersecurity measures, share best practices, and build capacity globally.

The UN Internet Governance Forum (IGF) The IGF is a global multistakeholder platform that facilitates the discussion of public policy issues pertaining to the internet. One particular strength, especially for CSOs is the CS representation on the IGF’s multistakeholder advisory board (MAG) and the possibility to both input and effectively engage in designing yearly themes and session content.

What can civil society do?

Cybersecurity is a shared responsibility, intersecting with human rights, development, and governance. By engaging with these issues, civil society can contribute to creating a safer, more inclusive digital environment where individuals and organisations can thrive. Through collaboration, advocacy, and education, civil society actors can ensure that cybersecurity frameworks uphold shared values of equity, rights, and resilience.

Learn and engage: Build an understanding of cybersecurity challenges, including emerging threats like AI-powered cyberattacks; participate in global and regional discussions, such as ITU working groups or IGF sessions, to advocate for inclusive policies.

Advocate for rights-based approaches: Promote policies that address cybersecurity concerns without compromising privacy, access, or freedom of expression; push for transparency in government and corporate responses to cyber threats, ensuring accountability.

Build capacity and resilience: Equip communities with tools and training to enhance cybersecurity, such as cybersecurity hygiene workshops or open-source security tools; foster partnerships with technical experts to bridge knowledge gaps and co-create solutions.

Monitor developments and risks: Track legislative and regulatory changes affecting cybersecurity, flagging risks to human rights or marginalised groups; identify and report on vulnerabilities that disproportionately impact civil society actors, such as targeted phishing campaigns or online harassment.