Agenda: Existing and Potential Threats
Thank you, Mr. Chair.
Thank you again for your leadership and for steering us in the work of this OEWG. We thank your team and Secretariat as well for all their hard work. For my delegation, the guiding questions you sent in advance has helped my delegation be more focused on the specific issues and concerns to put forth under each of the agenda we are discussing this week.
On existing and potential threats, the Philippines, like many developing countries, is still struggling to develop greater cyber defense capabilities; suffers from low number of cybersecurity professionals leaving the nation vulnerable if attacked; needs to enhance and expand its pool of information and communications technology experts, especially in the law enforcement and defense sectors; and could benefit more from greater collaborative efforts with academia and the business community to achieve cyber resiliency, effective law enforcement and a cybersecurity-educated society.
For these reasons, it is a challenge to map out existing cybersecurity threats across sectors – may it be government, business or at the individual level – and single out which threats are the most frequent across sectors, which threats have the most impact and in turn, which threats need to be immediately addressed or potential threat we should be most wary off.
My delegation thus appreciates the conduct of stakeholder engagement last week and looks forward to our engagement with stakeholders on Thursday. The Philippines listened carefully to the informal dialogue with interested stakeholders last week regarding this very topic we are discussing now and we find the engagement extremely helpful.
Some of the emerging threats that were raised during the discussion with stakeholders were artificial intelligence (AI)-powered cyber-attacks, supply-chain attacks, and the rise of cyber mercenaries, among many others. We find these threats seriously alarming and thus relevant to our discussions in this OEWG. We wish to know more and we appreciate the Chair’s efforts to bridge and create platforms for exchange between stakeholders and Member States. We look forward to more similar engagements so that we can keep abreast of emerging cyberthreats, its evolving application, and the magnitude of these emerging threats.
For my delegation, our primary concern is ensuring the security of critical ICT infrastructures including information assets of the government, individuals and businesses.
The Philippines, like many others, is of the view that the cyberthreat landscape is continuously evolving and it is useful that the United Nations, as the universal and global intergovernmental organization, will take the lead in the discussions pertaining to cybersecurity that affects international peace and security.
I just heard our distinguished colleague from Kenya highlight the need for a repository of common threat.
Mr. Chair, for my delegation, a cybersecurity repository under the UN auspices which could include all relevant information we are discussing today and beyond would help States in deepening its knowledge and provide up-to-date and readily available information on cybersecurity affecting international security.
For instance, this repository could include cybersecurity incident reports from Member States, submitted on a voluntary basis, that may have an impact on international peace and security. These reports could possibly capture existing and potential security threats. The data that will be accumulated could serve as the primary basis, including the results of the National Survey of Implementation of UN recommendations on responsible use of ICTs in the context of international security (the Survey), for creating capacity-building programs to be facilitated by the UN. We note that the Survey already encompasses four elements: 1) international law; 2) norms, rules, and principles for the responsible behaviour of States; 3) CBMs; and 4) capacity-building. Taking all things together, this would be a rich one-stop shop for all things under the umbrella of cybersecurity. The repository may also include the global Points of Contact (PoC) Directory or a gateway/link to the PoC directory, which for security reasons could be designed for Member States only, or it could be the general information purpose public page providing an overview of the PoC directory’s mandate as captured in the Chair’s revised elements paper.
In addition, this OEWG could learn from existing repositories such as the Cybercrime Repository under the UN Office on Drugs and Crime, which even features a “Lessons Learned Database” containing national practices and strategies in preventing and combating cybercrime. Depending on our needs, we can explore developing something similar.
We could also explore the possibility of taking advantage of the already existing Cyber Policy Portal of the UN Institute for Disarmament Research (UNIDIR), expand and/or rationalize it, and help build this Portal in a way that could serve the purpose of the OEWG.
Mr. Chair, we are of the view that continued exchanges with stakeholders in a form of dialogue, round-table discussions, briefings on research projects, among others would help Member States be well-informed of the discussions happening on cybersecurity matters in the context of international security.
We again express appreciation for the Chair’s effort in creating more opportunities for such exchanges. You can count on the Philippines’ participation and engagement on this front as we wish contribute to this process to the fullest.
Thank you, Mr. Chair.