IGF 2021 WS #154 Promoting Collective Action to Protect our Healthcare

Thursday, 9th December, 2021 (16:30 UTC) - Thursday, 9th December, 2021 (17:30 UTC)
Ballroom C

Organizer 1:  Ulyana Kubenko, German Marshall Fund of the United States
Organizer 2: Klara Jordan, Chief Public Policy Officer, Cyber Peace Institute 

Bruno Lété, Senior Fellow, The German Marshall Fund of the United States 
Speaker 1: Rozentāle Līga, Private Sector, Eastern European Group
Speaker 2: Pavel Mraz, Government, Eastern European Group
Speaker 3: Guilherme Rosso, Private Sector, Latin American and Caribbean Group (GRULAC)
Speaker 4: Klara Jordan, Civil Society, Western European and Others Group (WEOG)

Online Moderator

Roxana Radu, Civil Society, Eastern European Gro


Ulyana Kubenko, Civil Society, Western European and Others Group (WEOG)


Round Table - Circle - 60 Min

Policy Question(s)

Cybersecurity practices and mechanisms: What are the good cybersecurity practices and international mechanisms that already exist? Where do those mechanisms fall short and what can be done to strengthen the security and to reinforce the trust?
Roles and responsibilities in protecting against cyber-attacks: Which stakeholders hold responsibility for protecting national governments, businesses and citizens against cyber-attacks?

  • How can we improve the healthcare sector’s preparedness and resilience?
  • How can we activate technical and legal instruments to protect healthcare? Including better information-sharing and standards.
  • How can collective action serve to hold threat actors accountable?
  • Which role can each stakeholder play? -
  • How can we improve continuous monitoring, documentation and dissemination of information on attacks on healthcare and on the application or violation of laws, norms and regulations? 
  • How to support and develop new assistance initiatives needed to protect the healthcare sector?

3. Good Health and Well-Being
16. Peace, Justice and Strong Institutions

Targets: Online or offline, attacking healthcare is attacking people and jeopardizing their good health. As a critical and often vital service provider, healthcare should be off-limits to any malicious intent or action, safeguarded for and by all, at all times, in conditions ensuring that human security, dignity and equity are respected in digital ecosystems. These conditions for "cyberpeace" are far from being achieved. According to a Check Point Software survey, since November 2020 the number of global cyberattacks against the healthcare sector has increased by 45%. From ransomware to COVID-19 disinformation operations, as incidents are underreported, attacks seldomly attributed and threat actors act with impunity, the consequence of cyber attacks against the healthcare sector threaten at global scale the peace and stability of nations, social development of the good health and well-being of people.


For the healthcare sector, digital transformation has become the norm. Nevertheless, alongside the increased dependence of the healthcare sector on digital technologies, we have also witnessed the rise of cyberattacks against hospitals, research laboratories, non-governmental organizations and vaccination centers resulting in disruption to provision of healthcare and increased impact on human life and well-being. To achieve strong cyber resilience, better designation and evaluation of shortfalls in the complex and critical healthcare infrastructure is needed. Globally, the ecosystem has mobilized human, diplomatic, financial, technical, and operational resources to protect this critical sector, but how to we ensure that sum is greater than the parts of the existing efforts?

The question addressed at the workshop will be How do we practically organize collective action and ensure our efforts effectively defend the healthcare sector against cyber-attacks?

Expected Outcomes

We want participants to share their lessons learned and best practices, and suggest new, actionable steps in context of the policy questions raised. As such, this discussion is an opportunity to collect diverse views on innovative solutions to protect the healthcare sector from cyber attacks. By adding this healthcare workshop to the IGF we also want to create more public awareness and understanding for the importance of this complex but critical infrastructure for people and society. This way we want to promote the role of all stakeholders and make this debate more inclusive.

The format of this hybrid roundtable will be on-the-record and encourage free-flow dialogue among the participants. By keeping the group relatively small (30 PAX) we strive to create an intimate, candid atmosphere where ideas can be shared. Speakers will be asked to avoid formal presentations, but instead share their short, straightforward thoughts. 

Online Participation

Usage of IGF Official Tool.

Key Takeaways (* deadline 2 hours after session)

The limitations of the current efforts include a lack of concrete support for implementation of the commitments already made at the UN level, inability to fully recognize the applicability of international law in cyberspace, and bridging digital gaps.

The healthcare sector is vulnerable and that’s why it will continue to be attacked despite many efforts by government, private sector, and civil society. Healthcare and its cyber resilience remains a national issue first, and it is difficult to address it at a global scale. Its is important to compare how different regions address this issue.

Call to Action (* deadline 2 hours after session)

Bringing the perspective of the victims to the conversation to ensure informed decisions at the national level.

Bringing together the law enforcement, industry, civil society to the conversation to discuss the proper way to address these issues.

Session Report (* deadline 26 October) - click on the ? symbol for instructions

The workshop took a solution-oriented approach to cyber-attacks on the healthcare sector since the start of the pandemic. The sharp increase in the number of cyber incidents against hospitals, research labs, vaccination centers, as documented in the Cyber Incident Tracer,  has resulted in serious disruption to the provision of healthcare, causing direct harms to our individual and collective well-being. The panelists reflected on possible responses to address this crisis, from the perspective of the stakeholder group they were representing. 


Healthcare sector perspective (Brazil)

Based on the case of Brazil and the state of public healthcare, inequality is an important topic to address.

There has been a change in mentality and cybersecurity is now approached at the systemic level and it is important for the entire healthcare sector.

Technical part, as well as human operation, are essential. There is a need to develop digital operations strategies based on cyber security and also on training people on properly use these technologies.


What options are on the table in Brazil?

  1. Healthcare sector as a whole is not organized to propose collective solutions
  2. Issues at the individual level at hospitals and companies are being discussed, it is however deficiency at this moment to not have an articulated action so that healthcare sector is more protected 
  3. If we are going to manage the network and groups of discussions to organize collective action, regulations are not enough, there is a need for a culture of inner preservation and communication technology operators need to be aware of data protection.


Private sector perspective (global):

Since the start of the pandemic we’ve learned just how vulnerable the healthcare sector is to cyberattacks.

Healthcare protection is a national issue and it is difficult to address at a global scale, since all countries are different and approach it differently. This is why it is important to see how different regions address this issue. Regardless, healthcare protection should not be about how much money you can put into it.


How to ensure effective efforts:

  1. Find practical solutions and start with small steps
  2. Bring more attention to the global level on how cyber norms need to be addressed, how we can protect the ICT supply chain in working within the UN structure
  3. Find the right partners to deliver results

Private sector can and is currently bringing together policy makers, NGOs, and legal experts to discuss how the healthcare sector can be better protected by applying international law

and what the gaps are.   Initiatives like the Oxford Process, Paris Call etc. help to raise awareness on actions that need to be taken on cyber security

  1. Consider how AI for health can empower different organizations to address the challenges in global health (working with researchers)


Government perspective

Currently there are 3 major areas where we are falling short:

  1. There is a lack of concrete support for the implementation of commitments already made at the UN level (need to mobilize political will; create an inclusive platform at the UN level to have more crossover debates with industry, civil society and technical experts, etc.)
  2. Inability to recognize fully the applicability of international law in cyberspace (need to have a conversation about specific cases and what we need to implement international law in reality)
  3. Bridging digital gaps in developing countries and cyber capacity building (digitalization to go hand-in-hand with cyber resilience; in the UN system, think about how to add cyber security and cyber resilience component to the existing projects so that we are not digitalizing and creating new vulnerabilities)


What the government (and diplomats in particular) can do:

  1. Build bridges
  2. Empower the right voices, for example by emphasizing the victim perspective
  3. Bring the right people to the room (need to have technical specialists, people from industry to debate these issues and come to solutions together)
  4. Further discuss standards in cyberspace, for example security by design (these discussions are ongoing and sensitive).


Civil society perspective

2 things missing in the current efforts:

  1. Access to healthcare is a fundamental human right. Motivation to protect healthcare should therefore be looked at from this perspective (understanding the human impact on the individuals in the attacks on healthcare, because it is an important motivator for the collective action and thinking about accountability; understand how these issues impact individuals and try to measure and understand it
  2. Making the collective protection of healthcare a priority (collective action also means starting with the political attribution of attacks on healthcare). There is a need for governments, industry and law enforcement to work together; need to elevate the attacks to the level where other national security issues are put.


What civil society can do:

  1. Bring perspectives of the victims to the discussion, share it with policy makers so that they can make informed decisions about how these things impact individuals
  2. Reach out to other civil society organizations around the world and help them to be part of this conversation
  3. Work on concerted diplomacy and bring together law enforcement, industry, and civil society into these conversations
  4. Foster a concrete and actionable conversation at the global level (understand what is the concrete goal to achieve and what are actionable recommendations)


The multistakeholder actors in this workshop agree that the healthcare sector is extremely vulnerable and it will continue to be attacked despite many efforts by government, private sector, and civil society. The best way to tackle this problem is collectively, as all actors can learn from each other about the best approaches to better secure the healthcare sector.