IGF 2022 WS #422 Toward a Resilient Internet: Cyber Diplomacy 2.0

Thursday, 1st December, 2022 (13:50 UTC) - Thursday, 1st December, 2022 (15:20 UTC)

Organizer 1: Technical Community, Latin American and Caribbean Group (GRULAC)

Organizer 2: Technical Community, Latin American and Caribbean Group (GRULAC)

Organizer 3: Technical Community, Latin American and Caribbean Group (GRULAC)

Organizer 4: Technical Community, Latin American and Caribbean Group (GRULAC)

Organizer 5: Technical Community, Latin American and Caribbean Group (GRULAC)

Organizer 6: Technical Community, Latin American and Caribbean Group (GRULAC)

Speaker 1: Livia Sobota, Government, Latin American and Caribbean Group (GRULAC)

Speaker 2: Alexandra Paulus, Civil Society, Western European and Others Group (WEOG)

Speaker 3: Veni Markovski, Technical Community, Eastern European Group

Additional Speakers

Koichiro Komiyama, Technical Community, Asia and the Pacific Group


Round Table - Circle - 90 Min

Policy Question(s)

- Do public attribution of cyber attacks and sanctions work as cyber diplomatic tools to constrain inappropriate behavior online? - What are the most recent developments on cyber diplomacy practices and tools in different regions around the world? - What are the particular challenges and opportunities raised with different views on cyber diplomacy and the way forward to better protect the Internet?

Connection with previous Messages: The workshop proposal advances discussion over best practices awareness raised in IGF 2021 once it gathers stakeholders from various geographical locations to discuss critical cyber diplomacy topics, as explored on the parts 7 and 8 from the Katowice messages. Moreover, it pushes forward concrete ways to ensure a collaborative, equitable, and inclusive Internet Governance, mainly as diplomacy constitutes an essential component of the Internet Governance ecosystem. Finally, the workshop could also contribute to the discussion of norms in cyberspace, building on the recent UNGGE and OEWG reports and adding different stakeholders' perspectives, especially by giving voices to traditionally unheard stakeholders.


9. Industry, Innovation and Infrastructure
16. Peace, Justice and Strong Institutions
17. Partnerships for the Goals

Targets: The proposal targets SDGs 9, 16 and 17. SDG 9 will be encompassed once within the speakers a representative of the private sector will be present. SDG 16 will be reached once the discussion itself aims to foster the debate on how trough cyber diplomacy enhanced Internet resilience. SDG 17 will be encompassed once the topics in itself push forward cooperation and open dialogue venues as intrinsic components of diplomacy.


As an environment full of uncertainties, deepened by the permanent increase of malicious activities online, cyberspace demands its actors to develop resilience tools to ensure its integrity. In this sense, the Internet's open architecture poses challenges to the role of States. Not only have the considerations of non-state actors become relevant, but also geopolitical dynamics impact the digital world, demanding more holistic, long-term, and cooperative strategies from States. In this sense, cyber diplomacy emerges as a valuable tool for open dialogue channels that enable transparent discussions with stakeholders. However, theory and practice become complex when several issues are still clearly defined, and consensus relies on different interpretations of what proper online behavior would mean. Recent developments in cyber diplomacy, such as the EU Cyber Diplomacy Toolbox, a few States' statements on how International Law applies to cyberspace, and the latest reports of UNGGE and OEWG, constitute substantial efforts toward a more stable cyberspace, but is it enough? This workshop aims to tackle this question by reviewing cyber diplomacy developments from differing regional perspectives, going beyond the usual focus on traditional powers discussions. In this sense, topics involving: public attribution, sanctions, and active cyber defense will be raised to deepen and further improve the dialogue over Internet resilience.

Expected Outcomes

1) Foster ideas on how to improve cyber diplomacy to make a more resilient Internet 2) Start a more holistic and global agenda discussion.

Hybrid Format: The workshop session will be divided into three parts: the first part will consist of speakers exposing their cyber diplomacy views and experiences, the second part will consist of a short debate among the different perspectives raised by the speakers, and the third part will be devoted to Q&A.. In this context, to ensure proper interaction between the online and onsite audience, the session will count with onsite and online moderators, and also an onsite facilitator. During the session, the onsite moderator will be responsible for organizing the interventions and interacting with the speakers to ensure that the session's goals will be sought appropriately and also safeguarding the due balance to meet diversity expectations within the interventions, either by the speakers or the audience. The online moderator will take care of the flow of questions within all the online tools involved in the session. He/she will read, select, and guarantee that the onsite moderator will be aware of questions and comments from the remote audience (Zoom Chat and Q&A, Hashtags in social networks like Twitter, among others). Finally, the rapporteur will ensure to capture all the highlights and critical information of the session to list key takeaways for the short report and consolidate a further final report to be delivered to the IGF Secretariat. The organization team will also be alert to help participants with any technical issues and delays they may have to avoid negatively impacting the session dynamics.

Online Participation

Usage of IGF Official Tool.


Session Report (* deadline 26 October) - click on the ? symbol for instructions

The workshop, organized by the Brazilian Internet Steering Committee – CGI.br, focused on discussing recent cyber diplomacy developments and how using a set of tools could boost digital resilience. It was moderated by Rafael Evangelista and had the following speakers:

  • Alexandra Paulus, Civil Society, Western European and Others Group
  • Koichiro Komiyama, Technical Community, Asia, and the Pacific Group
  • Veni Markovsky, Technical Community, Eastern European Group

The moderator opened the workshop by explaining that cyberspace dynamics can lead to uncertainties and new geopolitical configurations that, in turn, demand a new posture from states. This new posture would include more encompassing dialogues, including with other stakeholders. Thus, the idea of discussing cyber diplomacy as a valuable tool for opening dialogue channels was raised. After the short contextualization, each speaker took the floor to expose initial thoughts on cyber diplomacy developments.

Koichiro Komiyama raised three points in his presentation: (1) the power of cyber diplomacy, (2) how cyber diplomacy has changed over the years, and (3) where the diplomatic game is going. In this sense, he started with a concrete example of political negotiation that spilled over the initial negotiating countries: the 2015 US-China cyber agreement. According to him, this agreement reduced, even if temporarily, the cyber incidents in Japan, thus showing the power of diplomacy to enhance cybersecurity. The second point he raised differentiated cyber diplomacy 1.0 from 2.0. In the first type of cyber diplomacy, the states' central focus would be national security in cyberspace. In this sense, military capacity mattered the most, the discussions were around West versus East, and the key players were the USA, China, Russia, and a few other countries. In diplomacy 2.0, nations would look beyond security to data control, broadening the discussion to economy and trade. In this sense, the main focus of 2.0 revolved around resource competition, the Big Tech become (along with states) the main players, and population matters the most, as human activity is the largest data source. His final point underlined that only two countries worldwide would master cyber diplomacy 1.0 and 2.0, with military capacity and large populations: China and India. Thus, states would need to engage with these countries to keep the diplomatic game going forward.

Alexandra Paulus started her presentation by discussing the policy instruments to respond to cyber operations. She explained that the first necessary condition for responding to cyber operations was to conduct internal attribution, which would include legal, technical, and political aspects. She then listed five commonly used policy instruments to tackle cyber operations: information sharing, public attribution, diplomatic measures, criminal indictments, and sanctions. She further posed two not usually-used policy instruments: military and intelligence operations. From this context, she explained that cyber diplomacy has three main challenges: dual-use problem, attribution, and determining political responsibility. In the face of these challenges, she stressed that cyber diplomacy should be seen as a long-term investment. Thus, cyber diplomacy would play the "long game." Besides, it should consider that politics will be politics, meaning that broader issues could take place in discussions and that cyber diplomacy is dissent about practical application. In this context, she proposed a way to think about cyber diplomacy: cyber resilience. Building on the NIST (National Institute of Standards and Technology) concept of cyber resilience, she gave examples of what a cyber resilience posture would look like at the domestic and foreign policy levels. Thus, at the domestic level, such posture could include the creation of data embassies, threat hunting, and regular security incident exercises. At the foreign policy level, it could encompass the improvement of transnational critical infrastructure resilience, the conduct of cyber capacity building aimed at resilience in other states, and a set of international norms. In this sense, as a non-escalatory approach, she called attention to four advantages of taking cyber resilience diplomacy forward: (1) threat actor agnostic, (2) more realistic threat landscape view, (3) improvement of cybersecurity abroad and at home, and (4) contribute to international peace and security.

Veni Markovsky explained he would not talk on behalf of ICANN, but his initial thoughts would go toward the organization's activities. In this regard, he explained that all conversations about cyber diplomacy are coming to focus on the United Nations (UN) and happening in different groups that the UN General Assembly is organizing: a group of governmental experts (UNGGE), an open-ended working group (OEWG) and an ad hoc committee to discuss a cybercrime convention. In this regard, he explained that ICANN brings technical knowledge to diplomats negotiating cybersecurity. Hence, they understand how the Internet works and the organization's role as a technical body that ensures that the DNS and addresses are working all the time. He also highlighted that ICANN engages with the UN to report what happens amid intergovernmental discussions to the broader community and inevitably impacts the Internet. ICANN does that through papers and publications in a variety of languages. In particular, Mr. Markovski pointed out that ICANN has been working on more country-focus reports, already published in Russia, China, and the Netherlands. He then stressed the importance of tracking international fora of the Internet and cyber issues discussions to stay on top of things, find out what is happening worldwide and interact with people. In this sense, he pointed to the importance of IGF and the World Summit on the Information Society Review ( WSIS + 20) that will happen in 2025. Closing his initial thought, he reiterated the invitation for people to stay in touch and subscribe to ICANN papers since the organization will report what is happening at the UN and the International Telecommunications Union (ITU).

Following the speakers' expositions, the moderator asked a set of questions to the panel about public attribution to cyber attacks, sanctions, and the opportunities and way forward to better protect the Internet. On the first issue, the speakers recognized that public attribution is a complex issue, not only because there is a gap between the information states and the private sector but also because providing proof for attribution can reach limits related to sensitive information sharing. In this regard, it was also raised that proper knowledge sharing in the negotiations room could avoid discussion on Internet fragmentation and that public attribution could work as a trigger to more meaningful talks on state responsibility and factors like due diligence of nonstate actors.

On the second issue, speakers agree that cyber sanctions have limited effects on changing actors' behavior and that more must be done to make this tool more valuable. In this regard, examples of sanctions were raised, and the idea of a "long game" with sanctions causing a potential chilling effect was featured. Also, the speakers explained that sanctions should be thought of differently to have a more tangible impact. Economic sanctions in response to cyber operations were raised as a possibility, but also a reminder sparked, that if going on this path, the technical community should work harder to tackle digital economic aspects, such as cryptocurrencies.

On the third issue, speakers stressed the need to provide expertise to governments to prepare them better when negotiating on cyber-related matters. Especially since the negotiations take a multilateral instead of multistakeholder format, besides. It was emphasized that people need to ensure the Internet functioning as a single interoperable Internet worldwide to have the benefits, virtues, and opportunities it brings to society. In this regard, it was also pointed out that issues related to the unconnected, the lack of infrastructure, hardware, software and communications, and other needed skills fall within cyber diplomacy.

After the discussions, the floor was open to the audience's questions. The Brazilian Hub posed queries on the Global South's participation and civil society's role in cyber diplomacy discussions. In this regard, the speakers explained that civil society has a role in engaging with the government, either providing expertise or in elections. They could further on norms such as prohibiting states from attacking elections critical infrastructure and pushing governments to have more open dialogues, as civil society did in 2003 and 2005 in the WSIS process, helping to shape it in its current design.

On the Global South participation, t was pointed out that policymakers and scholars have overlooked its involvement in cyber diplomacy fora, and that previously, the debate was constrained to a few actors, such as Europe, the Five Eyes, and others. In this sense, the creation of OEWG was a considerable step for Global South participation, along with other programs that allow people to participate in such discussions, such as the Women for Cyber Program. Still, it was raised that more needs to be done, and policymakers need to overcome challenges related to resource restrictions to better engage in the fora.

To conclude the workshop, the speakers said their final words. They converge on the relevance of multistakeholder participation in cyber diplomacy and Internet discussions, besides calling attention to avoid underrepresentation.