The United Nations [is] ready to be a platform in which different actors could come together and discuss the way forward, in order to find the adequate approaches to make sure that we are able to deal with the problem of cybersecurity.
UN Secretary-General António Guterres, Munich Security Conference 2018
The interconnected nature of modern society accelerates commerce, opens vast opportunities for development and connects individuals across the globe on an unprecedented scale. However, the same technologies that Governments, private sector enterprises and a growing proportion of the world’s population depend upon every day also bring risks for security and privacy. The United Nations System Chief Executives Board (CEB) and its two high-level committees, the High-level Committee on Management (HLCM) and the High-level Committee on Programmes (HLCP), have been repeatedly working to advance system-wide coordination and leadership on cybersecurity and cybercrime in its various dimensions, including with a view to strengthening the United Nations system’s own capacity to protect itself from cyberattacks.
In recognition of the increasing concern among agencies of the United Nations system regarding cybersecurity and cybercrime, CEB, through HLCP, endorsed a United Nations-wide framework on cybersecurity and cybercrime (see Annex) in November 2013. The framework established principles for programme development activities related to cybercrime and cybersecurity, as well as for better coordination among United Nations entities on this issue in support of Member States.
Internal coordination efforts relating to cybersecurity further deepened in 2014, with both high-level committees of CEB agreeing to take specific steps to ensure a secure internal technology environment. During its second regular session in 2014, CEB endorsed the United Nations system internal coordination plan on cybersecurity and cybercrime, which was reviewed, approved and submitted to the Board by both HLCM and HLCP. United Nations system entities agreed to coordinate activities in areas such as coping with cyberthreats and avoiding duplication of cybersecurity activities. In addition, recognizing that cyberthreats could adversely affect development efforts, United Nations system entities agreed to become better prepared to integrate cybersecurity and cybercrime action into United Nations development programmes, as appropriate, as well as strengthen inter-agency coordination activities.
The Digital and Technology Network (DTN) advises HLCM on system-wide approaches to leveraging technology. Recognizing the increasing importance of information security to achieving the mandates of their organizations, in 2011 the DTN agreed to establish an Information Security Special Interest Group (UNISSIG) dedicated to the critical area of information security.
UNISSIG is the principal mechanism within the UN system for the promotion of inter-agency cooperation and collaboration on information security-related matters. Its primary objective is the optimization of information security within its member organizations. This objective is pursued through the continuous and collective assessment of the UN system’s exposure to internal and external threats, in order to reduce exposure to risk on all levels of an organization, particularly the strategic and operational levels.