Interview: Alexander Klimburg on the Global Commission on the Stability of Cyberspace

The Global Commission on the Stability of Cyberspace (GCSC) is helping to promote mutual awareness and understanding among the various cyberspace communities working on issues related to international cybersecurity. By finding ways to link the dialogues on international security with the new communities created by cyberspace, the GCSC has a genuine opportunity to contribute to an essential global task: supporting policy and norms coherence related to the security and stability in and of cyberspace. Alexander Klimburg (Hague Centre for Strategic Studies) is co-director of the GCSC Secretariat together with Bruce McConnell (East West Institute).

Alexander Klimburg. Credits: HCSS

Q: Why was the Global Commission on the Stability of Cyberspace established?

The overall motives for the establishment of the Global Commission on the Stability of Cyberspace (GCSC) include the complex governance and security architecture making it difficult to reach durable norms and policies that are supported by all stakeholders, and the increase of offensive cyber operations that risk undermining the peaceful use of cyberspace to facilitate economic growth and the expansion of individual freedoms.

Additionally, a major challenge is the insufficient awareness and mutual acceptance of various cyberspace communities working on issues related to international security in and of cyberspace.

As expressed in the 2015 consensus report of the UN Group of Governmental Experts (UNGGE) on Developments in the Field of Information and Telecommunications in the Context of International Security:

“While States have a primary responsibility for maintaining a secure and peaceful ICT environment, effective international cooperation would benefit from identifying mechanisms for the participation, as appropriate, of the private sector, academia and civil society organizations.”

By finding ways to link the well-established dialogues on international security with new cyberspace communities, the GCSC has a genuine opportunity to support policy coherence related to the security and stability in and of cyberspace.

Q: What are the core objectives of the GCSC and how does it operate?

The GCSC will develop proposals for norms and policies to enhance international security and stability and guide responsible state and non-state behavior in cyberspace. The GCSC will engage the full range of stakeholders to develop shared understandings, and its work will advance cyber stability by supporting information exchange and capacity building, basic research, and advocacy.

Our Commissioners set the research agenda. In February, we had our (small) Inaugural meeting after our launch at the Munich Security Conference. Many interesting and vital topics were raised, and by this summer, we hope to agree on the first topic for research.  

Our information exchange will take many forms. We will physically meet a number of times over a three year period, encouraging the flow of information and knowledge across various cyberspace initiatives, as well as cross-fertilization and capacity building. For our full Commission Meetings, government and academic experts will be able to join in order to ensure the GCSC remains relevant to the developments in these processes.

We are starting recruitment for our Research Advisory Group soon. Together with this research group, the Commission will fund and conduct research on norms, as well as on emerging themes and ideas of relevance to the stability of cyberspace.

Finally, the Commission will formulate recommendations for action, applicable to both state and non-state led initiatives. The Commission will advocate for these recommendations in capitals, corporate headquarters, and civil society centers, as well as the wider public.

Drawing on the work of previous commissions and the London Process, the GCSC will thus bring together thought leaders, researchers, and practitioners from the world of international cybersecurity, Internet governance, technical and information practices, and the legal domain into a wider dialogue towards a better understanding of the interactions of the diverse regimes.

If you want remain involved in the developments of the GCSC, please visit https://cyberstability.org/ or follow us on twitter @theGCSC.

Alexander Klimburg, Minister Bert Koenders, GCSC Chair Marina Kaljurand, Co-Chairs Latha Reddy and Michael Chertoff, and Commissioner Prof Joseph Nye (from left to right) at the launch of the GCSC at the 2017 Munich Security Conference.

Q: What is the vision of the GCSC on the importance of Cyber Capacity Building?

In order to promote and enhance stability, Cyber Capacity Building is a necessary element. It is a means to enhance the overall level of cybersecurity, bridge the digital gap and build up mutual trust. It is an important step for cooperation and confidence building.

Cyber capacity building will most likely play an increasingly important role in future foreign policy considerations. It is essential in connecting the economic, international security, and human rights, and development discourses. More specifically, it is becoming increasingly clear that access to cyber space is a key factor in economic and social development, and as such political stability). In turn, cyber security becomes a key ingredient for ensuring access is not jeopardized through predatory criminal or malign behavior.

Moreover, given the nature of the Internet, increased cooperation between the industrialized and the developing world is needed to be able to respond to cyber-threats. Such cooperation can be possible only if basic cyber security institutions and skills are present in the partner countries – which is very much in the direct interest of donor countries.

Q: Are there ways how the GCSC and the GFCE can support or complement each other towards the goal of a more resilient and secure cyberspace?

The word capacity building is specifically mentioned as one of the primary goals of the GCSC as part of information exchange. We particularly see it as necessary for specific individuals in the global south and also its importance for raising awareness for experts working in particular silos. In effect, we believe capacity building will promote mutual awareness, across both technical specialty areas and regional boundaries.

We are therefore following the work of the GFCE with keen interest. Not only is the operational work of vital importance – raising cybersecurity standards are seen as playing a crucial role for international peace and security in cyberspace – but also the ability of actors in the developing world to engage in these discussions.

Both the GCSC and GFCE should examine how we could potentially mutually enforce our efforts in this regard.

This article first appeared in the third issue of the Global Cyber Expertise Magazine - May 2017