Promoting cybersecurity norms of responsible behavior
The Institute serves as an advocate for advancing the role of international law and norms governing the behavior of states and other actors in cyberspace. To this end, the Institute will increase public awareness of the impacts of significant cyberattacks and identify and address normative or legal gaps, in particular in an operational context.
The following mechanisms and areas of focus will constitute the Institute's primary means of action under this pillar:
- Publishing analysis of economic and social impacts of cyberattacks
- Direct engagement to raise awareness
- Conducting reviews of cyberattacks based on international law, norms, and expectations
To increase public awareness of the impacts of significant cyberattacks and share data with a broader community of experts, civil society, media, and others, the Institute will publish a range of information on cyberattacks. Much of this information is to reflect the data and analysis collected and produced through the accountability function. This includes analysis of the economic and social impacts of cyberattacks, as well as forensic evidence of attacker tools, techniques, and practices.
The Institute will drive external engagement with stakeholders, individuals and organizations focused on enhancing the stability of cyberspace in numerous ways, seeking opportunities to be inclusive and transparent, ultimately enabling the Institute to catalyze positive action amongst the global community in restraining the frequency, harm, and scale of cyberattacks.
Review of attacks
The Institute will also examines laws and norm, including but not limited to cyber conflict with a focus on grounding and interpreting these rules based on various actors’ behaviors in the operational environment. Specifically, it will look to identify any normative or legal gaps that are exposed or underscored by examining how rules are being applied and assess potential remedies to address them.