Cyberwar: Building a Normative and Legal-Based Approach for Cyberdeterrence

Since the United Nations (UN) hosted the first conference on Internet governance in 2003, states have convened at national, regional, and international forums to discuss the growing threats posed by the use of Information and Communication Technologies (ICTs) by states and nonstate actors.1 Historically, these discussions avoided the political and legal implications of cyber threats and focused instead on the technical aspects of the Internet’s function. Deterrence in cyberspace as a national strategy, for example, was not a focal point in these forums. Since 2010, however, states have recognized the political ramifications of these decisions and have begun to exercise their authority by actively engaging with the technical community through bilateral, regional, and multilateral initiatives. In 2010, the UN Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (GGE) made recommendations for further dialogue among states and other actors regarding norms pertaining to state use of ICTs to reduce collective risk and protect critical national and international infrastructure. This included discussions on the use of ICTs in conflict.2 The crossfertilization of disciplines and the incorporation of national security issues into the dialogue of Internet governance have proven challenging. Much work remains but the benefits are beginning to be recognized.