This article is based on the CISSM working paper of the same name, "Building Confidence in the Cybersphere: A Path to Multilateral Progress."
As use of the internet has become critical to global economic development and international security, there is near-unanimous agreement on the need for more international cooperation to increase stability and security in cyberspace. This paper compares what the United Nations’ (UN) Group of Governmental Experts (GGE) and the Organization for Security and Co-operation in Europe's (OSCE) norm-building processes have achieved so far and what disagreements have impeded these efforts. It identifies several priorities for cooperation identified by participants in both forums. It also proposes three practical projects related to these priorities that members of regional or global organisations might be able to work on together, despite political tensions and philosophical disputes. The first would help state and non-state actors share information and communicate about various types of cybersecurity threats using a flexible and intuitive effects-based taxonomy to categorise cyber activity. The second would develop a more sophisticated way for state and non-state actors to assess the risks of different types of cyber incidents and the potential benefits of cooperation. The third would identify aspects of the internet that might be considered the core of a public utility, worthy of special protection in their own right and for their support of trans-border critical infrastructure.