Cybersecurity

ICC calls for government action and business expertise amid UN cyber talks 

  • 21 October 2025

In a statement issued on behalf of businesses worldwide, ICC has stressed the need for urgent government action and business expertise to strengthen cyber resilience. As cybersecurity governance takes shape at the United Nations, ICC’s position is clear: Without inclusive cooperation that brings together governments, industry and other stakeholders, the digital foundations of growth, trust and security will remain at risk.


Read the full statement: 

“Ransomware shutting down hospitals.  

Attacks on energy grids disrupting entire regions.  

Cyber operations spilling across borders in times of geopolitical tension. 

These are no longer distant hypotheticals – they are today’s headlines. 

The accelerating pace and scale of cyber threats is a stark reminder that the resilience of our economies and societies depends on decisions we make now. Without stronger global cooperation and practical, inclusive approaches to cybersecurity, the digital foundations of growth and trust will remain at risk. 

Over the past five years, the United Nations Open-Ended Working Group (OEWG) has provided a valuable forum for dialogue among states on responsible behaviour in cyberspace. Its work has underscored the importance of consensus in such a sensitive area of international security, while also highlighting the complexity of building common ground in a rapidly evolving threat landscape.  

Crucially, the OEWG experience has shown that dialogue alone is insufficient. Operational resilience requires deeper engagement with those who build, defend, and innovate within the digital ecosystem every day. The establishment of a new ‘Global Mechanism’ to carry forward these discussions is a welcome step – but its success will depend on embedding inclusivity at its core. That means not only governments, but also meaningful participation from the private sector, civil society and academia. By incorporating diverse expertise, the new mechanism can move beyond dialogue alone and deliver tangible outcomes that strengthen global resilience. 

Global business has unique expertise and operational responsibility in this domain. Companies design, develop, build, and operate the networks, defend against attacks, and innovate the technologies that power the digital economy dependent on these networks. That is why the private sector’s voice is indispensable in shaping solutions that are practical, effective, and future-proof.  

As highlighted in ICC’s series of cybersecurity briefs, governments can strengthen global cyber resilience by: 

  • Building strong national institutions to reinforce security in the use of Information and communication technologies (ICTs). 
  • Developing legislation that supports international commitments while enabling a shared approach to security, digital trade and innovation. 
  • Enhancing societal and institutional resilience to mitigate cyber threats. 
  • Strengthening international cooperation, capacity building, and technical assistance particularly for developing economies. 
  • Protecting critical infrastructure against malicious ICT activities and responding to and recovering from incidents. 
  • Improving the security of technology products and supply chains. 
  • Increasing transparency in the attribution of malicious activities to foster accountability and trust. 

These shared goals represent a pragmatic and forward-looking agenda for mobilising action at national, regional and global levels. They are not abstract ideals – they are concrete steps that can help governments and businesses together build a safer and more resilient digital environment. 

To realise this vision, we urge UN Member States to: 

  1. Institutionalise meaningful stakeholder engagement in the design of the Global Mechanism and across all cyber norm and capacity-building processes. 
  1. Leverage industry expertise in the development of norms, confidence-building measures, and threat assessments. 
  1. Prioritise transparency and accountability in international negotiations and implementation. 
  1. Recognise the operational realities of cyber threats and the vital role of private actors in defending against them. 

The cyber domain cannot be secured by governments alone. The new Global Mechanism offers an opportunity to embed multistakeholder participation as a foundation for progress. Only through processes that fully integrate private sector expertise can international frameworks achieve both legitimacy and operational impact. 

As global business, we stand ready to contribute constructively to the next chapter of cyber diplomacy. The threats are real, but so is our collective capacity to meet them – if we work together.”